| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202202071402.DEFD6C9@keescook>
Date: Mon, 7 Feb 2022 14:04:04 -0800
From: Kees Cook <keescook@...omium.org>
To: Borislav Petkov <bp@...en8.de>
Cc: X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 1/6] x86/cpu: Allow feature bit names from
/proc/cpuinfo in clearcpuid=
On Thu, Jan 27, 2022 at 12:56:21PM +0100, Borislav Petkov wrote:
> From: Borislav Petkov <bp@...e.de>
>
> Having to give the X86_FEATURE array indices in order to disable a
> feature bit for testing is not really user-friendly. So accept the
> feature bit names too.
>
> Some feature bits don't have names so there the array indices are still
> accepted, of course.
>
> Clearing CPUID flags is not something which should be done in production
> so taint the kernel too.
>
> An exemplary cmdline would then be something like:
>
> clearcpuid=de,440,smca,succory,bmi1,3dnow
>
> ("succory" is wrong on purpose). And it says:
>
> [ 0.000000] Clearing CPUID bits: de 13:24 smca bmi1 3dnow
>
> Signed-off-by: Borislav Petkov <bp@...e.de>
I like the taint flag addition!
Even though it reports what it does actually clear, do you think it
might be more "friendly" to yell about unknown stuff too? i.e.:
[ 0.000000] Clearing CPUID bits: unknown bit 'succory'
[ 0.000000] Clearing CPUID bits: de 13:24 smca bmi1 3dnow
Either way:
Reviewed-by: Kees Cook <keescook@...omium.org>
--
Kees Cook
Powered by blists - more mailing lists