From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.6 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 14C7AC10F00 for ; Fri, 5 Apr 2019 13:12:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id D8B0E218AE for ; Fri, 5 Apr 2019 13:12:22 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=alien8.de header.i=@alien8.de header.b="W/hHlYqT" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728811AbfDENMW (ORCPT ); Fri, 5 Apr 2019 09:12:22 -0400 Received: from mail.skyhub.de ([5.9.137.197]:35380 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726027AbfDENMV (ORCPT ); Fri, 5 Apr 2019 09:12:21 -0400 Received: from zn.tnic (p200300EC2F148A00329C23FFFEA6A903.dip0.t-ipconnect.de [IPv6:2003:ec:2f14:8a00:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 9ED3F1EC0104; Fri, 5 Apr 2019 15:12:19 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1554469939; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=0PtObtUbIUtRj5xTEtTQd7chnLlXqEY1n/Wt3CU011Q=; b=W/hHlYqTe/u/bUCJGIvbWrNUBfT1HO1LNiFSjZdUVC8wz0HByWEeFVSXK1hzBTacd9I2X4 CuOsWOEgE3IX7gT6Btm9nvNpXAcu0//CcwP4Ih8Jf6DC69+VKEGH6tcQyB5uAR3mrw4/eK AjfjimryC8XXbwofPlxDno66fGvsXdw= Date: Fri, 5 Apr 2019 15:12:11 +0200 From: Borislav Petkov To: Josh Poimboeuf Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Andy Lutomirski , Peter Zijlstra , Jiri Kosina , Waiman Long , Andrea Arcangeli , Jon Masters , Benjamin Herrenschmidt , Paul Mackerras , Michael Ellerman , linuxppc-dev@lists.ozlabs.org, Martin Schwidefsky , Heiko Carstens , linux-s390@vger.kernel.org, Catalin Marinas , Will Deacon , linux-arm-kernel@lists.infradead.org, linux-arch@vger.kernel.org, Greg Kroah-Hartman , Tyler Hicks , Linus Torvalds Subject: Re: [PATCH RFC 1/5] cpu/speculation: Add 'cpu_spec_mitigations=' cmdline options Message-ID: <20190405131211.GE23348@zn.tnic> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Apr 04, 2019 at 11:44:11AM -0500, Josh Poimboeuf wrote: > Keeping track of the number of mitigations for all the CPU speculation > bugs has become overwhelming for many users. It's getting more and more > complicated to decide which mitigations are needed for a given > architecture. Complicating matters is the fact that each arch tends to > their own custom way to mitigate the same vulnerability. Yap, we definitely need something like that. > Most users fall into a few basic categories: > > a) they want all mitigations off; > > b) they want all reasonable mitigations on, with SMT enabled even if > it's vulnerable; or Uff, "reasonable" - there's the bikeshed waiting to happen. > c) they want all reasonable mitigations on, with SMT disabled if > vulnerable. > > Define a set of curated, arch-independent options, each of which is an > aggregation of existing options: > > - cpu_spec_mitigations=off: Disable all mitigations. "cpu_spec_mitigations" is too long, TBH. Imagine yourself in a loud, noisy data center - you basically can't wait to leave - crouched over a keyboard in an impossible position, having to type that thing and then making a typo. Whoops, too late, already pressed Enter. Shiiiit! Now you have to wait at least 15 mins for the damn single-threaded added value BIOS crap to noodle through all the cores just so you can try again, because you just rebooted the box. And I know, my ideas for shorter cmdline options are crazy, like cpu_spec_mtg= which people would say, yuck, unreadable... Oh, I know! How about cpu_vulns= ? We already have /sys/devices/system/cpu/vulnerabilities so it'll be the same as that. Less things to remember. > - cpu_spec_mitigations=auto: [default] Enable all the default > mitigations, but leave SMT enabled, even if it's vulnerable. > > - cpu_spec_mitigations=auto,nosmt: Enable all the default mitigations, > disabling SMT if needed by a mitigation. Yah, the suboption choices make sense to me. > > Currently, these options are placeholders which don't actually do > anything. They will be fleshed out in upcoming patches. > > Signed-off-by: Josh Poimboeuf > --- > .../admin-guide/kernel-parameters.txt | 23 +++++++++++++++++++ > include/linux/cpu.h | 8 +++++++ > kernel/cpu.c | 15 ++++++++++++ > 3 files changed, 46 insertions(+) > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index c4d830003b21..ac42e510bd6e 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -2544,6 +2544,29 @@ > in the "bleeding edge" mini2440 support kernel at > http://repo.or.cz/w/linux-2.6/mini2440.git > > + cpu_spec_mitigations= > + [KNL] Control mitigations for CPU speculation > + vulnerabilities on affected CPUs. This is a set of > + curated, arch-independent options, each of which is an > + aggregation of existing options. > + > + off > + Disable all speculative CPU mitigations. Alias to cpu_vulns=make_linux_fast_again :-P -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.