From: Eric Biggers <ebiggers@kernel.org>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Marc Zyngier <maz@kernel.org>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
Kees Cook <keescook@chromium.org>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Adam Langley <agl@google.com>
Subject: Re: [PATCH v2] arm64: Enable data independent timing (DIT) in the kernel
Date: Mon, 7 Nov 2022 12:38:42 -0800 [thread overview]
Message-ID: <Y2ls0vS+ZsW4iL3N@sol.localdomain> (raw)
In-Reply-To: <20221107172400.1851434-1-ardb@kernel.org>
On Mon, Nov 07, 2022 at 06:24:00PM +0100, Ard Biesheuvel wrote:
[...]
>
> Currently, we have no idea whether or not running privileged code with
> DIT disabled on a CPU that implements support for it may result in a
> side channel that exposes privileged data to unprivileged user space
> processes, so let's be cautious and just enable DIT while running in the
> kernel if supported by all CPUs.
[...]
>
> - tweak the commit log so that it doesn't read as if we are fixing an
> actual vulnerability
I think the above undersells this a bit, as crypto code often relies on
instructions being constant-time to prevent leakage of secrets outside the
system itself. For example, consider WireGuard, which includes network
attackers in its threat model. So it's not just about attacks from userspace
processes on the same system.
The patch itself looks good to me though -- thanks!
- Eric
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-11-07 20:40 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-07 17:24 [PATCH v2] arm64: Enable data independent timing (DIT) in the kernel Ard Biesheuvel
2022-11-07 20:38 ` Eric Biggers [this message]
2022-11-08 14:41 ` Mark Rutland
2022-11-08 14:56 ` Will Deacon
2022-11-08 17:38 ` Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y2ls0vS+ZsW4iL3N@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=agl@google.com \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=keescook@chromium.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox