lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240307162752.GAZenrCDqs0lMTjmu1@fat_crate.local>
Date: Thu, 7 Mar 2024 17:27:52 +0100
From: Borislav Petkov <bp@...en8.de>
To: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, kirill.shutemov@...ux.intel.com,
	pbonzini@...hat.com, tglx@...utronix.de, x86@...nel.org,
	jgross@...e.com
Subject: Re: [RFC][PATCH 01/34] x86/xen: Explain why calling get_cpu_cap() so
 early is a hack

On Thu, Feb 22, 2024 at 10:39:28AM -0800, Dave Hansen wrote:
> 
> From: Dave Hansen <dave.hansen@...ux.intel.com>
> 
> xen_start_kernel() some of the first C code run "Xen PV" systems.

That sentence reads weird.

> It precedes normally very early things like setup_arch() or the
> processor initialization code.
> 
> That means that 'boot_cpu_data' is garbage.  It has not even

s/is/contains/

> established the utter basics like if the CPU supports the CPUID
> instruction.  Unfortunately get_cpu_cap() requires this exact
> information.
> 
> Nevertheless xen_start_kernel() calls get_cpu_cap().  But it
> works out in practice because it's looking for the NX bit which
> comes from an extended CPUID leaf that doesn't depend on
> c->cpuid_level being set.  This also implicitly assumes that
> Xen PV guests support CPUID.
> 
> Leave the hack in place, but at least explain some of what is
> going on.
> 
> Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
> Cc: Juergen Gross <jgross@...e.com>
> ---
> 
>  b/arch/x86/xen/enlighten_pv.c |    6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff -puN arch/x86/xen/enlighten_pv.c~xen-explain1 arch/x86/xen/enlighten_pv.c
> --- a/arch/x86/xen/enlighten_pv.c~xen-explain1	2024-02-22 10:08:48.404451146 -0800
> +++ b/arch/x86/xen/enlighten_pv.c	2024-02-22 10:08:48.404451146 -0800
> @@ -1372,7 +1372,11 @@ asmlinkage __visible void __init xen_sta
>  	/* Get mfn list */
>  	xen_build_dynamic_phys_to_machine();
>  
> -	/* Work out if we support NX */
> +	/*
> +	 * This is a hack.  'boot_cpu_data' is not filled out enough
> +	 * for get_cpu_cap() to function fully.  But it _can_ fill out
> +	 * the leaves where NX is.  Gross, but it works.
> +	 */
>  	get_cpu_cap(&boot_cpu_data);
>  	x86_configure_nx();

If all it needs is to figure out whether it supports NX, just do that by
foot here and get rid of the get_cpu_cap(&boot_cpu_data) call
completely.

It won't be a hack anymore.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ