Received: by 2002:a05:6a10:6d25:0:0:0:0 with SMTP id gq37csp704709pxb;
        Sat, 11 Sep 2021 19:03:49 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzCmYxKH/p7i8V3OBJRdYitzcpXwPM0ErrTz8mwjIL6Uw/JvKpI48tVttZ3cvphqFGHpEds
X-Received: by 2002:aa7:d3d1:: with SMTP id o17mr5719862edr.272.1631412229402;
        Sat, 11 Sep 2021 19:03:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1631412229; cv=none;
        d=google.com; s=arc-20160816;
        b=rQHZ8iLsEtqhZRfSX/mtPxQmHED+EIk9MsbnuU3WWdZtyB28JjAikd8LCgXN25+Nix
         3bibZf+WOmcbOx15EYzB49ilS5vtTtlgSEAEw7tpgk/ewn3aulWPOoKKykzUyXMyE9yt
         QoGcIpRqcm3MKgf35xHP9dqX/u8ze4yEV+Vj6tY9N25MlxE2W1MZ/IRMp90NGMsBO+Ga
         SijTl30o1qqG5ZureYd7GAynspaXdPAMZMT/0VGsEdn8CUKSHmS35OZhbMRzin1BEQWf
         O4K9K5ktBchZ7mSeyPETzkbJ7Sl2BK40/7ufF4N/M6U9WC8EKpWvKMHtdZOgQ1hM/Rr1
         pwEw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:to:in-reply-to:cc:references:message-id:date
         :subject:mime-version:from:content-transfer-encoding:dkim-signature;
        bh=EyikGfhK6ZBuK8sEBsdOp0Sy5GjF53gp/LzsVSTkDzg=;
        b=bsKrffbJlE8nwWtWWENLfunxXpvELHbLGnSkgNbkwiE4ZfYqF5RcYpY6vVGmUW3K5C
         9oTE70jeWfnVchf7Q1G/LALrg0zgAZE4tXAxKGMVm5qAdkue2VjMyhScIMDMB5ffSDHK
         7/XD8RbQB0uxz9QJ3RyMNgwEZy7Zo4pj7HSrtAmvTgNEMaH5izV70sxNskJps7bkoOOi
         D7X7om0kMrxtzs4u6C7zeWpE3iVVOXNK+dwEmzJNHBc94jUnIsgNY06mqrxbXM+k29cL
         /Hy7HrZ+CAgAnGO++9aRekzLALwpAAPGMOE4+GrjcHxaH0+0TNOd9IgoUw4CAgwiCTTr
         hDTQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=VMYJlNi4;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id jy28si3034227ejc.629.2021.09.11.19.03.25;
        Sat, 11 Sep 2021 19:03:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=VMYJlNi4;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231743AbhILCC7 (ORCPT <rfc822;lkml.akiyano@gmail.com>
        + 99 others); Sat, 11 Sep 2021 22:02:59 -0400
Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:45501 "EHLO
        us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S230212AbhILCC7 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 11 Sep 2021 22:02:59 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1631412105;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=EyikGfhK6ZBuK8sEBsdOp0Sy5GjF53gp/LzsVSTkDzg=;
        b=VMYJlNi4efuy/3BMh2V32t2FQoPltAvE4TJUtQDi2QvgtqFoGwnSY4y+zBUdtG2LRxDuMQ
        GXiFcKY6DvYhrl9lc4UqO0Z99ziKziqivGDxoC0KtyqZ7Z+EEs4jFrnQl0JedpP32mnHKk
        NfGtMlAhK5GSliQjrPKGv4lQAm3f3ZI=
Received: from mail-pg1-f197.google.com (mail-pg1-f197.google.com
 [209.85.215.197]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-514-E9mNqRwTNl6bUTMG4nayxA-1; Sat, 11 Sep 2021 22:01:43 -0400
X-MC-Unique: E9mNqRwTNl6bUTMG4nayxA-1
Received: by mail-pg1-f197.google.com with SMTP id q22-20020a63e956000000b002524787adb1so4816537pgj.3
        for <linux-kernel@vger.kernel.org>; Sat, 11 Sep 2021 19:01:43 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:content-transfer-encoding:from:mime-version
         :subject:date:message-id:references:cc:in-reply-to:to;
        bh=EyikGfhK6ZBuK8sEBsdOp0Sy5GjF53gp/LzsVSTkDzg=;
        b=vDaiDD/qapetaLVv7NcYH6xc6owar+WfKDTD+uMFTjEwiV575sn5Rg4tRwiqVLH8cI
         FV2tmUc5LGI7yhCCCjDtjgKXv663Y25R06ACueLS9BnaTUAksTLfD03FLPgy/tOenLCx
         0xBGAqkPpn4ShZthQdqyaMeOs8Yw1hBCy35DWs+6ngSgEnpt4zuTmM/8DHakHJP/XcpL
         /q6kS+dnq4ib05HF6M2X+J5np8h8NuSpLyQc37HBUuoPWCdQu9/86S+PT9YbNiR2Zm0Z
         MiKYEHhllF3ceDhRWx5xrdEw6HfQhUTN/YaQFy5OFAD9ENe+xaofcb+Gr7AtDYpMOui+
         QaFg==
X-Gm-Message-State: AOAM533NoZja2WQZqBgFkXEQ63m7lTVAtTLCAoFob18ST7OSTFr5/gkf
        ZJhYPqtrvho72+QvRvKPsMRBZeKopYlR/RTr0QMG+E6KrSHGKyjZugzKmIhicOtvDuk9TPLi0EA
        w/+qR50dXd9YJ/C2b3wuxjw26
X-Received: by 2002:a17:90a:9291:: with SMTP id n17mr5473652pjo.243.1631412102797;
        Sat, 11 Sep 2021 19:01:42 -0700 (PDT)
X-Received: by 2002:a17:90a:9291:: with SMTP id n17mr5473608pjo.243.1631412102531;
        Sat, 11 Sep 2021 19:01:42 -0700 (PDT)
Received: from smtpclient.apple ([2600:380:4738:b4a5:7850:2b24:ea76:1118])
        by smtp.gmail.com with ESMTPSA id h16sm2869606pfn.215.2021.09.11.19.01.41
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Sat, 11 Sep 2021 19:01:42 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From:   Josh Poimboeuf <jpoimboe@redhat.com>
Mime-Version: 1.0 (1.0)
Subject: Re: [PATCH 1/1] x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl
Date:   Sat, 11 Sep 2021 19:01:40 -0700
Message-Id: <AAA2EF2C-293D-4D5B-BFA6-FF655105CD84@redhat.com>
References: <202109111411.C3D58A18EC@keescook>
Cc:     Andrea Arcangeli <aarcange@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        YiFei Zhu <zhuyifei1999@gmail.com>,
        Linux Containers <containers@lists.linux-foundation.org>,
        YiFei Zhu <yifeifz2@illinois.edu>, bpf <bpf@vger.kernel.org>,
        kernel list <linux-kernel@vger.kernel.org>,
        Aleksa Sarai <cyphar@cyphar.com>,
        Andy Lutomirski <luto@amacapital.net>,
        David Laight <David.Laight@aculab.com>,
        Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
        Giuseppe Scrivano <gscrivan@redhat.com>,
        Hubertus Franke <frankeh@us.ibm.com>,
        Jack Chen <jianyan2@illinois.edu>,
        Jann Horn <jannh@google.com>,
        Josep Torrellas <torrella@illinois.edu>,
        Tianyin Xu <tyxu@illinois.edu>,
        Tobin Feldman-Fitzthum <tobin@ibm.com>,
        Tycho Andersen <tycho@tycho.pizza>,
        Valentin Rothberg <vrothber@redhat.com>,
        Will Drewry <wad@chromium.org>, Jiri Kosina <jikos@kernel.org>,
        Waiman Long <longman@redhat.com>,
        Andi Kleen <ak@linux.intel.com>
In-Reply-To: <202109111411.C3D58A18EC@keescook>
To:     Kees Cook <keescook@chromium.org>
X-Mailer: iPhone Mail (18G82)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



> On Sep 11, 2021, at 2:13 PM, Kees Cook <keescook@chromium.org> wrote:
>=20
> =EF=BB=BFOn Wed, Nov 04, 2020 at 06:50:54PM -0500, Andrea Arcangeli wrote:=

>> Switch the kernel default of SSBD and STIBP to the ones with
>> CONFIG_SECCOMP=3Dn (i.e. spec_store_bypass_disable=3Dprctl
>> spectre_v2_user=3Dprctl) even if CONFIG_SECCOMP=3Dy.
>=20
> Hello x86 maintainers!
>=20
> I'd really like to get this landed, so I'll take this via the
> seccomp-tree unless someone else speaks up. This keeps falling off
> the edge of my TODO list. :)

Thanks!  You can add my

Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>