lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7593b839a8c7d3122e08660ca2e957d834665005.camel@infradead.org>
Date: Tue, 17 Dec 2024 15:56:00 +0100
From: David Woodhouse <dwmw2@...radead.org>
To: Dave Hansen <dave.hansen@...el.com>, "Kirill A. Shutemov"
	 <kirill.shutemov@...ux.intel.com>
Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, 
 Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>,
 x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>, Eric Biederman
 <ebiederm@...ssion.com>, Sourabh Jain <sourabhjain@...ux.ibm.com>, Hari
 Bathini <hbathini@...ux.ibm.com>, Michael Ellerman <mpe@...erman.id.au>,
 Thomas Zimmermann <tzimmermann@...e.de>, Andrew Morton
 <akpm@...ux-foundation.org>, Baoquan He <bhe@...hat.com>, Yuntao Wang
 <ytcoode@...il.com>, David Kaplan <david.kaplan@....com>, Tao Liu
 <ltao@...hat.com>, Kai Huang <kai.huang@...el.com>, Ard Biesheuvel
 <ardb@...nel.org>, Josh Poimboeuf <jpoimboe@...nel.org>, Breno Leitao
 <leitao@...ian.org>, Wei Yang <richard.weiyang@...il.com>, Rong Xu
 <xur@...gle.com>, Thomas Weißschuh
 <thomas.weissschuh@...utronix.de>, linux-kernel@...r.kernel.org, 
 kexec@...ts.infradead.org, Simon Horman <horms@...nel.org>, Dave Young
 <dyoung@...hat.com>, Peter Zijlstra <peterz@...radead.org>, bsz@...zon.de, 
 nathan@...nel.org
Subject: Re: [EXTERNAL] [PATCH 1/9] x86/kexec: Disable global pages before
 writing to control page

On Tue, 2024-12-17 at 06:51 -0800, Dave Hansen wrote:
> On 12/17/24 04:25, Kirill A. Shutemov wrote:
> > > Clear the PGE bit in %cr4 early, before storing data in the control page.
> > It worth noting that flipping CR4.PGE triggers TLB flush. I was not sure
> > if CR3 write is required to make it happen.
> 
> I thought about removing the CR3 write. But I decided against it because
> CR4.PGE needs to actually change value, unlike CR3 writes where any
> write can flush the TLB (modulo globals, PCID and bit 63 of course).
> 
> X86_FEATURE_PGE itself is required but I couldn't actually remember if
> there are any cases where CR4.PGE==0. If there were, the CR3 write would
> still be needed. I don't _think_ there are any ways forx86_64 to end up
> with CR4.PGE==0, but I also wouldn't out the possibility that some silly
> issue pops up making us play stupid games and win stupid prizes.
> 
> Anyway, I think we can leave the belt-and-suspenders programming in this
> case. A comment wouldn't hurt I guess.

I'm a little lost. In this case I don't see belt-and-suspenders
programming. We're not loading CR3 after clearing CR4.PGE just to be
paranoid about making really really sure the TLB is flushed.

We're loading CR3 because we're switching from the kernel's page tables
to the new identity mapping set up for the relocate_kernel environment.

Download attachment "smime.p7s" of type "application/pkcs7-signature" (5965 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ