Re: [RFC PATCH] x86/speculation: Don't inherit TIF_SSBD on execve()

From: Andi Kleen
Date: Wed Dec 19 2018 - 14:38:25 EST

Next message: Andi Kleen: "Re: [PATCH] checkpatch.pl: Improve WARNING on Kconfig help"
Previous message: Tejun Heo: "Re: [PATCH 1/2] cgroup/cpuset: Update stale generate_sched_domains() comments"
In reply to: Waiman Long: "[RFC PATCH] x86/speculation: Don't inherit TIF_SSBD on execve()"
Next in thread: Waiman Long: "Re: [RFC PATCH] x86/speculation: Don't inherit TIF_SSBD on execve()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Dec 19, 2018 at 02:09:50PM -0500, Waiman Long wrote:
> With the default SPEC_STORE_BYPASS_SECCOMP/SPEC_STORE_BYPASS_PRCTL mode,
> the TIF_SSBD bit will be inherited when a new task is fork'ed or cloned.
>
> As only certain class of applications (like Java) requires disabling
> speculative store bypass for security purpose, it may not make sense to
> allow the TIF_SSBD bit to be inherited across execve() boundary where the
> new application may not need SSBD at all and is probably not aware that
> SSBD may have been turned on. This may cause an unnecessary performance
> loss of up to 20% in some cases.
>
> The arch_setup_new_exec() function is updated to clear the TIF_SSBD
> bit unless it has been force-disabled.

This makes it impossible to write a wrapper that turns this mode
on for unmodified programs.

Do you have a real use case where this behavior is a problem?

-Andi

Next message: Andi Kleen: "Re: [PATCH] checkpatch.pl: Improve WARNING on Kconfig help"
Previous message: Tejun Heo: "Re: [PATCH 1/2] cgroup/cpuset: Update stale generate_sched_domains() comments"
In reply to: Waiman Long: "[RFC PATCH] x86/speculation: Don't inherit TIF_SSBD on execve()"
Next in thread: Waiman Long: "Re: [RFC PATCH] x86/speculation: Don't inherit TIF_SSBD on execve()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]