From linux-kernel  Mon Apr 15 15:47:48 2024
From: Linus Torvalds <torvalds () linux-foundation ! org>
Date: Mon, 15 Apr 2024 15:47:48 +0000
To: linux-kernel
Subject: Re: [PATCH v2 1/3] x86/bugs: Only harden syscalls when needed
Message-Id: <CAHk-=wjXidMn6-gGFidXvm0=k_4m-rk5Pgs5HcrtkYKMHYA3xg () mail ! gmail ! com>
X-MARC-Message: https://marc.info/?l=linux-kernel&m=171319593113528

On Mon, 15 Apr 2024 at 08:27, Nikolay Borisov <nik.borisov@suse.com> wrote:
>
> Same as with every issue - assess the problem and develop fixes.

No. Let's have at least all the infrastructure in place to be a bit proactive.

> Let's be honest, the indirect branches in the syscall handler aren't the
> biggest problem

Oh, they have been.

> it's the stacked LSMs.

Hopefully those will get fixed too.

There's a few other fairly reachable ones (the timer indirection ones
are much too close, and VFS file ops aren't entirely out of reach).

But maybe some day we'll be in a situation where it's actually fairly
hard to reach indirect kernel calls from untrusted user space.

The system call ones are pretty much always the first ones, though.

> And even if those get fixes
> chances are the security people will likely find some other avenue of
> attack, I think even now the attack is somewhat hard to pull off.

No disagreement about that. I think outright sw bugs are still the
99.9% thing. But let's learn from history instead of "assess the
problem" every time anew.

               Linus