Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp4193927ybi; Tue, 18 Jun 2019 13:34:24 -0700 (PDT) X-Google-Smtp-Source: APXvYqxVx9uRNiItSp80rWRrfGCmRunTmmZEtvnrYl9XtDO5cVoZwy9pYgFIpAAGf1DJyFCDm2s3 X-Received: by 2002:a17:90a:3210:: with SMTP id k16mr6877169pjb.13.1560890064316; Tue, 18 Jun 2019 13:34:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560890064; cv=none; d=google.com; s=arc-20160816; b=eBNDrVtTNmjNa4lnehQoHhp4gboY86U9NlZdb5Z3LZ3mkkGxkMJgzydrJTy7kR/wDF LFXEhDd89RdB02IydMblMujqZoBKyH73+5CJI5qDBDaZ/HfDZQ16UwrPmecyXY2P2MP1 tw2IdxwrHF7AYOQ3TVlR72KjHLgfW2TLf7B0v3OeXHn+VOg4m0Cz5ObELruNkuNItEof +UUtF+Sc7rHVd4QodcvTkUmSsAtEttRVezUP0bUhWzxdihQ8wNTkKMtC1BSZWRdRSkw9 rhSiMUFGSAAC4TQr19+3DHFNMJw+vt2YTp0ybejqQsQIost4chTucJPDNQeIn1XqKZoW a07Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=Tdpf6CzoklaT57IuO63uewzvb18x1t/t7TPn/ITBFnk=; b=h95m5FHewViCvFUP3E2x2/zd5DwOhetrVPfVs5M/gD4tth5nkh0MWP6r5RgfSjZEPi 6EYZOrBIwdXLmD32+GW7Kq0iSbrU7eOkpSeUPx7oUD3iJ1yGt8tPAaiqTFxByfDIkfWO zvi42EoP94EGOTnTRm4bvTUi5h7cdZWUOGPXpqWszugvyHx9hPlY1+z30Syp9ShqlQoB Y2BCE+wFM7RUL+Iduap19u0Cvhxh2MfpEF+QARlxUxw2gOdF1MEYXuF85MWiC+aGb9qe HhI0LX6CK+iRjH5jWsum/tEZznc5xrd9TjP5IqY02yi6SJM2aMxCGlH8uztejn8Dn6ej g5Gw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 36si1047023pgl.237.2019.06.18.13.34.08; Tue, 18 Jun 2019 13:34:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730546AbfFRUdv (ORCPT + 99 others); Tue, 18 Jun 2019 16:33:51 -0400 Received: from Galois.linutronix.de ([146.0.238.70]:48727 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729961AbfFRUdv (ORCPT ); Tue, 18 Jun 2019 16:33:51 -0400 Received: from p5b06daab.dip0.t-ipconnect.de ([91.6.218.171] helo=nanos) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1hdKn1-0002HC-L1; Tue, 18 Jun 2019 22:33:11 +0200 Date: Tue, 18 Jun 2019 22:33:10 +0200 (CEST) From: Thomas Gleixner To: Tim Chen cc: Jon Masters , Alexei Starovoitov , Jonathan Corbet , Greg Kroah-Hartman , Ben Greear , stable@vger.kernel.org, Andi Kleen , Dave Hansen , Jun Nakajima , Jiri Kosina , Linus Torvalds , Tom Lendacky , Ingo Molnar , Peter Zijlstra , Josh Poimboeuf , Andrea Arcangeli , David Woodhouse , Asit Mallick , Arjan van de Ven , Waiman Long , Borislav Petkov , Mark Gross , LKML , x86@kernel.org Subject: Re: [PATCH v3] Documentation: Add section about CPU vulnerabilities for Spectre In-Reply-To: <95881c0e-5849-9062-a0c5-eb55081a06aa@linux.intel.com> Message-ID: References: <5ff842bb-e0b8-c4aa-134d-32c9d838a162@redhat.com> <526833c7-b9b4-1847-9f9b-52dd248548ad@redhat.com> <95881c0e-5849-9062-a0c5-eb55081a06aa@linux.intel.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Linutronix-Spam-Score: -1.0 X-Linutronix-Spam-Level: - X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required, ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 18 Jun 2019, Tim Chen wrote: > On 6/17/19 1:30 PM, Jon Masters wrote: > > On 6/17/19 4:22 PM, Jon Masters wrote: > > > >>> + For kernel code that has been identified where data pointers could > >>> + potentially be influenced for Spectre attacks, new "nospec" accessor > >>> + macros are used to prevent speculative loading of data. > >> > >> Maybe explain that nospec (speculative clamping) relies on the absence > >> of value prediction in the masking (in current hardware). It may NOT > >> always be a safe approach in future hardware, where Spectre-v1 attacks > >> are likely to persist but hardware may speculate about the mask value. > > > > Something like the Arm CSDB barrier would seem to be potentially useful > > for $FUTURE_X86 as a fence with lighter-weight semantics than an *fence. > > > > Is it necessary to go into such level of implementation details on nospec? > These seem to be appropriate as code comments in nospec for kernel developer. > But for an admin-guide doc, it may confuse sys admin to think that nospec > could not be ineffective. > > When new hardware appears that need new implementations of nospec, we should > tweak nospec and not need the admin to worry about such implementation details. Correct. Those details are architecture level details. See the split of the MDS documentation... Thanks, tglx