| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Apr 2024 07:01:02 +0000 From: a-development@...teo.de To: Borislav Petkov <bp@...en8.de> Cc: x86@...nel.org, linux-kernel@...r.kernel.org, peterz@...radead.org, David.Kaplan@....com, Andrew.Cooper3@...rix.com, jpoimboe@...nel.org, gregkh@...uxfoundation.org Subject: Re: [RFC][PATCH 00/17] Fix up the recent SRSO patches Hello. I have installed the kernel through https://aur.archlinux.org/packages/linux-mainline and noticed that SRSO is disabled. "Speculative Return Stack Overflow: IBPB-extending microcode not applied!" cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow Vulnerable: Safe RET, no microcode So far, I have been succesfully suspending the one night I used it. Assuming this is per-default, I've installed the kernel module for my PCIe Capture card and testing it. Any new instructions? Thanks On 17.04.2024 11:12, Borislav Petkov wrote: > On Wed, Apr 17, 2024 at 08:08:53AM +0000, a-development@...teo.de > wrote: >> Today I failed to suspend, and the spec_rstack thing was off. >> >> https://up.tail.ws/txt/non-working-suspend-2.txt > > Ok, but please do not top-post. Put your reply underneath the next > you're replying to and remove the rest of the quoted text like I just > did. > > So this could be caused by the proprietary module or something else. > > If you want this debugged, you'd have to try to reproduce it with the > latest upstream kernel from here: > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git > > after having removed the propietary module. > > HTH.
Powered by blists - more mailing lists