From: Andrea Arcangeli <aarcange@redhat.com>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: Kees Cook <keescook@chromium.org>,
YiFei Zhu <zhuyifei1999@gmail.com>,
Linux Containers <containers@lists.linux-foundation.org>,
YiFei Zhu <yifeifz2@illinois.edu>, bpf <bpf@vger.kernel.org>,
kernel list <linux-kernel@vger.kernel.org>,
Aleksa Sarai <cyphar@cyphar.com>,
Andy Lutomirski <luto@amacapital.net>,
David Laight <David.Laight@aculab.com>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Jack Chen <jianyan2@illinois.edu>, Jann Horn <jannh@google.com>,
Josep Torrellas <torrella@illinois.edu>,
Tianyin Xu <tyxu@illinois.edu>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Tycho Andersen <tycho@tycho.pizza>,
Valentin Rothberg <vrothber@redhat.com>,
Will Drewry <wad@chromium.org>, Jiri Kosina <jikos@kernel.org>,
Waiman Long <longman@redhat.com>
Subject: Re: RFC: default to spec_store_bypass_disable=prctl spectre_v2_user=prctl
Date: Wed, 4 Nov 2020 18:40:47 -0500 [thread overview]
Message-ID: <20201104234047.GA18850@redhat.com> (raw)
In-Reply-To: <87eel8lnbe.fsf@nanos.tec.linutronix.de>
On Thu, Nov 05, 2020 at 12:22:29AM +0100, Thomas Gleixner wrote:
> On Wed, Nov 04 2020 at 16:57, Andrea Arcangeli wrote:
> > ---
> > Documentation/admin-guide/kernel-parameters.txt | 5 ++---
>
> Is Documentation/admin-guide/hw-vuln/* still correct? If not, please
> fix that as well.
Right, I missed two seccomp mention that needed removing there too.
Also I noticed below I intended PR_SPEC_INDIRECT_BRANCH
(PR_SPEC_STORE_BYPASS there is no point to even mention it as a
possibility to be considered), so I corrected it.
==
uses no JIT. If sshd prefers to keep doing the STIBP window dressing
exercise, it still can even after this change of defaults by opting-in
with PR_SPEC_STORE_BYPASS.
==
> > >with PR_SPEC_INDIRECT_BRANCH.
> Aside of that please send patches in the proper format so they do not
> need manual interaction when picking them up.
This was a RFC per subject since I expected it wouldn't be final, but
I added Kees' Acked-by and I'll submit it now.
Thanks,
Andrea
WARNING: multiple messages have this Message-ID (diff)
From: Andrea Arcangeli <aarcange@redhat.com>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: Tobin Feldman-Fitzthum <tobin@ibm.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Jack Chen <jianyan2@illinois.edu>,
Giuseppe Scrivano <gscrivan@redhat.com>,
YiFei Zhu <yifeifz2@illinois.edu>,
Waiman Long <longman@redhat.com>, Tianyin Xu <tyxu@illinois.edu>,
Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>,
Jiri Kosina <jikos@kernel.org>,
Valentin Rothberg <vrothber@redhat.com>,
Josep Torrellas <torrella@illinois.edu>,
Will Drewry <wad@chromium.org>,
Linux Containers <containers@lists.linux-foundation.org>,
kernel list <linux-kernel@vger.kernel.org>,
Andy Lutomirski <luto@amacapital.net>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
David Laight <David.Laight@aculab.com>, bpf <bpf@vger.kernel.org>
Subject: Re: RFC: default to spec_store_bypass_disable=prctl spectre_v2_user=prctl
Date: Wed, 4 Nov 2020 18:40:47 -0500 [thread overview]
Message-ID: <20201104234047.GA18850@redhat.com> (raw)
In-Reply-To: <87eel8lnbe.fsf@nanos.tec.linutronix.de>
On Thu, Nov 05, 2020 at 12:22:29AM +0100, Thomas Gleixner wrote:
> On Wed, Nov 04 2020 at 16:57, Andrea Arcangeli wrote:
> > ---
> > Documentation/admin-guide/kernel-parameters.txt | 5 ++---
>
> Is Documentation/admin-guide/hw-vuln/* still correct? If not, please
> fix that as well.
Right, I missed two seccomp mention that needed removing there too.
Also I noticed below I intended PR_SPEC_INDIRECT_BRANCH
(PR_SPEC_STORE_BYPASS there is no point to even mention it as a
possibility to be considered), so I corrected it.
==
uses no JIT. If sshd prefers to keep doing the STIBP window dressing
exercise, it still can even after this change of defaults by opting-in
with PR_SPEC_STORE_BYPASS.
==
> > >with PR_SPEC_INDIRECT_BRANCH.
> Aside of that please send patches in the proper format so they do not
> need manual interaction when picking them up.
This was a RFC per subject since I expected it wouldn't be final, but
I added Kees' Acked-by and I'll submit it now.
Thanks,
Andrea
_______________________________________________
Containers mailing list
Containers@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/containers
next prev parent reply other threads:[~2020-11-04 23:42 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-04 21:57 RFC: default to spec_store_bypass_disable=prctl spectre_v2_user=prctl Andrea Arcangeli
2020-11-04 21:57 ` Andrea Arcangeli
2020-11-04 22:14 ` Kees Cook
2020-11-04 22:14 ` Kees Cook
2020-11-04 23:22 ` Thomas Gleixner
2020-11-04 23:22 ` Thomas Gleixner
2020-11-04 23:40 ` Andrea Arcangeli [this message]
2020-11-04 23:40 ` Andrea Arcangeli
2020-11-05 0:14 ` [PATCH 0/1] x86: deduplicate the spectre_v2_user documentation Andrea Arcangeli
2020-11-05 0:14 ` Andrea Arcangeli
2020-11-05 0:14 ` [PATCH 1/1] " Andrea Arcangeli
2020-11-05 0:14 ` Andrea Arcangeli
2021-09-11 21:13 ` Kees Cook
2020-11-04 23:50 ` [PATCH 1/1] x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl Andrea Arcangeli
2020-11-04 23:50 ` Andrea Arcangeli
2021-09-11 21:13 ` Kees Cook
2021-09-12 2:01 ` Josh Poimboeuf
2021-10-04 17:54 ` Josh Poimboeuf
2021-10-04 19:14 ` Kees Cook
2021-09-12 23:14 ` Waiman Long
2021-07-10 18:05 ` RFC: " Jim Newsome
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201104234047.GA18850@redhat.com \
--to=aarcange@redhat.com \
--cc=David.Laight@aculab.com \
--cc=bpf@vger.kernel.org \
--cc=containers@lists.linux-foundation.org \
--cc=cyphar@cyphar.com \
--cc=dskarlat@cs.cmu.edu \
--cc=frankeh@us.ibm.com \
--cc=gscrivan@redhat.com \
--cc=jannh@google.com \
--cc=jianyan2@illinois.edu \
--cc=jikos@kernel.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=longman@redhat.com \
--cc=luto@amacapital.net \
--cc=tglx@linutronix.de \
--cc=tobin@ibm.com \
--cc=torrella@illinois.edu \
--cc=tycho@tycho.pizza \
--cc=tyxu@illinois.edu \
--cc=vrothber@redhat.com \
--cc=wad@chromium.org \
--cc=yifeifz2@illinois.edu \
--cc=zhuyifei1999@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.