Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp5213184imu; Sun, 25 Nov 2018 19:09:16 -0800 (PST) X-Google-Smtp-Source: AJdET5eodU1NXMT9dDcARAhFyVkT+PYR+OTiT4k8txj25jM097vV+T5PWZ2j0zLT9KecQ4JPLyNu X-Received: by 2002:a62:6c89:: with SMTP id h131-v6mr25897538pfc.12.1543201755974; Sun, 25 Nov 2018 19:09:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543201755; cv=none; d=google.com; s=arc-20160816; b=GFBqR6rn1OPDWmBW4ohRUzOjgxfJSMmeLruAlD1nvb4Gsu1DQL//9HCvINoXfuV7C3 dnmyA5zqfzDz/FH5F5ljV4Oxm0O6A1VPAfhJx4hfvgEyxjVBrhBg890OehnyQ5I5yol6 GicTCRbzFQn2dGWtWuPtukkrnqrP5AXg7JkqljMrzWTlyDyIje9UpbmOpVMrm3qW+B2e uHWqczzBIbWWnwsMHTtSr+ghzlAqnKB4DDc56TbiduMMuMQHed+0q6SNyYy56aYt/ujL XNBJeUl87DPHsrxJPoTCTi7Wo4KJOSEDIhhRMTkTL44o89Wx1+P6vy9+HPKkeKI+ogA2 UB+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=eRjHgRZG4QjhENaFiZZ/eiPui+FRgsr5jAE73dR/WhU=; b=X6mvG4KCI7yGEz+62Bzggiw8/kHY10BpJxjWtI+kaLzcuJV8ID+xco/hND6/mnBR/9 32TmSYnemBVrNsu0V67uDpNr2qNVmkkRQf5QJ2UFcsaLuFE994OFTFrJxVQ6RlQ/lJ7E T8y+24H3AvMn1oKwds87q4YVh4rgCws90M6cMQ6vp9hIn2rBHJemSKXiKGdIuMZ1fylv pkFYEGLyGkbAZO1gsygxKE78oR6ZVk7tXeT1vZ5hjZP9h1A+emke75FkCif+g9DClcP/ 1haRXSHimVcQm9R7bKBMaNavE54x0cwUr0/+tPIpSPRfGt+T6Wl7E8V3xEk1zzD11izH qagQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n184si22888691pgn.95.2018.11.25.19.08.59; Sun, 25 Nov 2018 19:09:15 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726153AbeKZN7u (ORCPT + 99 others); Mon, 26 Nov 2018 08:59:50 -0500 Received: from mga05.intel.com ([192.55.52.43]:24027 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726079AbeKZN7u (ORCPT ); Mon, 26 Nov 2018 08:59:50 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Nov 2018 19:07:08 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,280,1539673200"; d="scan'208";a="252530192" Received: from tassilo.jf.intel.com (HELO tassilo.localdomain) ([10.7.201.126]) by orsmga004.jf.intel.com with ESMTP; 25 Nov 2018 19:07:09 -0800 Received: by tassilo.localdomain (Postfix, from userid 1000) id F41F6309C88; Sun, 25 Nov 2018 19:07:08 -0800 (PST) Date: Sun, 25 Nov 2018 19:07:08 -0800 From: Andi Kleen To: Thomas Gleixner Cc: LKML , x86@kernel.org, Peter Zijlstra , Andy Lutomirski , Linus Torvalds , Jiri Kosina , Tom Lendacky , Josh Poimboeuf , Andrea Arcangeli , David Woodhouse , Tim Chen , Dave Hansen , Casey Schaufler , Asit Mallick , Arjan van de Ven , Jon Masters , Waiman Long , Greg KH , Dave Stewart , Kees Cook Subject: Re: [patch V2 21/28] x86/speculation: Prepare for conditional IBPB in switch_mm() Message-ID: <20181126030708.GP13936@tassilo.jf.intel.com> References: <20181125183328.318175777@linutronix.de> <20181125185005.466447057@linutronix.de> <20181125205330.GO13936@tassilo.jf.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Nov 25, 2018 at 11:20:50PM +0100, Thomas Gleixner wrote: > On Sun, 25 Nov 2018, Andi Kleen wrote: > > > > The current check whether two tasks belong to the same context is using the > > > tasks context id. While correct, it's simpler to use the mm pointer because > > > it allows to mangle the TIF_SPEC_IB bit into it. The context id based > > > mechanism requires extra storage, which creates worse code. > > > > [We tried similar in some really early versions, but it was replaced > > with the context id later.] > > > > One issue with using the pointer is that the pointer can be reused > > when the original mm_struct is freed, and then gets reallocated > > immediately to an attacker. Then the attacker may avoid the IBPB. > > > > Given it's probably hard to generate any reasonable leak bandwidth with > > such a complex scenario, but it still seemed better to close the hole. > > Sorry, but that's really a purely academic exercise. Ok fair enough. I guess it's acceptable if you add a comment explaining it. -Andi