Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751740AbeADAM7 (ORCPT + 1 other); Wed, 3 Jan 2018 19:12:59 -0500 Received: from Galois.linutronix.de ([146.0.238.70]:40877 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751233AbeADAM6 (ORCPT ); Wed, 3 Jan 2018 19:12:58 -0500 Date: Thu, 4 Jan 2018 01:12:49 +0100 (CET) From: Thomas Gleixner To: Andi Kleen cc: Linus Torvalds , Greg Kroah-Hartman , dwmw@amazon.co.uk, Tim Chen , Linux Kernel Mailing List , Dave Hansen Subject: Re: Avoid speculative indirect calls in kernel In-Reply-To: <20180104000927.co5umvfzfwliqvqt@two.firstfloor.org> Message-ID: References: <20180103230934.15788-1-andi@firstfloor.org> <20180104000927.co5umvfzfwliqvqt@two.firstfloor.org> User-Agent: Alpine 2.20 (DEB 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Wed, 3 Jan 2018, Andi Kleen wrote: > On Wed, Jan 03, 2018 at 03:51:35PM -0800, Linus Torvalds wrote: > > On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen wrote: > > > This is a fix for Variant 2 in > > > https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html > > > > > > Any speculative indirect calls in the kernel can be tricked > > > to execute any kernel code, which may allow side channel > > > attacks that can leak arbitrary kernel data. > > > > Why is this all done without any configuration options? > > I was thinking of a config option, but I was struggling with a name. > > CONFIG_INSECURE_KERNEL, CONFIG_LEAK_MEMORY? > > And should it be positive or negative? It should be a CPU_BUG bit as we have for the other mess. And that can be used for patching. Thanks, tglx