Received: by 10.223.176.46 with SMTP id f43csp169855wra; Thu, 18 Jan 2018 15:38:23 -0800 (PST) X-Google-Smtp-Source: ACJfBotTGZkwkaC+0MlUT7omJ6+vizXFjfqz9OqDnPWOg6kY05bmZt190ZpDA0VvAmLnJLJbOmAU X-Received: by 2002:a17:902:9883:: with SMTP id s3-v6mr596360plp.110.1516318703667; Thu, 18 Jan 2018 15:38:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516318703; cv=none; d=google.com; s=arc-20160816; b=d1OpPHhOKGIfuDOZEpWTLrQVK6AsICJhIFis+myJwE52b/Z4/BxOCb5bKlLN7Pdr0m eevENgOzK5C1tiTvaMyfHfvLmGTdsv/3l3tgmQgaxsFq4Qtb6EUc9hKwGNkmRjrOQfXW skJ9T36LZsyj4P+IYuX15eBoMdGheilSNCetnUbgYRuDHPzM+Gf5+UHHfQM26wNOKK7D 9kTPMmqWUxnsNt6KIMbwud63Nei5BHdvHAa1JsyNV/vOw3uEPjRj+xlXow1IjLeO1PZy 2uV7thlaYGT05JRu/LDEiWSNLk9m2SqGk7/835V8ob060QsGldZ1U1nryjAiTwoFp1sm uWbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=RmqEH6AhChccIU4X6hBGuHJjaZNqqHXPyECKdxadESI=; b=VReK0MJ4z+wxjxV3UQz0MFPzDC9Peu8lFcPmRZ09XswjMExAy0lmDo0lMEPe5gsNOa mXm3aE1G7ZSccyS25HE7KRqAV5RZ8SCytetNKd2chSZAYmQtxzSygc4C4zH59EJ4mGlA EdNjSIiXCHQ4XUw6ooEaG5wmpjSOYm30oOMPKACPGJ5g8QzOK01RAOmJnXqDI4CUXLpo thdXAS1ETGsITuXNpNONuBGP5xlb55QdZGR/ezANCQStiVZsZmNxB/aQfX1nrW4w5BmS 3eaOxdGGwvRHPVoT6dML5MLzZXnjQZIhtU4Jee2JDDbY7XqyyMNlB0chZBYT+Z13lO0f j5yg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v8si7893873pfe.266.2018.01.18.15.38.10; Thu, 18 Jan 2018 15:38:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932751AbeARXfv (ORCPT + 99 others); Thu, 18 Jan 2018 18:35:51 -0500 Received: from ppsw-31.csi.cam.ac.uk ([131.111.8.131]:39424 "EHLO ppsw-31.csi.cam.ac.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932394AbeARXfq (ORCPT ); Thu, 18 Jan 2018 18:35:46 -0500 X-Cam-AntiVirus: no malware found X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus Received: from 88-111-108-209.dynamic.dsl.as9105.com ([88.111.108.209]:53716 helo=[192.168.1.6]) by ppsw-31.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:587) with esmtpsa (PLAIN:amc96) (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) id 1ecJiX-000EbY-JT (Exim 4.90) (return-path ); Thu, 18 Jan 2018 23:35:33 +0000 Subject: Re: [PATCH 23/35] x86/speculation: Add basic speculation control code To: Andy Lutomirski , Andrea Arcangeli Cc: Josh Poimboeuf , Paolo Bonzini , Dave Hansen , Peter Zijlstra , David Woodhouse , Thomas Gleixner , LKML , Ashok Raj , Tim Chen , Linus Torvalds , Greg KH , Andi Kleen , Arjan Van De Ven , Dan Williams , Jun Nakajima , Asit Mallick , Jason Baron References: <20180118134800.711245485@infradead.org> <20180118140152.830682032@infradead.org> <20180118163745.t5nmwdr53wjsl7o5@treble> <73a5735a-6a5b-0e0f-1f0b-e7cd955880d2@intel.com> <20180118182431.xvmk6kzxpzu43b43@treble> <20180118190842.GA14136@redhat.com> From: Andrew Cooper Message-ID: <9e771f85-ed55-6a94-ad57-b6b8f93a3413@citrix.com> Date: Thu, 18 Jan 2018 23:35:36 +0000 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-GB Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 18/01/2018 23:25, Andy Lutomirski wrote: > On Thu, Jan 18, 2018 at 11:08 AM, Andrea Arcangeli wrote: >> On Thu, Jan 18, 2018 at 12:24:31PM -0600, Josh Poimboeuf wrote: >>> On Thu, Jan 18, 2018 at 06:12:36PM +0100, Paolo Bonzini wrote: >>>> On 18/01/2018 18:08, Dave Hansen wrote: >>>>> On 01/18/2018 08:37 AM, Josh Poimboeuf wrote: >>>>>>> --- a/Documentation/admin-guide/kernel-parameters.txt >>>>>>> +++ b/Documentation/admin-guide/kernel-parameters.txt >>>>>>> @@ -3932,6 +3932,7 @@ >>>>>>> retpoline - replace indirect branches >>>>>>> retpoline,generic - google's original retpoline >>>>>>> retpoline,amd - AMD-specific minimal thunk >>>>>>> + ibrs - Intel: Indirect Branch Restricted Speculation >>>>>> Are there plans to add spectre_v2=ibrs_always to prevent SMT-based >>>>>> attacks? >>>>> What does "ibrs_always" mean to you? >>> Maybe ibrs_always isn't the best name. Basically we need an option to >>> protect user-user attacks via SMT. >>> >>> It could be implemented with IBRS=1, or STIBP, or as part of the >>> mythical IBRS_ATT. >> User stibp or user ibrs would be different things, both would be valid >> for different use cases, and the user stibp should perform better. >> >> Leaving ibrs on when returning from kernel to userland (or setting >> ibrs if kernel used retpolines instead of ibrs) achieves stronger >> semantics than just setting SPEC_CTRL with stibp when returning to >> userland. > I read the whitepaper that documented the new MSRs a couple days ago > and I'm now completely unable to find it. If anyone could send the > link, that would be great. https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf ~Andrew