From: Thomas Gleixner <tglx@linutronix.de>
To: Dan Williams <dan.j.williams@intel.com>
Cc: Ingo Molnar <mingo@kernel.org>,
linux-arch <linux-arch@vger.kernel.org>,
Kernel Hardening <kernel-hardening@lists.openwall.com>,
Andrew Honig <ahonig@google.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Greg KH <gregkh@linuxfoundation.org>,
Paolo Bonzini <pbonzini@redhat.com>,
Alan Cox <alan@linux.intel.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Jim Mattson <jmattson@google.com>
Subject: Re: [PATCH v6 11/13] kvm, x86: update spectre-v1 mitigation
Date: Wed, 31 Jan 2018 09:07:10 +0100 (CET) [thread overview]
Message-ID: <alpine.DEB.2.20.1801310902180.2293@nanos> (raw)
In-Reply-To: <CAPcyv4ihnC+ALbvqUWOOZ9zwBv7iy+2pBjLn9ed_duo9Z4TGKQ@mail.gmail.com>
On Tue, 30 Jan 2018, Dan Williams wrote:
> On Mon, Jan 29, 2018 at 5:03 PM, Dan Williams <dan.j.williams@intel.com> wrote:
> > Commit 75f139aaf896 "KVM: x86: Add memory barrier on vmcs field lookup"
> > added a raw 'asm("lfence");' to prevent a bounds check bypass of
> > 'vmcs_field_to_offset_table'. We can save an lfence in this path and
> > just use the common array_index_nospec() helper designed for these types
> > of fixes.
> >
> > Cc: Andrew Honig <ahonig@google.com>
> > Cc: Jim Mattson <jmattson@google.com>
> > Acked-by: Paolo Bonzini <pbonzini@redhat.com>
> > Signed-off-by: Dan Williams <dan.j.williams@intel.com>
>
>
> Hi Thomas,
>
> I notice this one missing from -tip, I suspect because of the
> collision with the raw 'lfence' that is in current mainline? No
> worries, I'll send a rebased fixup to Paolo directly once
> array_idx_nospec() goes upstream.
It did not apply for that reason and I'm still trying to keep x86/pti as
clean as it goes to keep GregKHs backporting hell somehow under control.
Sorry, I wanted to reply on that, but then my brain shut down after pushing
it out.
Thanks,
tglx
next prev parent reply other threads:[~2018-01-31 8:07 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-30 1:02 [PATCH v6 00/13] spectre variant1 mitigations for tip/x86/pti Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-01-30 1:02 ` [PATCH v6 01/13] Documentation: document array_index_nospec Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-01-30 1:02 ` [PATCH v6 02/13] array_index_nospec: sanitize speculative array de-references Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-02-16 8:55 ` Christian Borntraeger
2018-02-16 8:55 ` Christian Borntraeger
2018-01-30 1:02 ` [PATCH v6 03/13] x86: implement array_index_mask_nospec Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-01-30 1:02 ` [PATCH v6 04/13] x86: introduce barrier_nospec Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-01-30 1:02 ` [PATCH v6 05/13] x86: introduce __uaccess_begin_nospec Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-01-30 1:02 ` [PATCH v6 06/13] x86, usercopy: replace open coded stac/clac with __uaccess_{begin, end} Dan Williams
2018-01-30 1:02 ` [PATCH v6 07/13] x86, __get_user: use __uaccess_begin_nospec Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-01-30 1:02 ` [PATCH v6 08/13] x86, get_user: use pointer masking to limit speculation Dan Williams
2018-01-30 1:02 ` [PATCH v6 09/13] x86: sanitize syscall table de-references under speculation Dan Williams
2018-01-30 1:02 ` Dan Williams
2018-01-30 1:03 ` [PATCH v6 10/13] vfs, fdtable: prevent bounds-check bypass via speculative execution Dan Williams
2018-01-30 1:03 ` Dan Williams
2018-01-30 1:03 ` [PATCH v6 11/13] kvm, x86: update spectre-v1 mitigation Dan Williams
2018-01-30 1:03 ` Dan Williams
2018-01-31 3:22 ` Dan Williams
2018-01-31 3:22 ` Dan Williams
2018-01-31 8:07 ` Thomas Gleixner [this message]
2018-01-31 8:07 ` Thomas Gleixner
2018-01-31 13:49 ` Paolo Bonzini
2018-01-31 13:49 ` Paolo Bonzini
2018-01-31 15:42 ` Thomas Gleixner
2018-01-31 15:42 ` Thomas Gleixner
2018-01-30 1:03 ` [PATCH v6 12/13] nl80211: sanitize array index in parse_txq_params Dan Williams
2018-01-30 1:03 ` Dan Williams
2018-01-30 1:03 ` [PATCH v6 13/13] x86/spectre: report get_user mitigation for spectre_v1 Dan Williams
2018-01-30 1:03 ` Dan Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.20.1801310902180.2293@nanos \
--to=tglx@linutronix.de \
--cc=ahonig@google.com \
--cc=alan@linux.intel.com \
--cc=dan.j.williams@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=jmattson@google.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=pbonzini@redhat.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox