lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250613071842.GH2273038@noisy.programming.kicks-ass.net>
Date: Fri, 13 Jun 2025 09:18:42 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: "Xin Li (Intel)" <xin@...or.com>
Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org, tglx@...utronix.de,
	mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
	x86@...nel.org, hpa@...or.com, seanjc@...gle.com,
	pbonzini@...hat.com, brgerst@...il.com, tony.luck@...el.com,
	fenghuay@...dia.com
Subject: Re: [PATCH v1 0/3] x86/traps: Fix DR6/DR7 inintialization

On Fri, Jun 13, 2025 at 12:01:14AM -0700, Xin Li (Intel) wrote:
> Sohil reported seeing a split lock warning when running a test that
> generates userspace #DB:
> 
>   x86/split lock detection: #DB: sigtrap_loop_64/4614 took a bus_lock trap at address: 0x4011ae
> 
> 
> We investigated the issue and identified how the false bus lock detected
> warning is generated under certain test conditions:
> 
>   1) The warning is a false positive.
> 
>   2) It is not caused by the test itself.
> 
>   3) It occurs even when Bus Lock Detection (BLD) is disabled.
> 
>   4) It only happens on the first #DB on a CPU.
> 
> 
> And the root cause is, at boot time, Linux zeros DR6.  This leads to
> different DR6 values depending on whether the CPU supports BLD:
> 
>   1) On CPUs with BLD support, DR6 becomes 0xFFFF07F0 (bit 11, DR6.BLD,
>      is cleared).
> 
>   2) On CPUs without BLD, DR6 becomes 0xFFFF0FF0.
> 
> Since only BLD-induced #DB exceptions clear DR6.BLD and other debug
> exceptions leave it unchanged, even if the first #DB is unrelated to
> BLD, DR6.BLD is still cleared.  As a result, such a first #DB is
> misinterpreted as a BLD #DB, and a false warning is triggerred.
> 
> 
> Fix the bug by initializing DR6 by writing its architectural reset
> value at boot time.
> 
> 
> DR7 suffers from a similar issue.  We apply the same fix.

Bah, this DR6 polarity is a pain in the behind for sure. Patches look
good, except I'm really not a fan of using those 'names'. But I'll not
object too much of others like it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ