Received: by 10.223.176.5 with SMTP id f5csp464998wra;
        Tue, 30 Jan 2018 14:29:15 -0800 (PST)
X-Google-Smtp-Source: AH8x227WqjQrWGGlSBCOAtlJwMuUU8I7pZIzSF4QIOsaSyjPvuhsPai/XkJoMGDgXpksm4rQ7P45
X-Received: by 10.98.138.21 with SMTP id y21mr31790040pfd.147.1517351355523;
        Tue, 30 Jan 2018 14:29:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517351355; cv=none;
        d=google.com; s=arc-20160816;
        b=rBDM4BdRYl0RBUrO069n1gNdWFUrnxKbQPo2ZVS3iQTARIoFsHSyCIhmV5PSPjCcQ/
         OgBM6w8lUsrQHXOPT6ZbodC8sYPbLUO92JUyMJo3pBM0BlMjvMuCY3DkyvHkLFjORO49
         uTXTjq8jLgRclRyM/Mnyn5VQ8Jc7E71ejTyNX1IWMtIXG/0dlFPSYeMb1DWj9r5IguRS
         74Lr101C6TnwXAfrFQg7HlB8M0/zKkFUMp4FZ/XUmVhX+Apzy4sqtQxPsjFvhqTx7MlM
         /+648YO99RWa5ukNNCGzQrcZ4t2DWSgKGjKWZkv4S4kXHtFh4s9adYwEREMkafPjZPtL
         dI/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=/H7I2SZbU/ZgEEIX5pNHZw+Zy9UU9Q/oAB0bYpoEWVM=;
        b=FwyOgVcP2Rdb7vrL52c5WmLeHbpNhTuhQS0poAwqE6f00QsXrXHnCS80aA2AXGHsyx
         H6/wRviljKhATZmhyIfXaRLGyyHQWvtl+B4035xXHsXFsOhmtDPj5Tjq0/ATEMUw5Lrf
         sH8b9wBp+MLcteGH4tCb3T7Oq/9sYetoFP7/eAY6fDTDdWUe4KIJ1W9cZ+Kr0eq82I49
         rQJPH4sYpHMreut4v6UI9J/03RIpCMy+FRwj6fUJjzxwrtYDFfD4MmcVPADV8ZiXWNEi
         SPIMcn3kh10Ejh6BVwi9N8/UmLRQIBL7zD5oKwlR+OcQR8DwsQ1frGznTkz9eJByaZmA
         MQ7w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f19-v6si629244plr.641.2018.01.30.14.29.01;
        Tue, 30 Jan 2018 14:29:15 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752899AbeA3W0z (ORCPT <rfc822;sujaykul91@gmail.com>
        + 99 others); Tue, 30 Jan 2018 17:26:55 -0500
Received: from mga17.intel.com ([192.55.52.151]:38995 "EHLO mga17.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751927AbeA3W0y (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 30 Jan 2018 17:26:54 -0500
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga006.jf.intel.com ([10.7.209.51])
  by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 30 Jan 2018 14:26:54 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,436,1511856000"; 
   d="scan'208";a="14679201"
Received: from schen9-desk3.jf.intel.com (HELO [10.54.74.42]) ([10.54.74.42])
  by orsmga006.jf.intel.com with ESMTP; 30 Jan 2018 14:26:54 -0800
Subject: Re: [PATCH] x86/speculation: Use Indirect Branch Prediction Barrier
 in context switch
To:     Borislav Petkov <bp@alien8.de>
Cc:     David Woodhouse <dwmw@amazon.co.uk>, arjan@linux.intel.com,
        tglx@linutronix.de, karahmed@amazon.de, x86@kernel.org,
        linux-kernel@vger.kernel.org, peterz@infradead.org,
        pbonzini@redhat.com, ak@linux.intel.com,
        torvalds@linux-foundation.org, gregkh@linux-foundation.org,
        mingo@kernel.org, luto@kernel.org, linux@dominikbrodowski.net
References: <1517263487-3708-1-git-send-email-dwmw@amazon.co.uk>
 <20180130203836.bsgme6kf6hstgbrx@pd.tnic>
 <024dd53b-1912-34fa-deb8-550c111df521@linux.intel.com>
 <20180130215731.pszc5u4gcc32ds4v@pd.tnic>
From:   Tim Chen <tim.c.chen@linux.intel.com>
Message-ID: <296de30b-515b-6eab-1b13-bb2f71451004@linux.intel.com>
Date:   Tue, 30 Jan 2018 14:26:53 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.1.0
MIME-Version: 1.0
In-Reply-To: <20180130215731.pszc5u4gcc32ds4v@pd.tnic>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 01/30/2018 01:57 PM, Borislav Petkov wrote:
> On Tue, Jan 30, 2018 at 01:03:20PM -0800, Tim Chen wrote:
>> So it doesn't seem to be very practical attack if the victim has set
>> itself to be non-dumpable.
> 
> Probably, but considering how cheap our fix is, we might just as well
> plug that hole too.
> 

If the process has multiple threads running on different cpus,
you will need to set IBPB on all cpus they are running in
order to achieve your purpose.  So it is not necessarily cheap.
But I don't think it is really necessary.

Tim