From: andrea@cpushare.com
To: Linus Torvalds <torvalds@osdl.org>
Cc: Chuck Ebbert <76306.1226@compuserve.com>, Andi Kleen <ak@suse.de>,
Alan Cox <alan@lxorguk.ukuu.org.uk>,
Arjan van de Ven <arjan@infradead.org>,
Ingo Molnar <mingo@elte.hu>, Adrian Bunk <bunk@stusta.de>,
linux-kernel <linux-kernel@vger.kernel.org>,
andrea <andrea@cpushare.com>
Subject: Re: [patch] let CONFIG_SECCOMP default to n
Date: Thu, 13 Jul 2006 00:48:14 +0200 [thread overview]
Message-ID: <20060712224814.GD24367@opteron.random> (raw)
In-Reply-To: <Pine.LNX.4.64.0607121453230.5623@g5.osdl.org>
> On Wed, 12 Jul 2006, Chuck Ebbert wrote:
> >
> > We can just fold the TSC disable stuff into the new thread_flags test
> > at context-switch time:
Great idea Chunk! We already use them in the syscall, it sounds a
perfect fit ;).
On Wed, Jul 12, 2006 at 02:55:38PM -0700, Linus Torvalds wrote:
>
> I really think that this should be cleaned up to _not_ confuse the issue
> of TSC with any "secure computing" issue.
>
> The two have nothing to do with each other from a technical standpoint.
>
> Just make the flag be called "TIF_NOTSC", and then any random usage
> (whether it be seccomp or anything else) can just set that flag, the same
> way ioperm() sets TIF_IO_BITMAP.
>
> Much cleaner.
>
> There's no point in mixing up an implementation detail like SECCOMP with a
> feature like this.
The only single advantage I can see in remaining purely in function of
seccomp instead of going in function of _TIF_NOTSC, is that the below
block would be completely optimized away at compile time when
CONFIG_SECCOMP is set to N. This now become a slow-path, but then I'm
unsure if the anti-seccomp advocates can live with this block in the
slow path given that seccomp will be the only user of the feature. I
suspect they won't like it but then I could be wrong.
I like it either ways.
/*
* Context switch may need to tweak the TSC disable bit in CR4.
* The optimizer should remove this code when !CONFIG_SECCOMP.
*/
if (has_secure_computing(task_thread_info(prev_p)) ^
has_secure_computing(task_thread_info(next_p))) {
/* prev and next are different */
if (has_secure_computing(task_thread_info(next_p)))
write_cr4(read_cr4() | X86_CR4_TSD);
else
write_cr4(read_cr4() & ~X86_CR4_TSD);
}
next prev parent reply other threads:[~2006-07-12 22:47 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-07-12 21:37 [patch] let CONFIG_SECCOMP default to n Chuck Ebbert
2006-07-12 21:55 ` Linus Torvalds
2006-07-12 22:48 ` andrea [this message]
2006-07-12 21:57 ` Andi Kleen
2006-07-12 22:14 ` [patch] let CONFIG_SECCOMP default to n II Andi Kleen
[not found] <6tgj0-8ip-19@gated-at.bofh.it>
[not found] ` <6xP8s-5mc-9@gated-at.bofh.it>
[not found] ` <6xUhQ-4Wx-33@gated-at.bofh.it>
[not found] ` <6xVdX-6oH-53@gated-at.bofh.it>
[not found] ` <6xVnz-6AI-21@gated-at.bofh.it>
[not found] ` <6xZUd-4Es-13@gated-at.bofh.it>
[not found] ` <6y7yy-7ws-13@gated-at.bofh.it>
[not found] ` <6y7RK-7TX-9@gated-at.bofh.it>
2006-07-17 11:37 ` [patch] let CONFIG_SECCOMP default to n Bodo Eggert
-- strict thread matches above, loose matches on Subject: below --
2006-07-13 5:43 Albert Cahalan
2006-07-13 7:07 ` andrea
2006-06-29 19:21 [2.6 patch] " Adrian Bunk
2006-06-30 0:44 ` Lee Revell
2006-06-30 1:07 ` Andrew Morton
2006-06-30 1:40 ` Adrian Bunk
2006-06-30 4:52 ` Andrea Arcangeli
2006-06-30 9:47 ` Ingo Molnar
2006-06-30 14:58 ` andrea
2006-07-11 7:36 ` [patch] " Ingo Molnar
2006-07-11 14:17 ` andrea
2006-07-11 14:32 ` Arjan van de Ven
2006-07-11 15:31 ` andrea
2006-07-11 15:54 ` Arjan van de Ven
2006-07-11 16:13 ` andrea
2006-07-11 16:23 ` Arjan van de Ven
2006-07-11 16:57 ` Alan Cox
2006-07-11 16:25 ` Alan Cox
2006-07-11 16:02 ` Adrian Bunk
2006-07-11 16:16 ` andrea
2006-07-11 16:24 ` Alan Cox
2006-07-12 15:43 ` Andi Kleen
2006-07-12 21:07 ` Ingo Molnar
2006-07-12 22:06 ` Andi Kleen
2006-07-12 22:19 ` Ingo Molnar
2006-07-12 22:33 ` Andi Kleen
2006-07-12 22:49 ` Ingo Molnar
2006-07-13 3:16 ` Andrea Arcangeli
2006-07-13 11:23 ` Jeff Dike
2006-07-13 11:35 ` Ingo Molnar
2006-07-13 3:04 ` Andrea Arcangeli
2006-07-13 3:12 ` Linus Torvalds
2006-07-13 4:40 ` Andrea Arcangeli
2006-07-13 4:51 ` andrea
2006-07-13 5:12 ` Linus Torvalds
2006-07-13 6:22 ` andrea
2006-07-13 1:51 ` Andrew Morton
2006-07-13 2:00 ` Linus Torvalds
2006-07-13 7:44 ` James Bruce
2006-07-13 8:34 ` andrea
2006-07-13 9:18 ` Andrew Morton
2006-07-13 12:13 ` Andi Kleen
2006-07-12 21:22 ` Ingo Molnar
2006-07-12 22:11 ` Andi Kleen
2006-07-11 15:54 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060712224814.GD24367@opteron.random \
--to=andrea@cpushare.com \
--cc=76306.1226@compuserve.com \
--cc=ak@suse.de \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=arjan@infradead.org \
--cc=bunk@stusta.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox