From: Bandan Das <bsd@redhat.com>
To: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: "Moger, Babu" <bmoger@amd.com>, Babu Moger <babu.moger@amd.com>,
bp@alien8.de, corbet@lwn.net, hpa@zytor.com,
linux-kernel@vger.kernel.org, mingo@redhat.com,
tglx@linutronix.de, x86@kernel.org
Subject: Re: [v6 1/1] x86/bugs: Implement mitigation for Predictive Store
Date: Thu, 09 Sep 2021 12:20:32 -0400 [thread overview]
Message-ID: <jpgo891affz.fsf@linux.bootlegged.copy> (raw)
In-Reply-To: <20210904172334.lfjyqi4qfzvbxef7@treble> (Josh Poimboeuf's message of "Sat, 4 Sep 2021 10:23:34 -0700")
Josh Poimboeuf <jpoimboe@redhat.com> writes:
> On Fri, Sep 03, 2021 at 07:52:43PM -0500, Moger, Babu wrote:
>> > BTW, is the list of PSF-affected CPUs the same as the list of
>> > SSB-affected CPUs? If there might be PSF CPUs which don't have SSB,
>> > then more logic will need to be added to ensure a sensible default.
>> I can't think of a scenario where it is not same on a system.
>
> To clarify, I'm asking about CPU capabilities. Are there any AMD CPUs
> with the PSF feature, which don't have SSB?
>
>> > On a related note, is there a realistic, non-hypothetical need to have
>> > separate policies and cmdline options for both SSB and PSF? i.e. is
>> > there a real-world scenario where a user needs to disable PSF while
>> > leaving SSB enabled?
>>
>> https://www.amd.com/system/files/documents/security-analysis-predictive-store-forwarding.pdf <https://www.amd.com/system/files/documents/security-analysis-predictive-store-forwarding.pdf>
>> There are some examples in the document. Probably it is too soon to tell if
>> those are real real-world scenarios as this feature is very new.
>
> I didn't see any actual examples. Are you referring to this sentence?
>
> "PSFD may be desirable for software which is concerned with the
> speculative behavior of PSF but desires a smaller performance impact
> than setting SSBD."
>
Sounds reasonable. It would have been good if the whitepaper mentioned
any real examples which could benefit from selectively disabling psf.
Generally speaking, as a user, I would either want to turn speculation
entirely off or on which is what ssbd already does.
>> > Because trying to give them separate interfaces, when PSF disable is
>> > intertwined with SSB disable in hardware, is awkward and confusing. And
>> > the idea of adding another double-negative interface (disable=off!),
>> > just because a vulnerability is considered to be a CPU "feature", isn't
>> > very appetizing.
>> >
>> > So instead of adding a new double-negative interface, which only *half*
>> > works due to the ssb_disable dependency, and which is guaranteed to
>> > further confuse users, and which not even be used in the real world
>> > except possibly by confused users...
>> >
>> > I'm wondering if we can just start out with the simplest possible
>> > approach: don't change any code and instead just document the fact that
>> > "spec_store_bypass_disable=" also affects PSF.
>> >
>> > Then, later on, if a real-world need is demonstrated, actual code could
>> > be added to support disabling PSF independently (but of course it would
>> > never be fully independent since PSF disable is forced by SSB disable).
>>
>> Do you mean for now keep only 'on' and 'auto' and remove "off"?
>
> No, since PSF can already be mitigated with SSBD today, I'm suggesting
> that all code be removed from the patch and instead just update the
> documentation.
next prev parent reply other threads:[~2021-09-09 16:20 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-17 22:00 [v6 0/1] Introduce support for PSF control Ramakrishna Saripalli
2021-05-17 22:00 ` [v6 1/1] x86/bugs: Implement mitigation for Predictive Store Forwarding Ramakrishna Saripalli
2021-05-18 2:55 ` Randy Dunlap
2021-05-18 12:27 ` Saripalli, RK
2021-05-18 20:35 ` Pawan Gupta
2021-05-19 5:38 ` Pawan Gupta
2021-05-19 13:19 ` Saripalli, RK
2021-05-19 5:50 ` Pawan Gupta
2021-09-01 20:20 ` [v6 1/1] x86/bugs: Implement mitigation for Predictive Store Babu Moger
2021-09-01 20:30 ` Babu Moger
2021-09-01 20:35 ` Babu Moger
2021-09-02 17:35 ` Pawan Gupta
2021-08-12 23:44 ` [v6 1/1] x86/bugs: Implement mitigation for Predictive Store Forwarding Josh Poimboeuf
2021-09-02 18:16 ` [v6 1/1] x86/bugs: Implement mitigation for Predictive Store Babu Moger
2021-09-03 0:07 ` Josh Poimboeuf
[not found] ` <dca004cf-bacc-1a1f-56d6-c06e8bec167a@amd.com>
2021-09-04 17:23 ` Josh Poimboeuf
2021-09-07 23:15 ` Babu Moger
2021-09-08 18:20 ` Josh Poimboeuf
2021-09-10 16:08 ` Babu Moger
2021-09-09 16:20 ` Bandan Das [this message]
2021-06-17 20:47 ` [v6 0/1] Introduce support for PSF control Saripalli, RK
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=jpgo891affz.fsf@linux.bootlegged.copy \
--to=bsd@redhat.com \
--cc=babu.moger@amd.com \
--cc=bmoger@amd.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=hpa@zytor.com \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).