Re: [kernel-hardening] Re: [PATCH] cpu: do not leak vulnerabilities to unprivileged users

From: Jason A. Donenfeld
Date: Thu Jan 25 2018 - 08:40:10 EST

Next message: Michael S. Tsirkin: "Re: [PATCH v24 1/2] mm: support reporting free page blocks"
Previous message: Pintu Kumar: "Re: [perf] perf test and probe fails sometimes on 4.9"
In reply to: Alan Cox: "Re: [PATCH] cpu: do not leak vulnerabilities to unprivileged users"
Next in thread: Jason A. Donenfeld: "[PATCH v2] cpu: do not leak vulnerabilities to unprivileged users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 25, 2018 at 2:34 PM, Alan Cox <gnomes@xxxxxxxxxxxxxxxxxxx> wrote:
> As you observe any attacker can already trivially ascertain whether
> protection is on, so there is no point pretending file permissions
> magically stop that. In fact the information is already in cpuinfo.

Actually the other place it leaks is in dmesg, which would need to be
patched too.

My understanding about cpuinfo was that it showed whether or not the
processor family is generally vulnerable to it, independent of whether
or not the kernel has been patched. What this patch does relates to
whether or not the kernel has been patched.

Next message: Michael S. Tsirkin: "Re: [PATCH v24 1/2] mm: support reporting free page blocks"
Previous message: Pintu Kumar: "Re: [perf] perf test and probe fails sometimes on 4.9"
In reply to: Alan Cox: "Re: [PATCH] cpu: do not leak vulnerabilities to unprivileged users"
Next in thread: Jason A. Donenfeld: "[PATCH v2] cpu: do not leak vulnerabilities to unprivileged users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]