Received: by 10.223.142.17 with SMTP id n17csp14146wrb;
        Tue, 23 Jan 2018 14:56:08 -0800 (PST)
X-Google-Smtp-Source: AH8x22668zbVbwDAd+36vlthARahfrkx8HkUUBlXYpHmyXOkyY3pAnWDBXOYNDqr1xW+qeacISZ+
X-Received: by 10.36.69.219 with SMTP id c88mr6458416itd.68.1516748168768;
        Tue, 23 Jan 2018 14:56:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516748168; cv=none;
        d=google.com; s=arc-20160816;
        b=E8sVm4qsyYRADF3Nop13SGjxHkNNHk1Gi6sUTXz9Elw7KrOpUA5KLqgLqsR0zgBhTW
         VMdox24lTiv3TC9slVAUS5QFjDsSI39WPjubO6ir7Wu+4PADqU6+cSloG9O8jZawTno1
         6z+zc6bg8XXMmfNlqzHKOGZ8MaY1ZoqHUdRrapMfKQlcsIR2ks3FIrl8hp0D/ZW63iel
         CSE/5uSwuXp+zGh+GGjL/lqD/BeCB2r6XXjSSWD+YTuvBPLhfwceEbqUV+rwa/0sar86
         aJwn/FF3l7u3S2S5iVckuid2Bu64EbDhsV+6aE3cTEeaH4B1Et6o1uMGSQUF3B9wf//e
         bIhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date
         :arc-authentication-results;
        bh=S78u017534zKfbsHsY9odGRbH2I/Upbr5X94ME9cWbw=;
        b=xxGwQ10TreSFRjGSDIu7Iml8WYAs0tpaETPQBH3wxJblzpfHhY1vOLCUar1wqXp+Jb
         u4eUwxCYXytwja1fg995eL9HIdg38SjMuFq+I1RzefhP1Z682XnOk2N37zvCjfuYJHWe
         pclJL7rOkq9J2aOntgSamQfpEjkKQofM5mTroT6jBavTaTWc8tQDGiCVx6GwLiWIg7jJ
         9vrJqB7SxA+UqE1Lqru2JCluBuOZwkoGyxzW9Ki04NVcXRJ2PXtydbx0XLpa2b90M4F0
         InQr4HWZwt65tvV/nVovI4cney8WcHbIEsu6fh/6clRxtN6qUTIvo304GY9Ysoqp+TC1
         SFWg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o22si14386554iod.288.2018.01.23.14.55.55;
        Tue, 23 Jan 2018 14:56:08 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932474AbeAWWzK (ORCPT <rfc822;marvinzhang.kernel@gmail.com>
        + 99 others); Tue, 23 Jan 2018 17:55:10 -0500
Received: from mx2.suse.de ([195.135.220.15]:59332 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S932334AbeAWWzJ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 23 Jan 2018 17:55:09 -0500
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id 6B072ADF5;
        Tue, 23 Jan 2018 22:55:07 +0000 (UTC)
Date:   Tue, 23 Jan 2018 23:55:05 +0100 (CET)
From:   Jiri Kosina <jikos@kernel.org>
To:     Borislav Petkov <bp@alien8.de>
cc:     David Woodhouse <dwmw@amazon.co.uk>,
        Andi Kleen <ak@linux.intel.com>, Paul Turner <pjt@google.com>,
        LKML <linux-kernel@vger.kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Greg Kroah-Hartman <gregkh@linux-foundation.org>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Kees Cook <keescook@google.com>,
        Rik van Riel <riel@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Andy Lutomirski <luto@amacapital.net>,
        gnomes@lxorguk.ukuu.org.uk, x86@kernel.org,
        thomas.lendacky@amd.com, Josh Poimboeuf <jpoimboe@redhat.com>
Subject: Re: [PATCH v8 04/12] x86/spectre: Add boot time option to select
 Spectre v2 mitigation
In-Reply-To: <20180123224014.dsbzps4hydt6h7ed@pd.tnic>
Message-ID: <nycvar.YFH.7.76.1801232348060.11852@cbobk.fhfr.pm>
References: <1515707194-20531-1-git-send-email-dwmw@amazon.co.uk> <1515707194-20531-5-git-send-email-dwmw@amazon.co.uk> <20180123224014.dsbzps4hydt6h7ed@pd.tnic>
User-Agent: Alpine 2.21 (LSU 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 23 Jan 2018, Borislav Petkov wrote:

> > +		mode = retp_compiler() ? SPECTRE_V2_RETPOLINE_GENERIC :
> > +					 SPECTRE_V2_RETPOLINE_MINIMAL;
> 					^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
> but that might not always be an option.

I think we should start recording CFLAGS the kernel has been compiled with 
anyway; doesn't hurt and might come handy when debugging.

/proc/version is probably not the best place ... /proc/cflags?

> And it probably should be a more reliable method which we probably could
> use to detect !retpolined modules too.

That's the vermagic stuff Andi pushed. But that's not really acceptable 
for distros.

Distros have always been in the situation "we let the external modules to 
load, as it'll work when it comes to functionality, but then it's our 
duty/responsibility to explain to 3rd parties that they *really* should 
recompile". Mostly because of security fixes to static inlines, but not 
only that.

So that vermagic patch doesn't really help anything in real world (FWIW 
I've just dropped it from SLE kernel). "Potentially insecure" doesn't mean 
it shouldn't be loaded if the user wishes so. Only "functionally 
incorrect" (which is the kernel ABI compatibility check) should be the 
show stopper.

-- 
Jiri Kosina
SUSE Labs