lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 3 Apr 2024 09:43:48 +0200
From: Uros Bizjak <ubizjak@...il.com>
To: Ingo Molnar <mingo@...nel.org>
Cc: patchwork-bot+netdevbpf@...nel.org, ast@...nel.org, daniel@...earbox.net, 
	x86@...nel.org, bpf@...r.kernel.org, netdev@...r.kernel.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH RESEND bpf v2 0/2] x86/bpf: Fixes for the BPF JIT with retbleed=stuff

On Wed, Apr 3, 2024 at 9:26 AM Ingo Molnar <mingo@...nel.org> wrote:
>
>
> * patchwork-bot+netdevbpf@...nel.org <patchwork-bot+netdevbpf@...nel.org> wrote:
>
> > Hello:
> >
> > This series was applied to bpf/bpf.git (master)
> > by Alexei Starovoitov <ast@...nel.org>:
> >
> > On Mon,  1 Apr 2024 20:55:28 +0200 you wrote:
> > > From: Joan Bruguera Micó <joanbrugueram@...il.com>
> > >
> > > Fixes two issues that cause kernels panic when using the BPF JIT with
> > > the call depth tracking / stuffing mitigation for Skylake processors
> > > (`retbleed=stuff`). Both issues can be triggered by running simple
> > > BPF programs (e.g. running the test suite should trigger both).
> > >
> > > [...]
> >
> > Here is the summary with links:
> >   - [RESEND,bpf,v2,1/2] x86/bpf: Fix IP after emitting call depth accounting
> >     https://git.kernel.org/bpf/bpf/c/9d98aa088386
> >   - [RESEND,bpf,v2,2/2] x86/bpf: Fix IP for relocating call depth accounting
> >     https://git.kernel.org/bpf/bpf/c/6a537453000a
>
> Just wondering, which kernel version is this targeted for?

The whole series is intended for the current mainline (v6.9), this is
why it is developed against the bpf (*not* bpf-next) branch. Please
note that the kernel panics with retbleed=stuff even without
%rip-relative changes (patch 1/2 above) [1], so patch 1/2 should be
backported to stable branches.

[1] https://lore.kernel.org/lkml/20230105214922.250473-1-joanbrugueram@gmail.com/

Uros.

> The bug is upstream as well, so a fix needs to be sent to Linus.
>
> I can pick all of this up into tip:x86/urgent, if that accelerates
> things.
>
> Thanks,
>
>         Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ