| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Jan 2019 16:19:39 -0600
From: Jeremy Linton <jeremy.linton@....com>
To: Julien Thierry <julien.thierry@....com>,
linux-arm-kernel@...ts.infradead.org
Cc: catalin.marinas@....com, will.deacon@....com, marc.zyngier@....com,
suzuki.poulose@....com, dave.martin@....com,
shankerd@...eaurora.org, mark.rutland@....com,
linux-kernel@...r.kernel.org, ykaukab@...e.de
Subject: Re: [PATCH 4/6] arm64: add sysfs vulnerability show for spectre v2
Hi,
On 12/13/2018 05:09 AM, Julien Thierry wrote:
>
>
> On 06/12/2018 23:44, Jeremy Linton wrote:
>> Add code to track whether all the cores in the machine are
>> vulnerable, and whether all the vulnerable cores have been
>> mitigated.
>>
>> Once we have that information we can add the sysfs stub and
>> provide an accurate view of what is known about the machine.
>>
>> Signed-off-by: Jeremy Linton <jeremy.linton@....com>
>> ---
>> arch/arm64/kernel/cpu_errata.c | 72 +++++++++++++++++++++++++++++++---
>> 1 file changed, 67 insertions(+), 5 deletions(-)
>>
>> diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c
>> index 559ecdee6fd2..6505c93d507e 100644
>> --- a/arch/arm64/kernel/cpu_errata.c
>> +++ b/arch/arm64/kernel/cpu_errata.c
>
> [...]
>
>> @@ -766,4 +812,20 @@ ssize_t cpu_show_spectre_v1(struct device *dev, struct device_attribute *attr,
>> return sprintf(buf, "Mitigation: __user pointer sanitization\n");
>> }
>>
>> +ssize_t cpu_show_spectre_v2(struct device *dev, struct device_attribute *attr,
>> + char *buf)
>> +{
>> + switch (__spectrev2_safe) {
>> + case A64_SV2_SAFE:
>> + return sprintf(buf, "Not affected\n");
>> + case A64_SV2_UNSAFE:
>> + if (__hardenbp_enab == A64_HBP_MIT)
>> + return sprintf(buf,
>> + "Mitigation: Branch predictor hardening\n");
>> + return sprintf(buf, "Vulnerable\n");
>> + default:
>> + return sprintf(buf, "Unknown\n");
>> + }
>
> Again I see that we are going to display "Unknown" when the mitigation
> is not built in.
>
> Couldn't we make that CONFIG_GENERIC_CPU_,gation is not implemented? It's
> just checking the list of MIDRs.
Before I re-post, its probably worth pointing out that the
spectrev2_safe isn't set the same as the meltdown safe flag (which
reflects a whitelist or cpu_good flag) where the unknown/unsafe
condition is currently the same.
spectrev2_safe is a white/black list with a black list of known
vulnerable cores, plus cores with csv2 set indicating they are good.
This means the unset condition conceptually covers, the check being
disabled, as well as the core not being one of either known bad or known
good cores. Meaning you still need a dedicated "unknown" state because
the final state isn't unknown simply because the mitigation is not
compiled in.
Powered by blists - more mailing lists