Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

From: Dave Hansen
Date: Tue Jan 23 2018 - 10:01:39 EST

Next message: David Miller: "Re: [PATCH] net: ipv6: ndisc: fix bool assignment in ndisc_send_na"
Previous message: Alan Cox: "Re: [RFC PATCH 00/16] PTI support for x86-32"
In reply to: David Woodhouse: "Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation"
Next in thread: David Woodhouse: "Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 01/23/2018 01:27 AM, Ingo Molnar wrote:
>
> - All asynchronous contexts (IRQs, NMIs, etc.) stuff the RSB before IRET. (The
> tracking could probably made IRQ and maybe even NMI safe, but the worst-case
> nesting scenarios make my head ache.)

This all sounds totally workable to me. We talked about using ftrace
itself to track call depth, but it would be unusable in production, of
course. This seems workable, though. You're also totally right about
the zero overhead on most kernels with it turned off when we don't need
RSB underflow protection (basically pre-Skylake).

I also agree that the safe thing to do is to just stuff before iret. I
bet we can get a ftrace-driven RSB tracker working precisely enough even
with NMIs, but it's way simpler to just stuff and be done with it for now.

Next message: David Miller: "Re: [PATCH] net: ipv6: ndisc: fix bool assignment in ndisc_send_na"
Previous message: Alan Cox: "Re: [RFC PATCH 00/16] PTI support for x86-32"
In reply to: David Woodhouse: "Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation"
Next in thread: David Woodhouse: "Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]