lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 18 Oct 2023 22:04:14 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Josh Poimboeuf <jpoimboe@...nel.org>
Cc:     Ingo Molnar <mingo@...nel.org>, linux-kernel@...r.kernel.org,
        linux-tip-commits@...r.kernel.org,
        David Kaplan <david.kaplan@....com>,
        "Peter Zijlstra (Intel)" <peterz@...radead.org>, x86@...nel.org,
        David Howells <dhowells@...hat.com>
Subject: Re: [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't
 used at runtime

On Wed, Oct 18, 2023 at 12:14:07PM -0700, Josh Poimboeuf wrote:
> There are a lot of warnings which could become security concerns.

Not "could become" - this one *is* a security issue because it means we're
not mitigating with the RET thunks properly.

> By definition, a warning means something is seriously wrong.  If it's
> ignored, all bets are off.  That's why we taint the kernel.

If I could, I'd cripple the kernel just enough so that it issues the
warning and then stops so that the users are not exposed, but show why
it stopped. And we know that panicking doesn't provide that.

David suggested earlier that perhaps we should warn and then mark the
kernel as vulnerable to those mitigations. That could be a more
realistic thing to do...

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ