lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 16 May 2019 12:43:12 -0500
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Jiri Kosina <jkosina@...e.cz>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Ben Hutchings <ben@...adent.org.uk>,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] cpu/speculation: Warn on unsupported mitigations=
 parameter

On Thu, May 16, 2019 at 09:09:35AM +0200, Geert Uytterhoeven wrote:
> Currently, if the user specifies an unsupported mitigation strategy on
> the kernel command line, it will be ignored silently.  The code will
> fall back to the default strategy, possibly leaving the system more
> vulnerable than expected.
> 
> This may happen due to e.g. a simple typo, or, for a stable kernel
> release, because not all mitigation strategies have been backported.
> 
> Inform the user by printing a message.
> 
> Fixes: 98af8452945c5565 ("cpu/speculation: Add 'mitigations=' cmdline option")
> Cc: stable@...r.kernel.org
> Signed-off-by: Geert Uytterhoeven <geert@...ux-m68k.org>
> ---
>  kernel/cpu.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/kernel/cpu.c b/kernel/cpu.c
> index f2ef10460698e9ec..8458fda00e6ddb88 100644
> --- a/kernel/cpu.c
> +++ b/kernel/cpu.c
> @@ -2339,6 +2339,9 @@ static int __init mitigations_parse_cmdline(char *arg)
>  		cpu_mitigations = CPU_MITIGATIONS_AUTO;
>  	else if (!strcmp(arg, "auto,nosmt"))
>  		cpu_mitigations = CPU_MITIGATIONS_AUTO_NOSMT;
> +	else
> +		pr_crit("Unsupported mitigations=%s, system may still be vulnerable\n",
> +			arg);
>  
>  	return 0;
>  }
> -- 
> 2.17.1
> 

Acked-by: Josh Poimboeuf <jpoimboe@...hat.com>

-- 
Josh

Powered by blists - more mailing lists