lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID:
 <LV3PR12MB9265FC675DE47911654E605E94242@LV3PR12MB9265.namprd12.prod.outlook.com>
Date: Fri, 15 Nov 2024 14:44:12 +0000
From: "Kaplan, David" <David.Kaplan@....com>
To: Josh Poimboeuf <jpoimboe@...nel.org>, Pawan Gupta
	<pawan.kumar.gupta@...ux.intel.com>
CC: Andrew Cooper <andrew.cooper3@...rix.com>, Amit Shah <amit@...nel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"kvm@...r.kernel.org" <kvm@...r.kernel.org>, "x86@...nel.org"
	<x86@...nel.org>, "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
	"Shah, Amit" <Amit.Shah@....com>, "Lendacky, Thomas"
	<Thomas.Lendacky@....com>, "bp@...en8.de" <bp@...en8.de>,
	"tglx@...utronix.de" <tglx@...utronix.de>, "peterz@...radead.org"
	<peterz@...radead.org>, "corbet@....net" <corbet@....net>, "mingo@...hat.com"
	<mingo@...hat.com>, "dave.hansen@...ux.intel.com"
	<dave.hansen@...ux.intel.com>, "hpa@...or.com" <hpa@...or.com>,
	"seanjc@...gle.com" <seanjc@...gle.com>, "pbonzini@...hat.com"
	<pbonzini@...hat.com>, "daniel.sneddon@...ux.intel.com"
	<daniel.sneddon@...ux.intel.com>, "kai.huang@...el.com"
	<kai.huang@...el.com>, "Das1, Sandipan" <Sandipan.Das@....com>,
	"boris.ostrovsky@...cle.com" <boris.ostrovsky@...cle.com>, "Moger, Babu"
	<Babu.Moger@....com>, "dwmw@...zon.co.uk" <dwmw@...zon.co.uk>
Subject: RE: [RFC PATCH v2 1/3] x86: cpu/bugs: update SpectreRSB comments for
 AMD

[AMD Official Use Only - AMD Internal Distribution Only]

> -----Original Message-----
> From: Josh Poimboeuf <jpoimboe@...nel.org>
> Sent: Thursday, November 14, 2024 11:49 PM
> To: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>
> Cc: Andrew Cooper <andrew.cooper3@...rix.com>; Amit Shah
> <amit@...nel.org>; linux-kernel@...r.kernel.org; kvm@...r.kernel.org;
> x86@...nel.org; linux-doc@...r.kernel.org; Shah, Amit
> <Amit.Shah@....com>; Lendacky, Thomas <Thomas.Lendacky@....com>;
> bp@...en8.de; tglx@...utronix.de; peterz@...radead.org; corbet@....net;
> mingo@...hat.com; dave.hansen@...ux.intel.com; hpa@...or.com;
> seanjc@...gle.com; pbonzini@...hat.com;
> daniel.sneddon@...ux.intel.com; kai.huang@...el.com; Das1, Sandipan
> <Sandipan.Das@....com>; boris.ostrovsky@...cle.com; Moger, Babu
> <Babu.Moger@....com>; Kaplan, David <David.Kaplan@....com>;
> dwmw@...zon.co.uk
> Subject: Re: [RFC PATCH v2 1/3] x86: cpu/bugs: update SpectreRSB comments
> for AMD
>
> Caution: This message originated from an External Source. Use proper
> caution when opening attachments, clicking links, or responding.
>
>
> On Thu, Nov 14, 2024 at 12:01:16AM -0800, Pawan Gupta wrote:
> > > For PBRSB, I guess we don't need to worry about that since there
> > > would be at least one kernel CALL before context switch.
> >
> > Right. So the case where we need RSB filling at context switch is
> > retpoline+CDT mitigation.
>
> According to the docs, classic IBRS also needs RSB filling at context switch to
> protect against corrupt RSB entries (as opposed to RSB underflow).

Which docs are that?  Classic IBRS doesn't do anything with returns (at least on AMD).  The AMD docs say that if you want to prevent earlier instructions from influencing later RETs, you need to do the 32 CALL sequence.  But I'm not sure what corrupt RSB entries mean here, and how it relates to IBRS?

--David Kaplan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ