lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <da41d7f0-68ea-0c21-1dca-218f8184a0f3@intel.com>
Date:   Mon, 7 Nov 2022 15:41:03 -0800
From:   Dave Hansen <dave.hansen@...el.com>
To:     Kim Phillips <kim.phillips@....com>,
        Peter Zijlstra <peterz@...radead.org>,
        Borislav Petkov <bp@...en8.de>
Cc:     x86@...nel.org, Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>,
        Joao Martins <joao.m.martins@...cle.com>,
        Jonathan Corbet <corbet@....net>,
        Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Sean Christopherson <seanjc@...gle.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        David Woodhouse <dwmw@...zon.co.uk>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Juergen Gross <jgross@...e.com>,
        Tony Luck <tony.luck@...el.com>,
        Babu Moger <Babu.Moger@....com>,
        Tom Lendacky <thomas.lendacky@....com>, kvm@...r.kernel.org,
        linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/3] x86/speculation: Support Automatic IBRS

On 11/7/22 14:39, Kim Phillips wrote:
> I've started a version that has AUTOIBRS reuse SPECTRE_V2_EIBRS
> spectre_v2_mitigation enum, but, so far, it's change to bugs.c
> looks bigger: 58 lines changed vs. 34 (see below).
> 
> Let me know if you want me to send it as a part of a v2 submission
> after I take care of the kvm CPUID review.

Thanks for putting that together.  I generally like how this looks.

I think it probably goes to a _bit_ too much trouble to turn off
"eibrs,lfence/retpoline".  If someone goes to the trouble of specifying
those, a warning or pr_info() is probably enough.  You don't need to
actively override it.

> -    } else if (boot_cpu_has(X86_FEATURE_IBRS) && !spectre_v2_in_ibrs_mode(mode) &&
> -           mode != SPECTRE_V2_AUTO_IBRS) {
> +    } else if ((boot_cpu_has(X86_FEATURE_IBRS) && !spectre_v2_in_ibrs_mode(mode)) ||
> +           (boot_cpu_has(X86_FEATURE_AUTOIBRS) && !spectre_v2_in_ibrs_mode(mode))) {
>          setup_force_cpu_cap(X86_FEATURE_USE_IBRS_FW);
>          pr_info("Enabling Restricted Speculation for firmware calls\n"); 

Did the "mode != SPECTRE_V2_AUTO_IBRS" check get dropped accidentally?
Or is it unnecessary now?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ