[tip:x86/pti] x86/retpoline/xen: Convert Xen hypercall indirect jumps

Commit-ID: b569cb1e72bda00e7e6245519fe7d0d0ab13898e Gitweb: https://git.kernel.org/tip/b569cb1e72bda00e7e6245519fe7d0d0ab13898e Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:14 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:36:25 +0100 x86/retpoline/xen

[tip:x86/pti] x86/retpoline/hyperv: Convert assembler indirect jumps

Commit-ID: f14fd95d2f3e611619756ea3c008aee3b4bd4978 Gitweb: https://git.kernel.org/tip/f14fd95d2f3e611619756ea3c008aee3b4bd4978 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:13 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/hyperv: Convert assembler indirect jumps

Commit-ID: f14fd95d2f3e611619756ea3c008aee3b4bd4978 Gitweb: https://git.kernel.org/tip/f14fd95d2f3e611619756ea3c008aee3b4bd4978 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:13 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:36:25 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/entry: Convert entry assembler indirect jumps

Commit-ID: 2558106c7a47e16968a10fa66eea78a096fabfe6 Gitweb: https://git.kernel.org/tip/2558106c7a47e16968a10fa66eea78a096fabfe6 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:11 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/entry: Convert entry assembler indirect jumps

Commit-ID: 2558106c7a47e16968a10fa66eea78a096fabfe6 Gitweb: https://git.kernel.org/tip/2558106c7a47e16968a10fa66eea78a096fabfe6 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:11 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:36:24 +0100 x86/retpoline/entry

[tip:x86/pti] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps

Commit-ID: 42f7c812022441ffba2d5ccca3acf6380201f19e Gitweb: https://git.kernel.org/tip/42f7c812022441ffba2d5ccca3acf6380201f19e Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:12 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps

Commit-ID: 42f7c812022441ffba2d5ccca3acf6380201f19e Gitweb: https://git.kernel.org/tip/42f7c812022441ffba2d5ccca3acf6380201f19e Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:12 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:36:24 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: b3a96862283e68914d1f74f160ab980dacf811ee Gitweb: https://git.kernel.org/tip/b3a96862283e68914d1f74f160ab980dacf811ee Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: b3a96862283e68914d1f74f160ab980dacf811ee Gitweb: https://git.kernel.org/tip/b3a96862283e68914d1f74f160ab980dacf811ee Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:36:24 +0100 x86/retpoline

[tip:x86/pti] x86/spectre: Add boot time option to select Spectre v2 mitigation

Commit-ID: 86d057614112971f7d5bbac45f67869adca79852 Gitweb: https://git.kernel.org/tip/86d057614112971f7d5bbac45f67869adca79852 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:09 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/spectre: Add boot time option to select Spectre v2 mitigation

Commit-ID: 86d057614112971f7d5bbac45f67869adca79852 Gitweb: https://git.kernel.org/tip/86d057614112971f7d5bbac45f67869adca79852 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:09 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:36:23 +0100 x86/spectre: Add

[tip:x86/pti] x86/retpoline: Add initial retpoline support

Commit-ID: d46717c610dcfa2cba5c87500c928993371ef1ad Gitweb: https://git.kernel.org/tip/d46717c610dcfa2cba5c87500c928993371ef1ad Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:07 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline: Add initial retpoline support

Commit-ID: d46717c610dcfa2cba5c87500c928993371ef1ad Gitweb: https://git.kernel.org/tip/d46717c610dcfa2cba5c87500c928993371ef1ad Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:07 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:36:22 +0100 x86/retpoline: Add

[tip:x86/pti] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps

Commit-ID: 689e1c6117fcba2fb4b1f30d164a7a80389c0b29 Gitweb: https://git.kernel.org/tip/689e1c6117fcba2fb4b1f30d164a7a80389c0b29 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:12 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps

Commit-ID: 689e1c6117fcba2fb4b1f30d164a7a80389c0b29 Gitweb: https://git.kernel.org/tip/689e1c6117fcba2fb4b1f30d164a7a80389c0b29 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:12 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:11 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/checksum32: Convert assembler indirect jumps

Commit-ID: 0672779c1f8e3ea1cc611bba50c53e224cbf4f31 Gitweb: https://git.kernel.org/tip/0672779c1f8e3ea1cc611bba50c53e224cbf4f31 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:15 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/checksum32: Convert assembler indirect jumps

Commit-ID: 0672779c1f8e3ea1cc611bba50c53e224cbf4f31 Gitweb: https://git.kernel.org/tip/0672779c1f8e3ea1cc611bba50c53e224cbf4f31 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:15 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:12 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/xen: Convert Xen hypercall indirect jumps

Commit-ID: 9cc0128d93281e7f3be300b2b933d7c363b1ab26 Gitweb: https://git.kernel.org/tip/9cc0128d93281e7f3be300b2b933d7c363b1ab26 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:14 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/xen: Convert Xen hypercall indirect jumps

Commit-ID: 9cc0128d93281e7f3be300b2b933d7c363b1ab26 Gitweb: https://git.kernel.org/tip/9cc0128d93281e7f3be300b2b933d7c363b1ab26 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:14 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:11 +0100 x86/retpoline/xen

[tip:x86/pti] x86/spectre: Add boot time option to select Spectre v2 mitigation

Commit-ID: fe1678d070e36070c43005c71ce783df57852252 Gitweb: https://git.kernel.org/tip/fe1678d070e36070c43005c71ce783df57852252 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:09 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/spectre: Add boot time option to select Spectre v2 mitigation

Commit-ID: fe1678d070e36070c43005c71ce783df57852252 Gitweb: https://git.kernel.org/tip/fe1678d070e36070c43005c71ce783df57852252 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:09 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:09 +0100 x86/spectre: Add

[tip:x86/pti] x86/retpoline/hyperv: Convert assembler indirect jumps

Commit-ID: 713626ed94ad69d330fab550c94d7173cfcbf5ce Gitweb: https://git.kernel.org/tip/713626ed94ad69d330fab550c94d7173cfcbf5ce Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:13 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/hyperv: Convert assembler indirect jumps

Commit-ID: 713626ed94ad69d330fab550c94d7173cfcbf5ce Gitweb: https://git.kernel.org/tip/713626ed94ad69d330fab550c94d7173cfcbf5ce Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:13 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:11 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/entry: Convert entry assembler indirect jumps

Commit-ID: 8e8284e74cf80e1addf71d83794cba23f7a59e3a Gitweb: https://git.kernel.org/tip/8e8284e74cf80e1addf71d83794cba23f7a59e3a Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:11 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/entry: Convert entry assembler indirect jumps

Commit-ID: 8e8284e74cf80e1addf71d83794cba23f7a59e3a Gitweb: https://git.kernel.org/tip/8e8284e74cf80e1addf71d83794cba23f7a59e3a Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:11 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:10 +0100 x86/retpoline/entry

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: b86d748af60a52fe5b2bfb28f4451f79e28d0b32 Gitweb: https://git.kernel.org/tip/b86d748af60a52fe5b2bfb28f4451f79e28d0b32 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: b86d748af60a52fe5b2bfb28f4451f79e28d0b32 Gitweb: https://git.kernel.org/tip/b86d748af60a52fe5b2bfb28f4451f79e28d0b32 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:10 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline: Add initial retpoline support

Commit-ID: 3c0c41a7bc03932d02d7796b4735f9077eb2b320 Gitweb: https://git.kernel.org/tip/3c0c41a7bc03932d02d7796b4735f9077eb2b320 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:07 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline: Add initial retpoline support

Commit-ID: 3c0c41a7bc03932d02d7796b4735f9077eb2b320 Gitweb: https://git.kernel.org/tip/3c0c41a7bc03932d02d7796b4735f9077eb2b320 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:07 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 19:09:09 +0100 x86/retpoline: Add

[tip:x86/pti] x86/retpoline/checksum32: Convert assembler indirect jumps

Commit-ID: 6a2b9eb3c189a848fbfc5b3a0b282bc03bc142af Gitweb: https://git.kernel.org/tip/6a2b9eb3c189a848fbfc5b3a0b282bc03bc142af Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:15 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/checksum32: Convert assembler indirect jumps

Commit-ID: 6a2b9eb3c189a848fbfc5b3a0b282bc03bc142af Gitweb: https://git.kernel.org/tip/6a2b9eb3c189a848fbfc5b3a0b282bc03bc142af Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:15 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:24 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/xen: Convert Xen hypercall indirect jumps

Commit-ID: 5a6407e118225497fff1f503acbba96cd2abd21c Gitweb: https://git.kernel.org/tip/5a6407e118225497fff1f503acbba96cd2abd21c Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:14 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/xen: Convert Xen hypercall indirect jumps

Commit-ID: 5a6407e118225497fff1f503acbba96cd2abd21c Gitweb: https://git.kernel.org/tip/5a6407e118225497fff1f503acbba96cd2abd21c Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:14 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:23 +0100 x86/retpoline/xen

[tip:x86/pti] x86/retpoline/hyperv: Convert assembler indirect jumps

Commit-ID: 6916b4cc0d2b1e2191acc82d75cce8a25b3dc9be Gitweb: https://git.kernel.org/tip/6916b4cc0d2b1e2191acc82d75cce8a25b3dc9be Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:13 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/hyperv: Convert assembler indirect jumps

Commit-ID: 6916b4cc0d2b1e2191acc82d75cce8a25b3dc9be Gitweb: https://git.kernel.org/tip/6916b4cc0d2b1e2191acc82d75cce8a25b3dc9be Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:13 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:23 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps

Commit-ID: cafa890653f4a4ba87e98b53d9c301260a4864b7 Gitweb: https://git.kernel.org/tip/cafa890653f4a4ba87e98b53d9c301260a4864b7 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:12 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps

Commit-ID: cafa890653f4a4ba87e98b53d9c301260a4864b7 Gitweb: https://git.kernel.org/tip/cafa890653f4a4ba87e98b53d9c301260a4864b7 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:12 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:23 +0100 x86/retpoline

[tip:x86/pti] x86/spectre: Add boot time option to select Spectre v2 mitigation

Commit-ID: d569ded27d11bcb1643b14c54403910d9b3328b1 Gitweb: https://git.kernel.org/tip/d569ded27d11bcb1643b14c54403910d9b3328b1 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:09 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/spectre: Add boot time option to select Spectre v2 mitigation

Commit-ID: d569ded27d11bcb1643b14c54403910d9b3328b1 Gitweb: https://git.kernel.org/tip/d569ded27d11bcb1643b14c54403910d9b3328b1 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:09 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:22 +0100 x86/spectre: Add

[tip:x86/pti] x86/retpoline/entry: Convert entry assembler indirect jumps

Commit-ID: ea89ba993dfa8d77b08ee50f25aa06a403611070 Gitweb: https://git.kernel.org/tip/ea89ba993dfa8d77b08ee50f25aa06a403611070 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:11 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/entry: Convert entry assembler indirect jumps

Commit-ID: ea89ba993dfa8d77b08ee50f25aa06a403611070 Gitweb: https://git.kernel.org/tip/ea89ba993dfa8d77b08ee50f25aa06a403611070 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:11 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:22 +0100 x86/retpoline/entry

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: 73041fe6b4a410ddac9027d03c94c67d12dd3301 Gitweb: https://git.kernel.org/tip/73041fe6b4a410ddac9027d03c94c67d12dd3301 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: 73041fe6b4a410ddac9027d03c94c67d12dd3301 Gitweb: https://git.kernel.org/tip/73041fe6b4a410ddac9027d03c94c67d12dd3301 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:22 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline: Add initial retpoline support

Commit-ID: 533ae606cfdbcded9878291761eb4dc0ab19cdb3 Gitweb: https://git.kernel.org/tip/533ae606cfdbcded9878291761eb4dc0ab19cdb3 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:07 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate:

[tip:x86/pti] x86/retpoline: Add initial retpoline support

Commit-ID: 533ae606cfdbcded9878291761eb4dc0ab19cdb3 Gitweb: https://git.kernel.org/tip/533ae606cfdbcded9878291761eb4dc0ab19cdb3 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:07 + Committer: Thomas Gleixner CommitDate: Wed, 10 Jan 2018 18:28:21 +0100 x86/retpoline: Add

Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

On Wed, 2018-01-10 at 08:51 -0800, Liran Alon wrote: > > Hmm... This is exactly how Google Project-Zero PoC leaks kvm- > intel.ko, kvm.ko & vmlinux... > See section "Locating the host kernel" here: > https://googleprojectzero.blogspot.co.il/2018/01/reading-privileged-m > emory-with-side.html > >

Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

On Wed, 2018-01-10 at 08:51 -0800, Liran Alon wrote: > > Hmm... This is exactly how Google Project-Zero PoC leaks kvm- > intel.ko, kvm.ko & vmlinux... > See section "Locating the host kernel" here: > https://googleprojectzero.blogspot.co.il/2018/01/reading-privileged-m > emory-with-side.html > >

Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

On Wed, 2018-01-10 at 08:19 -0800, Liran Alon wrote: > > (1) On VMEntry, Intel recommends to just restore SPEC_CTRL to guest > value (using WRMSR or MSR save/load list) and that's it. As I > previously said to Jim, I am missing here a mechanism which should be > responsible for hiding host's BHB

Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

On Wed, 2018-01-10 at 08:19 -0800, Liran Alon wrote: > > (1) On VMEntry, Intel recommends to just restore SPEC_CTRL to guest > value (using WRMSR or MSR save/load list) and that's it. As I > previously said to Jim, I am missing here a mechanism which should be > responsible for hiding host's BHB

Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

On Wed, 2018-01-10 at 16:56 +0100, Paolo Bonzini wrote: > On 10/01/2018 16:48, Woodhouse, David wrote: > >> > >> And what is the point of this "always set IBRS=1" then? Are there > >> some other things lurking in the shadows? > > Yes. *FUTURE* CPUs will have a mode where you can just set IBRS and

Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

On Wed, 2018-01-10 at 16:56 +0100, Paolo Bonzini wrote: > On 10/01/2018 16:48, Woodhouse, David wrote: > >> > >> And what is the point of this "always set IBRS=1" then? Are there > >> some other things lurking in the shadows? > > Yes. *FUTURE* CPUs will have a mode where you can just set IBRS and

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 16:47 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 03:24:17PM +0000, David Woodhouse wrote: > > Since it achieves nothing¹ but to make userspace run slower, there's no > > need to write it again on returning to userspace. It will perform that &g

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 16:47 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 03:24:17PM +0000, David Woodhouse wrote: > > Since it achieves nothing¹ but to make userspace run slower, there's no > > need to write it again on returning to userspace. It will perform that &g

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 16:13 +0100, Andrea Arcangeli wrote: > > Can you also tell if IBRS must be written as a barrier to SPEC_CTRL in > return to userland (kernel exit) when ibrs_enabled 2? Generally we > wouldn't run a barrier there with ibrs_enabled 2, but absolutely > nothing is intuitive here

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 16:13 +0100, Andrea Arcangeli wrote: > > Can you also tell if IBRS must be written as a barrier to SPEC_CTRL in > return to userland (kernel exit) when ibrs_enabled 2? Generally we > wouldn't run a barrier there with ibrs_enabled 2, but absolutely > nothing is intuitive here

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 14:46 +0100, Thomas Gleixner wrote: > > So here is the simple list of questions all to be answered with YES or > NO. I don't want to see any of the 'but, though ...'. We all know by now > that it's CPU dependent and slow and whatever and that IBRS_ATT will be in > future

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 14:46 +0100, Thomas Gleixner wrote: > > So here is the simple list of questions all to be answered with YES or > NO. I don't want to see any of the 'but, though ...'. We all know by now > that it's CPU dependent and slow and whatever and that IBRS_ATT will be in > future

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:57 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 01:47:22PM +0100, Jiri Kosina wrote: > > > > On Wed, 10 Jan 2018, Andrea Arcangeli wrote: > > > > > > > > Perhaps the confusing come from "less privileged prediction mode" and > > > you thought that meant "less

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:57 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 01:47:22PM +0100, Jiri Kosina wrote: > > > > On Wed, 10 Jan 2018, Andrea Arcangeli wrote: > > > > > > > > Perhaps the confusing come from "less privileged prediction mode" and > > > you thought that meant "less

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:47 +0100, Jiri Kosina wrote: > On Wed, 10 Jan 2018, Andrea Arcangeli wrote: > > > Perhaps the confusing come from "less privileged prediction mode" and > > you thought that meant "less privileged ring mode". It says "predction > > mode" not ring 3. > > Well, prediction

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:47 +0100, Jiri Kosina wrote: > On Wed, 10 Jan 2018, Andrea Arcangeli wrote: > > > Perhaps the confusing come from "less privileged prediction mode" and > > you thought that meant "less privileged ring mode". It says "predction > > mode" not ring 3. > > Well, prediction

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:17 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 12:09:34PM +0000, David Woodhouse wrote: > > That is not consistent with the documentation I've seen, which Intel > > have so far utterly failed to publish AFAICT. > >  > > "a ne

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:17 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 12:09:34PM +0000, David Woodhouse wrote: > > That is not consistent with the documentation I've seen, which Intel > > have so far utterly failed to publish AFAICT. > >  > > "a ne

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:07 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 01:01:58PM +0100, Andrea Arcangeli wrote: > > On Wed, Jan 10, 2018 at 11:58:54AM +0000, David Woodhouse wrote: > > > On Wed, 2018-01-10 at 12:54 +0100, Andrea Arcangeli wrote: > > > >

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:07 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 01:01:58PM +0100, Andrea Arcangeli wrote: > > On Wed, Jan 10, 2018 at 11:58:54AM +0000, David Woodhouse wrote: > > > On Wed, 2018-01-10 at 12:54 +0100, Andrea Arcangeli wrote: > > > >

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:01 +0100, Andrea Arcangeli wrote: > > > On all current hardware, if you only set IBRS when you exit a guest, > > then you are not protecting yourself from userspace at all. IBRS acts > > as a *barrier* in all current hardware. > > Kernel memory is 100% protected if you

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 13:01 +0100, Andrea Arcangeli wrote: > > > On all current hardware, if you only set IBRS when you exit a guest, > > then you are not protecting yourself from userspace at all. IBRS acts > > as a *barrier* in all current hardware. > > Kernel memory is 100% protected if you

[PATCH] x86/retpoline: Remove alignment directives from retpoline core

that the first instruction of the alternative is a NOP and thus turn *all* the rest of it into NOPs too. (A fix for which is already available, but we just don't need to do it, so stop.) Signed-off-by: David Woodhouse <d...@amazon.co.uk> --- arch/x86/include/asm/nospec-branch.h | 3 ---

[PATCH] x86/retpoline: Remove alignment directives from retpoline core

that the first instruction of the alternative is a NOP and thus turn *all* the rest of it into NOPs too. (A fix for which is already available, but we just don't need to do it, so stop.) Signed-off-by: David Woodhouse --- arch/x86/include/asm/nospec-branch.h | 3 --- 1 file changed, 3 deletions

Re: [PATCH] x86/alternatives: Fix optimize_nops() checking

On Wed, 2018-01-10 at 12:57 +0100, Borislav Petkov wrote: > On Wed, Jan 10, 2018 at 11:49:55AM +0000, David Woodhouse wrote: > > Don't suppose you want to make the alignment actually *work*? :) > > I can try but only if it is really worth it. If we don't see it in

Re: [PATCH] x86/alternatives: Fix optimize_nops() checking

On Wed, 2018-01-10 at 12:57 +0100, Borislav Petkov wrote: > On Wed, Jan 10, 2018 at 11:49:55AM +0000, David Woodhouse wrote: > > Don't suppose you want to make the alignment actually *work*? :) > > I can try but only if it is really worth it. If we don't see it in

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 12:54 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 09:27:59AM +0000, David Woodhouse wrote: > > I don't know why you're calling that 'IBRS=2'; are you getting > confused > > by Andrea's distro horridness? > > Eh, yes he's got confused. ibr

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 12:54 +0100, Andrea Arcangeli wrote: > On Wed, Jan 10, 2018 at 09:27:59AM +0000, David Woodhouse wrote: > > I don't know why you're calling that 'IBRS=2'; are you getting > confused > > by Andrea's distro horridness? > > Eh, yes he's got confused. ibr

Re: [PATCH] x86/alternatives: Fix optimize_nops() checking

On Wed, 2018-01-10 at 12:45 +0100, Borislav Petkov wrote: > On Wed, Jan 10, 2018 at 11:36:41AM +0000, David Woodhouse wrote: > > > > That fixed and understood, I shall remove the offending NOPs anyway, > > because aligning instructions in the *altinstr* section is e

Re: [PATCH] x86/alternatives: Fix optimize_nops() checking

On Wed, 2018-01-10 at 12:45 +0100, Borislav Petkov wrote: > On Wed, Jan 10, 2018 at 11:36:41AM +0000, David Woodhouse wrote: > > > > That fixed and understood, I shall remove the offending NOPs anyway, > > because aligning instructions in the *altinstr* section is e

Re: [PATCH] x86/alternatives: Fix optimize_nops() checking

On Wed, 2018-01-10 at 12:28 +0100, Borislav Petkov wrote: > From: Borislav Petkov <b...@suse.de> > Date: Wed, 10 Jan 2018 12:14:07 +0100 > > We check only the first byte whether it is a NOP but if David Woodhouse > wants to do some crazy experiments with slapping NOPs in f

Re: [PATCH] x86/alternatives: Fix optimize_nops() checking

On Wed, 2018-01-10 at 12:28 +0100, Borislav Petkov wrote: > From: Borislav Petkov > Date: Wed, 10 Jan 2018 12:14:07 +0100 > > We check only the first byte whether it is a NOP but if David Woodhouse > wants to do some crazy experiments with slapping NOPs in front of the >

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 11:03 +0100, Peter Zijlstra wrote: > On Wed, Jan 10, 2018 at 09:27:59AM +0000, David Woodhouse wrote: > > > > > > > > The only question I have is if retpoline works at all on SKL (with ucode > > > update); BDW needs the ucode

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 11:03 +0100, Peter Zijlstra wrote: > On Wed, Jan 10, 2018 at 09:27:59AM +0000, David Woodhouse wrote: > > > > > > > > The only question I have is if retpoline works at all on SKL (with ucode > > > update); BDW needs the ucode

Re: [PATCH] x86/retpoline: Fix NOSPEC_JMP for tip

On Wed, 2018-01-10 at 07:15 +, David Woodhouse wrote: > I'd really like to know what went wrong though. Did we merge Borislav's > attempt to peek at jumps inside alternatives, perchance? Will take a > look... Ah, it only happens if I run in KVM, not with Qemu's CPU; that's why it di

Re: [PATCH] x86/retpoline: Fix NOSPEC_JMP for tip

On Wed, 2018-01-10 at 07:15 +, David Woodhouse wrote: > I'd really like to know what went wrong though. Did we merge Borislav's > attempt to peek at jumps inside alternatives, perchance? Will take a > look... Ah, it only happens if I run in KVM, not with Qemu's CPU; that's why it di

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 10:22 +0100, Peter Zijlstra wrote: > On Tue, Jan 09, 2018 at 06:02:53PM -0800, Dave Hansen wrote: > > > > On 01/09/2018 05:06 PM, Thomas Gleixner wrote: > > > > > > --- a/arch/x86/kernel/cpu/bugs.c > > > +++ b/arch/x86/kernel/cpu/bugs.c > > > @@ -79,6 +79,7 @@ enum

Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

On Wed, 2018-01-10 at 10:22 +0100, Peter Zijlstra wrote: > On Tue, Jan 09, 2018 at 06:02:53PM -0800, Dave Hansen wrote: > > > > On 01/09/2018 05:06 PM, Thomas Gleixner wrote: > > > > > > --- a/arch/x86/kernel/cpu/bugs.c > > > +++ b/arch/x86/kernel/cpu/bugs.c > > > @@ -79,6 +79,7 @@ enum

Re: [PATCH] x86/retpoline: Fix NOSPEC_JMP for tip

On Tue, 2018-01-09 at 17:30 -0800, Andi Kleen wrote: > I assume you don't need FILL_RETURN_BUFFER on AMD. If not let me know > and we can add a X86_FEATURE_RETPOLINE_COMMON FWIW the AMD doc I have here (Tom, is that public now?) does say we should fill the RSB. That's a minor tweak

Re: [PATCH] x86/retpoline: Fix NOSPEC_JMP for tip

On Tue, 2018-01-09 at 17:30 -0800, Andi Kleen wrote: > I assume you don't need FILL_RETURN_BUFFER on AMD. If not let me know > and we can add a X86_FEATURE_RETPOLINE_COMMON FWIW the AMD doc I have here (Tom, is that public now?) does say we should fill the RSB. That's a minor tweak

Re: [PATCH] x86/retpoline: Fix NOSPEC_JMP for tip

On Tue, 2018-01-09 at 16:39 -0800, Linus Torvalds wrote: > On Tue, Jan 9, 2018 at 4:31 PM, Andi Kleen > wrote: > > > > > > The following patch fixes it for me. Something doesn't > > seem to work with ALTERNATIVE_2. It adds only a few bytes > > more code, so seems

Re: [PATCH] x86/retpoline: Fix NOSPEC_JMP for tip

On Tue, 2018-01-09 at 16:39 -0800, Linus Torvalds wrote: > On Tue, Jan 9, 2018 at 4:31 PM, Andi Kleen > wrote: > > > > > > The following patch fixes it for me. Something doesn't > > seem to work with ALTERNATIVE_2. It adds only a few bytes > > more code, so seems acceptable. > Ugh. It's kind of

Re: [PATCH 4.4 29/63] x86/mm: Disable PCID on 32-bit kernels

On Tue, 2018-01-09 at 16:05 +, David Woodhouse wrote: > > > Razvan points out that the #ifdef there is redundant; in older kernels, > bugs.c is only built on 32-bit anyway. > > We're working on backporting the other CPU_BUG_* and sysfs > vulnerabiliti

Re: [PATCH 4.4 29/63] x86/mm: Disable PCID on 32-bit kernels

On Tue, 2018-01-09 at 16:05 +, David Woodhouse wrote: > > > Razvan points out that the #ifdef there is redundant; in older kernels, > bugs.c is only built on 32-bit anyway. > > We're working on backporting the other CPU_BUG_* and sysfs > vulnerabiliti

Re: [PATCH v2 4/8] x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature

On Tue, 2018-01-09 at 09:55 -0800, Tim Chen wrote: > > Thomas, > > I'll be sending an updated patchset with boot option opt in for ibrs > and leave the control varaible out.  I agree that we can worry about the > control variable later. Please base this on the spectre_v2= option that's already

Re: [PATCH v2 4/8] x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature

On Tue, 2018-01-09 at 09:55 -0800, Tim Chen wrote: > > Thomas, > > I'll be sending an updated patchset with boot option opt in for ibrs > and leave the control varaible out.  I agree that we can worry about the > control variable later. Please base this on the spectre_v2= option that's already

Re: [PATCH 4.4 29/63] x86/mm: Disable PCID on 32-bit kernels

On Mon, 2018-01-01 at 15:24 +0100, Greg Kroah-Hartman wrote: > > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -19,6 +19,14 @@ >   >  void __init check_bugs(void) >  { > +#ifdef CONFIG_X86_32 > +   /* > +    * Regardless of whether PCID is enumerated, the SDM

Re: [PATCH 4.4 29/63] x86/mm: Disable PCID on 32-bit kernels

On Mon, 2018-01-01 at 15:24 +0100, Greg Kroah-Hartman wrote: > > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -19,6 +19,14 @@ >   >  void __init check_bugs(void) >  { > +#ifdef CONFIG_X86_32 > +   /* > +    * Regardless of whether PCID is enumerated, the SDM

[tip:x86/pti] x86/retpoline/xen: Convert Xen hypercall indirect jumps

Commit-ID: 8081a6f40dc2f74d40424addf2f5a63c5b85107b Gitweb: https://git.kernel.org/tip/8081a6f40dc2f74d40424addf2f5a63c5b85107b Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:14 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate

[tip:x86/pti] x86/retpoline/xen: Convert Xen hypercall indirect jumps

Commit-ID: 8081a6f40dc2f74d40424addf2f5a63c5b85107b Gitweb: https://git.kernel.org/tip/8081a6f40dc2f74d40424addf2f5a63c5b85107b Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:14 + Committer: Thomas Gleixner CommitDate: Tue, 9 Jan 2018 16:17:54 +0100 x86/retpoline/xen

[tip:x86/pti] x86/retpoline/checksum32: Convert assembler indirect jumps

Commit-ID: 51ab1433794d9f89257fba187c4f4a8fdfccd96d Gitweb: https://git.kernel.org/tip/51ab1433794d9f89257fba187c4f4a8fdfccd96d Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:15 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate

[tip:x86/pti] x86/retpoline/checksum32: Convert assembler indirect jumps

Commit-ID: 51ab1433794d9f89257fba187c4f4a8fdfccd96d Gitweb: https://git.kernel.org/tip/51ab1433794d9f89257fba187c4f4a8fdfccd96d Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:15 + Committer: Thomas Gleixner CommitDate: Tue, 9 Jan 2018 16:17:54 +0100 x86/retpoline

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: 9fc52018d18e2e72ce21767bb3b58e8c5da4d9e8 Gitweb: https://git.kernel.org/tip/9fc52018d18e2e72ce21767bb3b58e8c5da4d9e8 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate

[tip:x86/pti] x86/retpoline/ftrace: Convert ftrace assembler indirect jumps

Commit-ID: 73a780dee079e6e5dd26d84f698ac64d033977e3 Gitweb: https://git.kernel.org/tip/73a780dee079e6e5dd26d84f698ac64d033977e3 Author: David Woodhouse <d...@amazon.co.uk> AuthorDate: Tue, 9 Jan 2018 14:43:12 + Committer: Thomas Gleixner <t...@linutronix.de> CommitDate

[tip:x86/pti] x86/retpoline/crypto: Convert crypto assembler indirect jumps

Commit-ID: 9fc52018d18e2e72ce21767bb3b58e8c5da4d9e8 Gitweb: https://git.kernel.org/tip/9fc52018d18e2e72ce21767bb3b58e8c5da4d9e8 Author: David Woodhouse AuthorDate: Tue, 9 Jan 2018 14:43:10 + Committer: Thomas Gleixner CommitDate: Tue, 9 Jan 2018 16:17:52 +0100 x86/retpoline/crypto

<    8   9   10   11   12   13   14   15   16   17   >