lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <efb8c82c626a4c7d8a9f781d63289343@AcuMS.aculab.com>
Date:   Wed, 23 Feb 2022 22:50:19 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Andy Shevchenko' <andriy.shevchenko@...ux.intel.com>
CC:     Jason Gunthorpe <jgg@...pe.ca>,
        "linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Mike Marciniszyn <mike.marciniszyn@...nelisnetworks.com>,
        Dennis Dalessandro <dennis.dalessandro@...nelisnetworks.com>
Subject: RE: [PATCH v1 1/1] IB/hfi1: Don't cast parameter in bit operations

From: 'Andy Shevchenko'
> Sent: 23 February 2022 22:30
> 
> On Wed, Feb 23, 2022 at 09:44:32PM +0000, David Laight wrote:
> > From: Andy Shevchenko
> > > Sent: 23 February 2022 18:54
> > >
> > > While in this particular case it would not be a (critical) issue,
> > > the pattern itself is bad and error prone in case somebody blindly
> > > copies to their code.
> >
> > It is horribly wrong on BE systems.
> 
> You mean the pattern? Yes, it has three issues regarding to endianess and
> potential out of boundary access.

Never mind the misaligned page-boundary-crossing locked access.

> ...
> 
> > > -	return handled;
> > > +	return IRQ_RETVAL(!bitmap_empty(pending, CCE_NUM_INT_CSRS * 64));
> 
> > You really don't want to scan the bitmap again.
> 
> Either way it wastes cycles, the outcome depends on the actual distribution of
> the interrupts across the bitmap. If it gathered closer to the beginning of the
> bitmap, my code wins, otherwise the original ones.

The loop in bitmap_empty() will kill you - even if the first word in non-zero.

Or just 'or' together the 'value' written to clear the pending interrupts
in the first loop.

Or just return IRQ_HANDLED ;-)
Depending on exactly how the interrupt system works on you hardware
it is perfectly possible to get another ISR entry for an IRQ bit
you just cleared.
Which can generate a 'spurious interrupt' message when IRQ_HANDLED
isn't returned (maybe not in Linux...)

It is easiest to see how that can happen with a level sensitive interrupt
request.
The write to clear the pending register can get delayed (posted bus write)
long enough for the cpu to have actually exited the ISR.
So the IRQ line is still set and the ISR re-entered.
But no pending bits are now set.

Put enough PCIe bridges in a system and overload PCIe links and you
might get the same to happen for MSI-X.
Especially since there will be additional delays on the device itself
converting the internal IRQ into the required PCIe write.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ