lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 2 Apr 2024 15:34:27 +0100
From: Mark Brown <broonie@...nel.org>
To: Marc Zyngier <maz@...nel.org>
Cc: Catalin Marinas <catalin.marinas@....com>,
	Will Deacon <will@...nel.org>,
	Oliver Upton <oliver.upton@...ux.dev>,
	James Morse <james.morse@....com>,
	Suzuki K Poulose <suzuki.poulose@....com>,
	Jonathan Corbet <corbet@....net>, Shuah Khan <shuah@...nel.org>,
	linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
	Dave Martin <Dave.Martin@....com>, kvmarm@...ts.linux.dev,
	linux-doc@...r.kernel.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH v6 1/5] KVM: arm64: Share all userspace hardened thread
 data with the hypervisor

On Sun, Mar 31, 2024 at 11:00:41AM +0100, Marc Zyngier wrote:
> Mark Brown <broonie@...nel.org> wrote:

> > As part of the lazy FPSIMD state transitioning done by the hypervisor we
> > currently share the userpsace FPSIMD state in thread->uw.fpsimd_state with
> > the host. Since this struct is non-extensible userspace ABI we have to keep

> Using the same representation is just pure convenience, and nothing
> requires us to use the it in the kernel/hypervisor.

Indeed, the additional data seemed contained enough that it was a
reasonable tradeoff.

> > the definition as is but the addition of FPMR in the 2023 dpISA means that
> > we will want to share more storage with the host. To facilitate this
> > refactor the current code to share the entire thread->uw rather than just
> > the one field.

> So this increase the required sharing with EL2 from 528 bytes to
> 560. Not a huge deal, but definitely moving in the wrong direction. Is
> there any plans to add more stuff to this structure that wouldn't be
> *directly* relevant to the hypervisor?

I'm not aware of any current plans to extend this.

> > @@ -640,7 +641,7 @@ struct kvm_vcpu_arch {
> >  	struct kvm_guest_debug_arch vcpu_debug_state;
> >  	struct kvm_guest_debug_arch external_debug_state;
> >  
> > -	struct user_fpsimd_state *host_fpsimd_state;	/* hyp VA */
> > +	struct thread_struct_uw *host_uw;	/* hyp VA */
> >  	struct task_struct *parent_task;

> Well, this is going away, and you know it.

Sure, those patches are still in flight though.  It does seem reasonable
to target the current code.

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ