06:17 mardination: https://people.cs.umass.edu/~emery/classes/cmpsci691st/readings/Arch/gpu.pdf after vliw this is the next archtecture, might had been some in between though, like nv4x, this is probably nv5x serie akaa tesla or g80 or something
06:18 mardination: nvidia names such architecture as flexible superscalar, i have vhdl code of such cores too though
06:50 mardination: to me the most complex thing is memory controllers and cache, which i have researched from simulators and xilinx ARM and intel hps documentations, yeah i looked quite detailistically over the axi4 interconnect and its transfer topologies
06:52 mardination: when someone tries to argue still, we can do that, but performance processors and accelerators aare modified harvard archs, which can be offered only on accelerators some level of security via axi4 interconnect, but noone uses this cause it hits the performance
06:58 mardination: it offers both memory protection and cache isolation responses after three cycles, but hey do offer them if someone would like to make such hw
07:00 mardination: imo it is going to be complex a bit to implement it , you allready posted the wdata to be hijacked on second cycle, and now you gotta turn down the transaction by discarding the data lines
07:03 mardination: so you gotta buffer the data lines inside the conditional in the hdl to do that somehow
07:08 mardination: so all i am saying that i-caches and d-caches can be accessed if you are smart enough to understand axi transfer arbitration
07:09 mardination: or in desktop case PCI-e
07:10 mardination: there is no chip that has 1ghz bus accessing cache with 3cycles delay to begin with, it is a dilemma, and sane, hence they are not behind the isolating latches
07:11 mardination: it appears only thing they do, is map them differently, one physically indexed virtually tagged and other one vice versa
07:12 mardination: that can also screw alot by avoiding some of the hacks when source code and memory controller doumentation and kernel access is not available
07:18 mardination: both of the primary buses pci-e and axi offer atomics what arm says to be exclusive access on both it is ranged in 4kb area/space of mmio maximum
07:19 mardination: it seems that this type of transactions can not be hijacked either
07:19 mardination: but this mode can be turned off
07:20 Gigadoc2: karolherbst, Lyude, airlied: I am back with some test results, and I was wrong about a lot of things, apparently
07:21 Gigadoc2: First of all, on a clean boot with nouveau loaded, `setpci -s 01:00.0 0x488.l` already returns "02000000"
07:22 Gigadoc2: And indeed, when I just unload nouveau, remove the gpu and rescan, the audio function does pop up just like that
07:22 Gigadoc2: I realize now that I never tried to omit the setpci command so far, so that was quite misleading
07:22 Gigadoc2: Also, I can remove the gpu without unloading nouveau first - sometimes at least
07:23 Gigadoc2: some times it works, some times the kernel kind of locks up
07:24 Gigadoc2: But when it works, removing and rescanning while nouveau is loaded will *not* make the audio function show up, nouveau has to be unloaded during the remove/rescan part
07:25 Gigadoc2: Also, setpci during grub only returns ffffffff, and changing the bits doesn't seem to work (it still returns ffffffff afterwards)
07:26 Gigadoc2: I will now try out whether the output of setpci changes when loading nouveau
07:29 Gigadoc2: ok, so with nouveau not loaded, after boot setpci returns 0
07:29 Gigadoc2: after loading nouveau, it is 02000000
07:34 Gigadoc2: so, loading nouveau, unloading it and then removing/rescanning also makes the audio function visible
07:35 Gigadoc2: And I can confirm now that removing/rescanning without having the noveau module loaded prior does not make the function show up, as expected
07:57 mardination: they way i understand none uses this type of full isolation of data and instruction caches based of different buses or bus transactions
07:59 mardination: imagine we have i-cache and d-cache blocks in the hw like block-ram, it is needing to access axi transaction id and tag it that this id is for d-cache accesses only
07:59 mardination: but of course this is going to add a delay, this can not be done in parallel
08:11 mardination: in any event if you are going to put a very sophisticated bitwise condition, i.e using this tagging and responses and discarding, which all adds delay, then it will still be vulnerable to timing based side channel attacks
08:11 mardination: it has not been done, cause it is not doable
08:11 mardination: to secur nanochips in those archs
08:21 mardination: from intel to tampere and all otherr CVEs perfectly valid and genuinly reasonable reposnses were given, is that we take security seriously but at the time shared resources do have timing vulnerabilities and kinda like always will be, so at the same time, it just not designing fault according to my comments, it is just not doable
08:24 mardination: those guys are probably also not stupid at intel responding to those meltdown or specre or other crap, this vulnerability can be redone in hw, but the vulnerability will be digged up manifesting slightly differently anyways
08:33 mardination: same thing with antivirus signature tagging and removing from the system, actually they are not so stupid either to have such systems in place, as nasty and annoying it is , frankly it is the only working solution to get pain relief
08:37 mardination: says on the tested sandbox, that our antivirus program has detected malicous signature that belongs to that virus, which is going to compromise your system , now you are aware do you want to get rid of it, worked 30years allready that way
08:37 mardination: i used this stuff backtimes on windows
08:40 mardination: it's quite big business and big work too, I imagine some do quite reasonably good jobs among firewalls and antivirus programs to detect shit
08:41 mardination: firewalls today open the packages , unpack it run a lot of control on the tcp or other packets content, and only then send it forward, when no harm is detected by the users rules and awareness
08:49 mardination: well anyways maybe not all wealthiest men realise what kind of value they actually have among those blue blooded enterpreuneurs
08:50 mardination: what is just single nickel dimes value and how well things actually work,, sometimes it is just pointless to hold uber resources by single individuals
08:57 mardination: that such a mistake was done on me, country pays me money for the rest of my life, 450EUR in month, but as i am not an outsider as most, than this is not grace for me, since i can earn more my own
09:00 karolherbst: Gigadoc2: after the GPU suspends/resumes, that value is back to 02000000
09:00 karolherbst: so we set that value inside noueau during runtime resume
09:04 mardination: ok i am off to out now, adding that my health costed around millions of dollars which screwed very early on, and this type of conspiring compromise worked in favor of those who organised it, but as seen i can work being injured too and i'd still earn a lot more than those sums
15:39 Gigadoc2: karolherbst: I tried out the current mainline, and it behaves the same. So, should I open a bug somehwere? Unfortunately, I don't think I can fix this myself within nouveau, only apply some scripting workarounds.
15:43 karolherbst: Gigadoc2: mhh, not quite sure. I think there might be a bug somewhere already?
15:45 Gigadoc2: Is https://bugs.freedesktop.org/show_bug.cgi?id=75985 (what I linked in the beginning) that bug? It could be, but I am a bit confused by this custom kernel module
15:46 karolherbst: Gigadoc2: sounds similiar enough
15:46 karolherbst: I think we should check here if we have some laptops with that behaviour. Would make it easier to investigate and fix the issue
18:35 karolherbst: uff, and we have to move the pstate file out of debugfs again if the lockdown patches land