lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 20 Oct 2020 12:40:34 -0700
From:   Dave Hansen <dave.hansen@...el.com>
To:     Srinivas Pandruvada <srinivas.pandruvada@...ux.intel.com>,
        Borislav Petkov <bp@...en8.de>
Cc:     Sultan Alsawaf <sultan@...neltoast.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        kitsunyan <kitsunyan@...mail.cc>,
        "Brown, Len" <len.brown@...el.com>, X86 ML <x86@...nel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [PATCH] x86/msr: do not warn on writes to OC_MAILBOX

On 10/20/20 11:40 AM, Srinivas Pandruvada wrote:
> On Tue, 2020-10-20 at 19:47 +0200, Borislav Petkov wrote:
>> On Tue, Oct 20, 2020 at 10:21:48AM -0700, Srinivas Pandruvada wrote:
>>> These command id are model specific. There is no guarantee that
>>> even
>>> meaning changes. So I don't think we should write any code in
>>> kernel
>>> which can't stick.
>> Ok, is there a common *set* of values present on all models
> Sorry, don't know.

So, the question is: Is Intel willing to document this on a sufficient
number of models that folks can make a sane driver out of it?

Srinivas, that seems like a pretty sane thing for the community to ask.
 We've got random folks poking at MSRs and we don't know whether they're
nuts or not and whether we should spew warnings of disdain.  Seems like
it would be in Intel's best interests to understand what users are doing
with this MSR and to try to make sure they're not doing stuff which is
too nutty, or at least give them the chance of avoiding warnings if
they're being nice.

Sounds like Borislav is willing to help give Intel's customers a nicer
interface.  Mostly we from Intel would have to go dig out the docs for
as many models as we can, and make sure we're allowed to talk about it
publicly.

I dunno.  Maybe we should try it for *one* model and see how it goes.
Maybe start with the one we're already poking from inside the kernel.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ