Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp820061pxf;
        Thu, 8 Apr 2021 13:24:06 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzX+YKe9QpgAHt4w/klLPsBTCVoSAwtY7FcrgiUOu6kw24R5qSVSTTLww+Y2VZ/YdCLl/TH
X-Received: by 2002:a17:90b:d95:: with SMTP id bg21mr10474860pjb.159.1617913446805;
        Thu, 08 Apr 2021 13:24:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1617913446; cv=none;
        d=google.com; s=arc-20160816;
        b=qXx8J1nwUnPHvX0CuNsvypVauOqhvarzY/jLvwWNXB8R6j9I05hP8gh1+OeQq+AzLN
         mVi3RnE0f2cXKcUreLUxq0XtDJTRgs02Xm+7mkQcEIWBaif7JQWdk4iuSo1aYhHo37Pr
         +jR4tfgL1dNxZhqSz0gaaDmX0sKMM+ZIbCdEjcDnm7Jt3uC6V1JFKZEsMaCg5cGQFWIm
         48kcsVJ1Y+u38Q1FD+Jkq5TzwH43VleDFZ3fLI4YbecHlRt9sxLfOOG8k3Rxg1eNv7V+
         1jrMo0BHzvZGpUg/a7EP+kFgg4bVS9g4QQtW2sdoiMF72juG0L5RU0OZdmoZPQ5OTL8Q
         LCnQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=Z3faoKTmut0b+H791nuk4RfV65azdQNFfXkzkcIwqc0=;
        b=L2blOPc1/eg6zSJkQJV/bwGUEH3oHeCcZU6I2SoNJCe/3uyqLMuIqII0FQ5kiaywCL
         eEuctZNMwLAYJQ8S3ow4+cvBwRjxyhMMKdUT2CYyYOmDyCIfgWNyned4YCaYtWnfkrrz
         2MxviD+c2y4nMWTWm9o8tGvx9Q/PfFEgcqiwW80daPdYKrX+FpSQEl0sLAXHUds778MR
         7pegUI9LPuyq0/i8dsV/hor4lha8h3VMa5TMApp2En5GjjpudMrAIvj9bP8ggfqwD4up
         PCPMZcLLKNU+lnkgiTSjtTrrDvV9sCLz85kL2/p3wC9vtQoNCLXs9VRca2qJ4mv/i7x6
         e+bg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=WRM0NK6a;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id a3si334722plm.258.2021.04.08.13.23.52;
        Thu, 08 Apr 2021 13:24:06 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b=WRM0NK6a;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231897AbhDHUXU (ORCPT <rfc822;linux.sihyeon@gmail.com>
        + 99 others); Thu, 8 Apr 2021 16:23:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45348 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231451AbhDHUXU (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 8 Apr 2021 16:23:20 -0400
Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A1031C061760
        for <linux-kernel@vger.kernel.org>; Thu,  8 Apr 2021 13:23:08 -0700 (PDT)
Received: by mail-pf1-x42f.google.com with SMTP id i190so2669098pfc.12
        for <linux-kernel@vger.kernel.org>; Thu, 08 Apr 2021 13:23:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to;
        bh=Z3faoKTmut0b+H791nuk4RfV65azdQNFfXkzkcIwqc0=;
        b=WRM0NK6ahXYlnABx14y7wNAK3ARCzvs0N/LziWW63jFcLOiDNLmHoTPnoSvXx0213d
         pR3G6T0GwBHwUs6TmBDWUgy5YbuWK4Bs00EXAk4qPHrn5x+53iHoJebQDf/qydGaOuy4
         r/2+W3hXp0YpWxEGMPVQb+PgZJIRZiSUSgZWw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=Z3faoKTmut0b+H791nuk4RfV65azdQNFfXkzkcIwqc0=;
        b=C9Beg+uqMPsvhKVUgpghgLO2ideXELQ4oKLVpTd4Kjk/AdJW3F2re3+q44HbMtrSak
         +DSi307+BFAaPFaGvkwvUVcsaMGAzLy1SYJ3DU3OGkHqkkc3lFlkbcaDIKyJDykGq0nx
         fFYGn/eRr5svzU1s5muKQpFCawRQ6Jv0JrVzYY4C772kL3MaTLRBDQ7KJWoip6P5T9fo
         Qoes6CSyQI6aMgb5CdPNzLSpdNCiYYgeBbXnz6K5owW7wHMkyHydU7R4pGIGtb22vbpG
         WjV0LQwTWauB25KxF3Ke6ILy17NsSXKm8uryZ6PHRy96EVuCWr7y6PIF/Xh8vneQNCaz
         sjVA==
X-Gm-Message-State: AOAM532BEKfH7Lhllqvs7CBYh57cSEYgh8tpMATcIU3Jhe/prZkul+m1
        2cGmGceDTp48I9Zfqnc2Y3x89Q==
X-Received: by 2002:a63:3244:: with SMTP id y65mr10002081pgy.197.1617913388148;
        Thu, 08 Apr 2021 13:23:08 -0700 (PDT)
Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163])
        by smtp.gmail.com with ESMTPSA id h19sm283747pfc.172.2021.04.08.13.23.07
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 08 Apr 2021 13:23:07 -0700 (PDT)
Date:   Thu, 8 Apr 2021 13:23:06 -0700
From:   Kees Cook <keescook@chromium.org>
To:     "Singh, Balbir" <sblbir@amazon.com>, tglx@linutronix.de
Cc:     "mingo@redhat.com" <mingo@redhat.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "peterz@infradead.org" <peterz@infradead.org>,
        "torvalds@linux-foundation.org" <torvalds@linux-foundation.org>,
        "jpoimboe@redhat.com" <jpoimboe@redhat.com>,
        "x86@kernel.org" <x86@kernel.org>,
        "tony.luck@intel.com" <tony.luck@intel.com>,
        "dave.hansen@intel.com" <dave.hansen@intel.com>,
        "thomas.lendacky@amd.com" <thomas.lendacky@amd.com>,
        "benh@kernel.crashing.org" <benh@kernel.crashing.org>,
        linux-hardening@vger.kernel.org
Subject: Re: [PATCH v4 0/5] Next revision of the L1D flush patches
Message-ID: <202104081319.DAB1D817@keescook>
References: <20210108121056.21940-1-sblbir@amazon.com>
 <cf89f0389379daaaff0cbce9c5f1550866e55e91.camel@amazon.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <cf89f0389379daaaff0cbce9c5f1550866e55e91.camel@amazon.com>
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

*thread necromancy*
https://lore.kernel.org/lkml/20210108121056.21940-1-sblbir@amazon.com/

On Mon, Jan 25, 2021 at 09:27:38AM +0000, Singh, Balbir wrote:
> On Fri, 2021-01-08 at 23:10 +1100, Balbir Singh wrote:
> > Implement a mechanism that allows tasks to conditionally flush
> > their L1D cache (mitigation mechanism suggested in [2]). The previous
> > posts of these patches were sent for inclusion (see [3]) and were not
> > included due to the concern for the need for additional checks,
> > those checks were:
> > 
> > 1. Implement this mechanism only for CPUs affected by the L1TF bug
> > 2. Disable the software fallback
> > 3. Provide an override to enable this mechanism
> > 4. Be SMT aware in the implementation
> > [...]
> Ping on any review comments? Suggested refactoring?

Hi!

I'd still really like to see this -- it's a big hammer, but that's the
point for cases where some new flaw appears and we can point to the
toolbox and say "you can mitigate it with this while you wait for new
kernel/CPU."

Any further thoughts from x86 maintainers? This seems like it addressed
all of tglx's review comments.

-- 
Kees Cook