| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 21 Jul 2012 00:37:36 +0400 From: Vladimir Davydov <VDavydov@...allels.com> To: "H. Peter Anvin" <hpa@...or.com> CC: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Andi Kleen <ak@...ux.intel.com>, Borislav Petkov <borislav.petkov@....com>, "x86@...nel.org" <x86@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: Re: [PATCH 2/2] cpu: intel, amd: mask cleared cpuid features On Jul 21, 2012, at 12:19 AM, H. Peter Anvin wrote: > On 07/20/2012 11:21 AM, Vladimir Davydov wrote: >>> >>> I am a bit concerned about this patch: >>> >>> 1. it silently changes existing behavior. >> >> Yes, but who needs the current implementation of 'clearcpuid' which, >> in fact, just hides flags in /proc/cpuinfo while userspace apps will >> see and consequently use all CPU features? > > Anyone who wants to disable a feature from the kernel, specifically. > Another option then? >> So, I think it logically extends the existing behavior. >> >>> 2. even on enabled hardware, only some of the bits are maskable. >> >> The patch makes only words 0, 1, 4, 6 maskable, but words 3, 7, 8 are Linux-defined, words 2 and 5 are Transmeta-, Centaur-, etc- defined, and word 9 contains some bizarre Intel CPU features. Thus, it is words 0, 1, 4, 6 that contain useful information for most hardware models. > > "Bizarre"? New features, perhaps. All right, new :-) If the features are widely used, they'll provide a way of masking them either I guess. AFAIK, Intel added CPUID faulting for their newest 'Ivy Bridge' models, which allows masking all CPUID functions. Unfortunately, I don't have such a CPU. But later this feature can be utilized and wired into the code. Anyway, masking of at least some of the features would be better than lacking of the ability at all, wouldn't it? Another question whether the kernel should report errors/warnings if a particular feature can't be masked. > >> If you ask about some Intel CPUs that can't mask CPUID function 0x80000001, this function describes AMD-specific features, and I bet those Intel CPUs just don't have them at all and thus have nothing to mask. > > Not quite. > > -hpa > > > > -- > H. Peter Anvin, Intel Open Source Technology Center > I work for Intel. I don't speak on their behalf. > > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists