lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHmME9pVO01mj8vgKPEX7a6pZDRSfX62e2Ow8R=L79hLSJoaMA@mail.gmail.com>
Date:   Tue, 8 Sep 2020 19:42:12 +0200
From:   "Jason A. Donenfeld" <Jason@...c4.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
        kitsunyan <kitsunyan@...mail.cc>,
        "Brown, Len" <len.brown@...el.com>, X86 ML <x86@...nel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Sultan Alsawaf <sultan@...neltoast.com>
Subject: Re: [PATCH] x86/msr: do not warn on writes to OC_MAILBOX

On Tue, Sep 8, 2020 at 7:36 PM Borislav Petkov <bp@...en8.de> wrote:
>
> On Tue, Sep 08, 2020 at 07:29:11PM +0200, Jason A. Donenfeld wrote:
> > Well that's not cool.
>
> So you're saying that if someone wants to kill its box by poking at that
> MSR, we should just let her/him?
>
> If anything, I think that a BIG FAT WARNING at least would make sense.

Are you prepared to track down all the MSRs that might maybe do
something naughty?

After determining optimal voltages, people have systemd running
intel-undervolt for them. It becomes part of the normal system
configuration, is applied all the time, and after figuring it out
once, users forget they ever had enabled it, except when observing
that their laptop works better than it originally did.

Does `dd` warn when you run `dd if=/dev/zero of=/dev/sda`?

> Now, if there were a proper interface which would allow only valid
> commands, now that would be optimal...

Probably not possible. Optimal values are related to the "silicon
lottery" that occurs when you buy a new CPU. Different optimal values
for different individual chips.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ