[PATCH libgcrypt] Disable CPU speculation-related misfeatures

[Guido Trentalancia]

The vulnerabilities being tackled by the patch proposed here are
hardware vulnerabilities that exist in the CPU.

They were introduced with branch-prediction and other speculative-
execution CPU optimizations.

Because, once exploited, they materialize in Information Disclosure
(data leaks), cryptographic software is the most affected class of
software, because cryptographic keys or encrypted data can be leaked.

Unfortunately not all of such hardware vulnerabilities can be tackled
by a CPU microcode update, some of them need to be tackled in software:
this is what this patch aims to do (software-based mitigation of
hardware vulnerabilities).

An equivalent patch has been already proposed for the gnupg application
and another one might be proposed for the gnutls library.

In fact, only tackling libgcrypt is not enough, because cryptographic
applications such as gnupg also handle the cryptographic keys (e.g.
passphrases) and the sensitive data to be encrypted: these are then
passed to the libgcrypt cryptographic functions for actual encryption
and decryption.

The "pros" of this patch are that it avoids the risk of leaking
cryptographic keys or decrypted data on CPUs that are affected by those
vulnerabilities.

The "cons" of this patch are decreased execution speed: this is not
normally noticeable to the user.

I hope this helps.

On Mon, 26/05/2025 at 16.53 +0200, Werner Koch wrote:
> On Sun, 25 May 2025 17:25, Guido Trentalancia said:
> > Disable CPU speculation-related misfeatures which are in
> > fact vulnerabilities causing data leaks:
> 
> Please see my comments on gnupg-devel.
> 
> 
> Shalom-Salam,
> 
>    Werner
>