lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240712172132.GFZpFmHBJHte2xS1fr@fat_crate.local>
Date: Fri, 12 Jul 2024 19:21:32 +0200
From: Borislav Petkov <bp@...en8.de>
To: Breno Leitao <leitao@...ian.org>,
	Daniel Sneddon <daniel.sneddon@...ux.intel.com>,
	Josh Poimboeuf <jpoimboe@...nel.org>
Cc: jpoimboe@...nel.org, mingo@...hat.com,
	Thomas Gleixner <tglx@...utronix.de>,
	Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
	"H. Peter Anvin" <hpa@...or.com>,
	Peter Zijlstra <peterz@...radead.org>,
	Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 01/10] x86/bugs: Add a separate config for GDS

On Mon, Apr 22, 2024 at 09:58:15AM -0700, Breno Leitao wrote:
> +config MITIGATION_GDS
> +	bool "Mitigate Gather Data Sampling"
> +	depends on CPU_SUP_INTEL
> +	default y
> +	help
> +	  Enable mitigation for Gather Data Sampling (GDS). GDS is a hardware
> +	  vulnerability which allows unprivileged speculative access to data
> +	  which was previously stored in vector registers. The attacker uses gather
> +	  instructions to infer the stale vector register data.
> +
>  config MITIGATION_GDS_FORCE

Btw, can we get rid of that thing, while at it?

Ubuntu and SLES don't set it, no clue how to check RHEL configs but if it is
not set there, we probably could unify both options...

I'm looking at

  53cf5797f114 ("x86/speculation: Add Kconfig option for GDS")

...

Hmmm.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ