| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Oct 2018 09:12:28 -0700
From: Tim Chen <tim.c.chen@...ux.intel.com>
To: Ingo Molnar <mingo@...nel.org>
Cc: Jiri Kosina <jikos@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Tom Lendacky <thomas.lendacky@....com>,
Ingo Molnar <mingo@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Andrea Arcangeli <aarcange@...hat.com>,
David Woodhouse <dwmw@...zon.co.uk>,
Andi Kleen <ak@...ux.intel.com>,
Dave Hansen <dave.hansen@...el.com>,
Casey Schaufler <casey.schaufler@...el.com>,
Asit Mallick <asit.k.mallick@...el.com>,
Arjan van de Ven <arjan@...ux.intel.com>,
Jon Masters <jcm@...hat.com>, linux-kernel@...r.kernel.org,
x86@...nel.org
Subject: Re: [Patch v2 4/4] x86/speculation: Add prctl to control indirect
branch speculation per process
On 10/02/2018 02:35 AM, Ingo Molnar wrote:
>
> * Tim Chen <tim.c.chen@...ux.intel.com> wrote:
>
>> To migitgate possible app to app attack from branch target buffer poisoning,
>> a new prctl is provided to control branch speculation for applications in
>> user app. The following interfaces are provided:
>
> s/migitgate
> /mitigate
>
>>
>> prctl(PR_SET_SPECULATION_CTRL, PR_INDIR_BRANCH, PR_SPEC_DISABLE, 0, 0);
>> - Disable branch target speculation to protect against app to app
>> style attack using IBPB and STIBP
>>
>> prctl(PR_SET_SPECULATION_CTRL, PR_INDIR_BRANCH, PR_SPEC_ENABLE, 0, 0);
>> - Allow branch target speculation, no mitigation for Spectre V2
>>
>> prctl(PR_GET_SPECULATION_CTRL, PR_INDIR_BRANCH, 0, 0, 0)
>> - Query the indirect branch speculation restriction on a process
>
> Well 'a process' is always 'the current process' in this case, right?
Right.
>
>> - lite - only turn on mitigation for non-dumpable processes
>> + lite - turn on mitigation for non-dumpable processes
>> + or processes that has indirect branch restricted
>> + via prctl's PR_SET_SPECULATION_CTRL option
>
> s/or processes that has indirect
> /or processes that have been indirect
>
> ?
>
>> + /*
>> + * If being set on non-current task, delay setting the CPU
>> + * mitigation until it is next scheduled.
>> + * Use speculative_store_bypass_update will update SPEC_CTRL MSR
>> + */
>> + if (task == current && update)
>> + speculative_store_bypass_update_current();
>
> Did you mean:
>
> Call to speculative_store_bypass_update_current() will update SPEC_CTRL MSR
Yes.
>
> ?
>
>
>> - * For lite protection mode, we only protect the non-dumpable
>> - * processes.
>> + * For lite protection mode, we protect processes
>> + * where the user explicitly disable indirect branch
>> + * speculation or mark the process as non-dumpable.
>
> s/where the user explicitly disable
> /where the user explicitly disables
>
> ?
>
> Thanks,
>
> Ingo
>
Thanks for the corrections. I'll update the patchset.
Tim
Powered by blists - more mailing lists