Received: by 10.223.176.46 with SMTP id f43csp1975515wra; Sun, 21 Jan 2018 08:26:27 -0800 (PST) X-Google-Smtp-Source: AH8x226cvrNO+HtR7PvRssS+hKFDuMlTgoQ6JBy5BENZQuBoEmZKy7TG2s4sRiCz8XMpKEL4aIEK X-Received: by 10.101.70.140 with SMTP id h12mr4944972pgr.166.1516551986983; Sun, 21 Jan 2018 08:26:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516551986; cv=none; d=google.com; s=arc-20160816; b=YHD5UNn0XESdczKZlV5qQirkrXKEcj4cfe8NRkyLQSBDVcUFnmGwSleXqerKe5e9S+ g2xmTCDPFmpHvzV2XKlPT7clUnj1qEZDrKQ/PzClWqJcQ/IMuwSjZKNbIuo3DwiGGtOf +gcUcdZz5AQ5VwdjErMGE28xh/Hh53iKyeeKZFbUG3DXL/EySl207RhlswnUdDQ6D3sa rxFQnOqxsrPsIBBDx4i2h34gLWGXlncmWPPuEkNbjgqCHvjaASSLqhGO6bH6+wNvFvRr R/nArmE3tV/HaDTbyWiVVCEFSvD+o7rNCBBNkxOkfERF0VDw3TepDapZJWPlDI6x+Kn/ H5Ag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=g1YAz91vv0Dz2DEdHlxj3924rC/YDG8ZE2jSsD4E/I8=; b=K2orknS4Q9DnCEJH3MdcU3K9RxonscVKi7pAjvtdAPqZwHadwY/5J09RHoNjykelwE uksZwjius6nacwMXBQ8tp/RPJ50jUzoXzuW4qTgnn6+36Fqhk0g4vUtzXKTXk2fMpqiY Y2Wrh//ZM/dHVwibAvSqBYzeDyC/OapOGkperXYbyqtpc/8QGeA+fpKHh3qM7R2d4H3T ZVDY2NAYaJiFcPbLTAk5mzGTjmCWIRDi9Xp6p1UdM+MnTTwKNYDrSjV7kRZs+iOS+d/q JvgfIVP0jIp8xrZuoflEqWtLuq4PkAT+F7jBjTYpf6ZjfIUjEquo3ed0Yk0F0/TBYG78 AKrw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u23si12002630pgv.642.2018.01.21.08.26.13; Sun, 21 Jan 2018 08:26:26 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751314AbeAUQZj (ORCPT + 99 others); Sun, 21 Jan 2018 11:25:39 -0500 Received: from mga07.intel.com ([134.134.136.100]:53534 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751157AbeAUQZi (ORCPT ); Sun, 21 Jan 2018 11:25:38 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 21 Jan 2018 08:25:37 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,392,1511856000"; d="scan'208";a="28233513" Received: from avandeve-mobl.amr.corp.intel.com (HELO [10.254.98.84]) ([10.254.98.84]) by orsmga002.jf.intel.com with ESMTP; 21 Jan 2018 08:25:36 -0800 Subject: Re: [RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process To: Ingo Molnar , Peter Zijlstra Cc: KarimAllah Ahmed , linux-kernel@vger.kernel.org, Andi Kleen , Andrea Arcangeli , Andy Lutomirski , Ashok Raj , Asit Mallick , Borislav Petkov , Dan Williams , Dave Hansen , David Woodhouse , Greg Kroah-Hartman , "H . Peter Anvin" , Ingo Molnar , Janakarajan Natarajan , Joerg Roedel , Jun Nakajima , Laura Abbott , Linus Torvalds , Masami Hiramatsu , Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Thomas Gleixner , Tim Chen , Tom Lendacky , kvm@vger.kernel.org, x86@kernel.org, Dave Hansen References: <1516476182-5153-1-git-send-email-karahmed@amazon.de> <1516476182-5153-5-git-send-email-karahmed@amazon.de> <20180121112224.GH2269@hirez.programming.kicks-ass.net> <20180121162142.yh366un2blsyiud4@gmail.com> From: Arjan van de Ven Message-ID: Date: Sun, 21 Jan 2018 08:25:36 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20180121162142.yh366un2blsyiud4@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/21/2018 8:21 AM, Ingo Molnar wrote: > > > So if it's only about the scheduler barrier, what cycle cost are we talking about > here? > in the order of 5000 to 10000 cycles. (depends a bit on the cpu generation but this range is a reasonable approximation) > Because putting something like this into an ELF flag raises the question of who is > allowed to set the flag - does a user-compiled binary count? If yes then it would > be a trivial thing for local exploits to set the flag and turn off the barrier. the barrier is about who you go TO, e.g. the thing under attack. as you say, depending on the thing that would be the evil one does not work.