public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Tom Lendacky <thomas.lendacky@amd.com>
To: Tim Chen <tim.c.chen@linux.intel.com>,
	Thomas Gleixner <tglx@linutronix.de>
Cc: Jiri Kosina <jikos@kernel.org>, Ingo Molnar <mingo@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Andrea Arcangeli <aarcange@redhat.com>,
	"Woodhouse, David" <dwmw@amazon.co.uk>,
	Andi Kleen <ak@linux.intel.com>,
	"Schaufler, Casey" <casey.schaufler@intel.com>,
	linux-kernel@vger.kernel.org, x86@kernel.org
Subject: Re: [PATCH v5 2/2] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation
Date: Thu, 13 Sep 2018 09:53:03 -0500	[thread overview]
Message-ID: <d02da815-95ef-2ed3-b90f-776b60f8bc1f@amd.com> (raw)
In-Reply-To: <d098fa9b-f244-68d2-77f2-e3f5dd30f174@linux.intel.com>

On 09/12/2018 04:26 PM, Tim Chen wrote:
> On 09/12/2018 10:16 AM, Tom Lendacky wrote:
>>
>>
>> On 09/11/2018 04:16 PM, Thomas Gleixner wrote:
>>> On Tue, 11 Sep 2018, Tim Chen wrote:
>>>> On 09/10/2018 04:46 AM, Jiri Kosina wrote:
>>>>> Nah, IBPB is actuall there, sorry. So I'll add reporting of STIBP + fixup 
>>>>> the missing reporting of RSB_CTXSW for v6.
>>>>>
>>>>
>>>> I anticipate that STIBP could affect workloads with a lot of indirect
>>>> branches (see previous discussion with Andrea).  We should have a 
>>>> knob for people to opt in or opt out of STIBP.
>>>
>>> Feel free to send a patch to that effect.
>>
>> Tim, are you planning on sending a patch for this?  If so, what type of
>> opt in/out are you thinking about, something similar to SSBD?
>>
> 
> I'm working on a patch for choosing the Spectre v2 app to app
> mitigation option.
> 
> Something like the following:
> 
> enum spectre_v2_app2app_mitigation {
>         SPECTRE_V2_APP2APP_NONE,
>         SPECTRE_V2_APP2APP_LITE,
>         SPECTRE_V2_APP2APP_IBPB,
>         SPECTRE_V2_APP2APP_STIBP,
>         SPECTRE_V2_APP2APP_STRICT,
> };
> 
> static const char *spectre_v2_app2app_strings[] = {
>         [SPECTRE_V2_APP2APP_NONE]               = "App-App Vulnerable",
>         [SPECTRE_V2_APP2APP_LITE]               = "App-App Mitigation: Protect only non-dumpable process",
>         [SPECTRE_V2_APP2APP_IBPB]               = "App-App Mitigation: Protect app against attack from same cpu",
>         [SPECTRE_V2_APP2APP_STIBP]              = "App-App Mitigation: Protect app against attack from sibling cpu",
>         [SPECTRE_V2_APP2APP_STRICT]             = "App-App Mitigation: Full app to app attack protection",
> };
> 
> So the APP2APP_LITE protection's intention is to turn on STIBP and IBPB for non-dumpable
> process.  But in my first version I may limit it to IBPB as choosing
> STIBP based on process characteristics will require some frobbing of
> the flags as what we've done in SSBD.  That will require more careful
> work and tests.
> 
> The STRICT option will turn STIBP on always and IBPB always on
> non-ptraceable context switches.
> 
> Is this something reasonable?
> 
> Tom, if you already have a patch, feel free to post.

No, I don't have anything.  I just like the idea of opt in/out for STIBP
and thought it should be similar to SSBD to provide consistency.

Thanks,
Tom

> 
> Tim
> 

  parent reply	other threads:[~2018-09-13 14:54 UTC|newest]

Thread overview: 46+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-09-10  9:22 [PATCH v5 0/2] Harden spectrev2 userspace-userspace protection Jiri Kosina
2018-09-10  9:23 ` [PATCH v5 1/2] x86/speculation: apply IBPB more strictly to avoid cross-process data leak Jiri Kosina
2018-09-10 18:26   ` Schaufler, Casey
2018-09-10 19:14     ` Jiri Kosina
2018-09-10 19:26       ` Schaufler, Casey
2018-09-10 19:36         ` Jiri Kosina
2018-09-10 20:27           ` Schaufler, Casey
2018-09-10 20:42             ` Jiri Kosina
2018-09-10 21:29               ` Schaufler, Casey
2018-09-10 21:36                 ` Jiri Kosina
2018-09-11 21:15                 ` Thomas Gleixner
2018-09-11 22:25                   ` Schaufler, Casey
2018-09-12 12:01                     ` Thomas Gleixner
2018-10-21 19:38   ` Pavel Machek
2018-10-21 23:32     ` Jiri Kosina
2018-09-10  9:24 ` [PATCH v5 2/2] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation Jiri Kosina
2018-09-10 10:04   ` Thomas Gleixner
2018-09-10 11:01     ` Jiri Kosina
2018-09-10 11:46       ` Jiri Kosina
2018-09-11 17:32         ` Tim Chen
2018-09-11 21:16           ` Thomas Gleixner
2018-09-11 21:46             ` Thomas Gleixner
2018-09-12 17:16             ` Tom Lendacky
2018-09-12 21:26               ` Tim Chen
2018-09-12 21:45                 ` Jiri Kosina
2018-09-12 22:56                   ` Tim Chen
2018-09-13 14:53                 ` Tom Lendacky [this message]
2018-09-12  9:05 ` [PATCH v6 0/3] Harden spectrev2 userspace-userspace protection Jiri Kosina
2018-09-12  9:06   ` [PATCH v6 1/3] x86/speculation: apply IBPB more strictly to avoid cross-process data leak Jiri Kosina
2018-09-13  0:04     ` Schaufler, Casey
2018-09-14 11:00       ` Jiri Kosina
2018-09-14 11:05         ` Thomas Gleixner
2018-09-12  9:07   ` [PATCH v6 2/3] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation Jiri Kosina
2018-09-12 19:14     ` Thomas Gleixner
2018-09-12 19:16       ` Jiri Kosina
2018-09-12  9:08   ` [PATCH v6 3/3] x86/speculation: Propagate information about RSB filling mitigation to sysfs Jiri Kosina
2018-09-17 16:09   ` [PATCH v6 0/3] Harden spectrev2 userspace-userspace protection Schaufler, Casey
2018-09-19 15:48     ` Peter Zijlstra
2018-09-22  7:38       ` Jiri Kosina
2018-09-22  9:53         ` Thomas Gleixner
2018-09-22 10:18           ` Peter Zijlstra
2018-09-22 10:20             ` Thomas Gleixner
2018-09-22 13:30               ` Thomas Gleixner
2018-09-22 14:31                 ` Peter Zijlstra
2018-09-24  8:43                 ` Jiri Kosina
2018-09-24 12:38                   ` Thomas Gleixner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d02da815-95ef-2ed3-b90f-776b60f8bc1f@amd.com \
    --to=thomas.lendacky@amd.com \
    --cc=aarcange@redhat.com \
    --cc=ak@linux.intel.com \
    --cc=casey.schaufler@intel.com \
    --cc=dwmw@amazon.co.uk \
    --cc=jikos@kernel.org \
    --cc=jpoimboe@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=tglx@linutronix.de \
    --cc=tim.c.chen@linux.intel.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox