Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp2488545pxb;
        Fri, 29 Oct 2021 02:24:08 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJybSTxK/zLaxVaq97SYLU4HT4+r4Yt9zAGZl7x4AtQkKQBe3u9AU7qbcgkoom/4QTZN3mpP
X-Received: by 2002:a63:a804:: with SMTP id o4mr7206155pgf.309.1635499447837;
        Fri, 29 Oct 2021 02:24:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1635499447; cv=none;
        d=google.com; s=arc-20160816;
        b=cxoZ3hCwfM95+Y7TG15d2uKMRZPA3v7HLBHkENxcf9S4uIVAg6hBHkGAwXweQiS6QR
         u6T2fDSUkMf2J/rKmcQ6kES31+HOqMGmkKQgmRQtdxhKH20zJrOJFxTP78F8txlEhHA/
         e9iNHIqIC/46+mKGI/W3FE02OxW+zde6pnZMW4tpDokuli5rVezLfs69hKS8LCQEyoLm
         PnNiG8AEF/4lJx5vckbGKpSzdzPLpff6AWgSqzD0UjJtlRjSks9xkceYab5DW96hIg2x
         US5YqmMC8gAA1y0MKYwu+9nLASzbzhebf3YfVqS8ypt84tKBwadCunmIPV7P1LNnwGxY
         1gqQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=W4D8IOnPq330v6UQiVY0wK+yctwQ5cAj9es1de1IxnI=;
        b=qsbUkUs8PMznqZZuzrkLCD6dpyV98zEuetaf6uYuFQfbw0r1xMfGkwLfEQZYNmjtwV
         gB/WMsQAM4IuLWKETe+Z+oJ7gMFKbUWYrG9V0VAGCyui6mFugk6KYIhJfERi1v1FlEOY
         18Ue4ZFyEURwKrKP6pNh1fz3OZnHBOmUx1Gz0lsoupQhu0lTimLaHu9FoKOEFQoTgbk2
         gs8oKntOpVs6tEPUzShL9zLYXuRKh8azF/HbuMEAG64QDe6t3yAi2QOp44NNZTX1reX6
         IKn3LwPs6Myd9LzjVpq0SvvYy2F7CTew763U0alSyFbKk/HWsPV6Bc3SilgmS4P8RZYO
         wk9A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id z9si4253022plg.380.2021.10.29.02.23.54;
        Fri, 29 Oct 2021 02:24:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231460AbhJ2JZ3 (ORCPT <rfc822;m15259695263@gmail.com>
        + 99 others); Fri, 29 Oct 2021 05:25:29 -0400
Received: from foss.arm.com ([217.140.110.172]:36244 "EHLO foss.arm.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S229991AbhJ2JZ0 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 29 Oct 2021 05:25:26 -0400
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
        by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 15AEA1FB;
        Fri, 29 Oct 2021 02:22:58 -0700 (PDT)
Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14])
        by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 9F9153F5A1;
        Fri, 29 Oct 2021 02:22:54 -0700 (PDT)
Date:   Fri, 29 Oct 2021 10:22:49 +0100
From:   Mark Rutland <mark.rutland@arm.com>
To:     Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Cc:     Russell King <linux@armlinux.org.uk>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        Dave Hansen <dave.hansen@linux.intel.com>, x86@kernel.org,
        "H. Peter Anvin" <hpa@zytor.com>,
        Kees Cook <keescook@chromium.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Masahiro Yamada <masahiroy@kernel.org>,
        "Peter Zijlstra (Intel)" <peterz@infradead.org>,
        Sami Tolvanen <samitolvanen@google.com>,
        Colin Ian King <colin.king@canonical.com>,
        Frederic Weisbecker <frederic@kernel.org>,
        Mike Rapoport <rppt@kernel.org>,
        YiFei Zhu <yifeifz2@illinois.edu>,
        "Steven Rostedt (VMware)" <rostedt@goodmis.org>,
        Viresh Kumar <viresh.kumar@linaro.org>,
        Andrey Konovalov <andreyknvl@gmail.com>,
        Wang Kefeng <wangkefeng.wang@huawei.com>,
        Uwe =?utf-8?Q?Kleine-K=C3=B6nig?= 
        <u.kleine-koenig@pengutronix.de>,
        Nathan Chancellor <nathan@kernel.org>,
        Nick Desaulniers <ndesaulniers@google.com>,
        linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>, bpf@vger.kernel.org
Subject: Re: [PATCH v2 1/2] arch/Kconfig: Make CONFIG_CPU_SPECTRE available
 for all architectures
Message-ID: <20211029092248.GA24060@lakrids.cambridge.arm.com>
References: <cover.1635383031.git.pawan.kumar.gupta@linux.intel.com>
 <232b692cd79e4f6e4c3ee7055b5f02792a28d2c4.1635383031.git.pawan.kumar.gupta@linux.intel.com>
 <20211028134918.GB48435@lakrids.cambridge.arm.com>
 <20211028193658.7n2oehp6yogyqbwq@gupta-dev2.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20211028193658.7n2oehp6yogyqbwq@gupta-dev2.localdomain>
User-Agent: Mutt/1.11.1+11 (2f07cb52) (2018-12-01)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Oct 28, 2021 at 12:36:58PM -0700, Pawan Gupta wrote:
> On 28.10.2021 14:49, Mark Rutland wrote:
> > On Wed, Oct 27, 2021 at 06:33:22PM -0700, Pawan Gupta wrote:
> > > Borrow CONFIG_CPU_SPECTRE from ARM to be available for all
> > > architectures. This will help in configuration of features that depend
> > > on CPU being affected by spectre class of vulnerabilities.
> > > 
> > > Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
> > 
> > Given that spectre isn't one specific issue, biut rather a blanket term
> > for a bunch of things that can have variable overlap, I don't think this
> > makes much sense unless we're going to add finer-grained options for all
> > the variants, and IMO it'd make more sene for the architectures to
> > directly select the things that'd otherwise be dependent on this.
> 
> Isn't ARM already using CPU_SPECTRE for selecting things:
> 
> 	config HARDEN_BRANCH_PREDICTOR
> 	     bool "Harden the branch predictor against aliasing attacks" if EXPERT
> 	     depends on CPU_SPECTRE

It's true that arch/arm does, but that's not true for other
architectures, e.g. powerpc or arm64, and and as above I don't think it
makes sense to make this generic in its current form because "spectre"
is a somewhat vague generic term.

> This was the whole motivation for doing the same for x86.
> 
> Adding a condition for all architectures is also okay, but its going to
> a little messier:
> 
> 	 config BPF_UNPRIV_DEFAULT_OFF
> 	        default y if X86 || ARM || ...
> 
> This approach would make sense if architectures wants to explicitly
> select the defaults irrespective of architecture being affected by
> spectre.

If we're going to change the default for some architectures, I think
it'd make much more sense to just do that for all, without any
arch-specific conditionality, i.e.

	config BPF_UNPRIV_DEFAULT_OFF
		default y

... so that the behaviour is consistent across all architectures, and we
don't have to play a whack-a-mole game as/when we realise architectures
are affected by some variant of an issue relating to speculation.

Thanks,
Mark.