lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID:
 <LV3PR12MB92650AA0AC64C97BBE812CA89448A@LV3PR12MB9265.namprd12.prod.outlook.com>
Date: Thu, 10 Jul 2025 15:22:06 +0000
From: "Kaplan, David" <David.Kaplan@....com>
To: Borislav Petkov <bp@...en8.de>
CC: Thomas Gleixner <tglx@...utronix.de>, Peter Zijlstra
	<peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>, Pawan Gupta
	<pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar <mingo@...hat.com>, Dave
 Hansen <dave.hansen@...ux.intel.com>, "x86@...nel.org" <x86@...nel.org>, "H .
 Peter Anvin" <hpa@...or.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v6 02/21] cpu: Define attack vectors

[AMD Official Use Only - AMD Internal Distribution Only]

> -----Original Message-----
> From: Borislav Petkov <bp@...en8.de>
> Sent: Thursday, July 10, 2025 10:17 AM
> To: Kaplan, David <David.Kaplan@....com>
> Cc: Thomas Gleixner <tglx@...utronix.de>; Peter Zijlstra <peterz@...radead.org>;
> Josh Poimboeuf <jpoimboe@...nel.org>; Pawan Gupta
> <pawan.kumar.gupta@...ux.intel.com>; Ingo Molnar <mingo@...hat.com>; Dave
> Hansen <dave.hansen@...ux.intel.com>; x86@...nel.org; H . Peter Anvin
> <hpa@...or.com>; linux-kernel@...r.kernel.org
> Subject: Re: [PATCH v6 02/21] cpu: Define attack vectors
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On Thu, Jul 10, 2025 at 02:02:56PM +0000, Kaplan, David wrote:
> > Interesting.  I would suggest a comma instead, so you have things like
> > "mitigations=auto,no_user_kernel".  That's somewhat consistent with the
> > existing 'auto,nosmt' option as well.
>
> Ack, see below.
>
> > Still you would have global options come first, and then the attack vector
> > options.  But since commas are already used to separate tokens, that seems
> > cleaner to me.
> >
> > If you're going to edit the patch directly, just please remember to update
> > the documentation file accordingly too.
>
> Yeah, and the commit messages.
>
> This is just the patche(es), I'll go over the commit messages too.
>
> ---
>
> diff --git a/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
> b/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
> index ee56e849616f..b4de16f5ec44 100644
> --- a/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
> +++ b/Documentation/admin-guide/hw-vuln/attack_vector_controls.rst
> @@ -137,7 +137,7 @@ or more options to disable various attack vectors.
>
>  Format:
>         | ``mitigations=[global]``
> -       | ``mitigations=[global];[attack vectors]``
> +       | ``mitigations=[global],[attack vectors]``
>
>  Global options:
>
> @@ -166,17 +166,17 @@ the global option is not specified, it defaults to 'auto'.
> The global option
>  'off' is equivalent to disabling all attack vectors.
>
>  Examples:
> -       | ``mitigations=auto;no_user_kernel``
> +       | ``mitigations=auto,no_user_kernel``
>
>         Enable all attack vectors except user-to-kernel.  Partial cross-thread
>         mitigations.
>
> -       | ``mitigations=auto,nosmt;no_guest_host,no_guest_guest``
> +       | ``mitigations=auto,nosmt,no_guest_host,no_guest_guest``
>
>         Enable all attack vectors and cross-thread mitigations except for
>         guest-to-host and guest-to-guest mitigations.
>
> -       | ``mitigations=;no_cross_thread``
> +       | ``mitigations=,no_cross_thread``
>
>         Enable all attack vectors but not cross-thread mitigations.
>
> diff --git a/kernel/cpu.c b/kernel/cpu.c
> index be25543567c0..c976a6686d8b 100644
> --- a/kernel/cpu.c
> +++ b/kernel/cpu.c
> @@ -3276,8 +3276,8 @@ static int __init mitigations_parse_cmdline(char *arg)
>         if (!*p)
>                 return 0;
>
> -       /* Attack vector controls may come after a ';' */
> -       if (*p++ != ';' ||
> !IS_ENABLED(CONFIG_ARCH_HAS_CPU_ATTACK_VECTORS)) {
> +       /* Attack vector controls may come after the ',' */
> +       if (*p++ != ',' ||
> !IS_ENABLED(CONFIG_ARCH_HAS_CPU_ATTACK_VECTORS)) {
>                 pr_crit("Unsupported mitigations=%s, system may still be vulnerable\n",
> arg);
>                 return 0;
>         }
>

Yeah that looks good to me.  I did testing on this locally and it seemed to work fine.

Thanks
--David Kaplan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ