| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y/PDqpwY3sF29PuM@zn.tnic>
Date: Mon, 20 Feb 2023 20:02:02 +0100
From: Borislav Petkov <bp@...en8.de>
To: KP Singh <kpsingh@...nel.org>
Cc: Josh Poimboeuf <jpoimboe@...nel.org>, linux-kernel@...r.kernel.org,
pjt@...gle.com, evn@...gle.com, tglx@...utronix.de,
mingo@...hat.com, dave.hansen@...ux.intel.com, x86@...nel.org,
hpa@...or.com, peterz@...radead.org,
pawan.kumar.gupta@...ux.intel.com, kim.phillips@....com,
alexandre.chartre@...cle.com, daniel.sneddon@...ux.intel.com,
José Oliveira <joseloliveira11@...il.com>,
Rodrigo Branco <rodrigo@...nelhacking.com>,
Alexandra Sandulescu <aesa@...gle.com>,
Jim Mattson <jmattson@...gle.com>, stable@...r.kernel.org
Subject: Re: [PATCH RESEND] x86/speculation: Fix user-mode spectre-v2
protection with KERNEL_IBRS
On Mon, Feb 20, 2023 at 10:56:38AM -0800, KP Singh wrote:
> Sure, it looks like an omission to me, we wrote a POC on Skylake that
> was able to do cross-thread training with the current set of
> mitigations.
Right.
> STIBP with IBRS is still correct if spectre_v2=ibrs had really meant
> IBRS everywhere,
Yeah, IBRS everywhere got shot down as a no-no very early in the game,
for apparent reasons.
> but just means KERNEL_IBRS, which means only kernel is protected,
> userspace is still unprotected.
Yes, that was always the intent with IBRS: enable on kernel entry and
disable on exit.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists