[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200402204749.33ulub5jx66dktxg@treble>
Date: Thu, 2 Apr 2020 15:47:49 -0500
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: "Singh, Balbir" <sblbir@...zon.com>
Cc: "tglx@...utronix.de" <tglx@...utronix.de>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"tony.luck@...el.com" <tony.luck@...el.com>,
"keescook@...omium.org" <keescook@...omium.org>,
"benh@...nel.crashing.org" <benh@...nel.crashing.org>,
"x86@...nel.org" <x86@...nel.org>,
"dave.hansen@...el.com" <dave.hansen@...el.com>
Subject: Re: [PATCH 0/3] arch/x86: Optionally flush L1D on context switch
On Thu, Apr 02, 2020 at 08:35:46PM +0000, Singh, Balbir wrote:
> On Thu, 2020-04-02 at 15:13 -0500, Josh Poimboeuf wrote:
> > CAUTION: This email originated from outside of the organization. Do not
> > click links or open attachments unless you can confirm the sender and know
> > the content is safe.
> >
> >
> >
> > On Thu, Apr 02, 2020 at 05:23:58PM +1100, Balbir Singh wrote:
> > > Provide a mechanisn to flush the L1D cache on context switch. The goal
> > > is to allow tasks that are paranoid due to the recent snoop assisted data
> > > sampling vulnerabilites, to flush their L1D on being switched out.
> >
> > Hi Balbir,
> >
> > Just curious, is it really vulnerabilities, plural? I thought there was
> > only one: CVE-2020-0550 (Snoop-assisted L1 Data Sampling).
> >
> > (There was a similar one without the "snoop": L1D Eviction Sampling, but
> > it's supposed to get fixed in microcode).
> >
>
> Hi, Josh
>
> Yes, that CVE the motivation, the mitigation for CVE-2020-0550 does suggest
> flushing the cache on context switch. But in general, as we begin to find more
> ways of evicting data or snopping data, a generic mechanism is more useful and
> that is why I am making it an opt-in.
Ok. I think it would be a good idea to expand on that justification
more precisely in the commit message. That would help both reviewers of
the code and users of the new option understand what level of paranoia
they're opting in to :-)
--
Josh
Powered by blists - more mailing lists