lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240206185710.090317205@redhat.com>
Date: Tue, 06 Feb 2024 15:49:21 -0300
From: Marcelo Tosatti <mtosatti@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: Daniel Bristot de Oliveira <bristot@...nel.org>,
 Juri Lelli <juri.lelli@...hat.com>,
 Valentin Schneider <vschneid@...hat.com>,
 Frederic Weisbecker <frederic@...nel.org>,
 Leonardo Bras <leobras@...hat.com>,
 Peter Zijlstra <peterz@...radead.org>,
 Thomas Gleixner <tglx@...utronix.de>,
 Marcelo Tosatti <mtosatti@...hat.com>
Subject: [patch 10/12] x86/mce/inject.c: fail if target cpu is block interference

In the codepaths leading to smp_call_function (including rdmsrl_on_cpu),
check for, and fail if, a target cpu is marked as "block interference".

Signed-off-by: Marcelo Tosatti <mtosatti@...hat.com>

Index: linux-isolation/arch/x86/kernel/cpu/mce/inject.c
===================================================================
--- linux-isolation.orig/arch/x86/kernel/cpu/mce/inject.c
+++ linux-isolation/arch/x86/kernel/cpu/mce/inject.c
@@ -23,6 +23,7 @@
 #include <linux/notifier.h>
 #include <linux/pci.h>
 #include <linux/uaccess.h>
+#include <linux/sched/isolation.h>
 
 #include <asm/amd_nb.h>
 #include <asm/apic.h>
@@ -584,6 +585,13 @@ static int inj_bank_set(void *data, u64
 	struct mce *m = (struct mce *)data;
 	u8 n_banks;
 	u64 cap;
+	int idx, ret = 0;
+
+	idx = block_interf_srcu_read_lock();
+	if (block_interf_cpu(m->extcpu)) {
+		ret = -EPERM;
+		goto err;
+	}
 
 	/* Get bank count on target CPU so we can handle non-uniform values. */
 	rdmsrl_on_cpu(m->extcpu, MSR_IA32_MCG_CAP, &cap);
@@ -591,7 +599,8 @@ static int inj_bank_set(void *data, u64
 
 	if (val >= n_banks) {
 		pr_err("MCA bank %llu non-existent on CPU%d\n", val, m->extcpu);
-		return -EINVAL;
+		ret = -EINVAL;
+		goto err;
 	}
 
 	m->bank = val;
@@ -612,12 +621,14 @@ static int inj_bank_set(void *data, u64
 
 		if (rdmsrl_on_cpu(m->extcpu, MSR_AMD64_SMCA_MCx_IPID(val), &ipid)) {
 			pr_err("Error reading IPID on CPU%d\n", m->extcpu);
-			return -EINVAL;
+			ret = -EINVAL;
+			goto err;
 		}
 
 		if (!ipid) {
 			pr_err("Cannot inject into unpopulated bank %llu\n", val);
-			return -ENODEV;
+			ret = -ENODEV;
+			goto err;
 		}
 	}
 
@@ -627,7 +638,9 @@ inject:
 	/* Reset injection struct */
 	setup_inj_struct(&i_mce);
 
-	return 0;
+err:
+	block_interf_srcu_read_unlock(idx);
+	return ret;
 }
 
 MCE_INJECT_GET(bank);



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ