lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Aug 2021 08:59:03 +0100 From: Marc Zyngier <maz@...nel.org> To: Oliver Upton <oupton@...gle.com> Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, Mark Rutland <mark.rutland@....com>, Daniel Lezcano <daniel.lezcano@...aro.org>, Thomas Gleixner <tglx@...utronix.de>, Peter Shier <pshier@...gle.com>, Raghavendra Rao Ananta <rananta@...gle.com>, Ricardo Koller <ricarkol@...gle.com>, Will Deacon <will@...nel.org>, Catalin Marinas <catalin.marinas@....com>, Linus Walleij <linus.walleij@...aro.org>, kernel-team@...roid.com Subject: Re: [PATCH 13/13] arm64: Add CNT{P,V}CTSS_EL0 alternatives to cnt{p,v}ct_el0 On Mon, 09 Aug 2021 19:17:38 +0100, Oliver Upton <oupton@...gle.com> wrote: > > On Mon, Aug 9, 2021 at 11:11 AM Marc Zyngier <maz@...nel.org> wrote: > > > > On Mon, 09 Aug 2021 17:42:00 +0100, > > Oliver Upton <oupton@...gle.com> wrote: > > > > > > On Mon, Aug 9, 2021 at 8:48 AM Marc Zyngier <maz@...nel.org> wrote: > > > > > > > > CNTPCTSS_EL0 and CNTVCTSS_EL0 are alternatives to the usual > > > > CNTPCT_EL0 and CNTVCT_EL0 that do not require a previous ISB > > > > to be synchronised (SS stands for Self-Synchronising). > > > > > > > > Use the ARM64_HAS_ECV capability to control alternative sequences > > > > that switch to these low(er)-cost primitives. Note that the > > > > counter access in the VDSO is for now left alone until we decide > > > > whether we want to allow this. > > > > > > What remains to be figured out before we add this to the vDSO (and > > > presumably advertise to userspace through some standard convention)? > > > > We need to understand what breaks if we runtime-patch the VDSO just > > like we do with the rest of the kernel. To start with, the debug > > version of the shared object is not the same as the object presented > > to the process. Maybe that's not a problem, but I would tend to err on > > the side of caution. > > I would too, but there sadly are instances of Linux patching *user* > memory already (go look at how KVM/x86 handles the VMCALL/VMMCALL > instruction). But yes, I would much prefer the debug vDSO correspond > to the actual instructions. Urghhh... This reminds me of https://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms.git/commit/?h=arm/netwinder&id=72797818a31d37a7ec28db659afcab0a56d47968 which I never tried to get merged for this exact reason. I'd rather not replicate this sort of braindamage^Wthing if I can avoid it. Thanks, M. -- Without deviation from the norm, progress is not possible.
Powered by blists - more mailing lists