lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180125151252.735a75ac@alans-desktop>
Date:   Thu, 25 Jan 2018 15:12:52 +0000
From:   Alan Cox <gnomes@...rguk.ukuu.org.uk>
To:     David Woodhouse <dwmw@...zon.co.uk>
Cc:     arjan@...ux.intel.com, tglx@...utronix.de, karahmed@...zon.de,
        x86@...nel.org, linux-kernel@...r.kernel.org,
        tim.c.chen@...ux.intel.com, bp@...en8.de, peterz@...radead.org,
        pbonzini@...hat.com, ak@...ux.intel.com,
        torvalds@...ux-foundation.org, gregkh@...ux-foundation.org,
        dave.hansen@...el.com, ashok.raj@...el.com, mingo@...nel.org
Subject: Re: [PATCH v4 5/7] x86/pti: Do not enable PTI on processors which
 are not vulnerable to Meltdown

On Thu, 25 Jan 2018 09:23:07 +0000
David Woodhouse <dwmw@...zon.co.uk> wrote:

> Also, for CPUs which don't speculate at all, don't report that they're vulnerable
> to the Spectre variants either.
> 
> Leave the cpu_no_meltdown[] match table with just X86_VENDOR_AMD in it for now,
> even though that could be done with a simple comparison, on the assumption that
> we'll have more to add.
> 
> Based on suggestions from Dave Hansen and Alan Cox.

Looks good to me. I've been doing some more document spelunking and have
some more stuff for 32bit but not for 64bit capable systems.

X86_VENDOR_NSC, 5

is safe as the MediaGX/Geode doesn't have speculation. However CYRIX,5
isn't because there are a mix of CPU types there.

Most interesting is the Cyrix one. I'm going to have to resurrect my
Cyrix kit because some of the Cyrix processors actually have control bits
to turn on/off the BTB and also the return stack predictor (PCR0 bits 1
and 0 respecively) and no lfence so you need to change system flags
or reload a segment register to force a stall.

Alan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ