| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <00bcb291-2b99-1122-9eb3-13c191fa3a5b@jp.fujitsu.com> Date: Tue, 30 Jan 2018 13:52:46 +0900 From: "Misono, Tomohiro" <misono.tomohiro@...fujitsu.com> To: <linux-kernel@...r.kernel.org> CC: "Misono, Tomohiro" <misono.tomohiro@...fujitsu.com> Subject: Question about dmesg/sysfs output when retpoline config is disabled Hello, I think dmesg/sysfs output messages are not suitable if retpoline config is off: I intentionally compiled the kernel 4.15.0 with CONFIG_RETPOLINE=n for test and boot it with the following kernel command line option to check dmesg/sysfs: (a) no command line option or "spectre_v2=on" or "spectre_v2=auto" $ dmesg | grep -i spectre [ 0.017714] Spectre V2 mitigation: Vulnerable: Minimal generic ASM retpoline $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 Minimal generic ASM retpoline (b) "spectre_v2=off" $ dmesg | grep -i spectre [ 0.017002] Spectre V2 mitigation: disabled on command line. $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 Vulnerable (c) "spectre_v2=retpoline" $ dmesg | grep -i spectre [ 0.018002] Spectre V2 mitigation: kernel not compiled with retpoline; no mitigation available! $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 Vulnerable I think the output of (c) is correct for this case, or are these outputs actually right? Also, the output of (a) is the same with following condition: (1) CONFIG_RETPOLINE=n, and (2) CONFIG_RETPOLINE=y but the compiler did not support retpoline These cannot be distinguished unless option of (c) is explicitly used. Regards, Tomohiro Misono
Powered by blists - more mailing lists