| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ba2239fb-6740-42c6-b6aa-e1c7a575b83d@intel.com>
Date: Fri, 16 May 2025 15:47:26 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: David Kaplan <david.kaplan@....com>, Thomas Gleixner
<tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>,
Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>,
x86@...nel.org, "H. Peter Anvin" <hpa@...or.com>
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] x86/bugs: Restructure ITS mitigation
On 5/16/25 12:32, David Kaplan wrote:
> Restructure the ITS mitigation to use select/update/apply functions like
> the other mitigations.
>
> There is a particularly complex interaction between ITS and Retbleed as CDT
> (Call Depth Tracking) is a mitigation for both, and either its=stuff or
> retbleed=stuff will attempt to enable CDT.
>
> retbleed_update_mitigation() runs first and will check the necessary
> pre-conditions for CDT if either ITS or Retbleed stuffing is selected. If
> checks pass and ITS stuffing is selected, it will select stuffing for
> Retbleed as well.
>
> its_update_mitigation() runs after and will either select stuffing if
> retbleed stuffing was enabled, or fall back to the default (aligned thunks)
> if stuffing could not be enabled.
>
> Enablement of CDT is done exclusively in retbleed_apply_mitigation().
> its_apply_mitigation() is only used to enable aligned thunks.
This seems to be explaining what is going on, but there isn't a clear
problem that this is fixing.
Why does this need restructuring?
> if (!strcmp(str, "off")) {
> - its_cmd = ITS_CMD_OFF;
> + its_mitigation = ITS_MITIGATION_OFF;
> } else if (!strcmp(str, "on")) {
> - its_cmd = ITS_CMD_ON;
> + its_mitigation = ITS_MITIGATION_ALIGNED_THUNKS;
> } else if (!strcmp(str, "force")) {
> - its_cmd = ITS_CMD_ON;
> + its_mitigation = ITS_MITIGATION_ALIGNED_THUNKS;
> setup_force_cpu_bug(X86_BUG_ITS);
> } else if (!strcmp(str, "vmexit")) {
> - its_cmd = ITS_CMD_VMEXIT;
> + its_mitigation = ITS_MITIGATION_VMEXIT_ONLY;
> } else if (!strcmp(str, "stuff")) {
> - its_cmd = ITS_CMD_RSB_STUFF;
> + its_mitigation = ITS_MITIGATION_RETPOLINE_STUFF;
> } else {
> pr_err("Ignoring unknown indirect_target_selection option (%s).", str);
> }
There seems to be a mix of command-line parsing functions that have a
separate 'foo_cmd' from 'foo_mitigation'. What's the reasoning behind
converting this one?
Powered by blists - more mailing lists