[PATCH gnupg] Disable CPU speculation-related misfeatures

Guido Trentalancia guido at trentalancia.com
Mon May 26 19:07:43 CEST 2025 

The vulnerabilities being tackled by this proposed patch are hardware
vulnerabilities that exist in the CPU.

They were introduced with branch-prediction and other speculative-
execution CPU optimizations.

Because once exploited they materialize in Information Disclosure (data
leaks), cryptographic software is the most affected class of software,
because cryptographic keys or encrypted data can be leaked.

Unfortunately not all of such hardware vulnerabilities can be tackled
by a microcode update, some of them need to be tackled in software:
this is what this patch aims to do (software-based mitigation of
hardware vulnerabilities).

An equivalent patch has been already proposed for libgcrypt and another
one might be proposed for gnutls.

Only tackling libgcrypt is not enough, because cryptographic
applications such as gnupg also deal with the cryptographic keys (e.g.
passphrases), which are then passed to the libgcrypt cryptographic
functions for actual encryption and decryption.

The "pros" of this patch are that it avoids the risk of leaking
cryptographic keys or encrypted data on CPUs that are affected by those
vulnerabilities.

The "cons" of this patch are decreased execution speed: this is not
normally noticeable to the user.

I hope this helps.

On Mon, 26/05/2025 at 16.46 +0200, Werner Koch wrote:
> Hi!
> 
> On Mon, 26 May 2025 14:00, Guido Trentalancia said:
> > Disable CPU speculation-related misfeatures which are in
> > fact vulnerabilities causing data leaks:
> 
> If that is a misfeature it needs to be fixed at the pläce where it
> was
> introduced and not just in a single binary.  If this code is really
> needed it would first of all be useful in Libgcrypt only then then
> you
> should put it into gnupg/common/init.c:early_system_init.
> 
> Specific Linux code is in general not a good idea, if that is
> required,
> please write a proper configure test for this feature and use a
> dedicated macro.  A more detailed explanation of the pro and cons
> would
> also be appreciated.
> 
> 
> 
> Shalom-Salam,
> 
>    Werner
>

More information about the Gnupg-devel mailing list