From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: ACJfBotxEQG6E0okw0jRw0Ryl5xKf/LdUn4QVkt3dAXSFZ3uN4EwPHFTRPcM2sEiPaSwBtuLIhlS ARC-Seal: i=1; a=rsa-sha256; t=1516322314; cv=none; d=google.com; s=arc-20160816; b=oz2kbGe0S7WbNaYUwANLZGhCwF1AgE/NOOH8Mene47dao9bxIfUDIa/bIMBN9z6LkA 3y36lmXMmSFyGQAdcjco5o6FE0EEb6QoKK96IMLxRjzD2dO8PrFl+Kh0kz1fPMbftEJZ Cq6jU3nIBBOSSIiENzWBLlRcreA/obuE94ps1QXj1BzsXDgS6deahE1xcuF1YbJrbZ/W xHMSObhpLeQTd+HkaYAkTvwMyQ4dT0Ins7AxWKlJWjW2+bx2Q9Nc18jptOCp12JD3ZBS 0zBhtdxOLKN7Dg0g5O90ukkqs1dnXOqC2xJ1wup635f6hqsK9VrQcZ9Yy/3uT+QzbwZX CU9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :user-agent:date:message-id:from:references:cc:to:subject :arc-authentication-results; bh=7AMh0dQkOKsEjIcoj2HpDI5mYRNNTG6gSyINCcowW6U=; b=CgSzs1oMIQGtC+CP50wK5LnM2a7yOv23ciZ6KHfaVfVrKPdEKnNi9EWGeVCGiTnibz bxMIT02s/0GrmKfgxsuoM2WEyjURi09IGbvoslO3YjAl3FDgOPGWF+NaX5gWpH8istTT 7uQLtc0xCpFnsMsv3wT6do6Zf+RbkImsGoo9IWZ9d8gdNbUuveJUJnAd21qOCbUuciM2 yy+7TXmU7rCjzj3CgA46a1ChITdpwmmSWMSnWhJQop4OCCIiMtYOZFfOvan46g5CYIjL TsQPKdhaq8v7bmAnaUWNv8o1g7m/yJ/zAMkyt5DqaEFRUmNDj+B5gpMALX9zRYomdt/U KdOA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of tim.c.chen@linux.intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=tim.c.chen@linux.intel.com Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of tim.c.chen@linux.intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=tim.c.chen@linux.intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,379,1511856000"; d="scan'208";a="196779388" Subject: Re: [PATCH 30/35] x86/speculation: Use Indirect Branch Prediction Barrier in context switch To: Peter Zijlstra , David Woodhouse , Thomas Gleixner , Josh Poimboeuf Cc: linux-kernel@vger.kernel.org, Dave Hansen , Ashok Raj , Andy Lutomirski , Linus Torvalds , Greg KH , Andrea Arcangeli , Andi Kleen , Arjan Van De Ven , Dan Williams , Paolo Bonzini , Jun Nakajima , Asit Mallick , Jason Baron References: <20180118134800.711245485@infradead.org> <20180118140153.257709600@infradead.org> From: Tim Chen Message-ID: <3a3c86d1-d15a-ec98-a9c0-e7a43f5c9cc5@linux.intel.com> Date: Thu, 18 Jan 2018 16:38:32 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0 MIME-Version: 1.0 In-Reply-To: <20180118140153.257709600@infradead.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-LABELS: =?utf-8?b?IlxcSW1wb3J0YW50Ig==?= X-GMAIL-THRID: =?utf-8?q?1589979186687852310?= X-GMAIL-MSGID: =?utf-8?q?1589979186687852310?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: On 01/18/2018 05:48 AM, Peter Zijlstra wrote: > >+ /* >+ * Avoid user/user BTB poisoning by flushing the branch predictor >+ * when switching between processes. This stops one process from >+ * doing spectre-v2 attacks on another process's data. >+ */ >+ indirect_branch_prediction_barrier(); >+ Some optimizations can be done here to avoid overhead in barrier call. For example, don't do the barrier if prev and next mm are the same. If the two process trust each other, or the new process already have rights to look into the previous process, the barrier could be skipped. Tim