Received: by 10.223.176.46 with SMTP id f43csp4776104wra; Tue, 23 Jan 2018 14:41:48 -0800 (PST) X-Google-Smtp-Source: AH8x224vUnl50DozBYWPw+H5wKRf6n42VyK+fx9JgsoIyHiRvdO6VYsolHZpemyKYFKKxyQGoKgp X-Received: by 10.107.135.90 with SMTP id j87mr6347788iod.160.1516747307963; Tue, 23 Jan 2018 14:41:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516747307; cv=none; d=google.com; s=arc-20160816; b=Olo/bRYlKWzLwDNp7U81B38VrMNG+vJfvVTYJJL+ogiVMDIlOtO9tVG4F4JmIx00Gg SVM5liSEWVtNjxeGPG377s+GLWCCfsm+5KuQf1SS26DxMSOxjQj7Ik3S3Niqq9Q5J/mO aS0pIH3P8BVwDKOH7kt5bvkZ9ZZoPnd7S1LGYZJIA6r2ezFc0LTnYK4ZGI1MieVPN+Hl PFy1gRYhYTRIMIYYPFArwpkj3BNtPIEs8CXIH0Zx6EjqHL2Mak+fN0arr4RtEIqlxJE4 x0fN2MLBN8lWFvNrPg+0KEo6wdSGS87sPtFZ9bRScKJSmiAHxtT66Vn9QVboswLNrqr6 ECdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=VH54uWB3or34gS7mayy0/K3srBHnRUbw5h+GnwC4bRY=; b=R3o4MlpG0aDYvlNqWHkmeAqsTwE/uc6pv1SGqiUxnsBPpeRxl8G5KJ5CI3CxLrY0W5 aCTBiniIDWly2dJgIYZreaAapoP4AwcXgXOJjKU7l01i3t3FOBiYzuOaSpDz6lZPwvfc B/kA5SWxMhWyKH6xyUwwwrFna+3UA9egc/jQ+Y0FB0vuKqXeT0ZijNLQt7sbsv42kGk8 DBRyUT7pWO0w1seFUU804zaYv/I7uHNNka+ZuegKBiYq/0iq7iB+WwgqptaqtI0PcPE+ oSSCOLg0p4opZllksGU301KZZ2hncnQrO+/hFgAG2W/vumf69b4ZGX9d9naGYohYkDzT jVow== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 199si9475716ita.140.2018.01.23.14.41.35; Tue, 23 Jan 2018 14:41:47 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932427AbeAWWkZ (ORCPT + 99 others); Tue, 23 Jan 2018 17:40:25 -0500 Received: from mail.skyhub.de ([5.9.137.197]:50064 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932267AbeAWWkY (ORCPT ); Tue, 23 Jan 2018 17:40:24 -0500 X-Virus-Scanned: Nedap ESD1 at mail.skyhub.de Received: from mail.skyhub.de ([127.0.0.1]) by localhost (blast.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id gQQ2_r0dwmyJ; Tue, 23 Jan 2018 23:40:22 +0100 (CET) Received: from pd.tnic (p200300EC2BD1D800B5F6B1F16569F43D.dip0.t-ipconnect.de [IPv6:2003:ec:2bd1:d800:b5f6:b1f1:6569:f43d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 6C2A31EC058A; Tue, 23 Jan 2018 23:40:22 +0100 (CET) Date: Tue, 23 Jan 2018 23:40:14 +0100 From: Borislav Petkov To: David Woodhouse Cc: Andi Kleen , Paul Turner , LKML , Linus Torvalds , Greg Kroah-Hartman , Tim Chen , Dave Hansen , tglx@linutronix.de, Kees Cook , Rik van Riel , Peter Zijlstra , Andy Lutomirski , Jiri Kosina , gnomes@lxorguk.ukuu.org.uk, x86@kernel.org, thomas.lendacky@amd.com, Josh Poimboeuf Subject: Re: [PATCH v8 04/12] x86/spectre: Add boot time option to select Spectre v2 mitigation Message-ID: <20180123224014.dsbzps4hydt6h7ed@pd.tnic> References: <1515707194-20531-1-git-send-email-dwmw@amazon.co.uk> <1515707194-20531-5-git-send-email-dwmw@amazon.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <1515707194-20531-5-git-send-email-dwmw@amazon.co.uk> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 11, 2018 at 09:46:26PM +0000, David Woodhouse wrote: > Add a spectre_v2= option to select the mitigation used for the indirect > branch speculation vulnerability. > > Currently, the only option available is retpoline, in its various forms. > This will be expanded to cover the new IBRS/IBPB microcode features. > > The RETPOLINE_AMD feature relies on a serializing LFENCE for speculation > control. For AMD hardware, only set RETPOLINE_AMD if LFENCE is a > serializing instruction, which is indicated by the LFENCE_RDTSC feature. > > [ tglx: Folded back the LFENCE/AMD fixes and reworked it so IBRS > integration becomes simple ] ... > +static inline bool retp_compiler(void) > +{ > + return __is_defined(RETPOLINE); > +} Btw, this came up today: do we have an idea how to detect objects built with gcc which has retpoline support? The only way I could think of is boot the respective kernel and stare at dmesg: [ 0.064006] Spectre V2 mitigation: LFENCE not serializing. Switching to generic retpoline [ 0.068003] Spectre V2 mitigation: Vulnerable: Minimal generic ASM retpoline and then deduce that it is not a retpoline-enabled compiler: > +retpoline_auto: > + if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD) { > + retpoline_amd: > + if (!boot_cpu_has(X86_FEATURE_LFENCE_RDTSC)) { > + pr_err("LFENCE not serializing. Switching to generic retpoline\n"); > + goto retpoline_generic; > + } > + mode = retp_compiler() ? SPECTRE_V2_RETPOLINE_AMD : > + SPECTRE_V2_RETPOLINE_MINIMAL_AMD; > + setup_force_cpu_cap(X86_FEATURE_RETPOLINE_AMD); > + setup_force_cpu_cap(X86_FEATURE_RETPOLINE); > + } else { > + retpoline_generic: > + mode = retp_compiler() ? SPECTRE_V2_RETPOLINE_GENERIC : > + SPECTRE_V2_RETPOLINE_MINIMAL; ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ but that might not always be an option. And it probably should be a more reliable method which we probably could use to detect !retpolined modules too. Hmmm. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.