Received: by 2002:a05:6a10:a841:0:0:0:0 with SMTP id d1csp4004925pxy; Mon, 26 Apr 2021 15:25:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxGcFDk844Y3EDY78bq3pAHmGNuCseeJNjm7xBhCqgLLqpUREyxShMDLYFtmtKOXwLSrRNK X-Received: by 2002:a17:90a:4dc7:: with SMTP id r7mr5097970pjl.174.1619475907888; Mon, 26 Apr 2021 15:25:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1619475907; cv=none; d=google.com; s=arc-20160816; b=a03NcqFRnSL2KOj8iFSk5gaIrAiG0HH3RISAegPyu1fNXkaC2nP76lmXQhvKPFzgrS Dit+bImPFXbCSux2uF1xW2CQPaHognf7Uqflk8wWm+SGLUANN1fbyxbBxkKHPtmVC+a7 mGbcf91nFLtJ9x63dGh6JpSPeUlxeMH1xIRQIGJ8AwuSa6H1z00xfjTYJHZ/B/3YSWVs ZgGadfFz8vQYCJJ62Q94g/YsK8OfKqgmOLvF0hYi2oFECt+BQnez+qlaTY8NPYAtoX9K Ezm5cq6QAykPvRplIHeKlSbBs/kzboWXFSCNsTflMPRhRAaD+Fx10ZronhhoMBRaptcd Qbjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:references :in-reply-to:subject:cc:to:dkim-signature:dkim-signature:from; bh=MQMj3D96Z+VkDGWRL+sgLmic4KkQPDsjquONKnj3+e0=; b=x3vRBGQ5gURswDE5NoUSRFvgZ/NMScWzL7cRgbQH8iA/hed3pUTTOQV+aR4ouU2FI+ dVK86Z325ykXenKTlecqUhctYhJT5tPLIypSiocnXtSj4MbGL7bh3kAS/bR364g1JXn8 9BvvIQbMvdsgLdvgVMX8s2XZxEGKAivE5TI6k3wkin9rY7L6LoNvWtoQfo3tfzP5xqiN MJcSx+ZXifk9lwHXpkRMPkGu1bbhF3dfZmtFdJu0JrHDYtiE2RAivziiJ30dFxbiABgj 1NnpemaBAsyQHEMW9R0RZh4Ad8hzThWtRCYyGTrVEmMz5f+qqMkJ/lHjxXxNtKYhUwid WOpg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=0kXjBGtv; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=wwSCw6Ie; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r20si19705701pgv.32.2021.04.26.15.24.53; Mon, 26 Apr 2021 15:25:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=0kXjBGtv; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=wwSCw6Ie; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234275AbhDZWZB (ORCPT + 99 others); Mon, 26 Apr 2021 18:25:01 -0400 Received: from Galois.linutronix.de ([193.142.43.55]:36916 "EHLO galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232062AbhDZWZA (ORCPT ); Mon, 26 Apr 2021 18:25:00 -0400 From: Thomas Gleixner DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1619475856; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=MQMj3D96Z+VkDGWRL+sgLmic4KkQPDsjquONKnj3+e0=; b=0kXjBGtvkoY+85roJ8/wdmnFyWKEPQXR5Ynt/svYWNyCep43lp0mPgolqhWp/fq2zLhaxB R4sslb+hensNuaWK4zyf9Z8EP7nqCvCibbDVksCuUeSF0B7mt3fhNYzt4s0M8T0ruVcDju jyjbprzn5gHqBQgoXLrKLdMGvv/OBdvYnNOu2QJMnketXs7m/ZcEJL5dQIhrY5i342CKVa 1d/O71gCUtb0nsrgA7PagN9pu/+xpUdU07jmW7ovjCR7wVljEueAbc76T+UYL0RdzjC8bU iLspW1nm5c+EcR64GJtCj0BCyGpYZthRsaBPKPMV5ZcMusuI2BUxzBV/4tPT1Q== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1619475856; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=MQMj3D96Z+VkDGWRL+sgLmic4KkQPDsjquONKnj3+e0=; b=wwSCw6IetGlLmSppQu3oR88eD6z9Rsak++JTY6E2TVutAT2oeEoUZsMp9ZvuhSn2Q0C36H XGwzNk8Fj7kYRBCQ== To: Kees Cook , bsingharora@gmail.com Cc: "mingo\@redhat.com" , "linux-kernel\@vger.kernel.org" , "peterz\@infradead.org" , "torvalds\@linux-foundation.org" , "jpoimboe\@redhat.com" , "x86\@kernel.org" , "tony.luck\@intel.com" , "dave.hansen\@intel.com" , "thomas.lendacky\@amd.com" , "benh\@kernel.crashing.org" , linux-hardening@vger.kernel.org Subject: Re: [PATCH v4 0/5] Next revision of the L1D flush patches In-Reply-To: <87y2d5tpjh.ffs@nanos.tec.linutronix.de> References: <20210108121056.21940-1-sblbir@amazon.com> <202104081319.DAB1D817@keescook> <87y2d5tpjh.ffs@nanos.tec.linutronix.de> Date: Tue, 27 Apr 2021 00:24:16 +0200 Message-ID: <87tunsofan.ffs@nanos.tec.linutronix.de> MIME-Version: 1.0 Content-Type: text/plain Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 26 2021 at 10:31, Thomas Gleixner wrote: > On Thu, Apr 08 2021 at 13:23, Kees Cook wrote: >> >> I'd still really like to see this -- it's a big hammer, but that's the >> point for cases where some new flaw appears and we can point to the >> toolbox and say "you can mitigate it with this while you wait for new >> kernel/CPU." >> >> Any further thoughts from x86 maintainers? This seems like it addressed >> all of tglx's review comments. > > Sorry for dropping the ball on this. It's in my list of things to deal > with. Starting to look at it now. So I went through the pile and for remorse I sat down and made the tweaks I think are necessary myself. I've pushed out the result to git://git.kernel.org/pub/scm/linux/kernel/git/tglx/devel.git x86/l1dflush The only thing I did not address yet is that the documentation lacks any mentioning of the SIGBUS mechanism which is invoked when a task which asked for L1D flush protection ends up on a SMT sibling for whatever reason. That's essential to have because it's part of the contract of that prctl. Balbir, can you please double check the result and prepare an updated version from there? If you don't have cycles, please let me know. Thanks, tglx