lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230905045733.tcr7f4x6lxy7djsv@treble>
Date:   Mon, 4 Sep 2023 21:57:33 -0700
From:   Josh Poimboeuf <jpoimboe@...nel.org>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     Borislav Petkov <bp@...en8.de>, linux-tip-commits@...r.kernel.org,
        x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [tip: x86/bugs] x86/srso: Fix vulnerability reporting for
 missing microcode

On Sat, Sep 02, 2023 at 12:46:05PM +0200, Ingo Molnar wrote:
> 
> * Borislav Petkov <bp@...en8.de> wrote:
> 
> > On Fri, Aug 25, 2023 at 10:19:32AM -0000, tip-bot2 for Josh Poimboeuf wrote:
> > > The following commit has been merged into the x86/bugs branch of tip:
> > > 
> > > Commit-ID:     b3be1397be0340b2c30b2dcd7339dbfaa5563e2b
> > > Gitweb:        https://git.kernel.org/tip/b3be1397be0340b2c30b2dcd7339dbfaa5563e2b
> > > Author:        Josh Poimboeuf <jpoimboe@...nel.org>
> > > AuthorDate:    Fri, 25 Aug 2023 00:01:41 -07:00
> > > Committer:     Ingo Molnar <mingo@...nel.org>
> > > CommitterDate: Fri, 25 Aug 2023 11:21:59 +02:00
> > > 
> > > x86/srso: Fix vulnerability reporting for missing microcode
> > > 
> > > The SRSO default safe-ret mitigation is reported as "mitigated" even if
> > > microcode hasn't been updated.  That's wrong because userspace may still
> > > be vulnerable to SRSO attacks due to IBPB not flushing branch type
> > > predictions.
> > > 
> > > Report the safe-ret + !microcode case as vulnerable.
> > > 
> > > Also report the microcode-only case as vulnerable as it leaves the
> > > kernel open to attacks.
> > > 
> > > Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation")
> > > Signed-off-by: Josh Poimboeuf <jpoimboe@...nel.org>
> > > Signed-off-by: Ingo Molnar <mingo@...nel.org>
> > > Link: https://lore.kernel.org/r/65556eeb1bf7cb9bd7db8662ef115dd73191db84.1692919072.git.jpoimboe@kernel.org
> > > ---
> > >  Documentation/admin-guide/hw-vuln/srso.rst | 22 ++++++++++----
> > >  arch/x86/kernel/cpu/bugs.c                 | 34 ++++++++++++---------
> > >  2 files changed, 37 insertions(+), 19 deletions(-)
> > 
> > This is still unfixed:
> > 
> > https://lore.kernel.org/r/20230825072542.GFZOhXdgXpUidW51lC@fat_crate.local
> > 
> > mingo, do you want fixes ontop or do you wanna rebase this branch?
> 
> Since these are fixes that are supposed to be fully correct,
> I'd suggest we rebase it.
> 
> Josh, mind sending a v3 SRSO series, as a replacement for x86/bugs,
> with Boris's review & testing feedback addressed?

Ok, I'll post a v3 (with Boris' comments integrated).

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ