Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp689149ybk; Fri, 15 May 2020 10:58:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwMngxHX9YeLjaDJgexwUIq+hXZQyVFR4PSwBj9RXvepk76w/JEzVhJaDJzjKLfUqclwX8j X-Received: by 2002:a50:f017:: with SMTP id r23mr3833904edl.290.1589565510625; Fri, 15 May 2020 10:58:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1589565510; cv=none; d=google.com; s=arc-20160816; b=r8jlHuO7E4RksSNE8FbLz5Locfml3FhGGDtJ6z1PBA39SkXWsjOBQVlmf2yrKekqvA +pqnycxkcPsUs6nPjGN9JObCVn2XKlHuB/lDKJhp9XjwdXZ+aVSHB+K2cTcgDWiyv4nF SP5UTlNnUqdh/R8ARUZNnfl11EsaS2dg0/NL1mS+jGt5g2iKMSGq+Vc7LzZrwqsZ5sit qRf1nOzNNYg+lgB8LA7Us8HYsaWipDwjLr8sHCstkl1yLVO8Wl/XW7g9JL6TstLxXMvw 3v3euxHiMGaB4EfYQyQETmWX1GALeNkkfJiNEvNH3BdqN6lfnlGYVNE3dtTV7Kw0bDJM A35Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :ironport-sdr:ironport-sdr; bh=oj/CHd4/OT8qVDvBHpF+4Fj0eTxRnuBPnKxpKjrS3T0=; b=Iq+2OTYNSi3FXUKh+ce8LzeuR0IdmAO6nh5sNA+mxAPA5xvSxeup1jZ7Aes/V2qa2r MizeRaeGhHZDNuY2v4kpQ40uWceq+fDuAUc/mb6AGpZYhkxOauoyxb1iitRjriZVaCIe +byHtNQWXHx+ozsTgW/5F2pDf+ZJySskEEboC4jmFqyIB4hIDii5InpV1unPF5pVSE+o QFt6R+MjTs0etBmnrrQ7rJrJ/iv7iMzfNJv5zsE7uMAgMdqqmQQeJhINc3DXnyzy+NfV 5xvCC4j8lIMkAA5UL2VZNRPR7zvDHURo47GjlgkBjHDT0tYvHbOnCnYabzknMWopt6sF clTQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id jo20si1664823ejb.456.2020.05.15.10.58.07; Fri, 15 May 2020 10:58:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726663AbgEORzv (ORCPT + 99 others); Fri, 15 May 2020 13:55:51 -0400 Received: from mga04.intel.com ([192.55.52.120]:17940 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726219AbgEORzu (ORCPT ); Fri, 15 May 2020 13:55:50 -0400 IronPort-SDR: iSBZmHUl0AyrPoSGEk2gU4+OSPIJ2896RYl/sRZOoTlPb3ULpmHVhErE0n3oQFl6EYAbb9UcNN UeCpHOdbcdQA== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 May 2020 10:55:50 -0700 IronPort-SDR: kOXZFks6zNMq5aNddunKZXfcLmzxdbvtqz0sta1Cx4xMRY6kxz5uq0JTPAh0XyuhTsgCaC6rYQ 51ThK6E2oI4g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,396,1583222400"; d="scan'208";a="464978376" Received: from tassilo.jf.intel.com (HELO tassilo.localdomain) ([10.7.201.21]) by fmsmga006.fm.intel.com with ESMTP; 15 May 2020 10:55:50 -0700 Received: by tassilo.localdomain (Postfix, from userid 1000) id 29E68301AAA; Fri, 15 May 2020 10:55:50 -0700 (PDT) Date: Fri, 15 May 2020 10:55:50 -0700 From: Andi Kleen To: Sasha Levin Cc: Jarkko Sakkinen , linux-kernel@vger.kernel.org, tglx@linutronix.de, bp@alien8.de, luto@kernel.org, hpa@zytor.com, dave.hansen@intel.com, tony.luck@intel.com, ravi.v.shankar@intel.com, chang.seok.bae@intel.com Subject: Re: [PATCH v12 00/18] Enable FSGSBASE instructions Message-ID: <20200515175550.GP3538@tassilo.jf.intel.com> References: <20200511045311.4785-1-sashal@kernel.org> <0186c22a8a6be1516df0703c421faaa581041774.camel@linux.intel.com> <20200515164013.GF29995@sasha-vm> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200515164013.GF29995@sasha-vm> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > Indeed, we've seen a few hacks that basically just enable FSGSBASE: > > - https://github.com/oscarlab/graphene-sgx-driver > - https://github.com/occlum/enable_rdfsbase > > And would very much like to get rid of them... These are insecure and open root holes without the patches used here. -Andi