lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 09 Jan 2018 16:37:24 -0600
From:   Tom Lendacky <thomas.lendacky@....com>
To:     x86@...nel.org, linux-kernel@...r.kernel.org
Cc:     Rik van Riel <riel@...hat.com>, Andi Kleen <ak@...ux.intel.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Jiri Kosina <jikos@...nel.org>,
        Dan Williams <dan.j.williams@...el.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Borislav Petkov <bp@...en8.de>,
        Andy Lutomirski <luto@...nel.org>,
        Kees Cook <keescook@...gle.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Tim Chen <tim.c.chen@...ux.intel.com>,
        Greg Kroah-Hartman <gregkh@...ux-foundation.org>,
        David Woodhouse <dwmw@...zon.co.uk>,
        Paul Turner <pjt@...gle.com>
Subject: [PATCH v1 0/2] x86/retpoline: Clear RETPOLINE_AMD if LFENCE is not
 serializing

The RETPOLINE_AMD feature is set by default for AMD hardware.  This
feature expects LFENCE to be serializing in order to perform the proper
speculation control.  If LFENCE cannot be determined to be serializing
(for example, when running under a hypervisor that does not allow writing
to the MSR that makes LFENCE serializing) the feature needs to be
disabled.  The kernel will then fall back to using the generic retpoline
support.

The following patches are included in this series:
- Add a function to clear the RETPOLINE_AMD feature and update the
  variable used for sysfs output.
- If LFENCE can not be determined to be serializing call the new
  function to clear the RETPOLINE_AMD feature.

This patch series is based on tip:x86/pti.

---

Tom Lendacky (2):
      x86/retpoline: Add a function to clear the RETPOLINE_AMD feature
      x86/cpu/AMD: Clear RETPOLINE_AMD if LFENCE is not serializing


 arch/x86/include/asm/nospec-branch.h |    1 +
 arch/x86/kernel/cpu/amd.c            |    4 ++++
 arch/x86/kernel/cpu/bugs.c           |   10 ++++++++++
 3 files changed, 15 insertions(+)

-- 
Tom Lendacky

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ