[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFwYEr-x3teixCh5QtyMzXZKdNUkoF4xiw+1zg08PSsvpw@mail.gmail.com>
Date: Sun, 7 Jan 2018 12:17:11 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Willy Tarreau <w@....eu>
Cc: Alexei Starovoitov <alexei.starovoitov@...il.com>,
Alan Cox <gnomes@...rguk.ukuu.org.uk>,
Dan Williams <dan.j.williams@...el.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-arch@...r.kernel.org, Andi Kleen <ak@...ux.intel.com>,
Arnd Bergmann <arnd@...db.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Peter Zijlstra <peterz@...radead.org>,
Network Development <netdev@...r.kernel.org>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH 06/18] x86, barrier: stop speculation for failed access_ok
On Sun, Jan 7, 2018 at 12:12 PM, Willy Tarreau <w@....eu> wrote:
>
> Linus, no need to explain that to me, I'm precisely trying to see how
> to disable PTI for a specific process because I face up to 45% loss in
> certain circumstances, making it a no-go. But while a few of us have
> very specific workloads emphasizing this impact, others have very
> different ones and will not notice. For example my laptop did boot
> pretty fine and I didn't notice anything until I fire a network
> benchmark.
Sure, most people have hardware where the bottleneck is entirely
elsewhere (slow network, rotating disk, whatever).
But this whole "normal people won't notice" is dangerous thinking.
They may well notice very much, we simply don't know what they are
doing.
Quite honesty, it's equally correct to say "normal people won't be
affected by the security issue in the first place".
That laptop that you didn't have any issues with? Likely it never had
an exploit running on it either!
So the whole "normal people" argument is pure and utter garbage. It's
wrong. It's pure shit when it comes to performance, but it's also pure
shit when it comes to the security issue.
Don't use it.
We need to fix the security problem, but we need to do it *without*
these braindead arguments that performance is somehow secondary.
Linus
Powered by blists - more mailing lists