lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <839b7bc9-b155-4458-ad36-fa083659283c@intel.com>
Date: Tue, 14 Oct 2025 11:37:56 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: David Kaplan <david.kaplan@....com>, Thomas Gleixner
 <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>,
 Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>,
 Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
 Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>,
 x86@...nel.org, "H . Peter Anvin" <hpa@...or.com>
Cc: Alexander Graf <graf@...zon.com>,
 Boris Ostrovsky <boris.ostrovsky@...cle.com>, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH 04/56] x86/bugs: Reset spectre_v1 mitigations

On 10/13/25 07:33, David Kaplan wrote:
...
> +#ifdef CONFIG_DYNAMIC_MITIGATIONS
> +static void spectre_v1_reset_mitigation(void)
> +{
> +	setup_clear_cpu_cap(X86_FEATURE_FENCE_SWAPGS_USER);
> +	setup_clear_cpu_cap(X86_FEATURE_FENCE_SWAPGS_KERNEL);
> +	spectre_v1_mitigation = SPECTRE_V1_MITIGATION_AUTO;
> +}
> +#endif
> +
>  static int __init nospectre_v1_cmdline(char *str)
>  {
>  	spectre_v1_mitigation = SPECTRE_V1_MITIGATION_NONE;
> @@ -3794,3 +3805,10 @@ void __warn_thunk(void)
>  {
>  	WARN_ONCE(1, "Unpatched return thunk in use. This should not happen!\n");
>  }
> +
> +#ifdef CONFIG_DYNAMIC_MITIGATIONS
> +void arch_cpu_reset_mitigations(void)
> +{
> +	spectre_v1_reset_mitigation();
> +}
> +#endif

Are all the #ifdefs necessary? For instance, a single:

 void arch_cpu_reset_mitigations(void)
 {
+	if (!IS_ENABLED(CONFIG_DYNAMIC_MITIGATIONS))
+		return;
...

and removing *all* the #ifdefs might be enough to tell the compiler that
all the *_reset_mitigation() functions are unreachable.

But the larger concern through all of this is that this is all *new*
code. The reset concept is completely new and the reset functions look
to be ad-hoc. They follow a few patterns, but nothing super consistent.

Also, this series is going to need to be broken up. I'd suggest going
after the dynamic alternatives, first. I'm sure there's a need for that
_somewhere_ other than for vulnerabilities.

But, in the end, (IMNHO) this series really just adds complexity. It
doesn't do enough refactoring or complexity reduction to go in with this
approach.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ