| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250626160707.GGaF1wK5tW37P6xt0O@fat_crate.local>
Date: Thu, 26 Jun 2025 18:07:07 +0200
From: Borislav Petkov <bp@...en8.de>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Cc: Andy Lutomirski <luto@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>,
Peter Zijlstra <peterz@...radead.org>,
Ard Biesheuvel <ardb@...nel.org>,
"Paul E. McKenney" <paulmck@...nel.org>,
Josh Poimboeuf <jpoimboe@...nel.org>,
Xiongwei Song <xiongwei.song@...driver.com>,
Xin Li <xin3.li@...el.com>, "Mike Rapoport (IBM)" <rppt@...nel.org>,
Brijesh Singh <brijesh.singh@....com>,
Michael Roth <michael.roth@....com>,
Tony Luck <tony.luck@...el.com>, Alexey Kardashevskiy <aik@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jonathan Corbet <corbet@....net>,
Sohil Mehta <sohil.mehta@...el.com>, Ingo Molnar <mingo@...nel.org>,
Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
Daniel Sneddon <daniel.sneddon@...ux.intel.com>,
Kai Huang <kai.huang@...el.com>,
Sandipan Das <sandipan.das@....com>,
Breno Leitao <leitao@...ian.org>,
Rick Edgecombe <rick.p.edgecombe@...el.com>,
Alexei Starovoitov <ast@...nel.org>, Hou Tao <houtao1@...wei.com>,
Juergen Gross <jgross@...e.com>,
Vegard Nossum <vegard.nossum@...cle.com>,
Kees Cook <kees@...nel.org>, Eric Biggers <ebiggers@...gle.com>,
Jason Gunthorpe <jgg@...pe.ca>,
"Masami Hiramatsu (Google)" <mhiramat@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Luis Chamberlain <mcgrof@...nel.org>,
Yuntao Wang <ytcoode@...il.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Christophe Leroy <christophe.leroy@...roup.eu>,
Tejun Heo <tj@...nel.org>, Changbin Du <changbin.du@...wei.com>,
Huang Shijie <shijie@...amperecomputing.com>,
Geert Uytterhoeven <geert+renesas@...der.be>,
Namhyung Kim <namhyung@...nel.org>,
Arnaldo Carvalho de Melo <acme@...hat.com>,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-efi@...r.kernel.org, linux-mm@...ck.org,
Yian Chen <yian.chen@...el.com>
Subject: Re: [PATCHv6 01/16] x86/cpu: Enumerate the LASS feature bits
On Thu, Jun 26, 2025 at 05:18:37PM +0200, Borislav Petkov wrote:
> On Mon, Jun 23, 2025 at 04:42:41PM +0300, Kirill A. Shutemov wrote:
> > Due to SLAM, we decided to postpone LAM enabling, until LASS is landed.
> >
> > I am not sure if we want to add static
> > /sys/devices/system/cpu/vulnerabilities/slam with "Mitigation: LASS".
> >
> > There might be other yet-to-be-discovered speculative attacks that LASS
> > mitigates. Security features have to visible to userspace independently of
> > known vulnerabilities.
>
> ... and the fact that a vuln is being mitigated by stating that in
> /sys/devices/system/cpu/vulnerabilities/ needs to happen too.
>
> I'm not talking about LAM enablement - I'm talking about adding a
>
> SPECTRE_V1_MITIGATION_LASS
>
> and setting that when X86_FEATURE_LASS is set so that luserspace gets told
> that
>
> "Spectre V1 : Mitigation: LASS"
>
> or so.
>
> Makes more sense?
I meant this crap, ofc:
switch (bug) {
case X86_BUG_CPU_MELTDOWN:
if (boot_cpu_has(X86_FEATURE_PTI))
return sysfs_emit(buf, "Mitigation: PTI\n");
This should say "Mitigation: LASS" if LASS is enabled...
Which begs the question: how do LASS and PTI interact now?
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists