lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b1a8f92d-fd82-6e86-93ff-4ac200080d8c@intel.com>
Date:   Thu, 25 Mar 2021 16:10:05 -0700
From:   Dave Hansen <dave.hansen@...el.com>
To:     Len Brown <lenb@...nel.org>, Thomas Gleixner <tglx@...utronix.de>
Cc:     "Chang S. Bae" <chang.seok.bae@...el.com>,
        Borislav Petkov <bp@...e.de>,
        Andy Lutomirski <luto@...nel.org>,
        Ingo Molnar <mingo@...nel.org>, X86 ML <x86@...nel.org>,
        "Brown, Len" <len.brown@...el.com>,
        "Liu, Jing2" <jing2.liu@...el.com>,
        "Ravi V. Shankar" <ravi.v.shankar@...el.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Documentation List <linux-doc@...r.kernel.org>
Subject: Re: [PATCH v4 22/22] x86/fpu/xstate: Introduce boot-parameters to
 control state component support

On 3/25/21 3:59 PM, Len Brown wrote:
> We call AMX a "simple state feature" -- it actually requires NO KERNEL ENABLING
> above the generic state save/restore to fully support userspace AMX
> applications.
> 
> While not all ISA extensions can be simple state features, we do expect
> future features to share this trait, and so we want to be sure that it is simple
> to update the kernel to turn those features on (and when necessary, off).

>From some IRC chats with Thomaas and Andy, I think it's safe to say that
they're not comfortable blindly enabling even our "simple features".  I
think we're going to need at least some additional architecture to get
us to a point where everyone will be comfortable.

For instance, AMX might be "simple", but there are really only kludgy
ways to get it back to the init state.  Plus, it's *not* simple in that
state left in the registers can have permanent (as long as the state
remains) power and performance impact.

Also, we probably need to expand the "simple" architecture documentation
a bit.  For instance, we need to promise that things like pkeys which
can cause kernel exceptions will never be enumerated as "simple".

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ