lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <bd565df5-b87c-42b1-a717-9ed1267df0c2@suse.com>
Date: Fri, 13 Jun 2025 10:01:09 +0200
From: Jürgen Groß <jgross@...e.com>
To: Xin Li <xin@...or.com>, linux-kernel@...r.kernel.org, x86@...nel.org,
 virtualization@...ts.linux.dev
Cc: Ajay Kaher <ajay.kaher@...adcom.com>,
 Broadcom internal kernel review list
 <bcm-kernel-feedback-list@...adcom.com>, Thomas Gleixner
 <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
 Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>,
 "H. Peter Anvin" <hpa@...or.com>,
 Boris Ostrovsky <boris.ostrovsky@...cle.com>,
 xen-devel@...ts.xenproject.org, Andrew Cooper <andrew.cooper3@...rix.com>
Subject: Re: [PATCH 5/6] x86/paravirt: Switch MSR access pv_ops functions to
 instruction interfaces

On 13.06.25 09:31, Xin Li wrote:
> On 6/11/2025 5:58 AM, Juergen Gross wrote:
>>> Here is a patch I cooked.  I added an ALTERNATIVE() hack because the new 
>>> instructions can't be more than 6 bytes long.  But with the patch you
>>> just sent, it shouldn't be needed.
>>
>> I have meanwhile dropped the patch copying the original indirect call.
>>
>> Reason is that I'm seeing a potential risk with current alternative
>> patching when using ALTERNATIVE_[23](): depending on the tested features
>> it might happen that an instruction sequence not suitable for the current
>> runtime environment is patched in as an intermediate step. In case there
>> is an interrupt happening just then AND the handling of the interrupt is
>> using the patch site, this could result in crashes or undefined behavior.
> 
> Oh, I had assumed that Linux disables interrupts during the patching
> process. Just out of curiosity, why are interrupts allowed in this case?

Interrupts are disabled within text_poke_early() while patching a single
instance.

I guess keeping interrupts disabled during the complete apply_alternatives()
handling would potentially result in a too long period without handling any
interrupts.


Juergen

Download attachment "OpenPGP_0xB0DE9DD628BF132F.asc" of type "application/pgp-keys" (3684 bytes)

Download attachment "OpenPGP_signature.asc" of type "application/pgp-signature" (496 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ