Date: Fri, 5 Jan 2018 12:06:47 +0000
From: Alan Cox <gnomes@lxorguk.ukuu.org.uk>
To: james harvey <jamespharvey20@gmail.com>
Cc: Jiri Kosina <jikos@kernel.org>, Andi Kleen <andi@firstfloor.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Greg Kroah-Hartman <gregkh@linux-foundation.org>,
        dwmw@amazon.co.uk, Tim Chen <tim.c.chen@linux.intel.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Dave Hansen <dave.hansen@intel.com>
Subject: Re: Avoid speculative indirect calls in kernel
Message-ID: <20180105120647.0c717720@alans-desktop>
In-Reply-To: <CA+X5Wn4mK1BvLo7KZ_XDrmKiwzxOedZESuYXmLHYB5R35vjhPg@mail.gmail.com>
References: <20180103230934.15788-1-andi@firstfloor.org>
        <CA+55aFzCocoK+4kxAUEhaxxba4RTv3ewBmhiZ8Osc9iDkBtCEQ@mail.gmail.com>
        <20180104000927.co5umvfzfwliqvqt@two.firstfloor.org>
        <alpine.DEB.2.20.1801040110440.1957@nanos>
        <20180104001501.3jof7zkrfkehnd3r@two.firstfloor.org>
        <alpine.LRH.2.00.1801040118200.27010@gjva.wvxbf.pm>
        <CA+X5Wn4mK1BvLo7KZ_XDrmKiwzxOedZESuYXmLHYB5R35vjhPg@mail.gmail.com>
Organization: Intel Corporation
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org

> But, are the GCC patches being discussed also expected to fix the
> vulnerability because user binaries will be compiled using them?  In

If you have a system with just a few user binaries where you are
concerned about such a thing you might go that way.

> such case, a binary could be maliciously changed back, or a custom GCC
> made with the patches reverted.

If I can change your gcc or your binary then instead of removing the
speculation protection I can make it encrypt all your files instead. Much
simpler.

At the point I can do this you already lost.

Alan