lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20191114093138.GF11661@kitsune.suse.cz>
Date:   Thu, 14 Nov 2019 10:31:38 +0100
From:   Michal Suchánek <msuchanek@...e.de>
To:     Michael Ellerman <patch-notifications@...erman.id.au>
Cc:     Gustavo Walbon <gwalbon@...ux.ibm.com>,
        linuxppc-dev@...ts.ozlabs.org, mikey@...ling.org,
        maurosr@...ux.vnet.ibm.com, linux-kernel@...r.kernel.org,
        npiggin@...il.com, diana.craciun@....com, paulus@...ba.org,
        leitao@...ian.org, gwalbon@...ux.vnet.ibm.com,
        stable@...r.kernel.org
Subject: Re: [PATCH] Fix wrong message when RFI Flush is disable

On Thu, Nov 14, 2019 at 08:07:35PM +1100, Michael Ellerman wrote:
> On Thu, 2019-05-02 at 21:09:07 UTC, Gustavo Walbon wrote:
> > From: "Gustavo L. F. Walbon" <gwalbon@...ux.ibm.com>
> > 
> > The issue was showing "Mitigation" message via sysfs whatever the state of
> > "RFI Flush", but it should show "Vulnerable" when it is disabled.
> > 
> > If you have "L1D private" feature enabled and not "RFI Flush" you are
> > vulnerable to meltdown attacks.
> > 
> > "RFI Flush" is the key feature to mitigate the meltdown whatever the
> > "L1D private" state.
> > 
> > SEC_FTR_L1D_THREAD_PRIV is a feature for Power9 only.
> > 
> > So the message should be as the truth table shows.
> > CPU | L1D private | RFI Flush |                   sysfs               |
> > ----| ----------- | --------- | ------------------------------------- |
> >  P9 |    False    |   False   | Vulnerable
> >  P9 |    False    |   True    | Mitigation: RFI Flush
> >  P9 |    True     |   False   | Vulnerable: L1D private per thread
> >  P9 |    True     |   True    | Mitigation: RFI Flush, L1D private per
> >     |             |           | thread
> >  P8 |    False    |   False   | Vulnerable
> >  P8 |    False    |   True    | Mitigation: RFI Flush
> > 
> > Output before this fix:
> >  # cat /sys/devices/system/cpu/vulnerabilities/meltdown
> >  Mitigation: RFI Flush, L1D private per thread
> >  # echo 0 > /sys/kernel/debug/powerpc/rfi_flush
> >  # cat /sys/devices/system/cpu/vulnerabilities/meltdown
> >  Mitigation: L1D private per thread
> > 
> > Output after fix:
> >  # cat /sys/devices/system/cpu/vulnerabilities/meltdown
> >  Mitigation: RFI Flush, L1D private per thread
> >  # echo 0 > /sys/kernel/debug/powerpc/rfi_flush
> >  # cat /sys/devices/system/cpu/vulnerabilities/meltdown
> >  Vulnerable: L1D private per thread
> > 
> > Link: https://github.com/linuxppc/issues/issues/243
> > 
> > Signed-off-by: Gustavo L. F. Walbon <gwalbon@...ux.ibm.com>
> > Signed-off-by: Mauro S. M. Rodrigues <maurosr@...ux.vnet.ibm.com>
> 
> Applied to powerpc next, thanks.
> 
> https://git.kernel.org/powerpc/c/4e706af3cd8e1d0503c25332b30cad33c97ed442
> 
> cheers

Fixes: ff348355e9c7 ("powerpc/64s: Enhance the information in
cpu_show_meltdown()")

Thanks

Michal

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ