lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <mhng-8bda3a10-9d6d-4aac-acdf-1287278e7e82@palmer-ri-x1c9>
Date: Tue, 13 Aug 2024 10:45:34 -0700 (PDT)
From: Palmer Dabbelt <palmer@...belt.com>
To: ruanjinjie@...wei.com
CC: Paul Walmsley <paul.walmsley@...ive.com>, aou@...s.berkeley.edu,
  samuel.holland@...ive.com, tglx@...utronix.de, linux-riscv@...ts.infradead.org,
  linux-kernel@...r.kernel.org, ruanjinjie@...wei.com
Subject:     Re: [RFC PATCH] riscv: Enable generic CPU vulnerabilites support

On Tue, 02 Jul 2024 19:27:32 PDT (-0700), ruanjinjie@...wei.com wrote:
> Currently x86, ARM and ARM64 support generic CPU vulnerabilites, but
> RISC-V not, such as:
>
> 	# cd /sys/devices/system/cpu/vulnerabilities/
> x86:
> 	# cat spec_store_bypass
> 		Mitigation: Speculative Store Bypass disabled via prctl and seccomp
> 	# cat meltdown
> 		Not affected
>
> ARM64:
>
> 	# cat spec_store_bypass
> 		Mitigation: Speculative Store Bypass disabled via prctl and seccomp
> 	# cat meltdown
> 		Mitigation: PTI
>
> RISC-V:
>
> 	# cat /sys/devices/system/cpu/vulnerabilities
> 	# ... No such file or directory
>
> As SiFive RISC-V Core IP offerings are not affected by Meltdown and
> Spectre, it can use the default weak function as below:
>
> 	# cat spec_store_bypass
> 		Not affected
> 	# cat meltdown
> 		Not affected
>
> Link: https://www.sifive.cn/blog/sifive-statement-on-meltdown-and-spectre
>
> Signed-off-by: Jinjie Ruan <ruanjinjie@...wei.com>
> ---
>  arch/riscv/Kconfig | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
> index 0525ee2d63c7..3b44e7b51436 100644
> --- a/arch/riscv/Kconfig
> +++ b/arch/riscv/Kconfig
> @@ -85,6 +85,7 @@ config RISCV
>  	select GENERIC_ATOMIC64 if !64BIT
>  	select GENERIC_CLOCKEVENTS_BROADCAST if SMP
>  	select GENERIC_CPU_DEVICES
> +	select GENERIC_CPU_VULNERABILITIES
>  	select GENERIC_EARLY_IOREMAP
>  	select GENERIC_ENTRY
>  	select GENERIC_GETTIMEOFDAY if HAVE_GENERIC_VDSO

Thanks.  This is an RFC, but I'm just going to pick it up on for-next: 
we had a recent round of RISC-V vulnerabilities crop up, so it's time to 
start tracking those for users.

It's queued up for now, it'll show up on for-next proper assumin it 
passes the tests.

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ