lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <c2f42cfd-82d4-4ab7-92b9-a173d6cdd29d@www.fastmail.com>
Date:   Tue, 09 Aug 2022 14:19:19 -0700
From:   "Andy Lutomirski" <luto@...nel.org>
To:     "Dave Hansen" <dave.hansen@...el.com>,
        "Ingo Molnar" <mingo@...nel.org>, "Ira Weiny" <ira.weiny@...el.com>
Cc:     "Borislav Petkov" <bp@...en8.de>,
        "Rik van Riel" <riel@...riel.com>,
        "the arch/x86 maintainers" <x86@...nel.org>,
        "Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>,
        kernel-team@...com
Subject: Re: [RFC PATCH 5/5] x86/entry: Store CPU info on exception entry



On Mon, Aug 8, 2022, at 9:16 AM, Dave Hansen wrote:
> On 8/8/22 04:03, Ingo Molnar wrote:
>>> Again, I don't believe this is too much overhead but I don't want people 
>>> to say it was not discussed.
>> Is it necessary to do this, what are the alternatives, can this overhead be 
>> avoided?
>
> One thing Andy mentioned is that we _could_ get it down to two instructions:
>
> 	rdgsbase $reg
> 	push $reg
>
> This could be hidden in:
>
> 	PUSH_PTREGS_AUXILIARY
>
> where, today, it would only net add a single instruction.  But, if we
> ever add more stuff to PUSH_PTREGS_AUXILIARY, it would move back to
> needing two instructions since we'd need both the:
>
> 	subq $PTREGS_AUX_SIZE, %rsp
>
> and something to write gsbase to the stack.
>
> That doesn't get us the smp_processor_id() directly, but we can derive
> it later on from the gsbase value.
>
> The downside is that we're doing it in assembly.  We'd also have
> something additional which is a bit uglier and that reads memory on
> !X86_FEATURE_FSGSBASE, probably:
>	
> 	movq    PER_CPU_VAR(cpu_number), %reg
> 	push %reg

Nah, I believe the same value that RDGSBASE reads is already in percpu memory as 'per_cpu_offset', so the alternative can just read that and the code that uses it doesn’t need to care about the alternative.

>
> Which would require some different code to decode what was there:
>
> int read_exception_cpu_number(ext_pt_regs *e)
> {
> 	if (cpu_feature_enabled(X86_FEATURE_FSGSBASE))
> 		return gsbase_to_cpu_number(e->ext_cpu_nr);
> 	else
> 		return e->ext_cpu_nr;
> }
>
> I'm thinking that the whole racy smp_processor_id() thing wasn't so bad
> in the first place.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ