From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bp@suse.de>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 20 Feb
  2019 18:43:50 -0000
Received: from mx2.suse.de ([195.135.220.15] helo=mx1.suse.de)
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <bp@suse.de>)
	id 1gwWqS-0005OR-QC
	for speck@linutronix.de; Wed, 20 Feb 2019 19:43:49 +0100
Received: from relay2.suse.de (unknown [195.135.220.254])
	by mx1.suse.de (Postfix) with ESMTP id 08A43AE25
	for <speck@linutronix.de>; Wed, 20 Feb 2019 18:43:43 +0000 (UTC)
Date: Wed, 20 Feb 2019 19:43:30 +0100
From: Borislav Petkov <bp@suse.de>
Subject: [MODERATED] Re: [patch V2 04/10] MDS basics+ 4
Message-ID: <20190220184330.GE3304@zn.tnic>
References: <20190220150753.665964899@linutronix.de>
 <20190220151400.306266355@linutronix.de>
MIME-Version: 1.0
In-Reply-To: <20190220151400.306266355@linutronix.de>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Wed, Feb 20, 2019 at 04:07:57PM +0100, speck for Thomas Gleixner wrote:
> Subject: [patch V2 04/10] x86/speculation/mds: Clear CPU buffers on exit to=
 user
> From: Thomas Gleixner <tglx@linutronix.de>
>=20
> Add a static key which controls the invocation of the CPU buffer clear
> mechanism on exit to user space and add the call into
> prepare_exit_to_usermode() right before actually returning.
>=20
> Add documentation which kernel to user space transition this covers and
> explain in detail why those which are not mitigated do not need it.
>=20
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> ---
>  Documentation/x86/mds.rst            |   79 ++++++++++++++++++++++++++++++=
+++++
>  arch/x86/entry/common.c              |    9 +++
>  arch/x86/include/asm/nospec-branch.h |    2=20
>  arch/x86/kernel/cpu/bugs.c           |    4 +
>  4 files changed, 93 insertions(+), 1 deletion(-)
>=20
> --- a/Documentation/x86/mds.rst
> +++ b/Documentation/x86/mds.rst
> @@ -64,3 +64,82 @@ itself are not required because the nece
>  data cannot be controlled in a way which allows exploitation from malicious
>  user space or VM guests.
> =20
> +Mitigation points
> +-----------------
> +
> +1. Return to user space
> +^^^^^^^^^^^^^^^^^^^^^^^
> +   When transition from kernel to user space the CPU buffers are flushed

transitioning

With that:

Reviewed-by: Borislav Petkov <bp@suse.de>

--=20
Regards/Gruss,
    Boris.

SUSE Linux GmbH, GF: Felix Imend=C3=B6rffer, Jane Smithard, Graham Norton, HR=
B 21284 (AG N=C3=BCrnberg)
--=20