lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 01 Jun 2023 22:13:29 +0200
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Steven Noonan <steven@...inklabs.net>
Cc:     Muhammad Usama Anjum <usama.anjum@...labora.com>,
        Jonathan Corbet <corbet@....net>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
        "H. Peter Anvin" <hpa@...or.com>,
        "open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
        open list <linux-kernel@...r.kernel.org>,
        "Guilherme G. Piccoli" <gpiccoli@...lia.com>, kernel@...labora.com
Subject: Re: Direct rdtsc call side-effect

On Thu, Jun 01 2023 at 22:10, Thomas Gleixner wrote:
>
> So back to the options:
>
>    1) Kernel
>
>       If at all then this needs to be disabled by default and enabled by
>       a command line option along with a big fat warning that it might
>       disable TSC for timekeeping and bug reports related to this are
>       going to be ignored.
>
>       Honestly I'm not too interested in this. It's yet another piece of
>       art which needs to be maintained and kept alive for a long time.
>
>       The fact that we need to check for synchronized TSCs in the first
>       place is hillarious already. TSC_ADJUST makes the resynchronization
>       attempt at least halfways sensible.
>
>       Without it, it's just a pile of never going to be correct
>       heuristics with a flood of "this fixes it for my machine (and
>       breaks the rest)" patches.
>
>
>    2) Binary patching
>
>       Unfortunately RDTSC is only a two byte instruction, but there are
>       enough advanced binary patching tools to deal with that.
>
>       It might be a completely crazy idea, but I wouldn't dismiss it
>       before trying.

Duh. Hit send too early

     3) Virtualization

        Obviously not trivial either but definitely workable.

Thanks,

        tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ