| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Feb 2018 16:11:17 +0000
From: David Woodhouse <dwmw2@...radead.org>
To: Tom Lendacky <thomas.lendacky@....com>, tglx@...utronix.de,
karahmed@...zon.de, x86@...nel.org, kvm@...r.kernel.org,
torvalds@...ux-foundation.org, pbonzini@...hat.com,
linux-kernel@...r.kernel.org, bp@...en8.de, peterz@...radead.org,
jmattson@...gle.com, rkrcmar@...hat.com,
arjan.van.de.ven@...el.com, dave.hansen@...el.com, mingo@...nel.org
Subject: Re: [PATCH 1/4] x86/speculation: Use IBRS if available before
calling into firmware
On Wed, 2018-02-14 at 10:07 -0600, Tom Lendacky wrote:
> Shouldn't these writes to the MSR be just for the IBRS bit? The spec
> also defines the STIBP bit for this MSR, and if that bit had been set by
> BIOS for example, these writes will clear it. And who knows what future
> bits may be defined and how they'll be used.
We don't use STIBP. If one day we do decide to set it in userspace for
"sensitive" processes, if we're done having the debate about what those
are, then that seems unlikely to conflict what what this code is doing
anyway, as we would presumably *clear* it again on the way back into
the kernel.
I certainly don't want to add a read/modify/write cycle here just to
cope with some hypothetical future use case for STIBP, when there would
be better ways to cope.
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5213 bytes)
Powered by blists - more mailing lists