| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jul 2022 13:39:25 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Borislav Petkov <bp@...en8.de>
Cc: Guenter Roeck <linux@...ck-us.net>,
Peter Zijlstra <peterz@...radead.org>,
Thadeu Lima de Souza Cascardo <cascardo@...onical.com>,
Naresh Kamboju <naresh.kamboju@...aro.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
kvm list <kvm@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
stable <stable@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Shuah Khan <shuah@...nel.org>, patches@...nelci.org,
lkft-triage@...ts.linaro.org, Pavel Machek <pavel@...x.de>,
Jon Hunter <jonathanh@...dia.com>,
Florian Fainelli <f.fainelli@...il.com>,
Sudip Mukherjee <sudipm.mukherjee@...il.com>,
Slade Watkins <slade@...dewatkins.com>,
Sean Christopherson <seanjc@...gle.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
X86 ML <x86@...nel.org>, "H. Peter Anvin" <hpa@...or.com>,
Alex Bennée <alex.bennee@...aro.org>,
Anders Roxell <anders.roxell@...aro.org>
Subject: Re: [PATCH 5.15 00/78] 5.15.55-rc1 review
On Thu, Jul 14, 2022 at 10:02 AM Borislav Petkov <bp@...en8.de> wrote:
>
> On Thu, Jul 14, 2022 at 09:51:40AM -0700, Linus Torvalds wrote:
> > Oh, absolutely. Doing an -rc7 is normal.
>
> Good. I'm gathering all the fallout fixes and will send them to you on
> Sunday, if nothing unexpected happens.
Btw, I assume that includes the clang fix for the
x86_spec_ctrl_current section attribute.
That's kind of personally embarrassing that it slipped through: I do
all my normal test builds that I actually *boot* with clang.
But since I kept all of the embargoed stuff outside my normal trees,
it also meant that the test builds I did didn't have my "this is my
clang tree" stuff in it.
And so I - like apparently everybody else - only did those builds with gcc.
And gcc for some reason doesn't care about this whole "you redeclared
that variable with a different attribute" thing.
And sadly, our percpu accessor functions don't verify these things
either, so you can write code like this:
unsigned long myvariable;
unsigned long test_fn(void)
{
return this_cpu_read(myvariable);
}
and the compiler will not complain about anything at all, and happily
generate completely nonsensical code like
movq %gs:myvariable(%rip), %rax
for it, which will do entirely the wrong thing because 'myvariable'
wasn't allocated in the percpu section.
In the 'x86_spec_ctrl_current' case, that nonsensical code _worked_
(with gcc), because despite the declaration being for a regular
variable, the actual definition was in the proper segment.
But that 'myvariable' thing above does end up being another example of
how we are clearly missing some type checkng in this area.
I'm not sure if there's any way to get that section mismatch at
compile-time at all. For the static declarations, we could just make
DECLARE_PER_CPU() add some prefix/postfix to the name (and obviously
then do it at use time too).
We have that '__pcpu_scope_##name' thing to make sure of globally
unique naming due to the whole weak type thing. I wonder if we could
do something similar to verify that "yes, this has been declared as a
percpu variable" at use time?
Linus
Powered by blists - more mailing lists