lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241029113911.GVZyDJX3rg8kh_4kYb@fat_crate.local>
Date: Tue, 29 Oct 2024 12:39:11 +0100
From: Borislav Petkov <bp@...en8.de>
To: Daniel Sneddon <daniel.sneddon@...ux.intel.com>
Cc: Jonathan Corbet <corbet@....net>, Thomas Gleixner <tglx@...utronix.de>,
	Peter Zijlstra <peterz@...radead.org>,
	Josh Poimboeuf <jpoimboe@...nel.org>,
	Ingo Molnar <mingo@...hat.com>,
	Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
	hpa@...or.com, linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org, pawan.kumar.gupta@...ux.intel.com
Subject: Re: [PATCH 1/2] x86/bugs: Check VERW mitigations for consistency

On Mon, Oct 28, 2024 at 04:50:34PM -0700, Daniel Sneddon wrote:
> There are currently 4 mitigations that use VERW: MDS, TAA,
> MMIO Stale Data, and Register File Data Sampling. Because
> all 4 use the same mitigation path, if any one of them is
> enabled, they're all enabled. Normally, this is what is
> wanted. However, if a user wants to disable the mitigation,
> this can cause problems. If the user misses disabling even
> one of these mitigations, then none of them will be
> disabled. This can cause confusion as the user expects to
> regain the performance lost to the mitigation but isn't
> seeing any improvement. Since there are already 4 knobs for
> controlling it, adding a 5th knob that controls all 4
> mitigations together would just overcomplicate things.
> Instead, let the user know their mitigations are out of sync
> when at least one of these mitigations is disabled but not
> all 4.

Please split this commit message into smaller chunks for better readability.
For example:

    There are currently 4 mitigations that use VERW: MDS, TAA, MMIO Stale Data,
    and Register File Data Sampling. Because all 4 use the same mitigation path,
    if any one of them is enabled, they're all enabled.
    
    Normally, this is what is wanted. However, if a user wants to disable the
    mitigation, this can cause problems. If the user misses disabling even one of
    these mitigations, then none of them will be disabled.
    
    This can cause confusion as the user expects to regain the performance lost to
    the mitigation but isn't seeing any improvement. Since there are already
    4 knobs for controlling it, adding a 5th knob that controls all 4 mitigations
    together would just overcomplicate things.
    
    Instead, let the user know their mitigations are out of sync when at least one
    of these mitigations is disabled but not all 4.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ