lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Mar 2022 14:45:25 -0700 From: Bill Wendling <morbo@...gle.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Nick Desaulniers <ndesaulniers@...gle.com>, "H. Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Juergen Gross <jgross@...e.com>, Peter Zijlstra <peterz@...radead.org>, Andy Lutomirski <luto@...nel.org>, llvm@...ts.linux.dev, LKML <linux-kernel@...r.kernel.org>, linux-toolchains <linux-toolchains@...r.kernel.org> Subject: Re: [PATCH v5] x86: use builtins to read eflags On Thu, Mar 17, 2022 at 2:21 PM Linus Torvalds <torvalds@...ux-foundation.org> wrote: > > On Thu, Mar 17, 2022 at 2:10 PM Bill Wendling <morbo@...gle.com> wrote: > > > > > > As a result, we mark pretty much all system instructions as being > > > memory clobbers, because that actually works. > > > > For now. > > No. Forever. > > If you change the compiler to ignore memory clobbers in inline asms, > we'll stop using clang again. > > This is not some kind of "threat". This is literally just a plain fact. > > If you turn your compiler into garbage, we can't use it. > > End of discussion. > > > > Whether they actually clobber memory or not is immaterial, and is not > > > why we do it. > > > > I understand that. My point is that it's not a guarantee that the > > compiler won't change in the future. > > YES IT DAMN WELL IS. > > If I have an inline asm thing, and I tell the compiler "this inline > asm reads or writes memory in ways you don't understand", and you then > move externally visible memory operations around it - or move other > inline asms that do the same thing around it - then your compiler is > simply not a compiler any more. > > IT IS BROKEN SHIT. > > See? > > That memory clobber is not a "please mister compiler, can you pretty > please take this into account". > > That memory clobber is a "if you don't take this into account, you are > now no longer a working compiler, and thank Gods we have > alternatives". > > This is not a "in ten years things can change" kind of issue. This is > a very fundamental and simple thing. > > I don't understand why you can't just admit that. > > This is as simple as 2+2 being 4. That's black and white. > > There is no "the compiler might optimize it to be 3 at some future date". > I'm NOT saying that it WILL change or that it SHOULD change. I'm also not saying that your concern isn't justified. What I am saying is that unless you're using a compiler feature that's DEFINED as having a certain effect, then you are not using that feature correctly, regardless of how it's acted in the past. And it has the potential to bite you in the ass sooner or later. We've all seen such things happen before. I'm not thick and you don't have to yell about this. We're on the same page! :-) It would be much much better if there was a feature that was defined to act in the way you want it to. But I'm not offering one at the moment or even with the change that started this thread. -bw
Powered by blists - more mailing lists