Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp2136828ybb;
        Thu, 2 Apr 2020 13:57:07 -0700 (PDT)
X-Google-Smtp-Source: APiQypIbsaZmR/2xPfhDkuhre9Q/McY0rh1T9pCUFN31pQwFEIdprAj2dTSg4YWpKzfeOkA40koS
X-Received: by 2002:aca:4243:: with SMTP id p64mr748834oia.21.1585861027477;
        Thu, 02 Apr 2020 13:57:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1585861027; cv=none;
        d=google.com; s=arc-20160816;
        b=WvjwOKECkQvL0G4sq1APN9taUkP/RWEggASMM2f77mvXw7lz6bpqD6kEIf2pJnSbqa
         0FGRVaBuRt81OX3vY60xPy3QSrI+QPjCOp+J0cLZTh94puvze1K2dkE7CtTY/vwCD2LN
         r4Qbsvt9JlQ9oQygvCDkbEdGB/6lL7smAXKeqVTEwCnWe0qbS/4NqY/D++PHwJs5XgQL
         fg8Y24ZzwSXHTCV1vZoDiSIXSe/oPi9vwyOtA7EcmokOQ6EXr31XvW5pILazL3sHE3Xo
         K2awhiSzTkaioU6tE7JRs/MoLv3asu/Tjz8/Xsvg61LbatD+xuSzLMblZ0mDl2OE+Pj4
         3WJg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=1Rc2v05BJ2MWLUOtCg/UMGos43tuREKXY5mt9KFY3Y0=;
        b=wlMpwdnnRqQxg1q8POzRO4bbS1vSvd7Mr3EKbdrYVpkBVCIA1MXd8DXRJFvmxqnpAo
         CMOwsX/5M6SHAHloGmfebnkzjs4HcuhhWxvHIg2nahhRcHVr8yNDyMcICUFsx7RASZD/
         e7OF5t88YtTb4doQl0oc1rflL07m1ZiJ62wn17KsNhU03JzTQI1GhYvf1J43FqUy4E8c
         J29do8Fb01D4D/PYB9gY9DRPjTgBWYKBNInqqeT3HIFCeM4b63/rWkt3NE2xOYuC2C+J
         pSAfMvexUpRosjAfVk92MjA2WIWrkc7stsd+apJPxlkemtyKA1pY1A+evSOcz7q7KGVV
         VnJQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=axglwSAW;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e26si2822315otq.50.2020.04.02.13.56.54;
        Thu, 02 Apr 2020 13:57:07 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=axglwSAW;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2388896AbgDBUsA (ORCPT <rfc822;bowenwang.tinker@gmail.com>
        + 99 others); Thu, 2 Apr 2020 16:48:00 -0400
Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:20172 "EHLO
        us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org
        with ESMTP id S1726617AbgDBUsA (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 2 Apr 2020 16:48:00 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1585860479;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=1Rc2v05BJ2MWLUOtCg/UMGos43tuREKXY5mt9KFY3Y0=;
        b=axglwSAW9W4yPsD+puN+v+m7E9aCI+etj6REpWQO6LjKeUmhuc0gjq6R2NOv/rSMgdpObN
        grGvvHivgYPOy0fxv5B7LWkaDdiJfc9rsfUWE2CsgTBac5sqlNX/WueUtBXGL6Nw2gFyM9
        44+2FJliWApNvJ9Qf9brZR7eLDdQDqw=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-266-ptPNqkgLPCGcXekziwlFuw-1; Thu, 02 Apr 2020 16:47:56 -0400
X-MC-Unique: ptPNqkgLPCGcXekziwlFuw-1
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8F5F5107ACC9;
        Thu,  2 Apr 2020 20:47:54 +0000 (UTC)
Received: from treble (ovpn-118-100.rdu2.redhat.com [10.10.118.100])
        by smtp.corp.redhat.com (Postfix) with ESMTPS id 515FF92FAD;
        Thu,  2 Apr 2020 20:47:52 +0000 (UTC)
Date:   Thu, 2 Apr 2020 15:47:49 -0500
From:   Josh Poimboeuf <jpoimboe@redhat.com>
To:     "Singh, Balbir" <sblbir@amazon.com>
Cc:     "tglx@linutronix.de" <tglx@linutronix.de>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "tony.luck@intel.com" <tony.luck@intel.com>,
        "keescook@chromium.org" <keescook@chromium.org>,
        "benh@kernel.crashing.org" <benh@kernel.crashing.org>,
        "x86@kernel.org" <x86@kernel.org>,
        "dave.hansen@intel.com" <dave.hansen@intel.com>
Subject: Re: [PATCH 0/3] arch/x86: Optionally flush L1D on context switch
Message-ID: <20200402204749.33ulub5jx66dktxg@treble>
References: <20200402062401.29856-1-sblbir@amazon.com>
 <20200402201328.zqnxwaetpk4ubg56@treble>
 <31c9720eff18ce167378e9a0017dcd73e0552164.camel@amazon.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <31c9720eff18ce167378e9a0017dcd73e0552164.camel@amazon.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Apr 02, 2020 at 08:35:46PM +0000, Singh, Balbir wrote:
> On Thu, 2020-04-02 at 15:13 -0500, Josh Poimboeuf wrote:
> > CAUTION: This email originated from outside of the organization. Do not
> > click links or open attachments unless you can confirm the sender and know
> > the content is safe.
> > 
> > 
> > 
> > On Thu, Apr 02, 2020 at 05:23:58PM +1100, Balbir Singh wrote:
> > > Provide a mechanisn to flush the L1D cache on context switch.  The goal
> > > is to allow tasks that are paranoid due to the recent snoop assisted data
> > > sampling vulnerabilites, to flush their L1D on being switched out.
> > 
> > Hi Balbir,
> > 
> > Just curious, is it really vulnerabilities, plural?  I thought there was
> > only one: CVE-2020-0550 (Snoop-assisted L1 Data Sampling).
> > 
> > (There was a similar one without the "snoop": L1D Eviction Sampling, but
> > it's supposed to get fixed in microcode).
> > 
> 
> Hi, Josh
> 
> Yes, that CVE the motivation, the mitigation for CVE-2020-0550 does suggest
> flushing the cache on context switch. But in general, as we begin to find more
> ways of evicting data or snopping data, a generic mechanism is more useful and
> that is why I am making it an opt-in.

Ok.  I think it would be a good idea to expand on that justification
more precisely in the commit message.  That would help both reviewers of
the code and users of the new option understand what level of paranoia
they're opting in to :-)

-- 
Josh