lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YmXQBbCz2T/Opv5+@zn.tnic>
Date:   Mon, 25 Apr 2022 00:32:37 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
Cc:     x86@...nel.org, linux-edac@...r.kernel.org,
        linux-kernel@...r.kernel.org, Tony Luck <tony.luck@...el.com>,
        "H . Peter Anvin" <hpa@...or.com>,
        Yazen Ghannam <yazen.ghannam@....com>
Subject: Re: [PATCH v4 1/2] x86/mce: Check for writes ignored in MCA_STATUS
 register

On Thu, Apr 21, 2022 at 12:10:07PM -0700, Smita Koralahalli wrote:
> Also, should we move this slightly before? In inj_bank_set() after we check
> for sw injection and before reading IPID value?

If anything, the proper place for this would be to do the check in
flags_write() where you set the injection type and bail out if one of
the !sw types is chosen.

However, you must do the prepare_mca_status() dance first in order to do
the check.

Which means, you'd have to poke at the STATUS MSR of some bank and
carefully restore it to its original value so that you leave no changes
after the check. And I thought about it but it sounded kinda yucky, thus
the setting of hw_injection_possible at injection time.

That doesn't mean you can't check that variable in flags_write() *after*
the first injection has happened and it has been set properly, but the
first injection needs to get attempted first.

At least this is my idea, maybe you have a better one...

Btw, we'd need some error messaging when the hw injection fails:

---
diff --git a/arch/x86/kernel/cpu/mce/inject.c b/arch/x86/kernel/cpu/mce/inject.c
index 0fd1eea2f754..5ea1d603b124 100644
--- a/arch/x86/kernel/cpu/mce/inject.c
+++ b/arch/x86/kernel/cpu/mce/inject.c
@@ -345,6 +345,9 @@ static int __set_inj(const char *buf)
 
 	for (i = 0; i < N_INJ_TYPES; i++) {
 		if (!strncmp(flags_options[i], buf, strlen(flags_options[i]))) {
+			if (i > SW_INJ && !hw_injection_possible)
+				continue;
+
 			inj_type = i;
 			return 0;
 		}
@@ -382,7 +385,11 @@ static ssize_t flags_write(struct file *filp, const char __user *ubuf,
 
 	err = __set_inj(__buf);
 	if (err) {
-		pr_err("%s: Invalid flags value: %s\n", __func__, __buf);
+		pr_err("%s: Invalid flags value%s: %s\n", __func__,
+			(!hw_injection_possible
+			  ? " (SW-only injection possible on this platform)"
+			  : ""),
+			__buf);
 		return err;
 	}
 
-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ