lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.2.21.1902121444250.3710@nanos.tec.linutronix.de>
Date:   Tue, 12 Feb 2019 14:51:00 +0100 (CET)
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Peter Zijlstra <peterz@...radead.org>
cc:     Fenghua Yu <fenghua.yu@...el.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...hat.com>,
        H Peter Anvin <hpa@...or.com>,
        Ashok Raj <ashok.raj@...el.com>,
        Michael Chan <michael.chan@...adcom.com>,
        Ravi V Shankar <ravi.v.shankar@...el.com>,
        Ricardo Neri <ricardo.neri@...el.com>,
        linux-kernel <linux-kernel@...r.kernel.org>, x86 <x86@...nel.org>
Subject: Re: [PATCH v3 08/10] x86/setcpuid: Add kernel option setcpuid

On Tue, 12 Feb 2019, Peter Zijlstra wrote:

> On Mon, Feb 11, 2019 at 11:16:43AM -0800, Fenghua Yu wrote:
> > 4. The feature can be disabled by kernel option
> > "clearcpuid=split_lock_detection" during early boot time.
> 
> IFF clearcpuid lives, it should also employ CPUID faulting and clear it
> for userspace too.

We have it already, and aside of clearcpuid there are enough things which
the kernel disables in the kernel view of CPUID, but user space still can
see them. That's inconsistent, so we really should use CPUID faulting when
its available.

That won't solve the problem of user space ignoring CPUID alltogether and
just probing crap, but you can't prevent that at all.

For that we'd need a CPUID mask facility in the hardware, which would
default to 0xFFFFFFFFFF and the kernel could clear bits in the mask to turn
of both the CPUID bit _AND_ the connected functionality. IOW, if you mask a
bit and user space probes the functionality brute force, it'll #GP and we
can just kill it.

Thanks,

	tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ