| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <572917F2.2060302@intel.com> Date: Tue, 3 May 2016 14:28:18 -0700 From: Dave Hansen <dave.hansen@...el.com> To: Borislav Petkov <bp@...en8.de> Cc: Ingo Molnar <mingo@...nel.org>, linux-kernel@...r.kernel.org, x86@...nel.org, Andy Lutomirski <luto@...nel.org>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [PATCH] [RFC] x86: work around MPX Erratum On 05/03/2016 02:12 PM, Borislav Petkov wrote: > On Tue, May 03, 2016 at 02:04:40PM -0700, Dave Hansen wrote: >> My concern was not necessarily with folks booting with 'nosmep', but > > Btw, does anything speak for even keeping that 'nosmep' thing? Generally, I'm not sure we need the no$foo options at all. There's always "clearcpuid=" which does the same thing. It just requires you to go look up the X86_FEATURE_* bit first. >> with processors that have MPX present and SMEP fused off (or made >> unavailable by a hypervisor) and which are unaffected by this issue. > > So we won't init MPX on those... Yes, and as long as such a processor doesn't exist today and never exists in the future or the folks that buy such a processor truly don't care about MPX, that's fine to do. I'm just a bit nervous about the whole "never exists in the future" part. >> People would have to be very careful to never create a processor which >> did not have SMEP but did have MPX, since MPX would effectively be >> unusable on such a processor. > > We can disable that combination in qemu too, right? What do you mean by disable? Have qemu error out if MPX and SMEP aren't disabled in concert with each other?
Powered by blists - more mailing lists