lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250317160034.GA12267@willie-the-truck>
Date: Mon, 17 Mar 2025 16:00:35 +0000
From: Will Deacon <will@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: catalin.marinas@....com, linux-arm-kernel@...ts.infradead.org,
	linux-kernel@...r.kernel.org, kernel-team@...roid.com,
	maz@...nel.org, rananta@...gle.com
Subject: Re: [GIT PULL] arm64 fixes for -rc7

Hi Linus,

On Fri, Mar 14, 2025 at 10:34:57AM -1000, Linus Torvalds wrote:
> On Fri, 14 Mar 2025 at 06:05, Will Deacon <will@...nel.org> wrote:
> >
> > Summary in the tag, but the main one is a horrible macro fix for our
> > TLB flushing code which resulted in over-invalidation on the MMU
> > notifier path.
> 
> From a quick look, that macro is still quite broken. Maybe not in ways
> that matter, but still...
> 
> In particular, the 'stride' argument is used multiple times, and
> without parentheses.
> 
> The 'lpa' argument is also used multiple times, and the input to that
> is typically something like kvm_lpa2_is_enabled(), so I think it
> potentially generates lots of pointless duplicate code with that
> BUG_ON() in system_supports_lpa2() -> cpus_have_final_cap().
> 
> Maybe the compiler figures it out. But that macro is bad, bad, bad.
> When it looks like a function, it should act like a function, and not
> evaluate its arguments multiple times.
> 
> The most immediate bug may have been fixed, but not the actual real
> horror of that thing.

Yes, the minimal fix for -rc7 avoids explicitly mutating the macro
arguments but we still have the multiple-evaluation problem you point
out above.

Ideally, this function would be rewritten as a 'static inline' but it
was moved from C code into a macro as part of 360839027a6e ("arm64: tlb:
Refactor the core flush algorithm of __flush_tlb_range") because we need
to propagate the 'op' argument down to the low-level asm where it's
stringified as part of the instruction mnemonic.

I'll have a crack at reworking things to take a 'const char *' instead,
but it won't be for 6.14 as it'll be reasonably invasive.

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ