Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp5356141imm; Wed, 12 Sep 2018 05:02:15 -0700 (PDT) X-Google-Smtp-Source: ANB0VdbXI7fp6FO4bq9hqLAfrFxrkJ09+/wa3Qa01aXxT/ndSimJ/Qxdpbhxb2T3DQEBdsddphCm X-Received: by 2002:a63:e841:: with SMTP id a1-v6mr1889514pgk.126.1536753735400; Wed, 12 Sep 2018 05:02:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1536753735; cv=none; d=google.com; s=arc-20160816; b=DH1Zg5VX7L1LkdQPnbTapRAmUS5dJTh5yQb28b/os3nAo9Qbb0z6D9oQC+hcwmz6e4 pBvMeTm3rBzowDU3mt/MX7IVQuu4F6ij88iFRsoCZ0y4pI7E1Je1AEYOKk13maBGcViL Ni4g8KVFSoSDOzWpyAXkvM1oGys6brGncCGPy2F0UPukauljwFIu9jKCKteGmYSBYbF9 40vfFZu9l3mhUdVy7hnceXC2Lx3P4R0RCcyBX31ym3wGlIQNxDmGE02TvOAYduhmVZlT wLkzQ759sGs3eQIO8QeveoYdEjEt7kAaBZxRjQn4YGr8Qdzd0WL/Fq0Cd4GgzCPbauCe Fdvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=p5PtgBpzjR8sNtqmnf/Tt7DzHlYgFlCyiHppa8IuA6I=; b=BenbxXQR83HZzg9vkWHFFx9eYFjlhksPvuJGRC5qQCQ50/dKRnedlzaCWF0WVtNa60 F3FNZFU6MfjrZeY21yP80A+ioQaabpYTI9enUyt2QqmWHxoqNlzfUg23wG3l5LtYV5ZK OtVkzcDXT7ECc1BxpmhPUYvgvuqlQ10xTbY8/ZVSS1E5I+AIImBVrwd2IbobxKRflLcJ FMoryn1tovDBH6/ay4sHL55KtRGFmRDOh53t170SAGsuGVqWQA5trCk0KMS6Y6t9Cnyl v2ILib13ltMcIdvNeddZclz0pOSzsW2YmzCCjR8uAnof8UKIgKG/RnWQz/Z6UdpeBT3j STCw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1-v6si907179pgb.107.2018.09.12.05.01.52; Wed, 12 Sep 2018 05:02:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726642AbeILRGA (ORCPT + 99 others); Wed, 12 Sep 2018 13:06:00 -0400 Received: from Galois.linutronix.de ([146.0.238.70]:43623 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726221AbeILRF7 (ORCPT ); Wed, 12 Sep 2018 13:05:59 -0400 Received: from hsi-kbw-5-158-153-52.hsi19.kabel-badenwuerttemberg.de ([5.158.153.52] helo=nanos.tec.linutronix.de) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1g03po-0008FH-Bq; Wed, 12 Sep 2018 14:01:28 +0200 Date: Wed, 12 Sep 2018 14:01:27 +0200 (CEST) From: Thomas Gleixner To: "Schaufler, Casey" cc: Jiri Kosina , Ingo Molnar , Peter Zijlstra , Josh Poimboeuf , Andrea Arcangeli , "Woodhouse, David" , Andi Kleen , Tim Chen , "linux-kernel@vger.kernel.org" , "x86@kernel.org" Subject: RE: [PATCH v5 1/2] x86/speculation: apply IBPB more strictly to avoid cross-process data leak In-Reply-To: <99FC4B6EFCEFD44486C35F4C281DC6732144B7E1@ORSMSX107.amr.corp.intel.com> Message-ID: References: <99FC4B6EFCEFD44486C35F4C281DC6732144ADF9@ORSMSX107.amr.corp.intel.com> <99FC4B6EFCEFD44486C35F4C281DC6732144AEC9@ORSMSX107.amr.corp.intel.com> <99FC4B6EFCEFD44486C35F4C281DC6732144AF24@ORSMSX107.amr.corp.intel.com> <99FC4B6EFCEFD44486C35F4C281DC6732144AF87@ORSMSX107.amr.corp.intel.com> <99FC4B6EFCEFD44486C35F4C281DC6732144B7E1@ORSMSX107.amr.corp.intel.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 11 Sep 2018, Schaufler, Casey wrote: > How about this? Take Jiri's patch as written. You get everything except checks > on the security blobs and any "magic" that my safesidechannel module did. I > will propose a follow on patch that fixes the SELinux code to eliminate the locking > issue and enables the LSM hooks in the IBPB case. I can then do a revised "magic" > safesidechannel security module that uses the ptrace hook instead of adding a > new hook explicitly for IBPB. There is some danger that in the future ptrace and > IBPB criteria will diverge sufficiently that a common hook becomes nonsensical. > As no one else seems concerned about this possibility, I won't lose any sleep over > it either. Sounds like a plan.