lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 1 Mar 2022 09:54:07 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Ammar Faizi' <ammarfaizi2@...weeb.org>,
        Borislav Petkov <bp@...en8.de>
CC:     Dave Hansen <dave.hansen@...ux.intel.com>,
        "H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Tony Luck <tony.luck@...el.com>,
        "linux-edac@...r.kernel.org" <linux-edac@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "gwml@...r.gnuweeb.org" <gwml@...r.gnuweeb.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "stable@...r.kernel.org" <stable@...r.kernel.org>,
        "Alviro Iskandar Setiawan" <alviro.iskandar@...weeb.org>,
        Jiri Hladky <hladky.jiri@...glemail.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: RE: [PATCH v4 1/2] x86/delay: Fix the wrong asm constraint in
 `delay_loop()`

From: Ammar Faizi
> Sent: 01 March 2022 09:46
> 
> The asm constraint does not reflect that the asm statement can modify
> the value of @loops. But the asm statement in delay_loop() does change
> the @loops.
> 
> If by any chance the compiler inlines this function, it may clobber
> random stuff (e.g. local variable, important temporary value in reg,
> etc.).
> 
> Fortunately, delay_loop() is only called indirectly (so it can't
> inline), and then the register it clobbers is %rax (which is by the
> nature of the calling convention, it's a caller saved register), so it
> didn't yield any bug.

Both the function pointers in that code need killing.
They only have two options (each) so conditional branches
will almost certainly always have been better.

I also wonder how well the comment
   The additional jump magic is needed to get the timing stable
   on all the CPU' we have to worry about.
applies to any modern cpu!
The code is unchanged since (at least) 2.6.27.
(It might have been moved from another file.)

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists