Re: [PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state

From: Greg Kroah-Hartman
Date: Thu Jan 03 2019 - 04:39:03 EST

Next message: Cornelia Huck: "Re: [PATCH v1 1/2] virtio-balloon: tweak config_changed implementation"
Previous message: MRS. SONIA AVIS IBRAHIM: "I WANT YOU TO USE THIS DONATION TO HELP THE POOR URGENT."
In reply to: Jeremy Linton: "[PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state"
Next in thread: Jeremy Linton: "Re: [PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 02, 2019 at 06:49:15PM -0600, Jeremy Linton wrote:
> There is a lot of variation in the Arm ecosystem. Because of this,
> there exist possible cases where the kernel cannot authoritatively
> determine if a machine is vulnerable.

Really? Why not? What keeps you from "knowing" this? Can't the
developer of the chip tell you?

> Rather than guess the vulnerability status in cases where
> the mitigation is disabled or the firmware isn't responding
> correctly, we need to display an "Unknown" state.

Shouldn't "Unknown" really be the same thing as "Vulnerable"? A user
should treat it the same way, "Unknown" makes it feel like "maybe I can
just ignore this and hope I really am safe", which is not a good idea at
all.

thanks,

greg k-h

Next message: Cornelia Huck: "Re: [PATCH v1 1/2] virtio-balloon: tweak config_changed implementation"
Previous message: MRS. SONIA AVIS IBRAHIM: "I WANT YOU TO USE THIS DONATION TO HELP THE POOR URGENT."
In reply to: Jeremy Linton: "[PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state"
Next in thread: Jeremy Linton: "Re: [PATCH v2 1/7] sysfs/cpu: Add "Unknown" vulnerability state"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]