lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <de707d86-abd1-4d77-b9e1-9a39afdd4c27@intel.com>
Date: Wed, 7 Jan 2026 08:06:19 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>,
 "Li, Xiaoyao" <xiaoyao.li@...el.com>, "tglx@...utronix.de"
 <tglx@...utronix.de>, "mingo@...hat.com" <mingo@...hat.com>,
 "x86@...nel.org" <x86@...nel.org>,
 "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
 "bp@...en8.de" <bp@...en8.de>
Cc: "hpa@...or.com" <hpa@...or.com>,
 "Chatre, Reinette" <reinette.chatre@...el.com>,
 "kas@...nel.org" <kas@...nel.org>,
 "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
 "Qiang, Chenyi" <chenyi.qiang@...el.com>,
 "Peng, Chao P" <chao.p.peng@...el.com>
Subject: Re: [PATCH v2] x86/split_lock: Handle unexpected split lock as fatal

On 1/7/26 07:24, Edgecombe, Rick P wrote:
>> If #AC occurs on split lock without X86_FEATURE_SPLIT_LOCK_DETECT,
>> that sounds more like a naughty hypervisor or buggy CPU that deserves
>> a BUG_ON() rather than a situation where the kernel wants to move
>> merrily along.
> Can you clarify your feelings on BUG_ON()'s? I was under the impression
> that new ones were basically banned, and we should WARN() here to try
> to keep running.
> 
> Unless we could claim that continuing would destroy something or other
> situation a user would never want.

I'm conflicted about BUG_ON() here. It's a pretty nasty thing to be
sending exceptions that the kernel doesn't expect. x86 exception
handling is "fun" and has lots of sharp edges. There are absolutely
windows where the kernel can not recover from exceptions if they happen
in there. The real questions is why the kernel should even try to
recover if it's faced with a borderline malicious hypervisor or CPU so
buggy it's throwing unexpected exceptions.

On the other hand, in practice, this particular code path is from
userspace and a BUG_ON() is an instant DoS.

Balancing all that, a WARN_ON_ONCE() with panic_on_warn=1 is probably
the best course of action here.

But I still want to hear more about why the enumeration is broken and
can't be fixed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ