lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 25 Jan 2018 09:56:49 +0000
From:   David Woodhouse <dwmw2@...radead.org>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     arjan@...ux.intel.com, tglx@...utronix.de, karahmed@...zon.de,
        x86@...nel.org, linux-kernel@...r.kernel.org,
        tim.c.chen@...ux.intel.com, bp@...en8.de, pbonzini@...hat.com,
        ak@...ux.intel.com, torvalds@...ux-foundation.org,
        gregkh@...ux-foundation.org, dave.hansen@...el.com,
        gnomes@...rguk.ukuu.org.uk, ashok.raj@...el.com, mingo@...nel.org
Subject: Re: [PATCH v4 5/7] x86/pti: Do not enable PTI on processors which
 are not vulnerable to Meltdown

On Thu, 2018-01-25 at 10:42 +0100, Peter Zijlstra wrote:
> On Thu, Jan 25, 2018 at 09:23:07AM +0000, David Woodhouse wrote:
> > +static bool __init early_cpu_vulnerable_meltdown(struct cpuinfo_x86 *c)
> > +{
> > +     u64 ia32_cap = 0;
> > +
> > +     if (x86_match_cpu(cpu_no_meltdown))
> > +                return false;
> > +
> > +     if (cpu_has(c, X86_FEATURE_ARCH_CAPABILITIES))
> > +             rdmsrl(MSR_IA32_ARCH_CAPABILITIES, ia32_cap);
> 
> I think it was suggested a while back to write this like:
> 
>         if (cpu_has(c, X86_FEATURE_ARCH_CAPABILITIES) &&
>             !rdmsrl_safe(MSR_IA32_ARCH_CAPABILITIES, ia32_cap))
> 
> to deal with funny virt scenarios where they accidentally advertise the
> CPUID bit but don't in fact provide the MSR.

It was indeed suggested, but I was a bit confused by that. Because the
CPUID bit exists *purely* to advertise the existence of that MSR;
nothing more.

If it doesn't exist we'll end up with zero in ia32_cap anyway, which
will mean we *won't* see the RDCL_NO bit, and won't disable the
Meltdown flag.
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5213 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ