| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Mar 2024 18:52:54 +0000 From: "levi.yun" <yeoreum.yun@....com> To: Will Deacon <will@...nel.org> Cc: catalin.marinas@....com, mark.rutland@....com, peterz@...radead.org, mathieu.desnoyers@...icios.com, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, nd@....com, stable@...r.kernel.org, Aaron Lu <aaron.lu@...el.com> Subject: Re: [PATCH] arm64/mm: Add memory barrier for mm_cid Hi will. > We already have a stronger barrier than smp_mb() (dsb ish) in __switch_to(). > Is that not sufficient? IIUC, It's not sufficient with smp_mb() in __switch_to(). Because, it can be broken in sched_mm_cid_remote_clear() CPU0 in __schedule() CPU1 in sched_mm_cid_remote_clear() rq->curr = new_task; <no barrier> mm_get_cid remote_clear - check valid cid and use it. Invalidate CID. <barrier> rq->curr (not observed). unset the cid (<<BUG). If change of rq->curr couldn't be observed in sched_mm_cid_remote_clear(), It could unset actively used cid. Note that __switch_to()'s smp_mb() is called AFTER switch_mm_cid(). That means before __switch_to(), there's possibility that sched_mm_cid_remote_clear() couldn't observe new active task, after it sets lazy_put on active cid used by new active task.
Powered by blists - more mailing lists