Re: [RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process

From: Arjan van de Ven
Date: Sun Jan 21 2018 - 11:25:44 EST

Next message: Maciej S. Szmigiero: "[PATCH 1/5] ALSA: emu10k1: remove reserved_page"
Previous message: Tariq Toukan: "Re: [PATCH] net/mlx4_en: ensure rx_desc updating reaches HW before prod db updating"
In reply to: Ingo Molnar: "Re: [RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process"
Next in thread: Woodhouse, David: "Re: [RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/21/2018 8:21 AM, Ingo Molnar wrote:

So if it's only about the scheduler barrier, what cycle cost are we talking about
here?

in the order of 5000 to 10000 cycles.
(depends a bit on the cpu generation but this range is a reasonable approximation)

Because putting something like this into an ELF flag raises the question of who is
allowed to set the flag - does a user-compiled binary count? If yes then it would
be a trivial thing for local exploits to set the flag and turn off the barrier.

the barrier is about who you go TO, e.g. the thing under attack.
as you say, depending on the thing that would be the evil one does not work.

Next message: Maciej S. Szmigiero: "[PATCH 1/5] ALSA: emu10k1: remove reserved_page"
Previous message: Tariq Toukan: "Re: [PATCH] net/mlx4_en: ensure rx_desc updating reaches HW before prod db updating"
In reply to: Ingo Molnar: "Re: [RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process"
Next in thread: Woodhouse, David: "Re: [RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]