lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b14c166b-a66b-4ffc-a2a9-d771002de0ab@citrix.com>
Date: Thu, 27 Feb 2025 22:23:31 +0000
From: Andrew Cooper <andrew.cooper3@...rix.com>
To: Ingo Molnar <mingo@...nel.org>
Cc: bp@...en8.de, chang.seok.bae@...el.com, dave.hansen@...el.com,
 dave.hansen@...ux.intel.com, linux-kernel@...r.kernel.org, mingo@...hat.com,
 tglx@...utronix.de, x86@...nel.org
Subject: Re: [PATCH RFC v1 02/11] x86/fpu/xstate: Introduce xstate order table
 and accessor macro

On 27/02/2025 9:30 pm, Ingo Molnar wrote:
> * Ingo Molnar <mingo@...nel.org> wrote:
>
>> * Andrew Cooper <andrew.cooper3@...rix.com> wrote:
>>
>>>> There's no incompatibility for a default-disabled feature that gets 
>>>> enabled by an AVX-aware host kernel and by AVX-aware guest kernels. 
>>>> What ABI would be broken?
>>> I don't understand your question.
>>>
>>> XSAVE, and details about in CPUID, are a stated ABI (given in the SDM 
>>> and APM), and available in userspace, including for userpace to write 
>>> into a file/socket and interpret later (this is literally how we 
>>> migrate VMs between different hosts).
>>>
>>> You simply redefine what %xcr0.bnd_* (a.k.a. XFEATURES 3 and 4) mean, 
>>> irrespective of what a guest kernel thinks it can get away with.
>> XFEATURES bits 3 and 4 are zero by default in the CPU, so the previous 
>> ABI promise has been fully met: MPX is unavailable and disabled.

I disagree.

XFEATURES is defined in the spec, and the spec demands that userspace
checks it.

XGETBV(0) & 0x18 in userspace has a very well defined meaning that is
MPX and not "MPX now but something unrelated in the future".

>>
>> I propose a new addition, an extension of functionality: if a new CPUID 
>> bit indicates it, and a new MSR is written, XFEATURES bit 3 becomes 
>> active again - and the MPX area is now used by AVX. Obviously only 
>> AVX-aware host and guest kernels would enable AVX.
> Erm, s/AVX/APX ...
>
> Too many acronyms.

With semantics like that, the pipeline designers will also be coming
after you with sharp objects.

~Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ