lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 10 May 2021 17:01:36 -0500
From:   "Saripalli, RK" <rsaripal@....com>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     linux-kernel@...r.kernel.org, x86@...nel.org, mingo@...hat.com,
        bp@...en8.de, hpa@...or.com, Jonathan Corbet <corbet@....net>,
        bsd@...hat.com, Josh Poimboeuf <jpoimboe@...hat.com>,
        Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH v5 1/1] x86/cpufeatures: Implement Predictive Store
 Forwarding control.



On 5/10/2021 4:44 PM, Thomas Gleixner wrote:
> On Mon, May 10 2021 at 06:10, RK Saripalli wrote:
>> On 5/7/2021 10:13 AM, Thomas Gleixner wrote:
>>> What's wrong with just treating this in the same way in which we treat
>>> all other speculative vulnerabilities and provide a consistent picture
>>> to the user?
>>>
>>> Something like the below. You get the idea.
>>
>> Thomas, thank you very much for the comments.
>>
>> I provided the links to the original patches which treat PSF similar to other
>> speculative vulnerabilities.
>>
>> Could you review them please?. The first patch is the cover letter.
>>
>> https://lore.kernel.org/lkml/20210406155004.230790-1-rsaripal@amd.com/
>> https://lore.kernel.org/lkml/20210406155004.230790-2-rsaripal@amd.com/
>> https://lore.kernel.org/lkml/20210406155004.230790-3-rsaripal@amd.com/
>> https://lore.kernel.org/lkml/20210406155004.230790-4-rsaripal@amd.com/
>> https://lore.kernel.org/lkml/20210406155004.230790-5-rsaripal@amd.com/
>> https://lore.kernel.org/lkml/20210406155004.230790-6-rsaripal@amd.com/
> 
> They are going into the right direction, i.e. detection and reporting.
> 
> Vs. mitigation control the question is whether we need the full
> machinery of prctl/seccomp and so forth especially under the aspect that
> the SSBD mitigation already covers the PSF issue.
> 
> So for the start a simple on/off might be good enough.

Thomas, I am fine with that. To a large extent, the new set of patches do that (on and off)
but they are not in the same files as other mitigations.

If I understand you correctly, you would prefer the on/off in bugs.c so that the changes
stay with other mitigation controls.

Thanks for reviewing and I will wait for feedback from Kees.
RK

> 
> Kees, any opinions?
> 
> Thanks,
> 
>         tglx
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ