From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alan Cox Subject: Re: [RFC PATCH] asm/generic: introduce if_nospec and nospec_barrier Date: Thu, 4 Jan 2018 21:23:59 +0000 Message-ID: <20180104212359.0b520868@alans-desktop> References: <20180103223827.39601-1-mark.rutland@arm.com> <151502463248.33513.5960736946233335087.stgit@dwillia2-desk3.amr.corp.intel.com> <20180104010754.22ca6a74@alans-desktop> <20180104014100.3786e686@alans-desktop> <20180104193936.GB10427@amd> <20180104203246.5ff65328@alans-desktop> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org To: Jiri Kosina Cc: Pavel Machek , Linus Torvalds , Dan Williams , Linux Kernel Mailing List , Mark Rutland , linux-arch@vger.kernel.org, Peter Zijlstra , Greg KH , Thomas Gleixner , Elena Reshetova List-Id: linux-arch.vger.kernel.org On Thu, 4 Jan 2018 21:39:24 +0100 (CET) Jiri Kosina wrote: > On Thu, 4 Jan 2018, Alan Cox wrote: > > > You never go from one user process to another except via the kernel. We > > have no hardware scheduling going on. That means that if the kernel > > and/or CPU imposes the correct speculation barriers you can't attack > > anyone but yourself. > > So how does this work on HT with the shared BTB? There is no context > switch (and hence no IBPB) happening between the threads sharing it. > If you are paranoid in that case you either need to schedule things that trust each other together or disable the speculation while that situation occurs. However the kernel is always in the position to make that decision. Alan From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from www.llwyncelyn.cymru ([82.70.14.225]:47492 "EHLO fuzix.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752659AbeADVY1 (ORCPT ); Thu, 4 Jan 2018 16:24:27 -0500 Date: Thu, 4 Jan 2018 21:23:59 +0000 From: Alan Cox Subject: Re: [RFC PATCH] asm/generic: introduce if_nospec and nospec_barrier Message-ID: <20180104212359.0b520868@alans-desktop> In-Reply-To: References: <20180103223827.39601-1-mark.rutland@arm.com> <151502463248.33513.5960736946233335087.stgit@dwillia2-desk3.amr.corp.intel.com> <20180104010754.22ca6a74@alans-desktop> <20180104014100.3786e686@alans-desktop> <20180104193936.GB10427@amd> <20180104203246.5ff65328@alans-desktop> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-arch-owner@vger.kernel.org List-ID: To: Jiri Kosina Cc: Pavel Machek , Linus Torvalds , Dan Williams , Linux Kernel Mailing List , Mark Rutland , linux-arch@vger.kernel.org, Peter Zijlstra , Greg KH , Thomas Gleixner , Elena Reshetova Message-ID: <20180104212359.OkbQJe8oJ1cZ4lWZKfsaUYTwnvaDPPYMAMJ8B0JESxs@z> On Thu, 4 Jan 2018 21:39:24 +0100 (CET) Jiri Kosina wrote: > On Thu, 4 Jan 2018, Alan Cox wrote: > > > You never go from one user process to another except via the kernel. We > > have no hardware scheduling going on. That means that if the kernel > > and/or CPU imposes the correct speculation barriers you can't attack > > anyone but yourself. > > So how does this work on HT with the shared BTB? There is no context > switch (and hence no IBPB) happening between the threads sharing it. > If you are paranoid in that case you either need to schedule things that trust each other together or disable the speculation while that situation occurs. However the kernel is always in the position to make that decision. Alan