| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Aug 2023 15:45:22 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Peter Zijlstra' <peterz@...radead.org>,
Borislav Petkov <bp@...en8.de>
CC: Josh Poimboeuf <jpoimboe@...nel.org>,
"x86@...nel.org" <x86@...nel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"David.Kaplan@....com" <David.Kaplan@....com>,
"Andrew.Cooper3@...rix.com" <Andrew.Cooper3@...rix.com>,
"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
Subject: RE: [RFC][PATCH 06/17] x86/cpu: Add SRSO untrain to retbleed=
From: Peter Zijlstra
> Sent: 12 August 2023 12:33
>
> On Fri, Aug 11, 2023 at 12:27:48PM +0200, Borislav Petkov wrote:
> > On Thu, Aug 10, 2023 at 12:10:03PM -0400, Josh Poimboeuf wrote:
> > > I tend to agree that SRSO is a new issue and should have its own sysfs
> > > and cmdline options (though a separate CONFIG option is overkill IMO).
> >
> > Yeah, there's a patch floating around adding a config option for every
> > mitigation. Apparently people want to build-time disable them all.
>
> So I really hate that .Kconfig explosion, that's the very last thing we
> need :-( More random options that can cause build time trouble.
>
> I might see value in one knob that kills all speculation nonsense at
> build time, but not one per mitigation, that's maddness.
Or a very limited number of options for things that are
pretty separate.
Maybe the call/indirect jump are separate enough from the
return ones?
An one big KNOB to disable them all (DEPEND_ON !NO_MIGIGATIONS ?).
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists