| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <mybnv24fbz5nsxmz2yihzctnbv7ab7sznyotupp6mbpzfdvy2e@r2oantiw4wmo> Date: Mon, 14 Apr 2025 16:51:11 -0700 From: Josh Poimboeuf <jpoimboe@...nel.org> To: "Kaplan, David" <David.Kaplan@....com> Cc: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>, Peter Zijlstra <peterz@...radead.org>, Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, "x86@...nel.org" <x86@...nel.org>, "H . Peter Anvin" <hpa@...or.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Brendan Jackman <jackmanb@...gle.com>, Derek Manwaring <derekmn@...zon.com> Subject: Re: [PATCH v4 17/36] Documentation/x86: Document the new attack vector controls On Mon, Apr 14, 2025 at 09:15:54PM +0000, Kaplan, David wrote: > [AMD Official Use Only - AMD Internal Distribution Only] > > > -----Original Message----- > > From: Josh Poimboeuf <jpoimboe@...nel.org> > > Sent: Thursday, April 10, 2025 1:15 PM > > To: Kaplan, David <David.Kaplan@....com> > > Cc: Thomas Gleixner <tglx@...utronix.de>; Borislav Petkov <bp@...en8.de>; > > Peter Zijlstra <peterz@...radead.org>; Pawan Gupta > > <pawan.kumar.gupta@...ux.intel.com>; Ingo Molnar <mingo@...hat.com>; Dave > > Hansen <dave.hansen@...ux.intel.com>; x86@...nel.org; H . Peter Anvin > > <hpa@...or.com>; linux-kernel@...r.kernel.org; Brendan Jackman > > <jackmanb@...gle.com>; Derek Manwaring <derekmn@...zon.com> > > Subject: Re: [PATCH v4 17/36] Documentation/x86: Document the new attack > > vector controls > > > > Caution: This message originated from an External Source. Use proper caution > > when opening attachments, clicking links, or responding. > > > > > > On Mon, Mar 10, 2025 at 11:40:04AM -0500, David Kaplan wrote: > > > +=============== ============== ============ ============= > > ============== ============ > > > +Vulnerability User-to-Kernel User-to-User Guest-to-Host Guest-to-Guest > > Cross-Thread > > > +=============== ============== ============ ============= > > ============== ============ > > > +BHI X X > > > +GDS X X X X (Note 1) > > > +L1TF X X (Note 2) > > > +MDS X X X X (Note 2) > > > +MMIO X X X X (Note 2) > > > +Meltdown X > > > +Retbleed X X (Note 3) > > > +RFDS X X X X > > > +Spectre_v1 X > > > +Spectre_v2 X X > > > +Spectre_v2_user X X (Note 1) > > > +SRBDS X X X X > > > +SRSO X X > > > +SSB (Note 4) > > > > Any reason not to put the "Note 4" in the same column as the others? > > > > The other notes are about cross-thread mitigation specifically and those notes refer to the SMT aspects of those issues. > > Note 4 in this case is about the SSB vulnerability itself, explaining > that by default there is no mitigation for any case. I was concerned > that including SSB but without any X's in any of the columns would be > confusing, so the note attempted to explain that there were no default > mitigations for SSB under any attack vector. Putting the note there makes it a lot harder to see it. And I think the lack of X's is accurate, no? -- Josh
Powered by blists - more mailing lists