From: Thomas Gleixner <tglx@linutronix.de>
To: Borislav Petkov <bp@alien8.de>
Cc: Fenghua Yu <fenghua.yu@intel.com>,
Tony Luck <tony.luck@intel.com>,
Dave Jiang <dave.jiang@intel.com>,
Ashok Raj <ashok.raj@intel.com>,
Ravi V Shankar <ravi.v.shankar@intel.com>,
Jean-Philippe Brucker <jean-philippe@linaro.org>,
Peter Zijlstra <peterz@infradead.org>, x86 <x86@kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
Jacob Jun Pan <jacob.jun.pan@intel.com>,
Christoph Hellwig <hch@infradead.org>,
Dave Hansen <dave.hansen@intel.com>,
iommu@lists.linux-foundation.org, Ingo Molnar <mingo@redhat.com>,
Randy Dunlap <rdunlap@infradead.org>,
Andy Lutomirski <luto@kernel.org>, H Peter Anvin <hpa@zytor.com>,
David Woodhouse <dwmw2@infradead.org>
Subject: Re: [PATCH] x86/cpufeatures: Force disable X86_FEATURE_ENQCMD and remove update_pasid()
Date: Mon, 31 May 2021 12:16:54 +0200 [thread overview]
Message-ID: <87y2bv438p.ffs@nanos.tec.linutronix.de> (raw)
In-Reply-To: <YLShmFEzddfm7WQs@zn.tnic>
On Mon, May 31 2021 at 10:43, Borislav Petkov wrote:
> On Sat, May 29, 2021 at 11:17:30AM +0200, Thomas Gleixner wrote:
>> #2 is broken beyond repair. The comment in the code claims that it is safe
>> to invoke this in an IPI, but that's just wishful thinking.
>>
>> FPU state of a running task is protected by fregs_lock() which is
>> nothing else than a local_bh_disable(). As BH disabled regions run
>> usually with interrupts enabled the IPI can hit a code section which
>> modifies FPU state and there is absolutely no guarantee that any of the
>> assumptions which are made for the IPI case is true.
>
> ... so on a PASID system, your trivial reproducer would theoretically
> fire the same way and corrupt FPU state just as well.
This is worse and you can't selftest it because the IPI can just hit in
the middle of _any_ FPU state operation and corrupt state.
Thanks,
tglx
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Gleixner <tglx@linutronix.de>
To: Borislav Petkov <bp@alien8.de>
Cc: Fenghua Yu <fenghua.yu@intel.com>,
linux-kernel <linux-kernel@vger.kernel.org>, x86 <x86@kernel.org>,
iommu@lists.linux-foundation.org, Ingo Molnar <mingo@redhat.com>,
H Peter Anvin <hpa@zytor.com>, Andy Lutomirski <luto@kernel.org>,
Jean-Philippe Brucker <jean-philippe@linaro.org>,
Christoph Hellwig <hch@infradead.org>,
Peter Zijlstra <peterz@infradead.org>,
David Woodhouse <dwmw2@infradead.org>,
Lu Baolu <baolu.lu@linux.intel.com>,
Dave Hansen <dave.hansen@intel.com>,
Tony Luck <tony.luck@intel.com>,
Randy Dunlap <rdunlap@infradead.org>,
Ashok Raj <ashok.raj@intel.com>,
Jacob Jun Pan <jacob.jun.pan@intel.com>,
Dave Jiang <dave.jiang@intel.com>,
Sohil Mehta <sohil.mehta@intel.com>,
Ravi V Shankar <ravi.v.shankar@intel.com>
Subject: Re: [PATCH] x86/cpufeatures: Force disable X86_FEATURE_ENQCMD and remove update_pasid()
Date: Mon, 31 May 2021 12:16:54 +0200 [thread overview]
Message-ID: <87y2bv438p.ffs@nanos.tec.linutronix.de> (raw)
In-Reply-To: <YLShmFEzddfm7WQs@zn.tnic>
On Mon, May 31 2021 at 10:43, Borislav Petkov wrote:
> On Sat, May 29, 2021 at 11:17:30AM +0200, Thomas Gleixner wrote:
>> #2 is broken beyond repair. The comment in the code claims that it is safe
>> to invoke this in an IPI, but that's just wishful thinking.
>>
>> FPU state of a running task is protected by fregs_lock() which is
>> nothing else than a local_bh_disable(). As BH disabled regions run
>> usually with interrupts enabled the IPI can hit a code section which
>> modifies FPU state and there is absolutely no guarantee that any of the
>> assumptions which are made for the IPI case is true.
>
> ... so on a PASID system, your trivial reproducer would theoretically
> fire the same way and corrupt FPU state just as well.
This is worse and you can't selftest it because the IPI can just hit in
the middle of _any_ FPU state operation and corrupt state.
Thanks,
tglx
next prev parent reply other threads:[~2021-05-31 10:17 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-15 16:30 [PATCH v8 0/9] x86: tag application address space for devices Fenghua Yu
2020-09-15 16:30 ` [PATCH v8 1/9] drm, iommu: Change type of pasid to u32 Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] " tip-bot2 for Fenghua Yu
2020-09-15 16:30 ` [PATCH v8 2/9] iommu/vt-d: Change flags type to unsigned int in binding mm Fenghua Yu
2020-09-15 16:30 ` Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] " tip-bot2 for Fenghua Yu
2020-09-15 16:30 ` [PATCH v8 3/9] Documentation/x86: Add documentation for SVA (Shared Virtual Addressing) Fenghua Yu
2020-09-17 7:53 ` Borislav Petkov
2020-09-17 7:53 ` Borislav Petkov
2020-09-17 14:56 ` Raj, Ashok
2020-09-17 14:56 ` Raj, Ashok
2020-09-17 17:18 ` Borislav Petkov
2020-09-17 17:18 ` Borislav Petkov
2020-09-17 17:22 ` Raj, Ashok
2020-09-17 17:22 ` Raj, Ashok
2020-09-17 17:30 ` Borislav Petkov
2020-09-17 17:30 ` Borislav Petkov
2020-09-18 16:22 ` Fenghua Yu
2020-09-18 16:22 ` Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] " tip-bot2 for Ashok Raj
2020-09-15 16:30 ` [PATCH v8 4/9] x86/cpufeatures: Enumerate ENQCMD and ENQCMDS instructions Fenghua Yu
2020-09-15 16:30 ` Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] " tip-bot2 for Fenghua Yu
2020-09-15 16:30 ` [PATCH v8 5/9] x86/fpu/xstate: Add supervisor PASID state for ENQCMD feature Fenghua Yu
2020-09-15 16:30 ` Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] x86/fpu/xstate: Add supervisor PASID state for ENQCMD tip-bot2 for Yu-cheng Yu
2020-09-15 16:30 ` [PATCH v8 6/9] x86/msr-index: Define IA32_PASID MSR Fenghua Yu
2020-09-15 16:30 ` Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] x86/msr-index: Define an " tip-bot2 for Fenghua Yu
2020-09-15 16:30 ` [PATCH v8 7/9] mm: Define pasid in mm Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] mm: Add a pasid member to struct mm_struct tip-bot2 for Fenghua Yu
2020-09-15 16:30 ` [PATCH v8 8/9] x86/cpufeatures: Mark ENQCMD as disabled when configured out Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] " tip-bot2 for Fenghua Yu
2020-09-15 16:30 ` [PATCH v8 9/9] x86/mmu: Allocate/free PASID Fenghua Yu
2020-09-15 16:30 ` Fenghua Yu
2020-09-18 7:42 ` [tip: x86/pasid] x86/mmu: Allocate/free a PASID tip-bot2 for Fenghua Yu
2021-05-29 9:17 ` [PATCH] x86/cpufeatures: Force disable X86_FEATURE_ENQCMD and remove update_pasid() Thomas Gleixner
2021-05-29 9:17 ` Thomas Gleixner
2021-05-31 8:43 ` Borislav Petkov
2021-05-31 8:43 ` Borislav Petkov
2021-05-31 10:16 ` Thomas Gleixner [this message]
2021-05-31 10:16 ` Thomas Gleixner
2021-06-02 20:37 ` Luck, Tony
2021-06-02 20:37 ` Luck, Tony
2021-06-03 17:31 ` Andy Lutomirski
2021-06-03 17:31 ` Andy Lutomirski
2021-06-09 17:32 ` Luck, Tony
2021-06-09 17:32 ` Luck, Tony
2021-06-09 23:34 ` Andy Lutomirski
2021-06-09 23:34 ` Andy Lutomirski
2021-06-25 15:46 ` Luck, Tony
2021-06-25 15:46 ` Luck, Tony
2021-06-02 10:14 ` Borislav Petkov
2021-06-02 10:14 ` Borislav Petkov
2021-06-02 10:20 ` Thomas Gleixner
2021-06-02 10:20 ` Thomas Gleixner
2021-06-03 11:20 ` Vinod Koul
2021-06-03 11:20 ` Vinod Koul
2021-06-03 11:42 ` Borislav Petkov
2021-06-03 11:42 ` Borislav Petkov
2021-06-03 12:47 ` Vinod Koul
2021-06-03 12:47 ` Vinod Koul
2021-06-03 14:33 ` Borislav Petkov
2021-06-03 14:33 ` Borislav Petkov
2021-06-02 19:49 ` [tip: x86/urgent] " tip-bot2 for Thomas Gleixner
2021-06-03 14:38 ` tip-bot2 for Thomas Gleixner
2020-09-16 8:06 ` [PATCH v8 0/9] x86: tag application address space for devices Joerg Roedel
2020-09-16 8:06 ` Joerg Roedel
2020-09-17 23:53 ` Fenghua Yu
2020-09-17 23:53 ` Fenghua Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y2bv438p.ffs@nanos.tec.linutronix.de \
--to=tglx@linutronix.de \
--cc=ashok.raj@intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dave.jiang@intel.com \
--cc=dwmw2@infradead.org \
--cc=fenghua.yu@intel.com \
--cc=hch@infradead.org \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=jacob.jun.pan@intel.com \
--cc=jean-philippe@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=ravi.v.shankar@intel.com \
--cc=rdunlap@infradead.org \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.