| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190221185806.GC16922@tassilo.jf.intel.com>
Date: Thu, 21 Feb 2019 10:58:06 -0800
From: Andi Kleen <ak@...ux.intel.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Prarit Bhargava <prarit@...hat.com>, linux-kernel@...r.kernel.org,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
linux-doc@...r.kernel.org
Subject: Re: [PATCH] x86/fpu: Parse comma separated list passed in clearcpuid
On Thu, Feb 21, 2019 at 02:37:45PM +0100, Peter Zijlstra wrote:
> On Thu, Feb 21, 2019 at 08:12:25AM -0500, Prarit Bhargava wrote:
> > Users cannot disable multiple CPU features with the kernel parameter
> > clearcpuid=. For example, "clearcpuid=154 clearcpuid=227" only disables
> > CPUID bit 154.
> >
> > Previous to commit 0c2a3913d6f5 ("x86/fpu: Parse clearcpuid= as early XSAVE
> > argument") it was possible to pass multiple clearcpuid options as kernel
> > parameters using individual entries. With the new code it isn't easy to
> > replicate exactly that behaviour but a comma separated list can be easily
> > implemented, eg) "clearcpuid=154,227"
> >
> > Make the clearcpuid parse a comma-separated list of values instead of only
> > a single value.
>
> So I think the feature is broken as is; because it doesn't clear the
> CPUID bits for userspace.
Usually it's enough to make the kernel stop using something. I used it many
times for this.
People who want to affect user space usually run VMs anyways.
-Andi
Powered by blists - more mailing lists