| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20161123172916.GA19621@khazad-dum.debian.net>
Date: Wed, 23 Nov 2016 15:29:17 -0200
From: Henrique de Moraes Holschuh <hmh@....eng.br>
To: Borislav Petkov <bp@...e.de>
Cc: "Luck, Tony" <tony.luck@...el.com>,
Andi Kleen <andi@...stfloor.org>,
Ashok Raj <ashok.raj@...el.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] x86/mce: Include the PPIN in machine check records
when it is available
On Wed, 23 Nov 2016, Borislav Petkov wrote:
> On Wed, Nov 23, 2016 at 11:29:51AM -0200, Henrique de Moraes Holschuh wrote:
> > 1. Assuming we can do it, always lock it when it is found to be unlocked
> > at kernel boot.
>
> Because...?
Privacy, and the fact that /dev/cpu/msr exists and is enabled on
almost all general-use distros.
> > 2. Not attempt to change its state from disabled to enabled *unless*
> > given a command line parameter authorizing it. A kconfig-based
> > solution for default+command line override would also work well IMHO,
> > if it makes more sense.
>
> You can't reenable it:
Yeah, I just found the description for that thing in the IA32 manual.
It can be disabled + unlocked, disabled + locked, or enabled + unlocked.
Once locked, it will stay disabled until the next reboot.
However, the manual makes it clear we are _not_ supposed to leave it
enabled + unlocked. Apparently, we're supposed to do our business and
disable+lock it (i.e. enable, read and store/process, disable+lock).
Looks like it is supposed to be used in a way that protects privacy by
making it very hard for general use software to depend on it existing
and being enabled.
--
Henrique Holschuh
Powered by blists - more mailing lists