lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 03 May 2021 15:47:34 +0200
From:   Florian Weimer <fweimer@...hat.com>
To:     Dave Hansen <dave.hansen@...el.com>
Cc:     Len Brown <lenb@...nel.org>, Borislav Petkov <bp@...en8.de>,
        Willy Tarreau <w@....eu>, Andy Lutomirski <luto@...nel.org>,
        "Bae, Chang Seok" <chang.seok.bae@...el.com>,
        X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>,
        linux-abi@...r.kernel.org,
        "libc-alpha@...rceware.org" <libc-alpha@...rceware.org>,
        Rich Felker <dalias@...c.org>, Kyle Huey <me@...ehuey.com>,
        Keno Fischer <keno@...iacomputing.com>
Subject: Re: Candidate Linux ABI for Intel AMX and hypothetical new related
 features

* Dave Hansen:

> On 5/2/21 10:18 PM, Florian Weimer wrote:
>>> 5. If the feature is enabled in XCR0, the user happily uses it.
>>>
>>>     For AMX, Linux implements "transparent first use"
>>>     so that it doesn't have to allocate 8KB context switch
>>>     buffers for tasks that don't actually use AMX.
>>>     It does this by arming XFD for all tasks, and taking a #NM
>>>     to allocate a context switch buffer only for those tasks
>>>     that actually execute AMX instructions.
>> What happens if the kernel cannot allocate that additional context
>> switch buffer?
>
> Well, it's vmalloc()'d and currently smaller that the kernel stack,
> which is also vmalloc()'d.  While it can theoretically fail, if it
> happens you have bigger problems on your hands.

Not sure if I understand.

Is your position that the kernel should terminate processes if it runs
out of memory instead reporting proper errors, even if memory overcommit
is disabled?

Kernel stack allocation is different because it happens at system call,
so errors can be properly reported.

Thanks,
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ