| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZOTjnmwwZ+iMsi6Y@arm.com>
Date: Tue, 22 Aug 2023 17:34:38 +0100
From: Catalin Marinas <catalin.marinas@....com>
To: Mark Brown <broonie@...nel.org>
Cc: Will Deacon <will@...nel.org>, Jonathan Corbet <corbet@....net>,
Andrew Morton <akpm@...ux-foundation.org>,
Marc Zyngier <maz@...nel.org>,
Oliver Upton <oliver.upton@...ux.dev>,
James Morse <james.morse@....com>,
Suzuki K Poulose <suzuki.poulose@....com>,
Arnd Bergmann <arnd@...db.de>, Oleg Nesterov <oleg@...hat.com>,
Eric Biederman <ebiederm@...ssion.com>,
Kees Cook <keescook@...omium.org>,
Shuah Khan <shuah@...nel.org>,
"Rick P. Edgecombe" <rick.p.edgecombe@...el.com>,
Deepak Gupta <debug@...osinc.com>,
Ard Biesheuvel <ardb@...nel.org>,
Szabolcs Nagy <Szabolcs.Nagy@....com>,
"H.J. Lu" <hjl.tools@...il.com>,
Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...belt.com>,
Albert Ou <aou@...s.berkeley.edu>,
linux-arm-kernel@...ts.infradead.org, linux-doc@...r.kernel.org,
kvmarm@...ts.linux.dev, linux-fsdevel@...r.kernel.org,
linux-arch@...r.kernel.org, linux-mm@...ck.org,
linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-riscv@...ts.infradead.org
Subject: Re: [PATCH v4 18/36] arm64/gcs: Context switch GCS state for EL0
On Wed, Aug 16, 2023 at 07:15:53PM +0100, Mark Brown wrote:
> On Fri, Aug 11, 2023 at 04:32:10PM +0100, Catalin Marinas wrote:
> > On Mon, Aug 07, 2023 at 11:00:23PM +0100, Mark Brown wrote:
>
> > > + gcs_free(current);
> > > + current->thread.gcs_el0_mode = 0;
> > > + write_sysreg_s(0, SYS_GCSCRE0_EL1);
> > > + write_sysreg_s(0, SYS_GCSPR_EL0);
> > > + }
> > > +}
>
> > Do we need and isb() or there's one on this path? If it's only EL0
> > making use of this register, we should be fine with the ERET before
> > returning to user. Not sure whether the kernel uses this, GCSSTTR
> > doesn't need it.
>
> They're only used by EL0, at EL1 we do read GCSPR for signal handling
> but AIUI that shouldn't be any more of an issue than it is for the
> TPIDRs which we don't have a barrier for. It's possible I'm
> misunderstanding though.
We should be alright without since we'll eventually have an ERET to EL0.
> > > + /*
> > > + * Ensure that GCS changes are observable by/from other PEs in
> > > + * case of migration.
> > > + */
> > > + if (task_gcs_el0_enabled(current) || task_gcs_el0_enabled(next))
> > > + gcsb_dsync();
>
> > What's this barrier for? The spec (at least the version I have) only
> > talks about accesses, nothing to do with the registers that we context
> > switch here.
>
> Right, it's for the GCS memory rather than the registers. I'm fairly
> sure it's excessive but but was erring on the side of caution until I
> have convinced myself that the interactions between GCS barriers and
> regular barriers were doing the right thing, until we have physical
> implementations to contend with I'd guess the practical impact will be
> minimal.
Well, I'd say either we are clear about why it's (not) needed or we ask
the architects to clarify the spec. I haven't checked your latest
series but in principle I don't like adding barriers just because we are
not sure they are needed (and I don't think having hardware eventually
changes this).
--
Catalin
Powered by blists - more mailing lists