lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <0338eb8b-6b60-313c-e6eb-faca071c5227@mailbox.org>
Date:   Mon, 14 Aug 2023 11:47:54 +0200
From:   Rainer Fiebig <jrf@...lbox.org>
To:     Borislav Petkov <bp@...en8.de>, Xi Ruoyao <xry111@...111.site>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: Does srso safe RET mitigation require microcode update?

Am 14.08.23 um 11:10 schrieb Borislav Petkov:
> On Mon, Aug 14, 2023 at 05:00:12PM +0800, Xi Ruoyao wrote:
>> So we are puzzled now: is this system vulnerable or mitigated?
> 
> Read the whole options text here:
> 
> https://kernel.org/doc/html/latest/admin-guide/hw-vuln/srso.html
> 
> Does it explain it better?
Not really, IMO.  The text says:

"First of all, it is required that the latest microcode be loaded for
mitigations to be effective.
[...]"

According to that: no latest microcode - system is vulnerable.

Later:
"* 'Mitigation: safe RET':

   Software-only mitigation. It complements the extended IBPB microcode
   patch functionality by addressing User->Kernel and Guest->Host
   transitions protection."

Now, what does that mean: partial mitigation or also no mitigation
without microcode?

And if the latest microcode is indeed needed for "Safe RET": why do
users of AMD's "consumer" Zens have to wait weeks or even longer for an
AGESA instead of being able to simply compile the microcode into the
kernel and get rid of the problem in a few minutes?

Thanks.

Rainer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ