lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 22 Mar 2021 14:19:48 +0000
From:   Quentin Perret <qperret@...gle.com>
To:     Marc Zyngier <maz@...nel.org>
Cc:     catalin.marinas@....com, will@...nel.org, james.morse@....com,
        julien.thierry.kdev@...il.com, suzuki.poulose@....com,
        android-kvm@...gle.com, seanjc@...gle.com, mate.toth-pal@....com,
        linux-kernel@...r.kernel.org, robh+dt@...nel.org,
        linux-arm-kernel@...ts.infradead.org, kernel-team@...roid.com,
        kvmarm@...ts.cs.columbia.edu, tabba@...gle.com, ardb@...nel.org,
        mark.rutland@....com, dbrazdil@...gle.com
Subject: Re: [PATCH v6 13/38] KVM: arm64: Enable access to sanitized CPU
 features at EL2

Hey Marc,

On Monday 22 Mar 2021 at 13:44:38 (+0000), Marc Zyngier wrote:
> I can't say I'm thrilled with this. Actually, it is fair to say that I
> don't like it at all! ;-)

:-)

> Copying whole structures with pointers that
> make no sense at EL2 feels... wrong.

And I don't disagree at all. I tried to keep this as small as possible
as the series is already quite intrusive, but I certainly understand the
concern.

> As we discussed offline, the main reason for this infrastructure is
> that the read_ctr macro directly uses arm64_ftr_reg_ctrel0.sys_val
> when ARM64_MISMATCHED_CACHE_TYPE is set.

Indeed that is the only reason.

> One thing to realise is that with the protected mode, we can rely on
> patching as there is no such thing as a "late" CPU. So by specialising
> read_ctr when compiled for nVHE, we can just make it give us the final
> value, provided that KVM's own __flush_dcache_area() is limited to
> protected mode.
> 
> Once this problem is solved, this whole patch can mostly go, as we are
> left with exactly *two* u64 quantities to be populated, something that
> we can probably do in kvm_sys_reg_table_init().
> 
> I'll post some patches later today to try and explain what I have in
> mind.

Sounds great, thank you very much for the help!
Quentin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ