Received: by 10.223.176.46 with SMTP id f43csp4416428wra; Tue, 23 Jan 2018 09:08:02 -0800 (PST) X-Google-Smtp-Source: AH8x224H2zUSV5eOYFqH+GJdfnpiIM9H6bjoE+uVIxV/TC4qq3PvhavHkV23e6Wv1R044OiS9+3m X-Received: by 10.36.53.138 with SMTP id k132mr4618852ita.13.1516727282895; Tue, 23 Jan 2018 09:08:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516727282; cv=none; d=google.com; s=arc-20160816; b=VQUx0olDUf4HUXruCI9VYZ8c957D5wcTA1+eW7UhA6rZouXqjgRMZMFw5M5tI/WRgb /Cdc4I1DNX1/LMN6QnOACLKplQ2f4s/bAevk/drM5NLU/r6CalMeq5o/aWv7uGXCpEkh hQd/FSmDNoWnEIRvJCoQAz6lmdF4Rypc84pE5XSYszbClzW6KYfdtJZLDMTnmGIBoSa2 qiCyMpAnSEV0RAVKeJrsfwauajY9xEMpnTroH11M1ZFYECB7v32/uIOSep57knVSsciq sbMhuZDOeseQc6ZSwPrNorpCnhsF2s74YEEckdcBTWkFJr7uZR2MwGuTSgScKV7U8zFU 9EEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=+iRzqr0vfwpJRoVw1ikayiIjTvxlUCEkiGIu/eRZU1c=; b=xp5WTrJg0jIBR2VxeUQp3ZjOrwcPl9N/15iLJZS05D2PpIo4aoQP8CnkHdBZQlz+n6 1EkyJJkI1fHaG2NwdVVsCB+boMF1zzPH7hiGg2taRK0jPUriwyt7zruQB/TSs9wb2jM6 gP4u+PdTZicpB7RwyXKx/976L9kJTvlQ4k50zN63WOn7Zic5ZsDTmBDV/WzXykqbJW1d hx6FS5tL5Z/SMFHAwIXw41hxHDuVqLmxkMjFMllb8818P84mQ25IEtvOE7esNREhwRtf CXGtN3/Dp4DbICGAvPCJyTBeZPeq5s0p8JhFVGA1URcv6JO6D4ZsYN9ZjoX+aAYkrDd+ 8LNQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 22si15881708ioj.245.2018.01.23.09.07.48; Tue, 23 Jan 2018 09:08:02 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751591AbeAWRHW (ORCPT + 99 others); Tue, 23 Jan 2018 12:07:22 -0500 Received: from isilmar-4.linta.de ([136.243.71.142]:37742 "EHLO isilmar-4.linta.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751259AbeAWRHV (ORCPT ); Tue, 23 Jan 2018 12:07:21 -0500 Received: by isilmar-4.linta.de (Postfix, from userid 1000) id D7A1E2008F6; Tue, 23 Jan 2018 17:07:19 +0000 (UTC) Date: Tue, 23 Jan 2018 18:07:19 +0100 From: Dominik Brodowski To: Martin Schwidefsky Cc: linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, kvm@vger.kernel.org, Heiko Carstens , Christian Borntraeger , Paolo Bonzini , Cornelia Huck , David Hildenbrand , Greg Kroah-Hartman , Jon Masters , Marcus Meissner , Jiri Kosina , w@1wt.eu, keescook@chromium.org Subject: Re: [PATCH 1/5] prctl: add PR_ISOLATE_BP process control Message-ID: <20180123170719.GA4154@isilmar-4.linta.de> References: <1516712825-2917-1-git-send-email-schwidefsky@de.ibm.com> <1516712825-2917-2-git-send-email-schwidefsky@de.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1516712825-2917-2-git-send-email-schwidefsky@de.ibm.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 23, 2018 at 02:07:01PM +0100, Martin Schwidefsky wrote: > Add the PR_ISOLATE_BP operation to prctl. The effect of the process > control is to make all branch prediction entries created by the execution > of the user space code of this task not applicable to kernel code or the > code of any other task. What is the rationale for requiring a per-process *opt-in* for this added protection? For KPTI on x86, the exact opposite approach is being discussed (see, e.g. http://lkml.kernel.org/r/1515612500-14505-1-git-send-email-w@1wt.eu ): By default, play it safe, with KPTI enabled. But for "trusted" processes, one may opt out using prctrl. Thanks, Dominik