Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Fri, Jan 05, 2018 at 05:08:48PM +0100, Greg Kroah-Hartman wrote: > On Thu, Jan 04, 2018 at 08:08:55PM +, Woodhouse, David wrote: > > On Thu, 2018-01-04 at 21:05 +0100, Greg KH wrote: > > > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > > > > > > > From: David Woodhouse

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Fri, Jan 05, 2018 at 05:08:48PM +0100, Greg Kroah-Hartman wrote: > On Thu, Jan 04, 2018 at 08:08:55PM +, Woodhouse, David wrote: > > On Thu, 2018-01-04 at 21:05 +0100, Greg KH wrote: > > > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > > > > > > > From: David Woodhouse > >

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 08:08:55PM +, Woodhouse, David wrote: > On Thu, 2018-01-04 at 21:05 +0100, Greg KH wrote: > > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > > > > > From: David Woodhouse > > > > > > We are impervious to the indirect branch

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 08:08:55PM +, Woodhouse, David wrote: > On Thu, 2018-01-04 at 21:05 +0100, Greg KH wrote: > > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > > > > > From: David Woodhouse > > > > > > We are impervious to the indirect branch prediction attack with > > >

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 4 Jan 2018, Tim Chen wrote: > #ifdef APM_ZERO_SEGS > #define APM_DO_ZERO_SEGS \ > "pushl %%ds\n\t" \ > @@ -28,6 +30,7 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, > u32 ecx_in, > u32 *eax, u32 *ebx, u32 *ecx, >

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 4 Jan 2018, Tim Chen wrote: > #ifdef APM_ZERO_SEGS > #define APM_DO_ZERO_SEGS \ > "pushl %%ds\n\t" \ > @@ -28,6 +30,7 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, > u32 ecx_in, > u32 *eax, u32 *ebx, u32 *ecx, >

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > diff --git a/arch/x86/include/asm/spec_ctrl.h > b/arch/x86/include/asm/spec_ctrl.h > index 28b0314..23b2804 100644 > --- a/arch/x86/include/asm/spec_ctrl.h > +++ b/arch/x86/include/asm/spec_ctrl.h > @@ -113,5 +113,42 @@ static inline

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > diff --git a/arch/x86/include/asm/spec_ctrl.h > b/arch/x86/include/asm/spec_ctrl.h > index 28b0314..23b2804 100644 > --- a/arch/x86/include/asm/spec_ctrl.h > +++ b/arch/x86/include/asm/spec_ctrl.h > @@ -113,5 +113,42 @@ static inline

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On 01/04/2018 12:51 PM, Yves-Alexis Perez wrote: > On Thu, 2018-01-04 at 09:56 -0800, Tim Chen wrote: >> @@ -44,6 +47,7 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, >> u32 ecx_in, >> "=S" (*esi) >> : "a" (func), "b" (ebx_in), "c" (ecx_in) >>

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On 01/04/2018 12:51 PM, Yves-Alexis Perez wrote: > On Thu, 2018-01-04 at 09:56 -0800, Tim Chen wrote: >> @@ -44,6 +47,7 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, >> u32 ecx_in, >> "=S" (*esi) >> : "a" (func), "b" (ebx_in), "c" (ecx_in) >>

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 2018-01-04 at 09:56 -0800, Tim Chen wrote: > @@ -44,6 +47,7 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, > u32 ecx_in, > "=S" (*esi) > : "a" (func), "b" (ebx_in), "c" (ecx_in) > : "memory", "cc"); > +

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 2018-01-04 at 09:56 -0800, Tim Chen wrote: > @@ -44,6 +47,7 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, > u32 ecx_in, > "=S" (*esi) > : "a" (func), "b" (ebx_in), "c" (ecx_in) > : "memory", "cc"); > +

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 09:05:15PM +0100, Greg Kroah-Hartman wrote: > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > From: David Woodhouse > > > > We are impervious to the indirect branch prediction attack with retpoline > > but firmware won't be, so we still

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 09:05:15PM +0100, Greg Kroah-Hartman wrote: > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > From: David Woodhouse > > > > We are impervious to the indirect branch prediction attack with retpoline > > but firmware won't be, so we still need to set IBRS to

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On 04/01/18 20:05, Greg KH wrote: > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: >> From: David Woodhouse >> >> We are impervious to the indirect branch prediction attack with retpoline >> but firmware won't be, so we still need to set IBRS to protect >> firmware

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On 04/01/18 20:05, Greg KH wrote: > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: >> From: David Woodhouse >> >> We are impervious to the indirect branch prediction attack with retpoline >> but firmware won't be, so we still need to set IBRS to protect >> firmware code execution when

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 2018-01-04 at 21:05 +0100, Greg KH wrote: > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > > > From: David Woodhouse > > > > We are impervious to the indirect branch prediction attack with > > retpoline > > but firmware won't be, so we still need to set

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 2018-01-04 at 21:05 +0100, Greg KH wrote: > On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > > > > From: David Woodhouse > > > > We are impervious to the indirect branch prediction attack with > > retpoline > > but firmware won't be, so we still need to set IBRS to protect >

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > From: David Woodhouse > > We are impervious to the indirect branch prediction attack with retpoline > but firmware won't be, so we still need to set IBRS to protect > firmware code execution when calling into firmware

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, Jan 04, 2018 at 09:56:46AM -0800, Tim Chen wrote: > From: David Woodhouse > > We are impervious to the indirect branch prediction attack with retpoline > but firmware won't be, so we still need to set IBRS to protect > firmware code execution when calling into firmware at runtime. Wait,

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 4 Jan 2018 09:56:46 -0800 Tim Chen wrote: > From: David Woodhouse > > We are impervious to the indirect branch prediction attack with retpoline > but firmware won't be, so we still need to set IBRS to protect > firmware code execution

Re: [PATCH 5/7] x86: Use IBRS for firmware update path

On Thu, 4 Jan 2018 09:56:46 -0800 Tim Chen wrote: > From: David Woodhouse > > We are impervious to the indirect branch prediction attack with retpoline > but firmware won't be, so we still need to set IBRS to protect > firmware code execution when calling into firmware at runtime. If you are

[PATCH 5/7] x86: Use IBRS for firmware update path

From: David Woodhouse We are impervious to the indirect branch prediction attack with retpoline but firmware won't be, so we still need to set IBRS to protect firmware code execution when calling into firmware at runtime. Signed-off-by: David Woodhouse

[PATCH 5/7] x86: Use IBRS for firmware update path

From: David Woodhouse We are impervious to the indirect branch prediction attack with retpoline but firmware won't be, so we still need to set IBRS to protect firmware code execution when calling into firmware at runtime. Signed-off-by: David Woodhouse Signed-off-by: Tim Chen ---