Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp8537518rwl; Tue, 10 Jan 2023 15:11:49 -0800 (PST) X-Google-Smtp-Source: AMrXdXsNSF3qQhel9OjG4eaKaP9lYw671Whi+mjmgJlfLi2qznV5KQGV8t/cSkSm5112RGVUNsx9 X-Received: by 2002:a17:902:9898:b0:193:1aa5:573 with SMTP id s24-20020a170902989800b001931aa50573mr612980plp.13.1673392308977; Tue, 10 Jan 2023 15:11:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673392308; cv=none; d=google.com; s=arc-20160816; b=ekQtTWKKlI/DlHNfUZtTSZ6D98uASVbEXGpRm9BAtL2PfqzDexABzC3mOnDDOLEb9x OGV1SnmBpHkLZ7Clrb5I4NTPRncW5QGt0/r/gQBzFpykaZsAZ+jO1HZz/bz8Wiz7psKu Wr1LHo5ZgFKpO4gVJnU+FPxXwStzamakASdYlB9ODLkkCJPWMC3bkAv3rH5NsAV37oe9 VGdFdnSdrLQObnJfU7rRJu6I53xOwJJMnUNl26TycB6N44sXjG/8957FGJs+yT0d9d+W SOS9Rj4RHnpYlRrSbYURJu9IPHtXi3X/h6ZRxQ+1ds/e5+tlauUkAQ58AMBD3ciFbQwK MRsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:to:content-language:subject:user-agent:mime-version:date :message-id:dkim-signature; bh=mtnEPPf3PMwMS/ukHyOfqCnyL7Zy0OT7Ww0NTxjeCI4=; b=PJnNMEpHiz75597eysZAom2+XMvdXGLvd8ytI1nxKbClC3Q1ToOSbhcCwpyh6u7x1l NaWKXIZfVbRYWixz+5MUBKOUcA2G+zj5P13riWE7SCnQrhyvT6n6j0CoyqG8saJVAtB4 InOPHATdi5V9qz5nKfZo2AcWDleb6OGxXs9fPw9neP6bh3wCMh4m6tbJOcgE+yCZpGnD ieTa9DC2SivRYrVhB1wIirAyDhfWXcjdZkYc+xpnX9ap92039llMmZNieC5FACXWQkpB xIPCwexjqH/J5Rv0eyqt8MamMFu5NQT0JoaQlHd5cF1A4QdYWKTQt8XzruzwtNlWMUYh 278A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="O6/YdPBn"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a21-20020a63e855000000b004ad0429ab7csi2762862pgk.405.2023.01.10.15.11.42; Tue, 10 Jan 2023 15:11:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="O6/YdPBn"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234649AbjAJW5e (ORCPT + 53 others); Tue, 10 Jan 2023 17:57:34 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32884 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233578AbjAJW5T (ORCPT ); Tue, 10 Jan 2023 17:57:19 -0500 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7C3E8E89 for ; Tue, 10 Jan 2023 14:57:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1673391438; x=1704927438; h=message-id:date:mime-version:subject:to:references:from: in-reply-to:content-transfer-encoding; bh=4hylK35tR8nLIfFa9ivU4mSQk21DXzIlpMCpdjPytHc=; b=O6/YdPBnL4peoyBj6iicv/vAO72G0PQb1SJRyx8RKXg//KPHWajUk9s9 K9SZsICUmc724HHiU41d+1ZLdhtgfgFMFIMPO4XdPq5dinnw9TZwJTIRo d9PFM/OVg0F2MLVSkyyXzrlMMgUaLjX/TL6UgdXxJA5icIQ3TROZTbVJG jONnlJvnVrcpxcEITuv2RqkHvyh0OXxenqFDvtUWFAgJvBdIrngQhkGak ADOTPcptqp0Ggp0yMu30qLL9rs3Ai/eIB603RnPqEkh2Y+V7G2U2BeBlv 7ewtS53/G5diWcEMBaOUxKsUAOZQQjPGfiF1SrWGW0gkF+HqPS6xI56i6 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10586"; a="302979387" X-IronPort-AV: E=Sophos;i="5.96,315,1665471600"; d="scan'208";a="302979387" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jan 2023 14:57:18 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10586"; a="902516181" X-IronPort-AV: E=Sophos;i="5.96,315,1665471600"; d="scan'208";a="902516181" Received: from svenka7-mobl1.amr.corp.intel.com (HELO [10.209.63.27]) ([10.209.63.27]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jan 2023 14:57:17 -0800 Message-ID: <8ac54f52-5bf0-bf6c-2473-7f0cf2a1a957@intel.com> Date: Tue, 10 Jan 2023 14:57:17 -0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.6.1 Subject: Re: [PATCH 0/7] Enable LASS (Linear Address space Separation) Content-Language: en-US To: Yian Chen , linux-kernel@vger.kernel.org, x86@kernel.org, Andy Lutomirski , Dave Hansen , Tony Luck , Sohil Mehta , Paul Lai References: <20230110055204.3227669-1-yian.chen@intel.com> From: Dave Hansen In-Reply-To: <20230110055204.3227669-1-yian.chen@intel.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/9/23 21:51, Yian Chen wrote: > LASS (Linear Address Space Separation) is a security > extension that prevents speculative address accesses across > user/kernel mode. The LASS details have been published in > Chapter 11 in > https://cdrdv2.intel.com/v1/dl/getContent/671368 > > LASS works in 64-bit mode only and partitions the 64-bit > virtual address space into two halves: > 1. Lower half (LA[63]=0) --> user space > 2. Upper half (LA[63]=1) --> kernel space > When LASS is enabled, a general protection #GP(0) fault will > be generated if software accesses the address from the half in > which it resides to another half, e.g., either from user space > to upper half, or from kernel space to lower half. This > protection applies to data access, code execution, cache line > flushing instructions. This does a good job of explaining the nuts and bolts -- *what* LASS does. It does a less good job of explaining why this was built, how it can benefit end users and who cares about it. LASS seemed really cool when we were reeling from Meltdown. It would *obviously* have been a godsend five years ago. But, it's less clear what role it plays today and how important it is. Could you enlighten us, please?