lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <d30244ff-daba-499f-b4ee-24486676359a@intel.com>
Date: Fri, 24 Jan 2025 11:12:45 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: Joerg Roedel <joro@...tes.org>
Cc: Peter Zijlstra <peterz@...radead.org>,
 Dave Hansen <dave.hansen@...ux.intel.com>, linux-kernel@...r.kernel.org,
 x86@...nel.org, tglx@...utronix.de, bp@...en8.de, luto@...nel.org,
 kirill.shutemov@...ux.intel.com, rick.p.edgecombe@...el.com, jgross@...e.com
Subject: Re: [RFC][PATCH 0/8] x86/mm: Simplify PAE page table handling

On 1/23/25 23:58, Joerg Roedel wrote:
> On Thu, Jan 23, 2025 at 03:06:26PM -0800, Dave Hansen wrote:
>> 32-bit+PTI or 32-bit in general? ;)
> 
> +1 for removing x86-32 bit support alltogether.
> 
>> I'm curious what Joerg and the other folks that worked on 32-bit PTI
>> think about it in retrospect. The 32 vs. 64-bit security gap was
>> probably modest in 2018 and it can only have grown since then.
> 
> I think the decision to keep and maintain 32-bit support only makes
> sense if it can be kept on-par with x86-64 security-wise, otherwise we
> are lying to our users about the 'supported' part. Back in the day when
> I did the 32-bit PTI support it made sense, but that was 7 years ago.
> 
> When was the last 32-bit only x86 CPU sold?

Probably INTEL_QUARK_X1000, but it was mostly a toy. It's family 5, so
this applies:

static const __initconst struct x86_cpu_id cpu_vuln_whitelist[] = {
...
        VULNWL(INTEL,   5, X86_MODEL_ANY,       NO_SPECULATION),

Here's one that was released in 2015, probably just for embedded use:

> https://www.intel.com/content/www/us/en/products/sku/91947/intel-quark-microcontroller-d2000/specifications.html 

There were some Atoms in 2008 that seem to have had the 64-bit support
fused off. They were probably the last normal CPU that someone would
have in a PC that didn't have 64-bit support.

> https://www.intel.com/content/www/us/en/ark/products/codename/24976/products-formerly-silverthorne.html
> https://www.intel.com/content/www/us/en/products/sku/36331/intel-atom-processor-n270-512k-cache-1-60-ghz-533-mhz-fsb/specifications.html

But these are also NO_SPECULATION, so don't need most of the mitigations.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ