lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID:
 <LV3PR12MB9265545A37DE691E9030675A9496A@LV3PR12MB9265.namprd12.prod.outlook.com>
Date: Tue, 13 May 2025 19:40:20 +0000
From: "Kaplan, David" <David.Kaplan@....com>
To: Borislav Petkov <bp@...nel.org>
CC: X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>, "Borislav
 Petkov (AMD)" <bp@...en8.de>
Subject: RE: [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled

[AMD Official Use Only - AMD Internal Distribution Only]

> -----Original Message-----
> From: Borislav Petkov <bp@...nel.org>
> Sent: Tuesday, May 13, 2025 6:04 AM
> To: Kaplan, David <David.Kaplan@....com>
> Cc: X86 ML <x86@...nel.org>; LKML <linux-kernel@...r.kernel.org>; Borislav
> Petkov (AMD) <bp@...en8.de>
> Subject: [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> From: "Borislav Petkov (AMD)" <bp@...en8.de>
>
> 1f4bb068b498 ("x86/bugs: Restructure SRSO mitigation") does this:
>
>   if (boot_cpu_data.x86 < 0x19 && !cpu_smt_possible()) {
>           setup_force_cpu_cap(X86_FEATURE_SRSO_NO);
>           srso_mitigation = SRSO_MITIGATION_NONE;
>           return;
>   }
>
> and, in particular, sets srso_mitigation to NONE. This leads to reporting
>
>   Speculative Return Stack Overflow: Vulnerable
>
> on Zen2 machines.
>
> There's a far bigger confusion with what SRSO_NO means and how it is used in the
> code but this will be a matter of future fixes and restructuring to how the SRSO
> mitigation gets determined.
>
> Fix the reporting issue for now.
>
> Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de>
> Cc: David Kaplan <david.kaplan@....com>
> ---
>  arch/x86/kernel/cpu/bugs.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index
> 47c74c4ae206..dd8b50b4ceaa 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -2942,7 +2942,9 @@ static void __init srso_update_mitigation(void)
>             boot_cpu_has(X86_FEATURE_IBPB_BRTYPE))
>                 srso_mitigation = SRSO_MITIGATION_IBPB;
>
> -       if (boot_cpu_has_bug(X86_BUG_SRSO) && !cpu_mitigations_off())
> +       if (boot_cpu_has_bug(X86_BUG_SRSO) &&
> +           !cpu_mitigations_off() &&
> +           !boot_cpu_has(X86_FEATURE_SRSO_NO))
>                 pr_info("%s\n", srso_strings[srso_mitigation]);  }
>
> --
> 2.43.0

LGTM.

Reviewed-by: David Kaplan <david.kaplan@....com>

--David Kaplan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ