lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190301171517.GB130541@arrakis.emea.arm.com>
Date:   Fri, 1 Mar 2019 17:15:17 +0000
From:   Catalin Marinas <catalin.marinas@....com>
To:     Jeremy Linton <jeremy.linton@....com>
Cc:     Andre Przywara <andre.przywara@....com>,
        linux-arm-kernel@...ts.infradead.org, will.deacon@....com,
        marc.zyngier@....com, suzuki.poulose@....com, Dave.Martin@....com,
        shankerd@...eaurora.org, julien.thierry@....com,
        mlangsdo@...hat.com, stefan.wahren@....com,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 03/10] arm64: add sysfs vulnerability show for meltdown

On Fri, Mar 01, 2019 at 10:53:50AM -0600, Jeremy Linton wrote:
> On 3/1/19 10:20 AM, Catalin Marinas wrote:
> > On Fri, Mar 01, 2019 at 10:12:09AM -0600, Jeremy Linton wrote:
> > > On 3/1/19 1:11 AM, Andre Przywara wrote:
> > > > On 2/26/19 7:05 PM, Jeremy Linton wrote:
> > > > > +ssize_t cpu_show_meltdown(struct device *dev, struct
> > > > > device_attribute *attr,
> > > > > +        char *buf)
> > > > > +{
> > > > > +    if (arm64_kernel_unmapped_at_el0())
> > > > > +        return sprintf(buf, "Mitigation: KPTI\n");
> > > > > +
> > > > > +    if (__meltdown_safe)
> > > > > +        return sprintf(buf, "Not affected\n");
> > > > 
> > > > Shall those two checks be swapped? So it doesn't report about a KPTI
> > > > mitigation if the CPU is safe, but we enable KPTI because of KASLR
> > > > having enabled it? Or is that a different knob?
> > > 
> > > Hmmm, I think having it this way reflects the fact that the machine is
> > > mitigated independent of whether it needed it. The force on case is similar.
> > > The machine may not have needed the mitigation but it was forced on.
> > 
> > So is this patchset about showing vulnerabilities _and_ mitigations or
> > just one of them?
> 
> Well, I don't think there is a way to express a mitigated but not vulnerable
> state in the current ABI. This set is mostly just to bring us in line with
> the current ABI expectations.

Looking at the ABI doc, it states:

	"Not affected"	  CPU is not affected by the vulnerability
	"Vulnerable"	  CPU is affected and no mitigation in effect
	"Mitigation: $M"  CPU is affected and mitigation $M is in effect

So, yes, we don't have mitigated but not vulnerable. Therefore I think
we should stick to "not affected" and swap the lines above as per
Andre's comment. This file is about Meltdown vulnerability and
mitigation, not KASLR hardening.

-- 
Catalin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ