lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 09 Jun 2018 14:19:10 +0100
From:   Marc Zyngier <marc.zyngier@....com>
To:     Jon Masters <jcm@...masters.org>
Cc:     <linux-arm-kernel@...ts.infradead.org>,
        <linux-kernel@...r.kernel.org>, <kvmarm@...ts.cs.columbia.edu>,
        Will Deacon <will.deacon@....com>,
        Catalin Marinas <catalin.marinas@....com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Andy Lutomirski <luto@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Christoffer Dall <christoffer.dall@....com>,
        Randy Dunlap <rdunlap@...radead.org>,
        Dominik Brodowski <linux@...inikbrodowski.net>,
        Julien Grall <julien.grall@....com>,
        Mark Rutland <mark.rutland@....com>
Subject: Re: [PATCH v2 05/17] arm64: Add 'ssbd' command-line option

On Sat, 09 Jun 2018 13:53:08 +0100,
Jon Masters wrote:
> 
> On 05/29/2018 08:11 AM, Marc Zyngier wrote:
> 
> > +	ssbd=		[ARM64,HW]
> > +			Speculative Store Bypass Disable control
> > +
> > +			On CPUs that are vulnerable to the Speculative
> > +			Store Bypass vulnerability and offer a
> > +			firmware based mitigation, this parameter
> > +			indicates how the mitigation should be used:
> > +
> > +			force-on:  Unconditionally enable mitigation for
> > +				   for both kernel and userspace
> > +			force-off: Unconditionally disable mitigation for
> > +				   for both kernel and userspace
> > +			kernel:    Always enable mitigation in the
> > +				   kernel, and offer a prctl interface
> > +				   to allow userspace to register its
> > +				   interest in being mitigated too.
> 
> This should be "spec_store_bypass_disable" and it should have the same
> parameters as on x86: "on", "off", "auto". Why not just add
> "kernel"?

Feel free to propose a patch that adds the x86 compat option if you
want, but I don't think this option deserves that many letters, and it
is also worth realising the semantics of the mitigation *are*
different. That's the real reason why we have different options.

> (we had a "kernel" early on for x86 as well, and it might still end up
> coming back anyway). If there's a /compelling/ reason to have the Arm
> parameter differ, then it should still recognize the x86 parameter,
> similarly to how POWER also does that for cross-arch consistency.

Well, we should then aim for real consistency (seccomp or not seccomp?
mitigated kernel or not?), and not at the cosmetic level. Once all
arches implement identical behaviours, we'll be in a position to
safely have a common option naming scheme which would encompass the
actual meaning of "on" and "off" (which have opposite meaning between
x86 and arm64).

> We'll add the x86 parameter way of doing it to RHEL anyway.

Great!

	M.

-- 
Jazz is not dead, it just smell funny.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ