Re: [PATCH libgcrypt] Disable CPU speculation-related misfeatures

Fri, 13 Jun 2025 23:26:49 -0700 

Hello,

On 25/05/2025 18:25, Guido Trentalancia via Gcrypt-devel wrote:

Disable CPU speculation-related misfeatures which are in
fact vulnerabilities causing data leaks:

  - Speculative Store Bypass
  - Indirect Branch Speculation
  - Flush L1D Cache on context switch out of the task

For further information see the kernel documentation:
Documentation/userspace-api/spec_ctrl.rst

Signed-off-by: Guido Trentalancia <[email protected]>
---
  src/global.c |   21 +++++++++++++++++++++
  1 file changed, 21 insertions(+)

--- a/src/global.c      2024-04-26 14:08:12.000000000 +0200
+++ b/src/global.c      2025-05-25 16:03:24.718598884 +0200
@@ -33,6 +33,7 @@
  #ifdef HAVE_SYSLOG
  # include <syslog.h>
  #endif /*HAVE_SYSLOG*/
+#include <sys/prctl.h>
#include "g10lib.h" 
  #include "gcrypt-testapi.h"
@@ -95,6 +96,26 @@ global_init (void)
      return;
    _gcry_global_any_init_done = 1;
+/* Disable CPU speculation-related misfeatures which are in 
+ * fact vulnerabilities causing data leaks: see the kernel
+ * documentation: Documentation/userspace-api/spec_ctrl.rst
+ *
+ * - Speculative Store Bypass
+ * - Indirect Branch Speculation
+ * - Flush L1D Cache on context switch out of the task
+ */
+#ifdef PR_SPEC_STORE_BYPASS
+  prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_STORE_BYPASS, PR_SPEC_FORCE_DISABLE, 
0, 0);
+#endif
+
+#ifdef PR_SPEC_INDIRECT_BRANCH
+  prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIRECT_BRANCH, 
PR_SPEC_FORCE_DISABLE, 0, 0);
+#endif
+
+#ifdef PR_SPEC_L1D_FLUSH
+  prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_L1D_FLUSH, PR_SPEC_FORCE_DISABLE, 0, 
0);
+#endif
+


Do other crypto libraries do this? Surely this control should not be in library 
side but in
application. Libgcrypt could be loaded by application for number of reasons and 
not all
those use-cases require toggling these knobs (such as file checksumming, CRC or 
SHA). Even
worse, libgcrypt might be loaded by another library and actual application may 
not even
have knowledge of that. Libgcrypt might get loaded through library dependencies 
but
end up not being used by application at all (except initialization, 
global_init, etc).

-Jussi


_______________________________________________
Gcrypt-devel mailing list
[email protected]
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Reply via email to