[PATCH gnupg] Disable CPU speculation-related misfeatures
Guido Trentalancia
guido at trentalancia.com
Mon May 26 20:01:11 CEST 2025
Whether those CPU algorithms are features or "misfeatures" depends on
the specific application running on the CPU.
For example, for a video gaming application they can be considered
features, because execution speed is the only important feature.
On the other hand, for a cryptographic application, the same CPU
algorithms are most likely classified as "misfeatures" because they can
potentially leak sensitive data to unauthorized parties.
If the vulnerability exploitation is successful (it requires local
access, such as a local login and/or the concurrent execution of
specially crafted software), the same algorithms can be considered a
true misfortune !
So, you see, it all depends on the specific circumstances.
I hope this further clarifies the matter.
A test in the autoconf-generated "configure" script is not needed,
because the patch automatically detects whether the glibc and kernel
versions support disabling those vulnerabilities.
On Mon, 26/05/2025 at 16.46 +0200, Werner Koch wrote:
> Hi!
>
> On Mon, 26 May 2025 14:00, Guido Trentalancia said:
> > Disable CPU speculation-related misfeatures which are in
> > fact vulnerabilities causing data leaks:
>
> If that is a misfeature it needs to be fixed at the pläce where it
> was
> introduced and not just in a single binary. If this code is really
> needed it would first of all be useful in Libgcrypt only then then
> you
> should put it into gnupg/common/init.c:early_system_init.
>
> Specific Linux code is in general not a good idea, if that is
> required,
> please write a proper configure test for this feature and use a
> dedicated macro. A more detailed explanation of the pro and cons
> would
> also be appreciated.
>
>
>
> Shalom-Salam,
>
> Werner
>
More information about the Gnupg-devel
mailing list