| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Nov 2020 15:04:27 +0100
From: Mathieu Chouquet-Stringer <me@...hieu.digital>
To: Borislav Petkov <bp@...en8.de>
Cc: Matthew Garrett <mjg59@...gle.com>,
Chris Down <chris@...isdown.name>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
sean.j.christopherson@...el.com, tony.luck@...el.com,
Linus Torvalds <torvalds@...ux-foundation.org>,
the arch/x86 maintainers <x86@...nel.org>, kernel-team@...com
Subject: [PATCH] x86/msr: Filter MSR writes
On Wed, Nov 18, 2020 at 12:50:27PM +0100, Borislav Petkov wrote:
> On Wed, Nov 18, 2020 at 10:09:29AM +0100, Mathieu Chouquet-Stringer wrote:
> > Speaking of doc, looking at the patches you submitted, I didn't see any
> > update to the documentation. Would you like me to create a patch for
> > that?
>
> Sure, that would be appreciated.
Here you go, let me know if I got that right...
---
TAINT_CPU_OUT_OF_SPEC now means what it says. Historically it was for
SMP kernel oops on an officially SMP incapable processor but now it also
covers CPUs whose MSRs have been incorrectly poked at. Update
documentation and script to reflect that.
Signed-off-by: Mathieu Chouquet-Stringer <me@...hieu.digital>
---
Documentation/admin-guide/tainted-kernels.rst | 11 ++++++-----
tools/debugging/kernel-chktaint | 2 +-
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst
index f718a2eaf1f6..95f432c43ba0 100644
--- a/Documentation/admin-guide/tainted-kernels.rst
+++ b/Documentation/admin-guide/tainted-kernels.rst
@@ -84,7 +84,7 @@ Bit Log Number Reason that got the kernel tainted
=== === ====== ========================================================
0 G/P 1 proprietary module was loaded
1 _/F 2 module was force loaded
- 2 _/S 4 SMP kernel oops on an officially SMP incapable processor
+ 2 _/S 4 kernel running on out of spec processor
3 _/R 8 module was force unloaded
4 _/M 16 processor reported a Machine Check Exception (MCE)
5 _/B 32 bad page referenced or some unexpected page flags
@@ -116,10 +116,11 @@ More detailed explanation for tainting
1) ``F`` if any module was force loaded by ``insmod -f``, ``' '`` if all
modules were loaded normally.
- 2) ``S`` if the oops occurred on an SMP kernel running on hardware that
- hasn't been certified as safe to run multiprocessor.
- Currently this occurs only on various Athlons that are not
- SMP capable.
+ 2) ``S`` if the kernel is running on any processor that is out of
+ specifications (writing to MSRs will trigger this behavior).
+ Historically, it could also be if an oops occured on a kernel running on
+ hardware that hasn't been certified as safe to run multiprocessor, such
+ as various Athlons that are not SMP capable.
3) ``R`` if a module was force unloaded by ``rmmod -f``, ``' '`` if all
modules were unloaded normally.
diff --git a/tools/debugging/kernel-chktaint b/tools/debugging/kernel-chktaint
index 2240cb56e6e5..0b9d93e27910 100755
--- a/tools/debugging/kernel-chktaint
+++ b/tools/debugging/kernel-chktaint
@@ -72,7 +72,7 @@ if [ `expr $T % 2` -eq 0 ]; then
addout " "
else
addout "S"
- echo " * SMP kernel oops on an officially SMP incapable processor (#2)"
+ echo " * kernel running on out of spec processor (#2)"
fi
T=`expr $T / 2`
Powered by blists - more mailing lists