lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZPMSbabIw5ZtTqbo@gmail.com>
Date:   Sat, 2 Sep 2023 12:46:05 +0200
From:   Ingo Molnar <mingo@...nel.org>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Josh Poimboeuf <jpoimboe@...nel.org>,
        linux-tip-commits@...r.kernel.org, x86@...nel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [tip: x86/bugs] x86/srso: Fix vulnerability reporting for
 missing microcode


* Borislav Petkov <bp@...en8.de> wrote:

> On Fri, Aug 25, 2023 at 10:19:32AM -0000, tip-bot2 for Josh Poimboeuf wrote:
> > The following commit has been merged into the x86/bugs branch of tip:
> > 
> > Commit-ID:     b3be1397be0340b2c30b2dcd7339dbfaa5563e2b
> > Gitweb:        https://git.kernel.org/tip/b3be1397be0340b2c30b2dcd7339dbfaa5563e2b
> > Author:        Josh Poimboeuf <jpoimboe@...nel.org>
> > AuthorDate:    Fri, 25 Aug 2023 00:01:41 -07:00
> > Committer:     Ingo Molnar <mingo@...nel.org>
> > CommitterDate: Fri, 25 Aug 2023 11:21:59 +02:00
> > 
> > x86/srso: Fix vulnerability reporting for missing microcode
> > 
> > The SRSO default safe-ret mitigation is reported as "mitigated" even if
> > microcode hasn't been updated.  That's wrong because userspace may still
> > be vulnerable to SRSO attacks due to IBPB not flushing branch type
> > predictions.
> > 
> > Report the safe-ret + !microcode case as vulnerable.
> > 
> > Also report the microcode-only case as vulnerable as it leaves the
> > kernel open to attacks.
> > 
> > Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation")
> > Signed-off-by: Josh Poimboeuf <jpoimboe@...nel.org>
> > Signed-off-by: Ingo Molnar <mingo@...nel.org>
> > Link: https://lore.kernel.org/r/65556eeb1bf7cb9bd7db8662ef115dd73191db84.1692919072.git.jpoimboe@kernel.org
> > ---
> >  Documentation/admin-guide/hw-vuln/srso.rst | 22 ++++++++++----
> >  arch/x86/kernel/cpu/bugs.c                 | 34 ++++++++++++---------
> >  2 files changed, 37 insertions(+), 19 deletions(-)
> 
> This is still unfixed:
> 
> https://lore.kernel.org/r/20230825072542.GFZOhXdgXpUidW51lC@fat_crate.local
> 
> mingo, do you want fixes ontop or do you wanna rebase this branch?

Since these are fixes that are supposed to be fully correct,
I'd suggest we rebase it.

Josh, mind sending a v3 SRSO series, as a replacement for x86/bugs,
with Boris's review & testing feedback addressed?

[ Feel free to send it as a delta series against v2 in x86/bugs and I'll 
  backmerge it all. ]

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ