[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <51127fd4-5dcc-b2b9-4873-72098d2a77d9@linux.intel.com>
Date: Mon, 19 Nov 2018 07:04:19 +0800
From: Arjan van de Ven <arjan@...ux.intel.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>,
Jiri Kosina <jikos@...nel.org>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Andrea Arcangeli <aarcange@...hat.com>,
David Woodhouse <dwmw@...zon.co.uk>,
Andi Kleen <ak@...ux.intel.com>,
Tim Chen <tim.c.chen@...ux.intel.com>,
"Schaufler, Casey" <casey.schaufler@...el.com>,
Linux List Kernel Mailing <linux-kernel@...r.kernel.org>,
the arch/x86 maintainers <x86@...nel.org>,
"stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: Re: Re: STIBP by default.. Revert?
On 11/19/2018 6:00 AM, Linus Torvalds wrote:
> On Sun, Nov 18, 2018 at 1:49 PM Jiri Kosina <jikos@...nel.org> wrote:
>>
>>> So why do that STIBP slow-down by default when the people who *really*
>>> care already disabled SMT?
>>
>> BTW for them, there is no impact at all.
>
> Right. People who really care about security and are anal about it do
> not see *any* advantage of the patch.
In the documentation, AMD officially recommends against this by default, and I can
speak for Intel that our position is that as well: this really must not be on by default.
STIBP and its friends are there as tools, and were created early on as big hammers because
that is all that one can add in a microcode update.. expensive big hammers.
In some ways it's analogous to the "disable caches" bit in CR0. sure it's there as a big hammer,
but you don't set that always just because caches could be used for a side channel
Using these tools much more surgically is fine, if a paranoid task wants it for example,
or when you know you are doing a hard core security transition. But always on? Yikes.
Powered by blists - more mailing lists