Improving the handling of embargoed hardware-security bugs [LWN.net]

By Jonathan Corbet
October 25, 2018

Jiri Kosina kicked off a session on hardware vulnerabilities at the 2018 Kernel Maintainers Summit by noting that there are few complaints about how the kernel community deals with security issues in general. That does not hold for Meltdown and Spectre which, he said, had been "completely mishandled". The subsequent handling of the L1TF vulnerability suggests that some lessons have been learned, but there is still plenty of room for improvement in how hardware vulnerabilities are handled in general.

There are a number of reasons why the handling of Meltdown and Spectre went bad, he said, starting with the fact that the hardware vendors simply did not know how to do it right. They didn't think that the normal security contact (security@kernel.org) could be used, since there was no non-disclosure agreement (NDA) in place there. Perhaps what is needed is the creation of such an agreement or, as was discussed in September, a "gentleman's agreement" that would serve the same role.

James Bottomley asserted that not even the gentleman's agreement would be needed if the community were to publish a comprehensive document on how it will handle reports of hardware security issues, but others said that the problems go beyond the initial agreement. Linus Torvalds complained that he has been unable to get either emails or PDF documents describing known vulnerabilities; all that has been on offer is the ability to get an account on an Intel server where documents can be read. Thomas Gleixner said that there has been some progress in that area, though, and that he is now able to get documents in a GPG-encrypted tarball.

Greg Kroah-Hartman said that the wording of the documentation on how security issues are handled is not perfect for this case, but work is being done to fix it. Gleixner said that we need to create a single point of contact for hardware vulnerabilities; the vendors will then understand the rules that we play by and that we will not leak information. Intel, he said, has learned a lot and knows who to talk to. Mauro Carvalho Chehab complained that Intel is just one vendor, though, and that the next vendor with a vulnerability will be different. Torvalds replied that the most important vendors are coming around; Gleixner added that this is another reason to have clear documentation on how we have handled these problems in the past.

Ted Ts'o said that the community's policy is to hold on to fixes for kernel bugs for up to five working days while distributors work out their response. That time period is clearly not appropriate for hardware bugs, but what would the right time be? Gleixner responded that it is "quite long". Vendors can come up with a proof-of-concept microcode update for a single product fairly quickly, but that is just the beginning; vendors like Intel have hundreds of products, each of which must be evaluated and fixed independently. So the response time tends to drag out; the kernel community has to acknowledge that hardware vendors need time to handle things properly.

Kees Cook asked how long that would be, but it seems that the answer varies considerably depending on the nature of the vulnerability. The L1TF fixes were ready three weeks before the disclosure, helped by the fact that Intel had informed the community even before it knew how many processors were affected. Torvalds complained, though, that many of the embargo periods are still controlled by "the old corrupt security rules"; the L1TF disclosure date was determined by the date of a security-conference talk rather than any technical considerations. That is not a game we want to play, he said.

Cook persisted, asking whether the community could somehow set a maximum embargo time. Gleixner said that would be difficult. We can't create our own patches before any microcode fixes are done, for example. There are also delays associated with the interaction with other operating-system vendors, some of whom are slower than the Linux community to prepare patches. Those vendors, Kosina said, have venues where they are able to collaborate on issues like these, but the kernel is not represented there. Gleixner said that the community needs a contact point that can participate in these discussions.

Torvalds said that the hardware vendors worry a lot that problems will not be kept under wraps until the appointed disclosure day; they need to have personal connections with the community to get over those fears. Gleixner agreed, saying that a new contact point should be set up for hardware issues; it would be a smaller group than security@kernel.org. The vendors would have to trust that group, though, and would have to allow domain experts to be brought in from outside the group for specific problems. Extending that trust or not is their decision in the end, he said; if they won't play, then Linux will simply wait until the issues become public to start work on fixing them.

Will Deacon said that, if one vendor has a specific type of problem, others probably do as well; there's only so much novelty in the area of microprocessor design. But hardware vendors don't have a way to coordinate around this kind of vulnerability; indeed, they tend to do the opposite. If a group of developers is talking to one hardware vendor, the other vendors will stay away from that group. That implies, he said, that the point of contact for each processor type needs to be the associated architecture maintainer. Kroah-Hartman agreed, saying that the cross-vendor collaboration problems are not amenable to solution by the Linux kernel community.

Arnd Bergmann asked about the problem of older, unmaintained processors. A number of old MIPS processors are affected, for example, but nobody is doing anything about them. Kroah-Hartman said there is little for the community to do about abandoned hardware; that is an issue for governments to deal with. Until the ability to update hardware and ongoing security support are mandated, the problem will persist.

As the session concluded, Grant Likely said that the community needs to develop a documented process for hardware vulnerabilities — before the next one hits. But who would write this document? After an awkward silence, offers of help were received from Deacon, Gleixner, Kosina, Kroah-Hartman, and Likely, with your editor being instructed by the rest to ensure that all of the names were written down and published.

[Thanks to the Linux Foundation, LWN's travel sponsor, for supporting my travel to the Maintainers Summit.]

Index entries for this article
Kernel	Development model/Security issues
Kernel	Security/Meltdown and Spectre
Security	Bug reporting
Conference	Kernel Maintainers Summit/2018

to post comments

Improving the handling of embargoed hardware-security bugs

Posted Oct 25, 2018 19:45 UTC (Thu) by jhoblitt (subscriber, #77733) [Link] (6 responses)

Does a hardware vendor have any level of legal liability if they know of a *defect* and continue to sell defective components without disclosing it to the buyer? What about if the vendor is aware of a vulnerability and an end-user is victimized by the vulnerability?

I grasp that shipping a microcode update is unlikely to ever be an overnight process but is anyone really more "secure" because a vulnerability isn't disclosed to the "public" for 6 months? I think I'd rather be aware of a known risk rather than gamble that a exploit isn't already in the wild...

Improving the handling of embargoed hardware-security bugs

Posted Oct 25, 2018 20:05 UTC (Thu) by roc (subscriber, #30627) [Link] (3 responses)

> is anyone really more "secure" because a vulnerability isn't disclosed to the "public" for 6 months?

Surely the answer is "sometimes yes".

Tradeoffs are hard.

Improving the handling of embargoed hardware-security bugs

Posted Oct 29, 2018 15:29 UTC (Mon) by ortalo (guest, #4654) [Link] (2 responses)

Well, primarily the manufacturers lawyers themselves, from everyone else lawyers, I guess.

That's not a trade off IMHO, more of an hypothesis coverage issue.
The implied hypothesis is that your attackers do not have access to the vulnerability information.
I hate this hypothesis because in some sense, it means you only consider attackers more stupid [1] than defenders.
Which in itself is contradictive. (Only stupid defenders do such an hypothesis, no? ;-)

[1] less skilled, less informed, slow, etc.

Improving the handling of embargoed hardware-security bugs

Posted Nov 1, 2018 4:47 UTC (Thu) by brooksmoses (guest, #88422) [Link] (1 responses)

Of course, the hypothesis is a bit more complicated than that.

It is very unlikely that the attackers gain will access to information about the vulnerability at the same time that the vendor does. If they already have this information at the point the vendor discovers it, then a delay from the vendor makes the situation only quantitatively worse, not qualitatively -- the time the attackers can exploit it gets longer due to the embargo, but it doesn't come into existence due to the embargo. If the embargo time is short compared to the length of time that the exploitable bug has existed, then it's unlikely that the embargo causes a substantial increase in the time the attackers can exploit it, and also unlikely that the attackers will discover it during the embargo period if they haven't already discovered it.

Meanwhile, you have to consider the value of lifting the embargo earlier. Lifting it early doesn't necessarily mean the end users are then "safe". If there are essentially no practical fixes without changes from the manufacturer, and the manufacturer doesn't have those changes ready, then lifting the embargo only helps attackers without helping users protect themselves. Even if there are practical fixes available, rushing them out before they are "fully baked" increases the risk that they are insufficient or buggy, at which point we can basically assume that the attackers will find the bugs in the patches before they can be patched, and that's almost as bad as lifting the embargo without a fix.

And, of course, there's also the observation that there are certainly plenty of "less skilled, less informed, slow, etc." attackers in the world -- and, once the embargo is lifted, they too can pretty quickly start exploiting the bug. So even if a few highly-skilled attackers already know of the bug, lifting the embargo without a reliable fix in place still has high cost.

Improving the handling of embargoed hardware-security bugs

Posted Nov 1, 2018 17:31 UTC (Thu) by anton (subscriber, #25547) [Link]

A drawback of the embargo is patents: If the security researchers find the vulnerability on Intel, and therefore inform Intel, Intel can patent all the ways to fix the problem that they can think of. While, e.g., AMD has patent exchange agreements with Intel, a startup RISC-V manufacturer probably does not, and will find itself at a disadvantage thanks to the embargo.

Improving the handling of embargoed hardware-security bugs

Posted Oct 25, 2018 21:07 UTC (Thu) by hansendc (subscriber, #7363) [Link]

I wondered the same thing for software vendors. Surely they don't stop selling software while there's an embargo in place for a new security issue.

Improving the handling of embargoed hardware-security bugs

Posted Nov 1, 2018 5:09 UTC (Thu) by brooksmoses (guest, #88422) [Link]

Adding to my other comment, note that "exploit is already in the wild" is a spectrum. There's "widely known and available in 'download it and run it' exploits", and there's "being hoarded by a few people as a zero-day to be deployed on one or two high-value targets".

Making a bug public is probably going to put it into the first of those categories in reasonably short order.

Meanwhile, if the exploit becomes widely known and being actively used at the script kiddie level while it's under embargo, it's likely that someone in the anti-attacker community is going to find out about it fairly quickly due to poor opsec on the part of some script kiddie, at which point the embargo is basically irrelevant.

So, effectively the tradeoff you get is something more like: Would you rather be aware of a known risk that every hack-script builder also knows about and you don't have a good fix for, or gamble that you're not going to be the target of this particular hack when it's used as a tightly-targeted zero-day?

Personally, I think if the latter is a serious concern to you, the precautions that you would have taken had you known about Meltdown before the embargo was lifted are pretty much precautions you should be taking regardless: Don't trust software you haven't completely vetted to run on your machine, don't trust any interface to be an impenetrable barrier unless you can (and do) audit the traffic, and assume timing data on that traffic is an exploitable side channel that you need to secure.

Improving the handling of embargoed hardware-security bugs

Posted Oct 25, 2018 21:08 UTC (Thu) by mangix (guest, #126006) [Link] (1 responses)

Anyone have references for the MIPS comments? ImgTech claimed that MIPS processors don’t speculate deeply enough for meltdown and Spectre to be an issue. Has that changed?

Improving the handling of embargoed hardware-security bugs

Posted Oct 25, 2018 21:37 UTC (Thu) by excors (subscriber, #95769) [Link]

https://www.mips.com/blog/mips-response-on-speculative-ex... says P5600 and P6600 could be affected by Spectre (and a MIPS person submitted Spectre patches to LLVM for them, so presumably "could be" means "is"). But I don't know if the "old MIPS processors" refers to them (P6600 is only 3 years old) or other ones by architecture licensees.

Improving the handling of embargoed hardware-security bugs

Posted Oct 26, 2018 8:21 UTC (Fri) by nilsmeyer (guest, #122604) [Link] (1 responses)

"Please sign this legal document exposing you to liability so you can fix our mistake" is probably not the right approach.

I also wonder how selectively disclosing vulnerabilities to major cloud providers doesn't violate anti-trust laws.

Improving the handling of embargoed hardware-security bugs

Posted Oct 26, 2018 17:22 UTC (Fri) by JoeBuck (subscriber, #2330) [Link]

Why do you think selective disclosure violates antitrust laws? What law do you think is violated?

The only related thing I can think of is the insider trading laws: if a hardware vendor selectively discloses a serious bug to a limited number of people, and any of those people trade the vendor's stock (sell their shares or short the stock, or even buy a competitor's stock) while the embargo is on that's a crime. But I don't think there are laws against favoring some customers over others.

Improving the handling of embargoed hardware-security bugs

Posted Nov 1, 2018 22:17 UTC (Thu) by kmweber (guest, #114635) [Link]

> If a group of developers is talking to one hardware vendor, the other vendors will stay away from that group. That implies, he said, that the point of contact for each processor type needs to be the associated architecture maintainer.

Even this seems like it would break down on, e.g. x86(-64) vulnerabilities that are specific to Intel but not AMD (as AMD claims is the case with Foreshadow and Meltdown) or vice-versa, wouldn't it?