From: Ingo Molnar <mingo@kernel.org>
To: Borislav Petkov <bp@alien8.de>
Cc: Josh Poimboeuf <jpoimboe@kernel.org>,
linux-tip-commits@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [tip: x86/bugs] x86/srso: Fix vulnerability reporting for missing microcode
Date: Sat, 2 Sep 2023 12:46:05 +0200 [thread overview]
Message-ID: <ZPMSbabIw5ZtTqbo@gmail.com> (raw)
In-Reply-To: <20230901094053.GDZPGxpcG56GwE0LyG@fat_crate.local>
* Borislav Petkov <bp@alien8.de> wrote:
> On Fri, Aug 25, 2023 at 10:19:32AM -0000, tip-bot2 for Josh Poimboeuf wrote:
> > The following commit has been merged into the x86/bugs branch of tip:
> >
> > Commit-ID: b3be1397be0340b2c30b2dcd7339dbfaa5563e2b
> > Gitweb: https://git.kernel.org/tip/b3be1397be0340b2c30b2dcd7339dbfaa5563e2b
> > Author: Josh Poimboeuf <jpoimboe@kernel.org>
> > AuthorDate: Fri, 25 Aug 2023 00:01:41 -07:00
> > Committer: Ingo Molnar <mingo@kernel.org>
> > CommitterDate: Fri, 25 Aug 2023 11:21:59 +02:00
> >
> > x86/srso: Fix vulnerability reporting for missing microcode
> >
> > The SRSO default safe-ret mitigation is reported as "mitigated" even if
> > microcode hasn't been updated. That's wrong because userspace may still
> > be vulnerable to SRSO attacks due to IBPB not flushing branch type
> > predictions.
> >
> > Report the safe-ret + !microcode case as vulnerable.
> >
> > Also report the microcode-only case as vulnerable as it leaves the
> > kernel open to attacks.
> >
> > Fixes: fb3bd914b3ec ("x86/srso: Add a Speculative RAS Overflow mitigation")
> > Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
> > Signed-off-by: Ingo Molnar <mingo@kernel.org>
> > Link: https://lore.kernel.org/r/65556eeb1bf7cb9bd7db8662ef115dd73191db84.1692919072.git.jpoimboe@kernel.org
> > ---
> > Documentation/admin-guide/hw-vuln/srso.rst | 22 ++++++++++----
> > arch/x86/kernel/cpu/bugs.c | 34 ++++++++++++---------
> > 2 files changed, 37 insertions(+), 19 deletions(-)
>
> This is still unfixed:
>
> https://lore.kernel.org/r/20230825072542.GFZOhXdgXpUidW51lC@fat_crate.local
>
> mingo, do you want fixes ontop or do you wanna rebase this branch?
Since these are fixes that are supposed to be fully correct,
I'd suggest we rebase it.
Josh, mind sending a v3 SRSO series, as a replacement for x86/bugs,
with Boris's review & testing feedback addressed?
[ Feel free to send it as a delta series against v2 in x86/bugs and I'll
backmerge it all. ]
Thanks,
Ingo
next prev parent reply other threads:[~2023-09-02 10:46 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-25 7:01 [PATCH v2 00/23] SRSO fixes/cleanups Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 01/23] x86/srso: Fix srso_show_state() side effect Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 02/23] x86/srso: Set CPUID feature bits independently of bug or mitigation status Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 03/23] x86/srso: Don't probe microcode in a guest Josh Poimboeuf
2023-08-25 7:52 ` Andrew Cooper
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 04/23] KVM: x86: Add IBPB_BRTYPE support Josh Poimboeuf
2023-08-25 18:15 ` Sean Christopherson
2023-08-26 15:49 ` Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 05/23] KVM: x86: Add SBPB support Josh Poimboeuf
2023-08-25 18:20 ` Sean Christopherson
2023-08-25 7:01 ` [PATCH 06/23] x86/srso: Fix SBPB enablement for spec_rstack_overflow=off Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 07/23] x86/srso: Fix SBPB enablement for (possible) future fixed HW Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 08/23] x86/srso: Print actual mitigation if requested mitigation isn't possible Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 09/23] x86/srso: Print mitigation for retbleed IBPB case Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 10/23] x86/srso: Fix vulnerability reporting for missing microcode Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-09-01 9:40 ` Borislav Petkov
2023-09-02 10:46 ` Ingo Molnar [this message]
2023-09-02 17:04 ` Borislav Petkov
2023-09-03 14:37 ` Borislav Petkov
2023-09-05 4:57 ` Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 11/23] x86/srso: Fix unret validation dependencies Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 12/23] x86/alternatives: Remove faulty optimization Josh Poimboeuf
2023-08-25 9:20 ` Ingo Molnar
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 10:27 ` [tip: x86/urgent] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 13/23] x86/srso: Improve i-cache locality for alias mitigation Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 14/23] x86/srso: Unexport untraining functions Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 15/23] x86/srso: Remove 'pred_cmd' label Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 19:51 ` [PATCH 15/23] " Nikolay Borisov
2023-08-26 15:45 ` Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 16/23] x86/bugs: Remove default case for fully switched enums Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-09-02 9:02 ` [PATCH 16/23] " Borislav Petkov
2023-09-05 5:08 ` Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 17/23] x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 18/23] x86/srso: Remove redundant X86_FEATURE_ENTRY_IBPB check Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-09-02 9:10 ` [PATCH 18/23] " Borislav Petkov
2023-08-25 7:01 ` [PATCH 19/23] x86/srso: Disentangle rethunk-dependent options Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 20/23] x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 21/23] x86/retpoline: Remove .text..__x86.return_thunk section Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 22/23] x86/nospec: Refactor UNTRAIN_RET[_*] Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 18:22 ` [PATCH 22/23] " Nikolay Borisov
2023-08-26 15:42 ` Josh Poimboeuf
2023-08-25 7:01 ` [PATCH 23/23] x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() Josh Poimboeuf
2023-08-25 10:19 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-08-25 10:38 ` [PATCH v2 00/23] SRSO fixes/cleanups Ingo Molnar
2023-08-26 15:57 ` Josh Poimboeuf
2023-08-26 17:00 ` Ingo Molnar
2023-10-05 1:29 ` Sean Christopherson
-- strict thread matches above, loose matches on Subject: below --
2023-09-05 5:04 [PATCH v3 08/20] x86/srso: Fix vulnerability reporting for missing microcode Josh Poimboeuf
2023-09-05 10:09 ` [tip: x86/bugs] " tip-bot2 for Josh Poimboeuf
2023-09-19 9:53 ` tip-bot2 for Josh Poimboeuf
2023-09-23 12:20 ` tip-bot2 for Josh Poimboeuf
2023-10-20 11:37 ` tip-bot2 for Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZPMSbabIw5ZtTqbo@gmail.com \
--to=mingo@kernel.org \
--cc=bp@alien8.de \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.