lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250515233433.105054-1-surajjs@amazon.com>
Date: Thu, 15 May 2025 16:34:32 -0700
From: Suraj Jitindar Singh <surajjs@...zon.com>
To: <linux-kernel@...r.kernel.org>, <x86@...nel.org>
CC: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>,
	Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>,
	Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar
	<mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, "Suraj
 Jitindar Singh" <surajjs@...zon.com>, <stable@...r.kernel.org>
Subject: [PATCH 1/2] x86/bugs: WARN() when overwriting x86_return_thunk

A warning message is emitted in set_return_thunk() when the return thunk is
overwritten since this is likely a bug and will result in a mitigation not
functioning and the mitigation information displayed in sysfs being
incorrect.

Make this louder by using a WARN().

Cc: stable@...r.kernel.org # 5.15.x-
Signed-off-by: Suraj Jitindar Singh <surajjs@...zon.com>
---
 arch/x86/kernel/cpu/bugs.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 8596ce85026c..9679fa30563c 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -69,8 +69,15 @@ void (*x86_return_thunk)(void) __ro_after_init = __x86_return_thunk;
 
 static void __init set_return_thunk(void *thunk)
 {
-	if (x86_return_thunk != __x86_return_thunk)
-		pr_warn("x86/bugs: return thunk changed\n");
+	/*
+	 * There can only be one return thunk enabled at a time, so issue a
+	 * warning when overwriting it as this is likely a bug which will
+	 * result in a mitigation getting disabled and a vulnerability being
+	 * incorrectly reported in sysfs.
+	 */
+	WARN(x86_return_thunk != __x86_return_thunk,
+	     "x86/bugs: return thunk changed from %ps to %ps\n",
+	     x86_return_thunk, thunk);
 
 	x86_return_thunk = thunk;
 }
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ