lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2025072219-mulberry-shallow-da0d@gregkh>
Date: Tue, 22 Jul 2025 18:56:39 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Borislav Petkov <bp@...en8.de>
Cc: Michael Zhivich <mzhivich@...mai.com>, stable@...r.kernel.org,
	tglx@...utronix.de, mingo@...hat.com, dave.hansen@...ux.intel.com,
	x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] x86/bugs: Fix use of possibly uninit value in
 amd_check_tsa_microcode()

On Tue, Jul 22, 2025 at 04:22:54PM +0200, Borislav Petkov wrote:
> On Tue, Jul 22, 2025 at 08:28:44AM -0400, Michael Zhivich wrote:
> > For kernels compiled with CONFIG_INIT_STACK_NONE=y, the value of __reserved
> > field in zen_patch_rev union on the stack may be garbage.  If so, it will
> > prevent correct microcode check when consulting p.ucode_rev, resulting in
> > incorrect mitigation selection.
> 
> "This is a stable-only fix." so that the AI is happy. :-P
> 
> > Cc: <stable@...r.kernel.org>
> > Signed-off-by:  Michael Zhivich <mzhivich@...mai.com>
> 
> Acked-by: Borislav Petkov (AMD) <bp@...en8.de>
> 
> > Fixes: 7a0395f6607a5 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> 
> That commit in Fixes: is the 6.12 stable one.
> 
> The 6.6 one is:
> 
> Fixes: 90293047df18 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> 
> The 6.1 is:
> 
> Fixes: d12145e8454f ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> 
> The 5.15 one:
> 
> Fixes: f2b75f1368af ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> 
> and the 5.10 one is
> 
> Fixes: 78192f511f40 ("x86/bugs: Add a Transient Scheduler Attacks mitigation")
> 
> and since all stable kernels above have INIT_STACK_NONE, that same
> one-liner should be applied to all of them.
> 
> Greg, I'm thinking this one-liner should apply to all of the above with
> some fuzz. Can you simply add it to each stable version with a different
> Fixes: tag each?
> 
> Or do you prefer separate submissions?

Ideally, separate submissions, otherwise I have to do this all by hand
:(

thanks

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ