lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID:
 <LV3PR12MB926591EA45E7186AA3BD2A7E94F6A@LV3PR12MB9265.namprd12.prod.outlook.com>
Date: Fri, 17 Oct 2025 14:05:35 +0000
From: "Kaplan, David" <David.Kaplan@....com>
To: Josh Poimboeuf <jpoimboe@...nel.org>
CC: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>,
	Peter Zijlstra <peterz@...radead.org>, Pawan Gupta
	<pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar <mingo@...hat.com>, Dave
 Hansen <dave.hansen@...ux.intel.com>, "x86@...nel.org" <x86@...nel.org>, "H .
 Peter Anvin" <hpa@...or.com>, Alexander Graf <graf@...zon.com>, Boris
 Ostrovsky <boris.ostrovsky@...cle.com>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: RE: [RFC PATCH 03/56] cpu: Reset global mitigations

[AMD Official Use Only - AMD Internal Distribution Only]

> -----Original Message-----
> From: Josh Poimboeuf <jpoimboe@...nel.org>
> Sent: Thursday, October 16, 2025 4:34 PM
> To: Kaplan, David <David.Kaplan@....com>
> Cc: Thomas Gleixner <tglx@...utronix.de>; Borislav Petkov <bp@...en8.de>; Peter
> Zijlstra <peterz@...radead.org>; Pawan Gupta
> <pawan.kumar.gupta@...ux.intel.com>; Ingo Molnar <mingo@...hat.com>; Dave
> Hansen <dave.hansen@...ux.intel.com>; x86@...nel.org; H . Peter Anvin
> <hpa@...or.com>; Alexander Graf <graf@...zon.com>; Boris Ostrovsky
> <boris.ostrovsky@...cle.com>; linux-kernel@...r.kernel.org
> Subject: Re: [RFC PATCH 03/56] cpu: Reset global mitigations
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> On Mon, Oct 13, 2025 at 09:33:51AM -0500, David Kaplan wrote:
> > +#ifdef CONFIG_DYNAMIC_MITIGATIONS
> > +void __weak arch_cpu_reset_mitigations(void)
> > +{
> > +}
> > +
> > +void cpu_reset_mitigations(void)
> > +{
> > +     smt_mitigations = SMT_MITIGATIONS_AUTO;
> > +     cpu_mitigations = CPU_MITIGATIONS_AUTO;
> > +     attack_vectors[CPU_MITIGATE_USER_KERNEL] = true;
> > +     attack_vectors[CPU_MITIGATE_USER_USER] = true;
> > +     attack_vectors[CPU_MITIGATE_GUEST_HOST] =
> IS_ENABLED(CONFIG_KVM);
> > +     attack_vectors[CPU_MITIGATE_GUEST_GUEST] =
> IS_ENABLED(CONFIG_KVM);
> > +     arch_cpu_reset_mitigations();
> > +}
> > +#endif
>
> Considering this will have no effect on other arches (or even on x86 at
> this point in the series), should CONFIG_DYNAMIC_MITIGATIONS depend on
> an arch-specific CONFIG_HAVE_DYNAMIC_MITIGATIONS?
>
> Then the weak function can be removed (and weak functions should be
> avoided anyway, IMO).
>

Ok.  I agree, the feature doesn't make sense without arch-specific support anyway, so that seems reasonable.

Thanks --David Kaplan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ