lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e8da975e-25d0-4ae0-9b95-45eea1f49a12@oracle.com>
Date: Wed, 15 Oct 2025 19:06:55 -0400
From: Boris Ostrovsky <boris.ostrovsky@...cle.com>
To: "Kaplan, David" <David.Kaplan@....com>,
        Josh Poimboeuf <jpoimboe@...nel.org>
Cc: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>,
        Peter Zijlstra <peterz@...radead.org>,
        Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>,
        Ingo Molnar <mingo@...hat.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "x86@...nel.org" <x86@...nel.org>, "H . Peter Anvin" <hpa@...or.com>,
        Alexander Graf <graf@...zon.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [RFC PATCH 00/56] Dynamic mitigations



On 10/14/25 2:06 PM, Kaplan, David wrote:
> [AMD Official Use Only - AMD Internal Distribution Only]
> 
>> -----Original Message-----
>> From: Josh Poimboeuf <jpoimboe@...nel.org>
>> Sent: Tuesday, October 14, 2025 11:29 AM
>> To: Kaplan, David <David.Kaplan@....com>
>> Cc: Thomas Gleixner <tglx@...utronix.de>; Borislav Petkov <bp@...en8.de>; Peter
>> Zijlstra <peterz@...radead.org>; Pawan Gupta
>> <pawan.kumar.gupta@...ux.intel.com>; Ingo Molnar <mingo@...hat.com>; Dave
>> Hansen <dave.hansen@...ux.intel.com>; x86@...nel.org; H . Peter Anvin
>> <hpa@...or.com>; Alexander Graf <graf@...zon.com>; Boris Ostrovsky
>> <boris.ostrovsky@...cle.com>; linux-kernel@...r.kernel.org
>> Subject: Re: [RFC PATCH 00/56] Dynamic mitigations


>>
>> I'm not really a fan of this.  It adds complexity to some areas that are
>> already struggling with too much complexity.
>>
>> IMO this would need some REALLY strong justification, more than just
>> "hey, this makes things more convenient."
>>
>> The mitigations should be a "set it and forget it" thing.  I don't see
>> anything here which justifies the considerable maintenance burden this
>> would add for all existing and future mitigations.
>>
> 
> The problem is there are environments like the one outlined where you can't just 'set it and forget it' because the kernel needs it set at boot-time, but in these environments you don't know how to configure the system until much later in boot.  So you end up running with the default settings all the time, even if you don't need them.  And the default settings can have significant performance impacts in many cases.
> 
> The cloud guys on this thread may be able to offer some additional color here since I believe that's where you're most likely to have this situation.


We've had quite a few cases where initially selected mitigation would 
turn out to be wrong --- either because we discovered that performance 
characteristics were not what we expected or that mitigation had some 
issues (i.e. bugs). Once could argue that this could be true of any code 
but this area has been particularly troublesome.

There are ways to get around this such as live migration or 
ksplice/kpatch but these are not always possible or practical.


-boris

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ