Re: [Patch v4 17/18] x86/speculation: Update SPEC_CTRL MSRs of remote CPUs
From: Thomas Gleixner
Date: Mon Nov 05 2018 - 18:04:58 EST
Tim,
On Mon, 5 Nov 2018, Tim Chen wrote:
> How about sending an IPI if a remote CPU needs to have its SPEC_CTRL MSR
> updated?
>
> Something like the following to replace this patch?
...
> +static void spec_ctrl_update_func(void *info)
> +{
> + speculation_ctrl_update(task_thread_info(current)->flags);
> +}
> +
> static void set_task_stibp(struct task_struct *tsk, bool stibp_on)
> {
> bool update = false;
> + int cpu;
>
> if (!static_branch_unlikely(&spectre_v2_app_lite))
> return;
> @@ -789,6 +795,12 @@ static void set_task_stibp(struct task_struct *tsk, bool stibp_on)
>
> if (tsk == current)
> speculation_ctrl_update_current();
> + else {
> + cpu = task_cpu(tsk);
> + if (cpu != smp_processor_id())
> + smp_call_function_single(cpu, spec_ctrl_update_func,
> + NULL, false);
> + }
Aside of the condition being pointless in that case, that issues an IPI
whether the task is running or not. So this allows a task to issue tons of
async IPIs disturbing others by toggling the control.
I'm less and less convinced that piggybacking this on dumpable is a good
idea. It's lots of extra code and the security people are not really happy
about the whole thing either.
Can we please start out with the SSBD model and make use of the PRCTL and
the seccomp mitigation control?
Kees?
Thanks,
tglx