| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.21.1811192133240.1669@nanos.tec.linutronix.de>
Date: Mon, 19 Nov 2018 21:46:44 +0100 (CET)
From: Thomas Gleixner <tglx@...utronix.de>
To: Tim Chen <tim.c.chen@...ux.intel.com>
cc: Jiri Kosina <jikos@...nel.org>,
Tom Lendacky <thomas.lendacky@....com>,
Ingo Molnar <mingo@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Andrea Arcangeli <aarcange@...hat.com>,
David Woodhouse <dwmw@...zon.co.uk>,
Andi Kleen <ak@...ux.intel.com>,
Dave Hansen <dave.hansen@...el.com>,
Casey Schaufler <casey.schaufler@...el.com>,
Asit Mallick <asit.k.mallick@...el.com>,
Arjan van de Ven <arjan@...ux.intel.com>,
Jon Masters <jcm@...hat.com>,
Waiman Long <longman9394@...il.com>,
linux-kernel@...r.kernel.org, x86@...nel.org
Subject: Re: [Patch v5 11/16] x86/speculation: Add Spectre v2 app to app
protection modes
On Fri, 16 Nov 2018, Tim Chen wrote:
> +static const struct {
> + const char *option;
> + enum spectre_v2_app2app_mitigation_cmd cmd;
> + bool secure;
> +} app2app_options[] = {
> + { "off", SPECTRE_V2_APP2APP_CMD_NONE, false },
> + { "lite", SPECTRE_V2_APP2APP_CMD_LITE, false },
> + { "strict", SPECTRE_V2_APP2APP_CMD_STRICT, false },
> + { "auto", SPECTRE_V2_APP2APP_CMD_AUTO, false },
> + /*
> + * The "on" option is kept as last entry. It is implied by
> + * spectre_v2=on boot parameter and it is not checked
> + * in spectre_v2_app2app boot parameter.
> + */
> + { "on", SPECTRE_V2_APP2APP_CMD_FORCE, true },
FORCE is the same as STRICT. What's the point?
> @@ -376,6 +464,8 @@ static void __init spectre_v2_select_mitigation(void)
> {
> enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline();
> enum spectre_v2_mitigation mode = SPECTRE_V2_NONE;
> + enum spectre_v2_app2app_mitigation_cmd app2app_cmd;
> + enum spectre_v2_app2app_mitigation app2app_mode;
>
> /*
> * If the CPU is not affected and the command line mode is NONE or AUTO
> @@ -452,12 +542,6 @@ static void __init spectre_v2_select_mitigation(void)
> setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW);
> pr_info("Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch\n");
>
> - /* Initialize Indirect Branch Prediction Barrier if supported */
> - if (boot_cpu_has(X86_FEATURE_IBPB)) {
> - setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
> - pr_info("Spectre v2 mitigation: Enabling Indirect Branch Prediction Barrier\n");
> - }
> -
> /*
> * Retpoline means the kernel is safe because it has no indirect
> * branches. Enhanced IBRS protects firmware too, so, enable restricted
> @@ -474,6 +558,43 @@ static void __init spectre_v2_select_mitigation(void)
> pr_info("Enabling Restricted Speculation for firmware calls\n");
> }
>
> + app2app_mode = SPECTRE_V2_APP2APP_NONE;
> + if (!boot_cpu_has(X86_FEATURE_IBPB) ||
> + !boot_cpu_has(X86_FEATURE_STIBP))
> + goto set_app2app_mode;
So before that change IBPB was usable without STIBP, now not longer. What's
the rationale?
This patch changes a gazillion things at once and is completely
unreviewable.
Thanks,
tglx
Powered by blists - more mailing lists