lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1951199845.271163.1546543806398@email.ionos.de>
Date:   Thu, 3 Jan 2019 20:30:06 +0100 (CET)
From:   Stefan Wahren <stefan.wahren@...e.com>
To:     Jeremy Linton <jeremy.linton@....com>,
        Dave Martin <Dave.Martin@....com>
Cc:     mark.rutland@....com, julien.thierry@....com, mlangsdo@...hat.com,
        Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
        suzuki.poulose@....com, marc.zyngier@....com,
        catalin.marinas@....com,
        "Rafael J . Wysocki" <rafael.j.wysocki@...el.com>,
        will.deacon@....com, linux-kernel@...r.kernel.org,
        steven.price@....com, shankerd@...eaurora.org,
        Dave Hansen <dave.hansen@...el.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Borislav Petkov <bp@...en8.de>,
        David Woodhouse <dwmw@...zon.co.uk>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        ykaukab@...e.de, Thomas Gleixner <tglx@...utronix.de>,
        linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state

Hi Jeremy,

> Jeremy Linton <jeremy.linton@....com> hat am 3. Januar 2019 um 17:46 geschrieben:
> 
> 
> Hi,
> 
> On 01/03/2019 10:37 AM, Dave Martin wrote:
> > On Wed, Jan 02, 2019 at 06:49:15PM -0600, Jeremy Linton wrote:
> >> There is a lot of variation in the Arm ecosystem. Because of this,
> >> there exist possible cases where the kernel cannot authoritatively
> >> determine if a machine is vulnerable.
> >>
> >> Rather than guess the vulnerability status in cases where
> >> the mitigation is disabled or the firmware isn't responding
> >> correctly, we need to display an "Unknown" state.
> >>

i applied your patch series on linux-next-20190103. On my Raspberry Pi 3B+ (defconfig) i'm getting this from sysfs:

l1tf:Not affected
meltdown:Not affected
spec_store_bypass:Unknown
spectre_v1:Mitigation: __user pointer sanitization
spectre_v2:Unknown

AFAIK it has 4 Cortex-A53 cores (no PSCI firmware), so shouldn't be affected.

How can this be fixed?

Thanks
Stefan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ