Received: by 10.223.176.46 with SMTP id f43csp2142772wra; Sun, 21 Jan 2018 12:18:37 -0800 (PST) X-Google-Smtp-Source: AH8x227OzH9zXkLcq1SNwwYuqIWiqfc3iaUcrnUQxGP1lFYifc9Bd+xmMhC6WnAmfExBJGcNfhvc X-Received: by 10.99.53.15 with SMTP id c15mr5400390pga.333.1516565917706; Sun, 21 Jan 2018 12:18:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516565917; cv=none; d=google.com; s=arc-20160816; b=Zg3B+WLFKnpcg2BAyPTMTDu0n8JYxxhcRtpOzhWZMMlDRCwwUrmnOuHzIXOD5VGloL un5Q5xoQXAVYeNi86cI/HhW2XmRE2o4pTLG8nkBmmXjj0bdlQN5QTaGIuN8Xr7oZ4wSB jidDo0KRsg4lUqjG0sRfg1Hozqmge6hLlaavp0zJecKc7SGqSK2Hll7ahgAWpj7RAi/N vuMwadr5CXXLEI6Z3PYzcNp02f3E6dt2P2yi9GdQQbiis0jsi1o0GSntDWZtYJ+KK4du Axi+c53rqBzEmOWmY1H/0RlCydkclOdWcSleCNNcLrrxlHtgkHu3JZqRa3/txXoQiNJc 6djA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date :arc-authentication-results; bh=IWmqDxWOhHnXoNtsF3Audq9pkctL6yIRDYnD+yPsglo=; b=t567WO71mqiA3fjfq0GX4WQ1pGW42jvJJsx8AfjCvWqP/7jgpeDqbchG50Kqw6sZ1T Ma9nOKY+1R6MrJl842oJe9oS87Mmi+lgDDqyQKmsiCVgYMmzQlmvzyhf3SOcC+TLX9uW pN/WZdq81OpUd7n+Qk2S+cK0tlVKqC3/KuWAyrgZbXGvzlggZof44NNOQ63rVJxbukI5 nqjSHT6+9H0QRYmdN9lOsZygr84It/ICYRCeWs0525MKiF3So+s2XaMku5MiQ2M/CwQC dmV1HXWzwBTXRfD55adrpTtgegPd/2F0YgSJhyxoYp9jnnEwC+e9Q3oIZg6pQBQpSy1w SpbA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e89si14073336pfm.109.2018.01.21.12.18.22; Sun, 21 Jan 2018 12:18:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751063AbeAUUR7 (ORCPT + 99 others); Sun, 21 Jan 2018 15:17:59 -0500 Received: from mail.skyhub.de ([5.9.137.197]:53866 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750953AbeAUUR6 (ORCPT ); Sun, 21 Jan 2018 15:17:58 -0500 X-Virus-Scanned: Nedap ESD1 at mail.skyhub.de Received: from mail.skyhub.de ([127.0.0.1]) by localhost (blast.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id B-6t45Fids5x; Sun, 21 Jan 2018 21:17:56 +0100 (CET) Received: from pd.tnic (p200300EC2BEE1B001C757E499366AA02.dip0.t-ipconnect.de [IPv6:2003:ec:2bee:1b00:1c75:7e49:9366:aa02]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id AEE2D1EC00FF; Sun, 21 Jan 2018 21:17:56 +0100 (CET) Date: Sun, 21 Jan 2018 21:17:53 +0100 From: Borislav Petkov To: David Woodhouse Cc: arjan@linux.intel.com, tglx@linutronix.de, karahmed@amazon.de, x86@kernel.org, linux-kernel@vger.kernel.org, tim.c.chen@linux.intel.com, peterz@infradead.org, pbonzini@redhat.com, ak@linux.intel.com, torvalds@linux-foundation.org, gregkh@linux-foundation.org Subject: Re: [PATCH v2 5/8] x86/speculation: Add basic support for IBPB Message-ID: <20180121201753.hvcrs7dvhk4vmrrv@pd.tnic> References: <1516528149-9370-1-git-send-email-dwmw@amazon.co.uk> <1516528149-9370-6-git-send-email-dwmw@amazon.co.uk> <20180121180621.ufmc5m7nr6v4tjvc@pd.tnic> <1516560862.9814.47.camel@infradead.org> <20180121190430.ss22poeakvwzvcal@pd.tnic> <1516563099.9814.54.camel@infradead.org> <20180121195407.hbahkbmc37yrrvi4@pd.tnic> <1516565226.9814.63.camel@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1516565226.9814.63.camel@infradead.org> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Jan 21, 2018 at 08:07:06PM +0000, David Woodhouse wrote: > That bug is the *reason* we're arguing about static_cpu_has vs. > ALTERNATIVE.  > > A conditional branch that the CPU sees can be speculated over... Lemme see if I understand it correctly: you don't want to have any such constructs: testb $1,boot_cpu_data+50(%rip) #, MEM[(const char *)&boot_cpu_data + 50B] jnz .L707 # which could cause any speculation. Instead, you want to have unconditional code which is slapped in by alternatives. Oh, and you don't want to have that at privilege crossing sites, like VMEXIT or so. Am I close? > Now, Andrew is right that in a number of cases there will be another > serialising instruction before we ever hit a problematic indirect > branch. But as I just said elsewhere, I'd really like the *primitives* > to support unconditional operation. In this particular case, WRMSR is already serializing too. So it is hard to exploit stuff here :-) -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.