Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2017220imm; Sat, 9 Jun 2018 06:20:06 -0700 (PDT) X-Google-Smtp-Source: ADUXVKLczFbw4GwrOPx/gtOKY1DGAxm/XBQz5oP+05kgzO7+r/AIKms8oNeOus+m8i6+F173ndJO X-Received: by 2002:a17:902:a703:: with SMTP id w3-v6mr11003471plq.111.1528550406909; Sat, 09 Jun 2018 06:20:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528550406; cv=none; d=google.com; s=arc-20160816; b=uv08X04qkORLQ2xLu+oSj7GclJ5r/G9KmwXxcqPRUjrpXP4Vrpu1u7g+ST3ue8Zg1y PkWLAbNSiZetObIw34XJZ6RGYJZjP02Dhe3HhvKaLD+In8g6hoYy3DkTiky93vOvHC7w Gsm1fmPVQw60Ql2ygcJK7zJKEgGYG5XR9f1CyyvPveM219MfZ0Yy8vRAoLfo/XJVWia0 ynxGH9jepnUqkDED/CSkbaBqloI0Dp2p2aK4aLFIkat4YYYQ+Ns14XheilPrLowcg3sj OHChDuCKluHDyXFXpq7UqsCaSMlvuPbFJw/XKrEXLe7uqOWrM4OeWsh4lu4r0GWKYw1S 7deg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:organization:user-agent :references:in-reply-to:subject:cc:to:from:message-id:date :arc-authentication-results; bh=zGKu/NpyVAobivjiYz64XAoiYchRe82Rr72FrTdKjlA=; b=maVyGhgQIeFYJ9dPc5Si4DFr4YdhkoE66BQUPnqxGWHLi8+4x6S934l/8Qw63zSuDU ABKAKG/I+6TxOv1Aym6yIS59PHkbTXG9ISFUA3KH/ChsGwDRtY0IM7Crt8Z61puujkXJ LeKxxutYL81m0QVbe+ysyIhVrzosVHctsi9CQEvm7q57IWWEFz6Wv7VAoE8fItAzTgox 9a8jtaCORKGsT6rt2tveLvtT/n7Z3wziGBnz/dfIm8p51H+jfm84ygeBqTD2y/WsKvMt 17UaEj8FfW5pctW+nZCMKBAuXIGPQGwhWCq6Pclvozg9TzzpnTbLysXqDTmWfvm7LtTB byCA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 67-v6si31898377pge.373.2018.06.09.06.19.52; Sat, 09 Jun 2018 06:20:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753285AbeFINT1 (ORCPT + 99 others); Sat, 9 Jun 2018 09:19:27 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:40462 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753259AbeFINTZ (ORCPT ); Sat, 9 Jun 2018 09:19:25 -0400 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 477671435; Sat, 9 Jun 2018 06:19:25 -0700 (PDT) Received: from big-swifty.misterjones.org (usa-sjc-mx-foss1.foss.arm.com [217.140.101.70]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BAFC23F557; Sat, 9 Jun 2018 06:19:19 -0700 (PDT) Date: Sat, 09 Jun 2018 14:19:10 +0100 Message-ID: <86wov885dd.wl-marc.zyngier@arm.com> From: Marc Zyngier To: Jon Masters Cc: , , , Will Deacon , Catalin Marinas , Thomas Gleixner , Andy Lutomirski , Kees Cook , Greg Kroah-Hartman , Christoffer Dall , Randy Dunlap , Dominik Brodowski , Julien Grall , Mark Rutland Subject: Re: [PATCH v2 05/17] arm64: Add 'ssbd' command-line option In-Reply-To: References: <20180529121121.24927-1-marc.zyngier@arm.com> <20180529121121.24927-6-marc.zyngier@arm.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL/10.8 EasyPG/1.0.0 Emacs/25.1 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) Organization: ARM Ltd MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 09 Jun 2018 13:53:08 +0100, Jon Masters wrote: > > On 05/29/2018 08:11 AM, Marc Zyngier wrote: > > > + ssbd= [ARM64,HW] > > + Speculative Store Bypass Disable control > > + > > + On CPUs that are vulnerable to the Speculative > > + Store Bypass vulnerability and offer a > > + firmware based mitigation, this parameter > > + indicates how the mitigation should be used: > > + > > + force-on: Unconditionally enable mitigation for > > + for both kernel and userspace > > + force-off: Unconditionally disable mitigation for > > + for both kernel and userspace > > + kernel: Always enable mitigation in the > > + kernel, and offer a prctl interface > > + to allow userspace to register its > > + interest in being mitigated too. > > This should be "spec_store_bypass_disable" and it should have the same > parameters as on x86: "on", "off", "auto". Why not just add > "kernel"? Feel free to propose a patch that adds the x86 compat option if you want, but I don't think this option deserves that many letters, and it is also worth realising the semantics of the mitigation *are* different. That's the real reason why we have different options. > (we had a "kernel" early on for x86 as well, and it might still end up > coming back anyway). If there's a /compelling/ reason to have the Arm > parameter differ, then it should still recognize the x86 parameter, > similarly to how POWER also does that for cross-arch consistency. Well, we should then aim for real consistency (seccomp or not seccomp? mitigated kernel or not?), and not at the cosmetic level. Once all arches implement identical behaviours, we'll be in a position to safely have a common option naming scheme which would encompass the actual meaning of "on" and "off" (which have opposite meaning between x86 and arm64). > We'll add the x86 parameter way of doing it to RHEL anyway. Great! M. -- Jazz is not dead, it just smell funny.