lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <00bcb291-2b99-1122-9eb3-13c191fa3a5b@jp.fujitsu.com>
Date:   Tue, 30 Jan 2018 13:52:46 +0900
From:   "Misono, Tomohiro" <misono.tomohiro@...fujitsu.com>
To:     <linux-kernel@...r.kernel.org>
CC:     "Misono, Tomohiro" <misono.tomohiro@...fujitsu.com>
Subject: Question about dmesg/sysfs output when retpoline config is disabled

Hello,

I think dmesg/sysfs output messages are not suitable if retpoline config is off:

I intentionally compiled the kernel 4.15.0 with CONFIG_RETPOLINE=n for test and 
boot it with the following kernel command line option to check dmesg/sysfs:

(a) no command line option or "spectre_v2=on" or "spectre_v2=auto"
$ dmesg | grep -i spectre
[    0.017714] Spectre V2 mitigation: Vulnerable: Minimal generic ASM retpoline
$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Minimal generic ASM retpoline

(b) "spectre_v2=off"
$ dmesg | grep -i spectre
[    0.017002] Spectre V2 mitigation: disabled on command line.
$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable

(c) "spectre_v2=retpoline"
$ dmesg | grep -i spectre
[    0.018002] Spectre V2 mitigation: kernel not compiled with retpoline; no mitigation available! 
$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Vulnerable

I think the output of (c) is correct for this case, or are these outputs actually right?

Also, the output of (a) is the same with following condition:
 (1) CONFIG_RETPOLINE=n, and
 (2) CONFIG_RETPOLINE=y but the compiler did not support retpoline
These cannot be distinguished unless option of (c) is explicitly used.

Regards,
Tomohiro Misono

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ