| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jul 2022 14:15:07 +0530
From: Naresh Kamboju <naresh.kamboju@...aro.org>
To: open list <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>,
lkft-triage@...ts.linaro.org
Cc: Borislav Petkov <bp@...e.de>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Peter Zijlstra <peterz@...radead.org>,
Josh Poimboeuf <jpoimboe@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: RETBleed: WARNING: Spectre v2 mitigation leaves CPU vulnerable to
RETBleed attacks, data leaks possible!
Results from Linaro’s test farm.
We are booting the i386 kernel on an x86 machine.
With Spectre V2 patches merged into Linux mainline we have been noticing
RETBleed: WARNING: Spectre v2 mitigation leaves CPU vulnerable to
RETBleed attacks, data leaks possible!
Please find the detailed boot log in the below link [1] and [2].
Reported-by: Linux Kernel Functional Testing <lkft@...aro.org>
metadata:
git_ref: master
git_repo: https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline
git_sha: 4a57a8400075bc5287c5c877702c68aeae2a033d
git_describe: v5.19-rc6-115-g4a57a8400075
kernel_version: 5.19.0-rc6
kernel-config: https://builds.tuxbuild.com/2Bu6unA4pJ0TotIOQ6jcNKfhmew/config
build-url: https://gitlab.com/Linaro/lkft/mirrors/torvalds/linux-mainline/-/pipelines/587353280
artifact-location: https://builds.tuxbuild.com/2Bu6unA4pJ0TotIOQ6jcNKfhmew
toolchain: gcc-11
boot log:
---------
[ 0.000000] Linux version 5.19.0-rc6 (tuxmake@...make)
(i686-linux-gnu-gcc (Debian 11.3.0-3) 11.3.0, GNU ld (GNU Binutils for
Debian) 2.38) #1 SMP PREEMPT_DYNAMIC @1657744061
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating
point registers'
<trim>
[ 1.275957] LSM: Security Framework initializing
[ 1.275957] SELinux: Initializing.
[ 1.275957] Mount-cache hash table entries: 2048 (order: 1, 8192
bytes, linear)
[ 1.275957] Mountpoint-cache hash table entries: 2048 (order: 1,
8192 bytes, linear)
[ 1.275957] CPU0: Thermal monitoring enabled (TM1)
[ 1.275957] process: using mwait in idle threads
[ 1.275957] Last level iTLB entries: 4KB 128, 2MB 8, 4MB 8
[ 1.275957] Last level dTLB entries: 4KB 64, 2MB 0, 4MB 0, 1GB 4
[ 1.275957] Spectre V1 : Mitigation: usercopy/swapgs barriers and
__user pointer sanitization
[ 1.275957] Spectre V2 : Mitigation: Retpolines
[ 1.275957] Spectre V2 : Spectre v2 / SpectreRSB mitigation:
Filling RSB on context switch
[ 1.275957] RETBleed: WARNING: Spectre v2 mitigation leaves CPU
vulnerable to RETBleed attacks, data leaks possible!
[ 1.275957] RETBleed: Vulnerable
[ 1.275957] Speculative Store Bypass: Vulnerable
[ 1.275957] L1TF: Kernel not compiled for PAE. No mitigation for L1TF
[ 1.275957] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
[ 1.275957] TAA: Vulnerable: Clear CPU buffers attempted, no microcode
[ 1.275957] MMIO Stale Data: Vulnerable: Clear CPU buffers
attempted, no microcode
[ 1.275957] SRBDS: Vulnerable: No microcode
Full test log link,
[1] https://lkft.validation.linaro.org/scheduler/job/5282509#L490
[2] https://qa-reports.linaro.org/lkft/linux-mainline-master-sanity/build/v5.19-rc6-115-g4a57a8400075/testrun/10817056/suite/log-parser-boot/tests/
Best regards
Naresh Kamboju
--
Linaro LKFT
https://lkft.linaro.org
Powered by blists - more mailing lists