All of lore.kernel.org
 help / color / mirror / Atom feed
From: Russell King - ARM Linux admin <linux@armlinux.org.uk>
To: Jian Cai <jiancai@google.com>
Cc: "Mark Rutland" <mark.rutland@arm.com>,
	"Catalin Marinas" <catalin.marinas@arm.com>,
	"Linus Walleij" <linus.walleij@linaro.org>,
	"James Morris" <jmorris@namei.org>,
	manojgupta@google.com, "Will Deacon" <will@kernel.org>,
	"Ingo Molnar" <mingo@kernel.org>, "Marc Zyngier" <maz@kernel.org>,
	"Masahiro Yamada" <masahiroy@kernel.org>,
	"Ard Biesheuvel" <ardb@kernel.org>,
	clang-built-linux@googlegroups.com, llozano@google.com,
	"David Brazdil" <dbrazdil@google.com>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	"Kees Cook" <keescook@chromium.org>,
	"Arnd Bergmann" <arnd@arndb.de>,
	"Nathan Chancellor" <nathan@kernel.org>,
	linux-arm-kernel@lists.infradead.org, ndesaulniers@google.com,
	linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	"David Laight" <David.Laight@aculab.com>,
	"James Morse" <james.morse@arm.com>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	"Andreas Färber" <afaerber@suse.de>,
	"Mike Rapoport" <rppt@kernel.org>
Subject: Re: [PATCH v4] ARM: Implement SLS mitigation
Date: Sun, 21 Feb 2021 10:13:17 +0000	[thread overview]
Message-ID: <20210221101317.GN1463@shell.armlinux.org.uk> (raw)
In-Reply-To: <20210219230841.875875-1-jiancai@google.com>

On Fri, Feb 19, 2021 at 03:08:13PM -0800, Jian Cai wrote:
> diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
> index 269967c4fc1b..146b75a79d9e 100644
> --- a/security/Kconfig.hardening
> +++ b/security/Kconfig.hardening
> @@ -121,6 +121,16 @@ choice
>  
>  endchoice
>  
> +config HARDEN_SLS_ALL
> +	bool "enable SLS vulnerability hardening"
> +	default n

Please get rid of this useless "default n"

> +	depends on $(cc-option,-mharden-sls=all)
> +	help
> +	  Enables straight-line speculation vulnerability hardening on ARM and ARM64
> +	  architectures. It inserts speculation barrier sequences (SB or DSB+ISB
> +	  depending on the target architecture) after RET and BR, and replacing
> +	  BLR with BL+BR sequence.

Given that this is in an architecture independent Kconfig file, and it
detects support in CC for this feature, why should this help text be
written to be specific to a couple of architectures? Will this feature
only ever be available on these two architectures? What if someone adds
support for another architecture?

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

WARNING: multiple messages have this Message-ID (diff)
From: Russell King - ARM Linux admin <linux@armlinux.org.uk>
To: Jian Cai <jiancai@google.com>
Cc: "Mark Rutland" <mark.rutland@arm.com>,
	"Catalin Marinas" <catalin.marinas@arm.com>,
	"Linus Walleij" <linus.walleij@linaro.org>,
	manojgupta@google.com, "Will Deacon" <will@kernel.org>,
	"Ard Biesheuvel" <ardb@kernel.org>,
	"Marc Zyngier" <maz@kernel.org>,
	"Masahiro Yamada" <masahiroy@kernel.org>,
	"James Morris" <jmorris@namei.org>,
	"Ingo Molnar" <mingo@kernel.org>,
	clang-built-linux@googlegroups.com, llozano@google.com,
	"David Brazdil" <dbrazdil@google.com>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	"Kees Cook" <keescook@chromium.org>,
	"Arnd Bergmann" <arnd@arndb.de>,
	"Nathan Chancellor" <nathan@kernel.org>,
	linux-arm-kernel@lists.infradead.org, ndesaulniers@google.com,
	linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	"David Laight" <David.Laight@aculab.com>,
	"James Morse" <james.morse@arm.com>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	"Andreas Färber" <afaerber@suse.de>,
	"Mike Rapoport" <rppt@kernel.org>
Subject: Re: [PATCH v4] ARM: Implement SLS mitigation
Date: Sun, 21 Feb 2021 10:13:17 +0000	[thread overview]
Message-ID: <20210221101317.GN1463@shell.armlinux.org.uk> (raw)
In-Reply-To: <20210219230841.875875-1-jiancai@google.com>

On Fri, Feb 19, 2021 at 03:08:13PM -0800, Jian Cai wrote:
> diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening
> index 269967c4fc1b..146b75a79d9e 100644
> --- a/security/Kconfig.hardening
> +++ b/security/Kconfig.hardening
> @@ -121,6 +121,16 @@ choice
>  
>  endchoice
>  
> +config HARDEN_SLS_ALL
> +	bool "enable SLS vulnerability hardening"
> +	default n

Please get rid of this useless "default n"

> +	depends on $(cc-option,-mharden-sls=all)
> +	help
> +	  Enables straight-line speculation vulnerability hardening on ARM and ARM64
> +	  architectures. It inserts speculation barrier sequences (SB or DSB+ISB
> +	  depending on the target architecture) after RET and BR, and replacing
> +	  BLR with BL+BR sequence.

Given that this is in an architecture independent Kconfig file, and it
detects support in CC for this feature, why should this help text be
written to be specific to a couple of architectures? Will this feature
only ever be available on these two architectures? What if someone adds
support for another architecture?

-- 
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

  reply	other threads:[~2021-02-21 10:14 UTC|newest]

Thread overview: 58+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-12  5:14 [PATCH] ARM: Implement Clang's SLS mitigation Jian Cai
2021-02-12  5:14 ` Jian Cai
2021-02-12  5:55 ` Nathan Chancellor
2021-02-12  5:55   ` Nathan Chancellor
2021-02-12 10:41   ` David Laight
2021-02-12 10:41     ` David Laight
2021-02-12 19:52     ` [PATCH v2] " Jian Cai
2021-02-12 19:52       ` Jian Cai
2021-02-17  9:49       ` Will Deacon
2021-02-17  9:49         ` Will Deacon
2021-02-17 11:05         ` David Laight
2021-02-17 11:05           ` David Laight
2021-03-25 14:01         ` Linus Walleij
2021-03-25 14:01           ` Linus Walleij
2021-02-17 18:20       ` Nick Desaulniers
2021-02-17 18:20         ` Nick Desaulniers
2021-02-19 20:18       ` [PATCH v3] ARM: Implement " Jian Cai
2021-02-19 20:18         ` Jian Cai
2021-02-19 20:30         ` Nathan Chancellor
2021-02-19 20:30           ` Nathan Chancellor
2021-02-19 23:08         ` [PATCH v4] " Jian Cai
2021-02-19 23:08           ` Jian Cai
2021-02-21 10:13           ` Russell King - ARM Linux admin [this message]
2021-02-21 10:13             ` Russell King - ARM Linux admin
2021-02-22 11:58           ` Will Deacon
2021-02-22 11:58             ` Will Deacon
2021-02-22 21:50             ` Jian Cai
2021-02-22 21:50               ` Jian Cai
2021-02-23 10:04               ` Will Deacon
2021-02-23 10:04                 ` Will Deacon
2021-03-03 15:18                 ` Linus Walleij
2021-03-03 15:18                   ` Linus Walleij
2021-03-03 15:29                   ` David Laight
2021-03-03 15:29                     ` David Laight
2021-03-03 15:31                     ` Linus Walleij
2021-03-03 15:31                       ` Linus Walleij
2021-02-23  2:31           ` [PATCH v5] " Jian Cai
2021-02-23  2:31             ` Jian Cai
2021-02-23  2:35             ` Jian Cai
2021-02-23  2:35               ` Jian Cai
2021-03-03 15:04               ` Linus Walleij
2021-03-03 15:04                 ` Linus Walleij
2021-03-04 23:22                 ` Jian Cai
2021-03-04 23:22                   ` Jian Cai
2021-03-06 12:25                   ` Linus Walleij
2021-03-06 12:25                     ` Linus Walleij
2021-03-10  4:43                     ` Jian Cai
2021-03-10  4:43                       ` Jian Cai
2021-03-22 11:45                       ` Linus Walleij
2021-03-22 11:45                         ` Linus Walleij
2021-03-23 22:39                         ` Jian Cai
2021-03-23 22:39                           ` Jian Cai
2021-03-05  0:53               ` [PATCH v6] " Jian Cai
2021-03-05  0:53                 ` Jian Cai
2021-03-05  9:52                 ` Will Deacon
2021-03-05  9:52                   ` Will Deacon
2021-03-06 12:27                   ` Linus Walleij
2021-03-06 12:27                     ` Linus Walleij

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210221101317.GN1463@shell.armlinux.org.uk \
    --to=linux@armlinux.org.uk \
    --cc=David.Laight@aculab.com \
    --cc=afaerber@suse.de \
    --cc=akpm@linux-foundation.org \
    --cc=ardb@kernel.org \
    --cc=arnd@arndb.de \
    --cc=catalin.marinas@arm.com \
    --cc=clang-built-linux@googlegroups.com \
    --cc=dbrazdil@google.com \
    --cc=james.morse@arm.com \
    --cc=jiancai@google.com \
    --cc=jmorris@namei.org \
    --cc=keescook@chromium.org \
    --cc=linus.walleij@linaro.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=llozano@google.com \
    --cc=manojgupta@google.com \
    --cc=mark.rutland@arm.com \
    --cc=masahiroy@kernel.org \
    --cc=maz@kernel.org \
    --cc=mingo@kernel.org \
    --cc=nathan@kernel.org \
    --cc=ndesaulniers@google.com \
    --cc=rppt@kernel.org \
    --cc=serge@hallyn.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.