Re: [PATCH v2 0/3] Randomize free memory

From: Michal Hocko
Date: Thu Oct 18 2018 - 09:46:34 EST

Next message: Takashi Iwai: "Re: [PATCH] [sound/i2c/cs8427] Fix int to char conversion"
Previous message: Thomas Gleixner: "Re: [Patch v3 08/13] x86/speculation: Rename SSBD update functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu 11-10-18 11:03:07, Dan Williams wrote:
> On Thu, Oct 11, 2018 at 4:56 AM Michal Hocko <mhocko@xxxxxxxxxx> wrote:
[...]
> > In any case, I believe the change itself is not controversial as long it
> > is opt-in (potentially autotuned based on specific HW)
>
> Do you mean disable shuffling on systems that don't have a
> memory-side-cache unless / until we can devise a security benefit
> curve relative to shuffle-order? The former I can do, the latter, I'm
> at a loss.

Yes, enable when the HW requires that for whatever reason and make add a
global knob to enable it for those that might find it useful for
security reasons with a clear cost/benefit description. Not "this is tha
security thingy enable and feel safe(r)"
--
Michal Hocko
SUSE Labs

Next message: Takashi Iwai: "Re: [PATCH] [sound/i2c/cs8427] Fix int to char conversion"
Previous message: Thomas Gleixner: "Re: [Patch v3 08/13] x86/speculation: Rename SSBD update functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]