lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 24 Aug 2023 18:40:18 +0200
From:   Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:     Guenter Roeck <linux@...ck-us.net>
Cc:     Naresh Kamboju <naresh.kamboju@...aro.org>, stable@...r.kernel.org,
        patches@...ts.linux.dev, linux-kernel@...r.kernel.org,
        torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
        shuah@...nel.org, patches@...nelci.org,
        lkft-triage@...ts.linaro.org, pavel@...x.de, jonathanh@...dia.com,
        f.fainelli@...il.com, sudipm.mukherjee@...il.com,
        srw@...dewatkins.net, rwarsow@....de, conor@...nel.org
Subject: Re: [PATCH 6.1 000/194] 6.1.47-rc1 review

On Thu, Aug 24, 2023 at 08:58:46AM -0700, Guenter Roeck wrote:
> On Thu, Aug 24, 2023 at 05:15:30PM +0200, Greg Kroah-Hartman wrote:
> [ ... ]
> > 
> > This might be an issue on AMD chips, but for some reason, in running
> > this kernel on my systems here, I have no boot warnings at all.  I
> > blamed it on them being only AMD chips.  If that's not the issue then I
> > really have no idea, sorry.
> > 
> 
> AFAIK it depends on the compiler used and on the enabled debug options.
> At some point I lost track about what exactly has to be enabled to see
> the problem. We see it a lot with our (ChromeOS) debug kernel testing
> which has various debug options enabled, to the point where we may
> temporarily remove the warning from the kernel to stop the noise.
> 
> Alternatively, as I had suggested earlier, we could revert all srso patches
> because they only seem to cause trouble. So far I have been resisting that
> because I am concerned that it would make things even worse (like one can
> not really revert a heart surgery without doing even more damage).

If you don't want the feature, you can disable it at build time (I
think), and I know you can disable it at runtime.  But there are groups
out that that "need" this, to solve a known security hole in some cpus,
so it is required for them.  To remove the code entirely would not be
good for them, so I will say, if they are the ones that need this, they
should help fix this warning, no one else should be seeing it :)

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ