Received: by 10.223.176.46 with SMTP id f43csp4416428wra;
        Tue, 23 Jan 2018 09:08:02 -0800 (PST)
X-Google-Smtp-Source: AH8x224H2zUSV5eOYFqH+GJdfnpiIM9H6bjoE+uVIxV/TC4qq3PvhavHkV23e6Wv1R044OiS9+3m
X-Received: by 10.36.53.138 with SMTP id k132mr4618852ita.13.1516727282895;
        Tue, 23 Jan 2018 09:08:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516727282; cv=none;
        d=google.com; s=arc-20160816;
        b=VQUx0olDUf4HUXruCI9VYZ8c957D5wcTA1+eW7UhA6rZouXqjgRMZMFw5M5tI/WRgb
         /Cdc4I1DNX1/LMN6QnOACLKplQ2f4s/bAevk/drM5NLU/r6CalMeq5o/aWv7uGXCpEkh
         hQd/FSmDNoWnEIRvJCoQAz6lmdF4Rypc84pE5XSYszbClzW6KYfdtJZLDMTnmGIBoSa2
         qiCyMpAnSEV0RAVKeJrsfwauajY9xEMpnTroH11M1ZFYECB7v32/uIOSep57knVSsciq
         sbMhuZDOeseQc6ZSwPrNorpCnhsF2s74YEEckdcBTWkFJr7uZR2MwGuTSgScKV7U8zFU
         9EEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=+iRzqr0vfwpJRoVw1ikayiIjTvxlUCEkiGIu/eRZU1c=;
        b=xp5WTrJg0jIBR2VxeUQp3ZjOrwcPl9N/15iLJZS05D2PpIo4aoQP8CnkHdBZQlz+n6
         1EkyJJkI1fHaG2NwdVVsCB+boMF1zzPH7hiGg2taRK0jPUriwyt7zruQB/TSs9wb2jM6
         gP4u+PdTZicpB7RwyXKx/976L9kJTvlQ4k50zN63WOn7Zic5ZsDTmBDV/WzXykqbJW1d
         hx6FS5tL5Z/SMFHAwIXw41hxHDuVqLmxkMjFMllb8818P84mQ25IEtvOE7esNREhwRtf
         CXGtN3/Dp4DbICGAvPCJyTBeZPeq5s0p8JhFVGA1URcv6JO6D4ZsYN9ZjoX+aAYkrDd+
         8LNQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 22si15881708ioj.245.2018.01.23.09.07.48;
        Tue, 23 Jan 2018 09:08:02 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751591AbeAWRHW (ORCPT <rfc822;marvinzhang.kernel@gmail.com>
        + 99 others); Tue, 23 Jan 2018 12:07:22 -0500
Received: from isilmar-4.linta.de ([136.243.71.142]:37742 "EHLO
        isilmar-4.linta.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751259AbeAWRHV (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 23 Jan 2018 12:07:21 -0500
Received: by isilmar-4.linta.de (Postfix, from userid 1000)
        id D7A1E2008F6; Tue, 23 Jan 2018 17:07:19 +0000 (UTC)
Date:   Tue, 23 Jan 2018 18:07:19 +0100
From:   Dominik Brodowski <linux@dominikbrodowski.net>
To:     Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc:     linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org,
        kvm@vger.kernel.org, Heiko Carstens <heiko.carstens@de.ibm.com>,
        Christian Borntraeger <borntraeger@de.ibm.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Cornelia Huck <cohuck@redhat.com>,
        David Hildenbrand <david@redhat.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Jon Masters <jcm@redhat.com>,
        Marcus Meissner <meissner@suse.de>,
        Jiri Kosina <jkosina@suse.cz>, w@1wt.eu, keescook@chromium.org
Subject: Re: [PATCH 1/5] prctl: add PR_ISOLATE_BP process control
Message-ID: <20180123170719.GA4154@isilmar-4.linta.de>
References: <1516712825-2917-1-git-send-email-schwidefsky@de.ibm.com>
 <1516712825-2917-2-git-send-email-schwidefsky@de.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1516712825-2917-2-git-send-email-schwidefsky@de.ibm.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jan 23, 2018 at 02:07:01PM +0100, Martin Schwidefsky wrote:
> Add the PR_ISOLATE_BP operation to prctl. The effect of the process
> control is to make all branch prediction entries created by the execution
> of the user space code of this task not applicable to kernel code or the
> code of any other task.

What is the rationale for requiring a per-process *opt-in* for this added
protection?

For KPTI on x86, the exact opposite approach is being discussed (see, e.g.
http://lkml.kernel.org/r/1515612500-14505-1-git-send-email-w@1wt.eu ): By
default, play it safe, with KPTI enabled. But for "trusted" processes, one
may opt out using prctrl.

Thanks,
	Dominik