lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <81981263-da62-569f-1b47-b258aa5c91e5@flygoat.com>
Date:   Fri, 1 Jan 2021 00:09:35 +0800
From:   Jiaxun Yang <jiaxun.yang@...goat.com>
To:     WANG Xuerui <i@...0n.name>, linux-mips@...r.kernel.org
Cc:     Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
        Alexey Malahov <Alexey.Malahov@...kalelectronics.ru>,
        Serge Semin <Sergey.Semin@...kalelectronics.ru>,
        周琰杰 (Zhou Yanjie) 
        <zhouyanjie@...yeetech.com>, Paul Cercueil <paul@...pouillou.net>,
        Tiezhu Yang <yangtiezhu@...ngson.cn>,
        Huacai Chen <chenhc@...ote.com>, YunQiang Su <syq@...ian.org>,
        Liangliang Huang <huanglllzu@...il.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/3] MIPS: cpu-probe: Vulnerabilities for Loongson cores



在 2020/12/31 23:43, WANG Xuerui 写道:
> Hi Jiaxun,
>
> On 12/30/20 11:23 AM, Jiaxun Yang wrote:
>> Loongson64C is known to be vulnerable to meltdown according to
>> PoC from Rui Wang <r@....cc>.
>>
>> Loongson64G defended these side-channel attack by silicon.
> "Loongson64G mitigated it in hardware"?
>>
>> Signed-off-by: Jiaxun Yang <jiaxun.yang@...goat.com>
>> ---
>>   arch/mips/kernel/cpu-probe.c | 4 ++++
>>   1 file changed, 4 insertions(+)
>>
>> diff --git a/arch/mips/kernel/cpu-probe.c b/arch/mips/kernel/cpu-probe.c
>> index 2460783dbdb1..24b21f51353c 100644
>> --- a/arch/mips/kernel/cpu-probe.c
>> +++ b/arch/mips/kernel/cpu-probe.c
>> @@ -2092,6 +2092,8 @@ static inline void cpu_probe_loongson(struct 
>> cpuinfo_mips *c, unsigned int cpu)
>>           c->ases |= (MIPS_ASE_LOONGSON_MMI | MIPS_ASE_LOONGSON_CAM |
>>               MIPS_ASE_LOONGSON_EXT | MIPS_ASE_LOONGSON_EXT2);
>>           c->ases &= ~MIPS_ASE_VZ; /* VZ of Loongson-3A2000/3000 is 
>> incomplete */
>> +        c->vulnerabilities |= MIPS_VULNBL_MELTDOWN;
>> +        c->vulnerable |= MIPS_VULNBL_MELTDOWN;
>>           break;
>>       case PRID_IMP_LOONGSON_64G:
>>           c->cputype = CPU_LOONGSON64;
>> @@ -2100,6 +2102,8 @@ static inline void cpu_probe_loongson(struct 
>> cpuinfo_mips *c, unsigned int cpu)
>>           set_isa(c, MIPS_CPU_ISA_M64R2);
>>           decode_cpucfg(c);
>>           c->writecombine = _CACHE_UNCACHED_ACCELERATED;
>> +        c->vulnerabilities |= MIPS_VULNBL_MELTDOWN |
>> +                  MIPS_VULNBL_SPECTRE_V1 | MIPS_VULNBL_SPECTRE_V2;
>
> Of course you forgot to set the "mitigated" mask... Oh wait.

Hi Xuerui,

Actually it belongs to not affected category as there is no action
to take in kernel.

>
> It seems the "mitigated" mask in the 1st patch is never used, so 
> either code there or here must be amended.

Yes, it's just a place holder for future kernel mitigations~
Or I should leave it until we find out these mitigations?

Thanks.

- Jiaxun

>
>>           break;
>>       default:
>>           panic("Unknown Loongson Processor ID!");

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ