On 12/04/2018 09:20 AM, Linus Torvalds wrote:
>> STIBP
>> ^
>> Implementations of STIBP on existing Core-family processors (where STIBP
>> functionality was added through a microcode update) work by disabling
>> branch predictors that both:
>>
>> 1. Contain indirect branch predictions for
On 12/04/2018 09:20 AM, Linus Torvalds wrote:
>> STIBP
>> ^
>> Implementations of STIBP on existing Core-family processors (where STIBP
>> functionality was added through a microcode update) work by disabling
>> branch predictors that both:
>>
>> 1. Contain indirect branch predictions for
> static const char * const spectre_v2_user_strings[] = {
> [SPECTRE_V2_USER_NONE] = "User space: Vulnerable",
> [SPECTRE_V2_USER_STRICT]= "User space: Mitigation: STIBP
> protection",
> [SPECTRE_V2_USER_PRCTL] = "User space: Mitigation: STIBP via
>
> static const char * const spectre_v2_user_strings[] = {
> [SPECTRE_V2_USER_NONE] = "User space: Vulnerable",
> [SPECTRE_V2_USER_STRICT]= "User space: Mitigation: STIBP
> protection",
> [SPECTRE_V2_USER_PRCTL] = "User space: Mitigation: STIBP via
>
On Mon, Dec 3, 2018 at 5:38 PM Tim Chen wrote:
>
> To make the usage of STIBP and its working principles clear,
> here are some additional explanations of STIBP from our Intel
> HW architects. This should also help answer some of the questions
> from Thomas and others on STIBP's usages with IBPB
On Mon, Dec 3, 2018 at 5:38 PM Tim Chen wrote:
>
> To make the usage of STIBP and its working principles clear,
> here are some additional explanations of STIBP from our Intel
> HW architects. This should also help answer some of the questions
> from Thomas and others on STIBP's usages with IBPB
On processors with enhanced IBRS support, we recommend setting IBRS to 1
and left set.
Then why doesn't CPU with EIBRS support acutally *default* to '1', with
opt-out possibility for OS?
(slightly longer answer)
you can pretty much assume that on these CPUs, IBRS doesn't actually do anything
On processors with enhanced IBRS support, we recommend setting IBRS to 1
and left set.
Then why doesn't CPU with EIBRS support acutally *default* to '1', with
opt-out possibility for OS?
(slightly longer answer)
you can pretty much assume that on these CPUs, IBRS doesn't actually do anything
On processors with enhanced IBRS support, we recommend setting IBRS to 1
and left set.
Then why doesn't CPU with EIBRS support acutally *default* to '1', with
opt-out possibility for OS?
the BIOSes could indeed get this set up this way.
do you want to trust the bios to get it right?
On processors with enhanced IBRS support, we recommend setting IBRS to 1
and left set.
Then why doesn't CPU with EIBRS support acutally *default* to '1', with
opt-out possibility for OS?
the BIOSes could indeed get this set up this way.
do you want to trust the bios to get it right?
On Mon, 3 Dec 2018, Tim Chen wrote:
> > Can we please just fix this stupid lie?
> >
> > Yes, Intel calls it "STIBP" and tries to make it out to be about the
> > indirect branch predictor being per-SMT thread.
> >
> > But the reason it is unacceptable is apparently because in reality it just
> >
On Mon, 3 Dec 2018, Tim Chen wrote:
> > Can we please just fix this stupid lie?
> >
> > Yes, Intel calls it "STIBP" and tries to make it out to be about the
> > indirect branch predictor being per-SMT thread.
> >
> > But the reason it is unacceptable is apparently because in reality it just
> >
On 11/25/2018 12:40 PM, Linus Torvalds wrote:
> [ You forgot to fix your quilt setup.. ]
>
> On Sun, 25 Nov 2018, Thomas Gleixner wrote:
>>
>> The mitigation guide documents how STIPB works:
>>
>>Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor
>>prevents the
On 11/25/2018 12:40 PM, Linus Torvalds wrote:
> [ You forgot to fix your quilt setup.. ]
>
> On Sun, 25 Nov 2018, Thomas Gleixner wrote:
>>
>> The mitigation guide documents how STIPB works:
>>
>>Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor
>>prevents the
On 11/26/2018 01:52 PM, Lendacky, Thomas wrote:
> On 11/26/2018 02:58 PM, Thomas Gleixner wrote:
>> On Mon, 26 Nov 2018, Andrea Arcangeli wrote:
>>
>>> Hello,
>>>
>>> On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
Indeed. Just checked the documentation again, it's also not
On 11/26/2018 01:52 PM, Lendacky, Thomas wrote:
> On 11/26/2018 02:58 PM, Thomas Gleixner wrote:
>> On Mon, 26 Nov 2018, Andrea Arcangeli wrote:
>>
>>> Hello,
>>>
>>> On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
Indeed. Just checked the documentation again, it's also not
On 11/26/2018 02:58 PM, Thomas Gleixner wrote:
> On Mon, 26 Nov 2018, Andrea Arcangeli wrote:
>
>> Hello,
>>
>> On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
>>> Indeed. Just checked the documentation again, it's also not clear whether
>>> IBPB is required if STIPB is in use.
On 11/26/2018 02:58 PM, Thomas Gleixner wrote:
> On Mon, 26 Nov 2018, Andrea Arcangeli wrote:
>
>> Hello,
>>
>> On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
>>> Indeed. Just checked the documentation again, it's also not clear whether
>>> IBPB is required if STIPB is in use.
On Mon, 26 Nov 2018, Andrea Arcangeli wrote:
> Hello,
>
> On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
> > Indeed. Just checked the documentation again, it's also not clear whether
> > IBPB is required if STIPB is in use.
>
> I tried to ask this question too earlier:
>
>
On Mon, 26 Nov 2018, Andrea Arcangeli wrote:
> Hello,
>
> On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
> > Indeed. Just checked the documentation again, it's also not clear whether
> > IBPB is required if STIPB is in use.
>
> I tried to ask this question too earlier:
>
>
Hello,
On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
> Indeed. Just checked the documentation again, it's also not clear whether
> IBPB is required if STIPB is in use.
I tried to ask this question too earlier:
https://lkml.kernel.org/r/20181119234528.gj29...@redhat.com
If
Hello,
On Sun, Nov 25, 2018 at 11:28:59PM +0100, Thomas Gleixner wrote:
> Indeed. Just checked the documentation again, it's also not clear whether
> IBPB is required if STIPB is in use.
I tried to ask this question too earlier:
https://lkml.kernel.org/r/20181119234528.gj29...@redhat.com
If
* Thomas Gleixner wrote:
> On Sun, 25 Nov 2018, Linus Torvalds wrote:
>
> > [ You forgot to fix your quilt setup.. ]
>
> Duh. Should have pinned that package.
>
> > On Sun, 25 Nov 2018, Thomas Gleixner wrote:
> > >
> > > The mitigation guide documents how STIPB works:
> > >
> > >Setting
* Thomas Gleixner wrote:
> On Sun, 25 Nov 2018, Linus Torvalds wrote:
>
> > [ You forgot to fix your quilt setup.. ]
>
> Duh. Should have pinned that package.
>
> > On Sun, 25 Nov 2018, Thomas Gleixner wrote:
> > >
> > > The mitigation guide documents how STIPB works:
> > >
> > >Setting
On Sun, 25 Nov 2018, Linus Torvalds wrote:
> [ You forgot to fix your quilt setup.. ]
Duh. Should have pinned that package.
> On Sun, 25 Nov 2018, Thomas Gleixner wrote:
> >
> > The mitigation guide documents how STIPB works:
> >
> >Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a
On Sun, 25 Nov 2018, Linus Torvalds wrote:
> [ You forgot to fix your quilt setup.. ]
Duh. Should have pinned that package.
> On Sun, 25 Nov 2018, Thomas Gleixner wrote:
> >
> > The mitigation guide documents how STIPB works:
> >
> >Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a
On Sun, 25 Nov 2018, Linus Torvalds wrote:
> > The mitigation guide documents how STIPB works:
> >
> >Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor
> >prevents the predicted targets of indirect branches on any logical
> >processor of that core from being
On Sun, 25 Nov 2018, Linus Torvalds wrote:
> > The mitigation guide documents how STIPB works:
> >
> >Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor
> >prevents the predicted targets of indirect branches on any logical
> >processor of that core from being
[ You forgot to fix your quilt setup.. ]
On Sun, 25 Nov 2018, Thomas Gleixner wrote:
>
> The mitigation guide documents how STIPB works:
>
>Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor
>prevents the predicted targets of indirect branches on any logical
>
[ You forgot to fix your quilt setup.. ]
On Sun, 25 Nov 2018, Thomas Gleixner wrote:
>
> The mitigation guide documents how STIPB works:
>
>Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor
>prevents the predicted targets of indirect branches on any logical
>
Hi,
Can you alter this without publishing a v3?
(see below)
On 11/25/18 10:33 AM, Thomas Gleixner wrote:
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -4241,9 +4241,16 @@
> per thread. The
Hi,
Can you alter this without publishing a v3?
(see below)
On 11/25/18 10:33 AM, Thomas Gleixner wrote:
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -4241,9 +4241,16 @@
> per thread. The
If 'prctl' mode of user space protection from spectre v2 is selected
on the kernel command-line, STIBP and IBPB are applied on tasks which
restrict their indirect branch speculation via prctl.
SECCOMP enables the SSBD mitigation for sandboxed tasks already, so it
makes sense to prevent spectre v2
If 'prctl' mode of user space protection from spectre v2 is selected
on the kernel command-line, STIBP and IBPB are applied on tasks which
restrict their indirect branch speculation via prctl.
SECCOMP enables the SSBD mitigation for sandboxed tasks already, so it
makes sense to prevent spectre v2
34 matches
Mail list logo
