lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 14 Feb 2018 10:36:27 -0600
From:   Tom Lendacky <thomas.lendacky@....com>
To:     David Woodhouse <dwmw2@...radead.org>, tglx@...utronix.de,
        karahmed@...zon.de, x86@...nel.org, kvm@...r.kernel.org,
        torvalds@...ux-foundation.org, pbonzini@...hat.com,
        linux-kernel@...r.kernel.org, bp@...en8.de, peterz@...radead.org,
        jmattson@...gle.com, rkrcmar@...hat.com,
        arjan.van.de.ven@...el.com, dave.hansen@...el.com, mingo@...nel.org
Subject: Re: [PATCH 1/4] x86/speculation: Use IBRS if available before calling
 into firmware

On 2/14/2018 10:11 AM, David Woodhouse wrote:
> 
> 
> On Wed, 2018-02-14 at 10:07 -0600, Tom Lendacky wrote:
>> Shouldn't these writes to the MSR be just for the IBRS bit?  The spec
>> also defines the STIBP bit for this MSR, and if that bit had been set by
>> BIOS for example, these writes will clear it.  And who knows what future
>> bits may be defined and how they'll be used.
> 
> We don't use STIBP. If one day we do decide to set it in userspace for

Right, I understand the kernel doesn't use STIBP, that's why I mentioned
BIOS as an example.

> "sensitive" processes, if we're done having the debate about what those
> are, then that seems unlikely to conflict what what this code is doing
> anyway, as we would presumably *clear* it again on the way back into
> the kernel.
> 
> I certainly don't want to add a read/modify/write cycle here just to

Right, definitely to be avoided.  Maybe the value could be tracked in a
per-cpu variable so you never have to read it before the write.  Just
change the bit in question and write.  Not sure that's really feasible
though.

> cope with some hypothetical future use case for STIBP, when there would
> be better ways to cope.

Just putting it out there, no worries.

Thanks,
Tom

>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ