From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (193.142.43.55:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 22 Oct 2019 22:06:19 -0000 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120] helo=us-smtp-1.mimecast.com) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1iN2IE-00083v-4D for speck@linutronix.de; Wed, 23 Oct 2019 00:06:18 +0200 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1BE76107AD31 for ; Tue, 22 Oct 2019 22:06:12 +0000 (UTC) Received: from treble (ovpn-124-213.rdu2.redhat.com [10.10.124.213]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C697160C5E for ; Tue, 22 Oct 2019 22:06:11 +0000 (UTC) Date: Tue, 22 Oct 2019 17:06:09 -0500 From: Josh Poimboeuf Subject: [MODERATED] Re: [PATCH v7 04/10] TAAv7 4 Message-ID: <20191022220609.a27xd7qlotm5esj2@treble> References: <20191022165112.GK31458@zn.tnic> <20191022170230.GM31458@zn.tnic> <20191022180032.GF29216@guptapadev.amr> <20191022181215.GP31458@zn.tnic> <20191022191614.GA26396@agluck-desk2.amr.corp.intel.com> <20191022192820.GU31458@zn.tnic> <20191022200235.GA26744@agluck-desk2.amr.corp.intel.com> <20191022205427.GW31458@zn.tnic> <20191022213820.njr46drwwinzp7hu@treble> <20191022214628.GX31458@zn.tnic> MIME-Version: 1.0 In-Reply-To: <20191022214628.GX31458@zn.tnic> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Tue, Oct 22, 2019 at 11:46:29PM +0200, speck for Borislav Petkov wrote: > On Tue, Oct 22, 2019 at 04:38:20PM -0500, speck for Josh Poimboeuf wrote: > > I'm not sure what you mean, I think the patches mitigate TAA by default > > when TSX is on (ignoring SMT of course). > > > > Also, suspending disbelief for a moment and assuming TSX becomes a huge > > success story and you want to safely enable it 5 years down the road, > > you'd have to do > > > > tsx=on,tsx_async_abort=full,nosmt,tsx_bug2=full,nosmt .... etc > > > > when you just want to turn the darned thing on without having to worry > > about specifying all the mitigations for all currently known bugs. > > But when you want to enable it 5 years from now, you simply do > > tsx=on > > Why would you even need to supply anything after it? Because my 4-year-old CPU will need the mitigations ;-) -- Josh