Re: [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime

From: Borislav Petkov
Date: Wed Oct 18 2023 - 16:04:35 EST

Next message: Heiko Stübner: "Re: [PATCH v8 00/26] Add perf support to the rockchip-dfi driver"
Previous message: Heiko Stübner: "Re: [PATCH v8 19/26] PM / devfreq: rockchip-dfi: add support for RK3588"
In reply to: Josh Poimboeuf: "Re: [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime"
Next in thread: Borislav Petkov: "Re: [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Oct 18, 2023 at 12:14:07PM -0700, Josh Poimboeuf wrote:
> There are a lot of warnings which could become security concerns.

Not "could become" - this one *is* a security issue because it means we're
not mitigating with the RET thunks properly.

> By definition, a warning means something is seriously wrong. If it's
> ignored, all bets are off. That's why we taint the kernel.

If I could, I'd cripple the kernel just enough so that it issues the
warning and then stops so that the users are not exposed, but show why
it stopped. And we know that panicking doesn't provide that.

David suggested earlier that perhaps we should warn and then mark the
kernel as vulnerable to those mitigations. That could be a more
realistic thing to do...

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Heiko Stübner: "Re: [PATCH v8 00/26] Add perf support to the rockchip-dfi driver"
Previous message: Heiko Stübner: "Re: [PATCH v8 19/26] PM / devfreq: rockchip-dfi: add support for RK3588"
In reply to: Josh Poimboeuf: "Re: [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime"
Next in thread: Borislav Petkov: "Re: [tip: x86/bugs] x86/retpoline: Ensure default return thunk isn't used at runtime"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]