| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YV2zFlaLvZzNPkjh@zn.tnic>
Date: Wed, 6 Oct 2021 16:30:46 +0200
From: Borislav Petkov <bp@...en8.de>
To: Andrew Cooper <andrew.cooper3@...rix.com>
Cc: Jane Malalane <jane.malalane@...rix.com>,
LKML <linux-kernel@...r.kernel.org>, x86@...nel.org,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, Pu Wen <puwen@...on.cn>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
Peter Zijlstra <peterz@...radead.org>,
Yazen Ghannam <Yazen.Ghannam@....com>,
Brijesh Singh <brijesh.singh@....com>,
Huang Rui <ray.huang@....com>,
Andy Lutomirski <luto@...nel.org>,
Kim Phillips <kim.phillips@....com>, stable@...r.kernel.org
Subject: Re: [PATCH] x86/cpu: Fix migration safety with X86_BUG_NULL_SEL
On Wed, Oct 06, 2021 at 03:15:51PM +0100, Andrew Cooper wrote:
> The case which goes wrong is this:
>
> 1. Zen1 (or earlier) and Zen2 (or later) in a migration pool
> 2. Linux boots on Zen2, probes and finds the absence of X86_BUG_NULL_SEL
> 3. Linux is then migrated to Zen1
>
> Linux is now running on a X86_BUG_NULL_SEL-impacted CPU while believing
> that the bug is fixed.
>
> The only way to address the problem is to fully trust the "no longer
> affected" CPUID bit when virtualised, because in the above case it would
> be clear deliberately to indicate the fact "you might migrate to
> somewhere which really is affected".
Yap, makes sense.
Thanks for taking the time - that's what I was looking for.
Please add to the commit message of the next version.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists