Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp3753205imw; Mon, 18 Jul 2022 13:57:50 -0700 (PDT) X-Google-Smtp-Source: AGRyM1s2KI/jpXpAdK8gBNPm5UA1Bgx6M1SLSKssf2hdnhnblRrv/8TzADPoZ+6VvBhfDhrAQibY X-Received: by 2002:a05:6402:f12:b0:43a:7eac:296e with SMTP id i18-20020a0564020f1200b0043a7eac296emr39857793eda.115.1658177870332; Mon, 18 Jul 2022 13:57:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658177870; cv=none; d=google.com; s=arc-20160816; b=Bg6pAc/f6ck5mptYjNwpCtoZl+wPAnEaMqAtqV9QenJuoLjIx+0pm6SA38b+nflyYX aYBq9F79IGm93mn1rG5BMRCIpsU22uHKfyduPSWRj2ip0kiKY9Y0aMnL7QxMHguA41fJ DxwMrLxqTyyLbpe4uQS2vbHZNhF+2Q8mQ4yPV8dMJ7ny1YBfh1JFm3cnP8Fuzj4zPPTH VSTEOtskA/98Ld5Gvh+YsfGKFQDN3c1uDBL5fu9NhWDkhNviMpS7wZrvE78GDItP+Qqo JUujxLOCYj2joUkKiUdGyjN7WF85b8g6h20TJ13EBDHJNNjRun8ym3B4umZvQbTGQ7SX twsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:references :in-reply-to:subject:cc:to:dkim-signature:dkim-signature:from; bh=YCfpsH+YIeoBDSo9l/9CiEeIZBcdyDS+zXLItAzmWy0=; b=jX++8ccZjRh9L78CCP1adYXXx8x6XL/mNd7v6xWXIy+dAMwNapP/zCTLCCVc0xb4qP BqLo1XoSMWcY6kSjRQKGHPshoYZyg5Ko3TfXXeWhE3UGmqYMK9oqVSjblNW5b+301f+e MPVHeoMzPqi0XezockqLBoHwUJxmus8v9TgnAB7mPYdmkDSENbGura5z/YrypKrbufHB qZGybh8/VW7NmSn7A+v5m3xnd/V3272+K+ZW+3sCoCiYhQnYeU22mEW5wq8D6XY8id2M 120/mUlHyT4tNAJ4dzntZaQcr72SGeABBCirc4HQFJI5rt5cJJJ5X+XmLVKg15E5JUfx RODw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=HiA9jGM2; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=JVZe6S0c; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j17-20020a50ed11000000b0043783a7f05bsi15699679eds.207.2022.07.18.13.57.25; Mon, 18 Jul 2022 13:57:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=HiA9jGM2; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=JVZe6S0c; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235656AbiGRUoZ (ORCPT + 99 others); Mon, 18 Jul 2022 16:44:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46926 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234728AbiGRUoR (ORCPT ); Mon, 18 Jul 2022 16:44:17 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E9FC7669 for ; Mon, 18 Jul 2022 13:44:17 -0700 (PDT) From: Thomas Gleixner DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1658177055; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=YCfpsH+YIeoBDSo9l/9CiEeIZBcdyDS+zXLItAzmWy0=; b=HiA9jGM2sbXd+WoNaPeI9JJKaVTDIFSlmke6HvJy6RCgoegIUL/NyY7cT3o8VlgNvaBG7t mWmnA1OWygV8eMAq5iy5fXc4+cQqdSNub8dZT8nUXgC/QTa/kPaugg/yimRi9Cg438oR8/ s/B/Os9Uqh80AkljfCYkGnzDZEZaP/WXT48PWFThaOHbkFnWlfJAhPQjKQ3IFPNDrTShh3 SAyRnaRG8TBhGdxS5lqq889Qtn3YT+ftJWUKx+5Qtq4iLAox/ynRvdXskARX6tZzPxi7rx Uo/9MUaYIKYguLqbvsnAxQ7zc3kcykpj+ZWu8JTox6te9SSwTmH0smQPuJ8r2w== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1658177055; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=YCfpsH+YIeoBDSo9l/9CiEeIZBcdyDS+zXLItAzmWy0=; b=JVZe6S0chTZWAlHNZiD5kg2+sRMhZH6wYRiK37IwC6NB3lRIZQjKUAHHPgdpH9Rex+1aY6 EKnJ0adDWQgZwWAA== To: Linus Torvalds Cc: LKML , the arch/x86 maintainers , Tim Chen , Josh Poimboeuf , Andrew Cooper , Pawan Gupta , Johannes Wikner , Alyssa Milburn , Jann Horn , "H.J. Lu" , Joao Moreira , Joseph Nuzman , Steven Rostedt , Juergen Gross , "Peter Zijlstra (Intel)" , Masami Hiramatsu , Alexei Starovoitov , Daniel Borkmann Subject: Re: [patch 00/38] x86/retbleed: Call depth tracking mitigation In-Reply-To: References: <20220716230344.239749011@linutronix.de> <87wncauslw.ffs@tglx> <87tu7euska.ffs@tglx> Date: Mon, 18 Jul 2022 22:44:14 +0200 Message-ID: <87o7xmup5t.ffs@tglx> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jul 18 2022 at 12:51, Linus Torvalds wrote: > On Mon, Jul 18, 2022 at 12:30 PM Thomas Gleixner wrote: >> >> Let the compiler add a 16 byte padding in front of each function entry >> point and put the call depth accounting there. That avoids calling out >> into the module area and reduces ITLB pressure. > > Ooh. > > I actually like this a lot better. > > Could we just say "use this instead if you have SKL and care about the issue?" > > I don't hate your module thunk trick, but this does seem *so* much > simpler, and if it performs better anyway, it really does seem like > the better approach. Yes, Peter and I came from avoiding a new compiler and the overhead for everyone when putting the padding into the code. We realized only when staring at the perf data that this padding in front of the function might be an acceptable solution. I did some more tests today on different machines with mitigations=off with kernels compiled with and without that padding. I couldn't find a single test case where the result was outside of the usual noise. But then my tests are definitely incomplete. > And people and distros who care would have an easy time adding that > simple compiler patch instead. > > I do think that for generality, the "-mforce-function-padding" option > should perhaps take as an argument how much padding (and how much > alignment) to force: > > -mforce-function-padding=5:16 > > would force 5 bytes of minimum padding, and align functions to 16 > bytes. It should be easy to generate (no more complexity than your > current one) by just making the output do > > .skip 5,0xcc > .palign 4,0xcc > > and now you can specify that you only need X bytes of padding, for example. Yes, I know. But it was horrible enough to find the right spot in that gcc maze. Then I was happy that I figured how to add the boolean option. I let real compiler people take care of the rest. HJL??? And we need input from the Clang folks because their CFI work also puts stuff in front of the function entry, which nicely collides. Thanks, tglx