Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750941AbeAOTxL (ORCPT + 1 other); Mon, 15 Jan 2018 14:53:11 -0500 Received: from wtarreau.pck.nerim.net ([62.212.114.60]:39866 "EHLO 1wt.eu" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750732AbeAOTxK (ORCPT ); Mon, 15 Jan 2018 14:53:10 -0500 Date: Mon, 15 Jan 2018 20:52:52 +0100 From: Willy Tarreau To: Dave Hansen Cc: Nadav Amit , linux-kernel@vger.kernel.org, luto@kernel.org, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, nadav.amit@gmail.com Subject: Re: [RFC] x86: Avoid CR3 load on compatibility mode with PTI Message-ID: <20180115195252.GH7804@1wt.eu> References: <20180114201306.3554-1-namit@vmware.com> <57a8fa6b-a1d1-d440-ce13-b1d06d265584@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <57a8fa6b-a1d1-d440-ce13-b1d06d265584@linux.intel.com> User-Agent: Mutt/1.6.1 (2016-04-27) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Mon, Jan 15, 2018 at 11:49:19AM -0800, Dave Hansen wrote: > If we start disabling PTI willy nilly at points _away_ from the > capability checks (like for 32-bit binaries, say), then it gets really > hard to decide if we are doing the right things. > > Also, what's the end goal here? Run old 32-bit binaries better? You > want to weaken the security of the whole implementation to do that? > Sounds like a bad tradeoff to me. In fact I understand it differently, which is that by running 32-bit, he can recover the original performance without sacrifying security. It's not that bad actually when you think about it since the vast majority of performance-sensitive software doesn't need to access even one GB of data. Willy