lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 19 Jan 2018 12:53:40 +0800
From:   QingFeng Hao <haoqf@...ux.vnet.ibm.com>
To:     Martin Schwidefsky <schwidefsky@...ibm.com>,
        linux-kernel@...r.kernel.org, linux-s390@...r.kernel.org,
        kvm@...r.kernel.org
Cc:     Heiko Carstens <heiko.carstens@...ibm.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Cornelia Huck <cohuck@...hat.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Jon Masters <jcm@...hat.com>,
        Marcus Meissner <meissner@...e.de>,
        Jiri Kosina <jkosina@...e.cz>
Subject: Re: [PATCH 3/6] s390: add options to change branch prediction
 behaviour for the kernel



在 2018/1/17 17:48, Martin Schwidefsky 写道:
> Add the PPA instruction to the system entry and exit path to switch
> the kernel to a different branch prediction behaviour. The instructions
> are added via CPU alternatives and can be disabled with the "nospec"
> or the "nobp=0" kernel parameter. If the default behaviour selected
> with CONFIG_KERNEL_NOBP is set to "n" then the "nobp=1" parameter can be
> used to enable the changed kernel branch prediction.
>
> Acked-by: Christian Borntraeger <borntraeger@...ibm.com>
> Signed-off-by: Martin Schwidefsky <schwidefsky@...ibm.com>
> ---
>   arch/s390/Kconfig                 | 17 +++++++++++++
>   arch/s390/include/asm/processor.h |  1 +
>   arch/s390/kernel/alternative.c    | 23 ++++++++++++++++++
>   arch/s390/kernel/early.c          |  2 ++
>   arch/s390/kernel/entry.S          | 50 ++++++++++++++++++++++++++++++++++++++-
>   arch/s390/kernel/ipl.c            |  1 +
>   arch/s390/kernel/smp.c            |  2 ++
>   7 files changed, 95 insertions(+), 1 deletion(-)
>
> diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
> index 829c679..a818644 100644
> --- a/arch/s390/Kconfig
> +++ b/arch/s390/Kconfig
> @@ -541,6 +541,23 @@ config ARCH_RANDOM
>
>   	  If unsure, say Y.
>
> +config KERNEL_NOBP
Just a question that can we add the control in proc system to 
enable/disable the facilities
for the whole system by default? Each process can still overwrite the 
default setting.
This may provide more flexibility for the operator to choose and debug 
as well without rebooting
the system. e.g. echo 0 > /sys/kernel/debug/s390x/ibpb_enabled
Ref: https://access.redhat.com/articles/3311301
> +	def_bool n
> +	prompt "Enable modified branch prediction for the kernel by default"
> +	help
> +          If this option is selected the kernel will switch to a modified
> +	  branch prediction mode if the firmware interface is available.
> +	  The modified branch prediction mode improves the behaviour in
> +	  regard to speculative execution.
> +
> +	  With the option enabled the kernel parameter "nobp=0" or "nospec"
> +	  can be used to run the kernel in the normal branch prediction mode.
> +
> +	  With the option disabled the modified branch prediction mode is
> +	  enabled with the "nobp=1" kernel parameter.
> +
> +	  If unsure, say N.
> +
>   endmenu
[...]

-- 
Regards
QingFeng Hao

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ