From: Andi Kleen <ak@linux.intel.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: [patch 3/8] MDS basics 3
Date: Wed, 20 Feb 2019 08:59:33 -0800 [thread overview]
Message-ID: <20190220165933.GY16922@tassilo.jf.intel.com> (raw)
In-Reply-To: <alpine.DEB.2.21.1902192222391.1644@nanos.tec.linutronix.de>
Thomas,
> Please provide a conclusive technical explanation why a NMI entered from
> user space and returning to that would expose sensible information to an
> attacker in an exploitable way.
Okay so you're not actually implementing full, like you stated earlier,
but a strange undocumented minimal version of lazy.
Lazy is always a trade off. Since we still run with a single address
space the CPU can always do some prefetching or speculative execution
and fetch something nearby that the code doesn't actually access intentionally,
which may end up leaking through some buffer.
In such a case even a NMI could leak.
Of course such a case is unlikely, but in theory it could happen.
The intention of the full option was to allow an option
for people who cannot accept any risk at all. Of course
that's not the right approach for most users, but for a few
it might be.
If you implement full you should implement it properly
and not leave holes.
If you're not interested in code review please state so and I will
not bother anymore.
-Andi
next prev parent reply other threads:[~2019-02-20 16:59 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-19 12:44 [patch 0/8] MDS basics 0 Thomas Gleixner
2019-02-19 12:44 ` [patch 1/8] MDS basics 1 Thomas Gleixner
2019-02-19 14:00 ` [MODERATED] " Borislav Petkov
2019-02-19 12:44 ` [patch 2/8] MDS basics 2 Thomas Gleixner
2019-02-19 12:44 ` [patch 3/8] MDS basics 3 Thomas Gleixner
2019-02-19 16:04 ` [MODERATED] " Andi Kleen
2019-02-19 21:44 ` Thomas Gleixner
2019-02-19 22:13 ` Thomas Gleixner
2019-02-20 16:59 ` Andi Kleen [this message]
2019-02-20 21:28 ` Thomas Gleixner
2019-02-19 12:44 ` [patch 4/8] MDS basics 4 Thomas Gleixner
2019-02-19 13:54 ` [MODERATED] " Andrew Cooper
2019-02-19 14:02 ` Thomas Gleixner
2019-02-19 14:07 ` Thomas Gleixner
2019-02-19 16:09 ` [MODERATED] " Andi Kleen
2019-02-19 16:17 ` Peter Zijlstra
2019-02-19 17:16 ` Thomas Gleixner
2019-02-19 16:08 ` [MODERATED] " Andi Kleen
2019-02-19 16:23 ` Andrew Cooper
2019-02-19 16:07 ` Andi Kleen
2019-02-19 18:29 ` Thomas Gleixner
2019-02-19 12:44 ` [patch 5/8] MDS basics 5 Thomas Gleixner
2019-02-19 15:07 ` Thomas Gleixner
2019-02-19 16:13 ` [MODERATED] " Andi Kleen
2019-02-19 17:37 ` Thomas Gleixner
2019-02-20 0:05 ` Thomas Gleixner
2019-02-19 16:03 ` [MODERATED] " Andi Kleen
2019-02-19 17:40 ` Thomas Gleixner
2019-02-19 17:44 ` [MODERATED] " Andrew Cooper
2019-02-19 17:52 ` Thomas Gleixner
2019-02-19 12:44 ` [patch 6/8] MDS basics 6 Thomas Gleixner
2019-02-19 12:44 ` [patch 7/8] MDS basics 7 Thomas Gleixner
2019-02-19 12:44 ` [patch 8/8] MDS basics 8 Thomas Gleixner
2019-02-19 14:17 ` [MODERATED] " Greg KH
2019-02-19 14:22 ` Thomas Gleixner
2019-02-19 17:27 ` [MODERATED] " Andrew Cooper
2019-02-19 14:03 ` [MODERATED] Re: [patch 0/8] MDS basics 0 Andrew Cooper
2019-02-19 14:09 ` Thomas Gleixner
2019-02-19 14:10 ` [MODERATED] " Tyler Hicks
2019-02-19 15:56 ` Andi Kleen
2019-02-19 17:42 ` Thomas Gleixner
2019-02-21 16:14 ` [MODERATED] Encrypted Message Jon Masters
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190220165933.GY16922@tassilo.jf.intel.com \
--to=ak@linux.intel.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.