lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 23 Nov 2022 09:03:37 -0800
From:   Josh Poimboeuf <jpoimboe@...nel.org>
To:     Andrew Cooper <Andrew.Cooper3@...rix.com>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        "Paul E. McKenney" <paulmck@...nel.org>,
        "sfr@...b.auug.org.au" <sfr@...b.auug.org.au>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "jgross@...e.com" <jgross@...e.com>,
        "sstabellini@...nel.org" <sstabellini@...nel.org>,
        "boris.ostrovsky@...cle.com" <boris.ostrovsky@...cle.com>,
        "xen-devel@...ts.xenproject.org" <xen-devel@...ts.xenproject.org>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: objtool warning for next-20221118

On Wed, Nov 23, 2022 at 10:52:09AM +0000, Andrew Cooper wrote:
> > Well, if you return from arch_cpu_idle_dead() you're back in the idle
> > loop -- exactly where you would be if you were to bootstrap the whole
> > CPU -- provided you have it remember the whole state (easier with a
> > vCPU).

play_dead() really needs sane semantics.  Not only does it introduce a
surprise to the offlining code in do_idle(), it also skips the entire
hotplug state machine.  Not sure if that introduces any bugs, but at the
very least it's subtle and surprising.

> > But maybe I'm missing something, lets add Xen folks on.
> 
> Calling VCPUOP_down on oneself always succeeds, but all it does is
> deschedule the vCPU.
> 
> It can be undone at a later point by a different vcpu issuing VCPUOP_up
> against the previously-downed CPU, at which point the vCPU gets rescheduled.
> 
> This is why the VCPUOP_down hypercall returns normally.  All state
> really is intact.
> 
> As for what Linux does, this is how xen_pv_cpu_up() currently behaves. 
> If you want to make Xen behave more everything else, then bug a BUG()
> after VCPUOP_down, and adjust xen_pv_cpu_up() to skip its initialised
> check and always use VCPUOP_initialise to bring the vCPU back online.

Or we could do what sev_es_play_dead() does and just call start_cpu0()
after the hypercall returns?

Though, start_cpu0() seems very suspect, it just uses the stack of the
idle task of whatever CPU happened to be last brought up via cpu_up().
Which means we now have two idle tasks sharing the same stack?  How is
start_cpu0() not broken???

-- 
Josh

Powered by blists - more mailing lists