lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 17 Apr 2024 09:39:13 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Xin Li <xin@...or.com>, Nikolay Borisov <nik.borisov@...e.com>,
        linux-kernel@...r.kernel.org
Cc: luto@...nel.org, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
        dave.hansen@...ux.intel.com, x86@...nel.org
Subject: Re: [PATCH v3 1/1] x86/fred: Fix INT80 emulation for FRED



On 4/17/24 08:55, Xin Li wrote:
> On 4/17/2024 8:07 AM, H. Peter Anvin wrote:
>> On 4/17/24 04:02, Nikolay Borisov wrote:
>>>
>>> On 17.04.24 г. 9:30 ч., Xin Li (Intel) wrote:
>>>> 4) int80_emulation() does a CLEAR_BRANCH_HISTORY, which is likely 
>>>> >     overkill for new x86 CPU implementations that support FRED.
>>>
>>> Well, that's a bit of an overstatement/speculation, because 
>>> clear_branch_history will only be effective if the machine is 
>>> susceptible to the given bug and there isn't a better options (i.e 
>>> using a hardware bit controlling the respective aspect of the CPU).
>>>>
>>
>> It would seem like a huge stretch to expect that a FRED-capable CPU 
>> would not have such a facility. This is a matter of establishing a 
>> baseline for FRED-capable hardware.
>>
>> It would make more sense to me to add it if we turn out to need it; 
>> note that FRED code is currently only enabled on demand, in order to 
>> defend against bit rot until we have physical hardware.
>>
>> Now, if this is still desired, it *probably* belongs better in either 
>> fred_intx()/fred_other() or asm_fred_entrypoint_user, depending on if 
>> this ought to be done for all entries from userspace or only system 
>> calls.
> 
> My bad that I didn't make this a good comment, even neglected that 
> clear_branch_history is just a nop on machines w/o such security issues.
> 
> 
> So how about?
> 
> int80_emulation() does a CLEAR_BRANCH_HISTORY, which is IDT-specific.
> While FRED will likely take a different approach when it is needed:

s/when/if it is ever needed/

> it *probably* belongs in either fred_intx()/fred_other() or
> asm_fred_entrypoint_user(), depending on if this ought to be done for 
> all entries from userspace or only system calls.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ