Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2052875imu; Sun, 18 Nov 2018 14:45:16 -0800 (PST) X-Google-Smtp-Source: AFSGD/UuuaGyU1S86rGpp07B1N0E3sEuyiuhPNFb6QfuiWOQ5Cyqgo/vvYuI7Mxe19QRl0m4EPYU X-Received: by 2002:a17:902:5a0b:: with SMTP id q11mr2551960pli.186.1542581116926; Sun, 18 Nov 2018 14:45:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542581116; cv=none; d=google.com; s=arc-20160816; b=HUcYNN9IsUlo9rPEX4/59VxrCxZfsT/SFztb8kKFUfk8k717CQ9IABeTDT6ujElva0 ljviCtkFUrUYLP/luxIeSJYQ10WbmDlPxCMMsIykrOzqJep+lXNOf5DYWbpuThJVA+uM iXQDw7QKpgCbEqsLGvz6dXCCuqb77YPuaUlc/5Rx738WmX5cRAVbQQe8O/duSXiePxsD 4phgxsUvXcDrpGSanJd1OQx9DSsX6tklHmgJQreEzelm2sUyx8XMN3R4Q0TZoBSymWvZ PoUWnYzUrUgrLtHAyFY9QFj6buyHoW/P8zpgdEN0urN3bPO+sZ70sQH33PZVeJTjLBeR jCjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version; bh=SRPagM4qPJJ2vrQgpC6pXXOKkhk1lKFE7Z+076iWk0M=; b=yhR2elR+IOplNnswtr2AoYCQsitkKwe3RTpCGY+1ct2VKMnfTEFijlx6LJMa62Q4Ir wUj02Dc/OUrW6Y83hQ3i31sZcG4oyWFYtWSoeHsmcAKiN+8/xs7RTC1Fm7y+JTxw4JkJ DF9ywnI593n27NjL19tlSnUPpdef/JYAdnzBlH/cIfFDpvtuoKHoSGlyxRNTE+ki74qO S8cwsIZxESoiSPysSk/1geZwECpbJY4reaEKfdhok3gYjeiC1GNbTp+d7BK6wOZ8tQQ5 jJZGkPRiRoM4dQMsDbtT2WK0WbgPaJg0J5m/Bey0UYKznzsYHemo/IwOQrm/Wi6P+9TN b+wg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h65-v6si42222249pfc.62.2018.11.18.14.45.02; Sun, 18 Nov 2018 14:45:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727956AbeKSJEG convert rfc822-to-8bit (ORCPT + 99 others); Mon, 19 Nov 2018 04:04:06 -0500 Received: from www.sr71.net ([198.145.64.142]:42799 "EHLO blackbird.sr71.net" rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1725881AbeKSJEG (ORCPT ); Mon, 19 Nov 2018 04:04:06 -0500 X-Greylist: delayed 428 seconds by postgrey-1.27 at vger.kernel.org; Mon, 19 Nov 2018 04:04:05 EST Received: from [10.6.227.155] (50-206-94-218-static.hfc.comcastbusiness.net [50.206.94.218]) (Authenticated sender: dave) by blackbird.sr71.net (Postfix) with ESMTPSA id BA066FA863; Sun, 18 Nov 2018 14:35:21 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (1.0) Subject: Re: STIBP by default.. Revert? From: Dave Hansen X-Mailer: iPhone Mail (16B92) In-Reply-To: Date: Sun, 18 Nov 2018 14:35:20 -0800 Cc: Linus Torvalds , Thomas Gleixner , Peter Zijlstra , Josh Poimboeuf , Andrea Arcangeli , David Woodhouse , Andi Kleen , Tim Chen , Casey Schaufler , Linux List Kernel Mailing , the arch/x86 maintainers , stable@vger.kernel.org Content-Transfer-Encoding: 8BIT Message-Id: <30141361-EFDC-4547-82D7-7AAAC556B9F5@sr71.net> References: To: Jiri Kosina Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Nov 18, 2018, at 2:17 PM, Jiri Kosina wrote: > > It's probably not just browsers, but anything running JITed sandboxed > code. So the most straightforward way might be the prctl() aproach, where > userspace would claim "I do care about this, please fix it up for me". So > prctl() + perhaps SECCOMP. Yeah, the prctl() shifts the pain to the right place: folks explicitly opting in. Always-on seemed way too draconian to me.