lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZhcOlNK4u1xAjcs9@debug.ba.rivosinc.com>
Date: Wed, 10 Apr 2024 15:11:32 -0700
From: Deepak Gupta <debug@...osinc.com>
To: Clément Léger <cleger@...osinc.com>
Cc: Andrew Jones <ajones@...tanamicro.com>,
	Jonathan Corbet <corbet@....net>,
	Paul Walmsley <paul.walmsley@...ive.com>,
	Palmer Dabbelt <palmer@...belt.com>,
	Albert Ou <aou@...s.berkeley.edu>, Conor Dooley <conor@...nel.org>,
	Rob Herring <robh@...nel.org>,
	Krzysztof Kozlowski <krzysztof.kozlowski+dt@...aro.org>,
	Anup Patel <anup@...infault.org>, Shuah Khan <shuah@...nel.org>,
	Atish Patra <atishp@...shpatra.org>, linux-doc@...r.kernel.org,
	linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
	devicetree@...r.kernel.org, kvm@...r.kernel.org,
	kvm-riscv@...ts.infradead.org, linux-kselftest@...r.kernel.org
Subject: Re: [PATCH 0/5] Add parsing for Zimop ISA extension

On Mon, Apr 08, 2024 at 10:01:12AM +0200, Clément Léger wrote:
>
>
>On 05/04/2024 19:33, Deepak Gupta wrote:
>> On Fri, Apr 5, 2024 at 8:26 AM Andrew Jones <ajones@...tanamicro.com> wrote:
>>>
>>> On Thu, Apr 04, 2024 at 12:32:46PM +0200, Clément Léger wrote:
>>>> The Zimop ISA extension was ratified recently. This series adds support
>>>> for parsing it from riscv,isa, hwprobe export and kvm support for
>>>> Guest/VM.
>>>
>>> I'm not sure we need this. Zimop by itself isn't useful, so I don't know
>>> if we need to advertise it at all. When an extension comes along that
>>> redefines some MOPs, then we'll advertise that extension, but the fact
>>> Zimop is used for that extension is really just an implementation detail.
>>
>> Only situation I see this can be useful is this:--
>>
>> An implementer, implemented Zimops in CPU solely for the purpose that they can
>> run mainline distro & packages on their hardware and don't want to leverage any
>> feature which are built on top of Zimop.
>
>Yes, the rationale was that some binaries using extensions that overload
>MOPs could still be run. With Zimop exposed, the loader could determine
>if the binary can be executed without potentially crashing. We could
>also let the program run anyway but the execution could potentially
>crash unexpectedly, which IMHO is not really good for the user
>experience nor for debugging. I already think that the segfaults which
>happens when executing binaries that need some missing extension are not
>so easy to debug, so better add more guards.
>
>>
>> As an example zicfilp and zicfiss are dependent on zimops. glibc can
>> do following
>>
>> 1) check elf header if binary was compiled with zicfiss and zicfilp,
>> if yes goto step 2, else goto step 6.
>> 2) check if zicfiss/zicfilp is available in hw via hwprobe, if yes
>> goto step 5. else goto step 3
>> 3) check if zimop is available via hwprobe, if yes goto step 6, else goto step 4
>
>I think you meant step 5 rather than step 6.

No I did mean step 6 which is let the binary run. Step 5 is "issue the prctl" to
light up the feature, this should have been reached via step 2 if feature was
available.

Going to step 6 from step 3 basically means that underlying hardware only supports
zimops and thus this binary is safe to run on this hardware. But no need to issue
any prctl to kernel to enable this feature.

>
>Clément
>
>> 4) This binary won't be able to run successfully on this platform,
>> issue exit syscall. <-- termination
>> 5) issue prctl to enable shadow stack and landing pad for current task
>> <-- enable feature
>> 6) let the binary run <-- let the binary run because no harm can be done

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ