| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250218085203.GDZ7RKM6IyPDQAkZ8A@fat_crate.local>
Date: Tue, 18 Feb 2025 09:52:03 +0100
From: Borislav Petkov <bp@...en8.de>
To: Josh Poimboeuf <jpoimboe@...nel.org>
Cc: "Kaplan, David" <David.Kaplan@....com>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Ingo Molnar <mingo@...hat.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
"x86@...nel.org" <x86@...nel.org>,
"H . Peter Anvin" <hpa@...or.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v3 20/35] x86/bugs: Define attack vectors
On Mon, Feb 17, 2025 at 11:05:01PM -0800, Josh Poimboeuf wrote:
> IMO, make them generic from the start, then there's less churn and it's
> easy to port the other arches.
>
> If we went with putting everything in "mitigations=", making them
> generic would be the obvious way to go anyway.
Just to make sure we're all on the same page: we obviously cannot enable
and test and support a mitigaion on another arch like, say, arm64, or so.
This needs to come from the respective arch maintainers themselves and they'll
have to say, yes, pls, enable it and we'll support it. We should not go "oh,
this would be a good idea to do on all arches" without hearing from them
first, even if it is a good idea on its face.
That's why those are x86-only as they should be initially.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists