Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755241AbeAIWGi (ORCPT <rfc822;ralf@linux-mips.org> + 1 other);
        Tue, 9 Jan 2018 17:06:38 -0500
Received: from wtarreau.pck.nerim.net ([62.212.114.60]:39252 "EHLO 1wt.eu"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1753720AbeAIWGh (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 9 Jan 2018 17:06:37 -0500
Date: Tue, 9 Jan 2018 23:06:05 +0100
From: Willy Tarreau <w@1wt.eu>
To: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@kernel.org>,
        LKML <linux-kernel@vger.kernel.org>, X86 ML <x86@kernel.org>,
        Brian Gerst <brgerst@gmail.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Ingo Molnar <mingo@kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Kees Cook <keescook@chromium.org>
Subject: Re: [RFC PATCH v2 2/6] x86/arch_prctl: add ARCH_GET_NOPTI and
 ARCH_SET_NOPTI to enable/disable PTI
Message-ID: <20180109220605.GE13282@1wt.eu>
References: <1515502580-12261-1-git-send-email-w@1wt.eu>
 <1515502580-12261-3-git-send-email-w@1wt.eu>
 <20180109141713.ngqrf6weyiy2q3in@pd.tnic>
 <20180109143653.GA12976@1wt.eu>
 <20180109145157.5ltqbz4o5sqkcggb@pd.tnic>
 <20180109145422.GD12976@1wt.eu>
 <CALCETrU_Qt+0k4GO2qp=9D7h5czp0QkY=D9Y4AUfs9yzpNHswQ@mail.gmail.com>
 <20180109212940.ffvqb6wmehmxre4i@pd.tnic>
 <20180109213227.GA13282@1wt.eu>
 <20180109214602.k7cuxwikg6xshztu@pd.tnic>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180109214602.k7cuxwikg6xshztu@pd.tnic>
User-Agent: Mutt/1.6.1 (2016-04-27)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>

On Tue, Jan 09, 2018 at 10:46:02PM +0100, Borislav Petkov wrote:
> On Tue, Jan 09, 2018 at 10:32:27PM +0100, Willy Tarreau wrote:
> > Requiring a reboot just to fix a performance problem you've discovered
> > the hard way is not the most friendly way to help users I'm afraid.
> 
> That's a very strange argument: if you know you'd need max perf, you
> boot with pti=allow_optout.
> 
> Color me confused.

That's very simple : you first know you need more perf when you see the
name of your boss on your phone asking what's happening with the site
suddenly crawling at the worst possible moment, when everyone is there
to see it dead. Performance is something that's tuned at runtime, always,
not via random reboots. When you have 10 servers running at 100% CPU,
the last thing you're thinking about is to remove one of them so that
the 9 remaining ones are at 110% while you reboot :-/

Willy