lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z8GK10q_ouii0O5F@gmail.com>
Date: Fri, 28 Feb 2025 11:07:19 +0100
From: Ingo Molnar <mingo@...nel.org>
To: Brendan Jackman <jackmanb@...gle.com>
Cc: Jonathan Corbet <corbet@....net>, Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
	Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
	"H. Peter Anvin" <hpa@...or.com>,
	Peter Zijlstra <peterz@...radead.org>, linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 0/3] x86/cpu: Add facility to force-enable CPU caps
 and bugs


* Brendan Jackman <jackmanb@...gle.com> wrote:

> Hi folks, happy new year. I hope this ping isn't too aggressive given
> the season - please let me know if it is.
> 
> Any new thoughts on this?

Sorry, this series got lost in the holiday season (apparently you 
weren't nearly pushy enough to breach the maintainer patch-detection 
noise/signal level :-), and this functionality is definitely useful and 
the series looks good to me.

Integration with clearcpuid= is so much more generic than the original 
variant and reuses a lot of that logic, so that's a big plus.

I've applied it to the x86 tree under the tip:x86/cpu branch and if 
everything goes fine in testing it should hit v6.15 in a couple of 
weeks.

One additional thing - which I'd suggest we make a 4th patch, because 
it affects the existing clearcpuid= behavior - is to extend 
set/clearcpuid= with a bit more boot time verbosity, right now it 
taints the kernel:

                                /* empty-string, i.e., ""-defined feature flags */
                                if (!x86_cap_flags[bit])
                                        pr_cont(" " X86_CAP_FMT_NUM, x86_cap_flag_num(bit));
                                else
                                        pr_cont(" " X86_CAP_FMT, x86_cap_flag(bit));

                                if (set)
                                        setup_force_cpu_cap(bit);
                                else
                                        setup_clear_cpu_cap(bit);
                                taint++;


I'd suggest we do what PeterZ suggested back in December: in addition 
to the tainting, also emit an informative pr_warn() for every CPU 
feature bit enabled/disabled over what was present, and maybe make a 
bit of a distinction between 'feature' and 'bug' feature bits.

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ