lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sun, 13 Aug 2023 11:35:02 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Mikhail Gavrilov <mikhail.v.gavrilov@...il.com>
Cc:     Linux List Kernel Mailing <linux-kernel@...r.kernel.org>,
        x86@...nel.org
Subject: Re: [regression/bisected] Add IBPB decreases performance in two times

On Sun, Aug 13, 2023 at 02:17:25PM +0500, Mikhail Gavrilov wrote:
> > spec_rstack_overflow=off
> 
> Thanks, I checked this and it works!

Right, so you have Zen4 and it already uses the default mitigation and
no IBPB is mitigating retbleed because Zen4 is not affected. (If
retbleed mitigates with IBPB, that is also the SRSO mitigation but this
is not the case for your machine).

So yeah, I guess disabling the mitigation is one option.

Another could be if you supply:

spectre_v2_user=on spec_rstack_overflow=microcode

on the kernel command line after upgrading your microcode. That would at
least take care of protecting one user process from another.

There's no microcode for your machine yet, AFAICT, but you could still
try the above to see whether that mitigation type is better than no
mitigation at all wrt gameplay.

As to the microcode, I guess you'll get it with a BIOS update according
to:

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7005.html

the table cell about 7000 series.

HTH.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ