| View previous topic :: View next topic |
| Author |
Message |
Atha
Apprentice
Joined: 22 Sep 2004
Posts: 229
|
 Posted: Wed Dec 13, 2023 1:59 am Post subject: MMIO Stale Data Vulnerabilities: mitigations on unknown CPU? |
 |
|
So, I have this old laptop from ~2014. Turns out it has an Intel Pentium N3540 (Intel Atom, but with out-of-order execution) installed, which is apparently too old to be supported by the latest 2022 vulnerability fix...
I installed Linux and was surprised to find a vulnerability listed as "unknown", but not only that: also with "no mitigations".
| Code: | # (cd /sys/devices/system/cpu/vulnerabilities ; grep * --invert-match --color -e "^Not affected$")
mds:Mitigation: Clear CPU buffers; SMT disabled
meltdown:Mitigation: PTI
mmio_stale_data:Unknown: No mitigations
spectre_v1:Mitigation: usercopy/swapgs barriers and __user pointer sanitization |
Might be worth mentioning I use kernel command-line option mitigations=auto,nosmt...
I searched and found this: https://www.phoronix.com/news/Linux-MMIO-Stale-Data-Old-CPUs
And also this: https://kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html
The question is, why there is no option to force the use of mitigations, even when the CPU is unknown to be affected?
Wouldn't it be reasonable to at least add a manual option to force the use of "Clear CPU buffers" if the user so wishes?
_________________
Think for yourself and let others enjoy the privilege of doing so too. – Voltaire |
|
| Back to top |
|
 |
jpsollie
Apprentice
Joined: 17 Aug 2013
Posts: 291
|
| Posted: Sun Dec 17, 2023 7:56 pm Post subject: |
|
|
you are looking at it from a pretty high-level way:
I think what you are saying is:
| Code: |
int a = b + c;
/*do something */
return a;
|
and you're thinking "hey, if my cpu can leak the value of a, but we don't know, why doesn't the kernel mitigate by returning b+c at the end immediately?"
it's not really how mitigations work:
if a cpu is affected, a set of microcode instructions is defined for this cpu to protect "int a" so it can't be leaked.
This mitigation code is not part of the standard x86_64-v1 instruction set, and as such, you can't enable it by default.
this is why mitigations only work on CPUs which are supported when the vulnerability was discovered, or some fans like m68k devs who keep posting patches on a 40yr architecture.
_________________
The power of Gentoo optimization (not overclocked): [img]https://www.passmark.com/baselines/V10/images/503714802842.png[/img] |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Kernel & Hardware
