lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 19 Nov 2018 16:24:30 -0800
From:   Tim Chen <tim.c.chen@...ux.intel.com>
To:     Thomas Gleixner <tglx@...utronix.de>,
        Jiri Kosina <jikos@...nel.org>
Cc:     Tom Lendacky <thomas.lendacky@....com>,
        Ingo Molnar <mingo@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Andrea Arcangeli <aarcange@...hat.com>,
        David Woodhouse <dwmw@...zon.co.uk>,
        Andi Kleen <ak@...ux.intel.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Casey Schaufler <casey.schaufler@...el.com>,
        Asit Mallick <asit.k.mallick@...el.com>,
        Arjan van de Ven <arjan@...ux.intel.com>,
        Jon Masters <jcm@...hat.com>,
        Waiman Long <longman9394@...il.com>,
        linux-kernel@...r.kernel.org, x86@...nel.org
Subject: Re: [Patch v5 11/16] x86/speculation: Add Spectre v2 app to app
 protection modes

On 11/19/2018 04:00 PM, Thomas Gleixner wrote:
> On Tue, 20 Nov 2018, Jiri Kosina wrote:
> 
>> On Tue, 20 Nov 2018, Thomas Gleixner wrote:
>>
>>> What? IBPB makes tons of sense even without STIBP.
>>
>> On non-SMT, yes. But this patchset ties those two the other (sensible) way 
>> around AFAICS ("STIBP iff (IBPB && SMT)").
> 
> Errm. No.
> 
> The patches disable IBPB if STIBP is not available and that has absolutely
> nothing to do with SMT simply because the static key controlling IBPB is
> only flipped on when both IBPB and STIBP are available.

Ok, I assume you will like this change

@@ -560,7 +559,7 @@ static void __init spectre_v2_select_mitigation(void)
        }
 
        app2app_mode = SPECTRE_V2_APP2APP_NONE;
-       if (!boot_cpu_has(X86_FEATURE_IBPB) ||
+       if (!boot_cpu_has(X86_FEATURE_IBPB) &&
            !boot_cpu_has(X86_FEATURE_STIBP))
                goto set_app2app_mode;
 
before setting the IBPB feature.  So we will still do the
IBPB feature set even if STIBP feature is unavailable.

        /*
         * Initialize Indirect Branch Prediction Barrier if supported
         * and not disabled explicitly
         */
        if (app2app_mode != SPECTRE_V2_APP2APP_NONE) {
                setup_force_cpu_cap(X86_FEATURE_USE_IBPB);
                pr_info("Spectre v2 mitigation: Enabling Indirect Branch Prediction Barrier\n");
        }

In that case I'll need to add a static_cpu_has feature flag check when
we are using STIBP and can't assume that when lite mode is on, STIBP is there.
We already check the cpu feature flag in IBPB path so we're good there.

When I first wrote the code, I had in mind that CPU that has one will have
the other.  But that assumption is best avoided.

Tim

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ