Received: by 10.223.176.46 with SMTP id f43csp2495941wra;
        Thu, 25 Jan 2018 10:43:03 -0800 (PST)
X-Google-Smtp-Source: AH8x227akUsYmwp8UWOqQIMrDl3hp6Q8Itnz746+yGaNROSbid8ukF+v8cf0tx6iWAshUXUfUGXs
X-Received: by 10.98.220.72 with SMTP id t69mr16815662pfg.135.1516905783586;
        Thu, 25 Jan 2018 10:43:03 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516905783; cv=none;
        d=google.com; s=arc-20160816;
        b=kF81th6IlF98aKspkaZEev+ltAfN4xQG8496QfzN/F979VURiQ71RqBlk3Wq0r2oMc
         sQBeF+0ke6tLNDts91tbE2B+BjDaEDU+MQEkaQLQUPi0o2sjwaaJtfnxCgyVSXuUNFOh
         VCVDdjqGDbbmWvJ766RjVySC4nYK6LiyPErvo1wLR6vvsMGVkIKowFVJg8pjqwW42gLV
         34AgOh/c+VLYBNO5hxpons1damIgPLGGWnd9bnZdOmdg4bJemeFA/wAf6ZJvZx/YtcXA
         chO6x7OGA0Mv4JVmnGaHd23XjzRDGTlN2085b6727iGFbJLH58ihJ+aq7gHd1QWpK2tf
         SGmA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date
         :arc-authentication-results;
        bh=NHSUsFCEhAao+FMLrWG6wO7UjTEIvL+C5a61rHeqtGI=;
        b=NADG1cMiTcQKw16QYSzOWRrUejv9LWfWiYj6d/erKboVwmarXVxKA62jHD9OqEqKfY
         WZGYgnSvemgESdgKUrFQBLyHAQiERggInpXAbBKJmkbhdT2x/TDCePNOvRBjB7Qrx/S/
         Al2SQNPOBvpshKKgjYJzCvkfKgWYfN+cM3Cw55df8otA5LkIOPUahG2Ogjtj+6/1lxfT
         vh3ZArcZS/k5bRySHEdfglb9ldesTHJwTjroN8PEkjv2qj8nykOw+/FkOWTUogxqieMa
         61ormqXKoDMt4IdnpabwNSYFiXamKfmNHdzJwC9LJ9Y+bmHbq1AShwyCo6wArz4xM78L
         TYMw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o3-v6si1856886pld.605.2018.01.25.10.42.49;
        Thu, 25 Jan 2018 10:43:03 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751238AbeAYSlI (ORCPT <rfc822;daisukeokaopensource@gmail.com>
        + 99 others); Thu, 25 Jan 2018 13:41:08 -0500
Received: from mx2.suse.de ([195.135.220.15]:44340 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1750994AbeAYSlH (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Jan 2018 13:41:07 -0500
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id 50736ACC4;
        Thu, 25 Jan 2018 18:41:05 +0000 (UTC)
Date:   Thu, 25 Jan 2018 19:41:03 +0100 (CET)
From:   Jiri Kosina <jikos@kernel.org>
To:     Andy Lutomirski <luto@kernel.org>
cc:     David Woodhouse <dwmw2@infradead.org>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Borislav Petkov <bp@alien8.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Paul Turner <pjt@google.com>,
        Greg Kroah-Hartman <gregkh@linux-foundation.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Ingo Molnar <mingo@kernel.org>, Rik van Riel <riel@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Andi Kleen <ak@linux.intel.com>,
        Kees Cook <keescook@google.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        LKML <linux-kernel@vger.kernel.org>,
        linux-tip-commits@vger.kernel.org
Subject: Re: [tip:x86/pti] x86/retpoline: Fill return stack buffer on
 vmexit
In-Reply-To: <CALCETrWHJZXqDC-PUStHAJrNVMO_QEC0PG0PKAEHD+8TB-eqqQ@mail.gmail.com>
Message-ID: <nycvar.YFH.7.76.1801251937380.11852@cbobk.fhfr.pm>
References: <1515755487-8524-1-git-send-email-dwmw@amazon.co.uk> <tip-117cc7a908c83697b0b737d15ae1eb5943afe35b@git.kernel.org> <20180125120743.ey32gvl5mjam4r2s@pd.tnic> <1516882849.30244.94.camel@infradead.org> <20180125124554.vdx7rrnfrxrzl2ng@pd.tnic>
 <20180125151024.bidjr26r667vs7h5@treble> <20180125155110.mw655b7fwgm7qqc7@pd.tnic> <1516896198.30244.133.camel@infradead.org> <20180125165646.ytc4upthpaqtwi45@treble> <1516899639.30244.145.camel@infradead.org>
 <CALCETrWHJZXqDC-PUStHAJrNVMO_QEC0PG0PKAEHD+8TB-eqqQ@mail.gmail.com>
User-Agent: Alpine 2.21 (LSU 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 25 Jan 2018, Andy Lutomirski wrote:

> Distros that use retpolines need their driver vendors to recompile no 
> matter what.  

Absolutely. Tainting a kernel, issuing a warning, or even voluntarily 
deciding to not load modules loaded without retpolines, that all sounds 
like reasonable aproaches.

Artificially introducing kernel ABI breakage which is not there (as 
retpolines are fully compatible when it comes to ABI between modules and 
kernel ... the fact that it potentially brings non-retpolined indirect 
jump into the kernel is a security concent, but not ABI issue) sounds like 
a bad idea.

Those two things (ABI and security concerns) are independent.

> Distros that use IBRS and refuse to use retpolines should get put on a 
> list of "didn't actually adequately mitigate spectre".

Oh absolutely, especially on archs where there is no IBRS. But how is this 
relevant to ABI?

Thanks,

-- 
Jiri Kosina
SUSE Labs