| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 Jan 2018 14:48:19 +0100 (CET)
From: Thomas Gleixner <tglx@...utronix.de>
To: Dave Hansen <dave.hansen@...el.com>
cc: Borislav Petkov <bp@...en8.de>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Greg KH <gregkh@...uxfoundation.org>,
Andrea Arcangeli <aarcange@...hat.com>,
Andi Kleen <ak@...ux.intel.com>,
Arjan Van De Ven <arjan.van.de.ven@...el.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 6/7] x86/spec_ctrl: Add sysctl knobs to enable/disable
SPEC_CTRL feature
On Thu, 4 Jan 2018, Dave Hansen wrote:
> On 01/04/2018 10:33 AM, Borislav Petkov wrote:
> >> 2. At run time
> >> echo 0 > /sys/kernel/debug/ibrs_enabled will turn off IBRS
> >> echo 1 > /sys/kernel/debug/ibrs_enabled will turn on IBRS in kernel
> >> echo 2 > /sys/kernel/debug/ibrs_enabled will turn on IBRS in both userspace and kernel
> > I am not sure that tristate is really needed. What's wrong with on/off
> > only?
>
> Lots of things:
>
> Distros have the tri-state already deployed.
Which is the least relevant argument. Distros have shipped a lot of crap.
> Paranoid people want "IBRS always" aka "ibrs 2".
> Future CPUs may have cheap-enough IBRS to not be worth switching it.
So again, as I said to David in the retpoline thread.
1) Start off with a CPU bug flag which describes the attack mode.
2) Have feature flags, which denote the mitigation mode
3) Have proper command line switching similar to pti
4) Keep the sysctl stuff separate
Thanks,
tglx
Powered by blists - more mailing lists