On 04/17/2018 05:22 PM, speck for Thomas Gleixner wrote:
> On Tue, 17 Apr 2018, speck for Jon Masters wrote:
>> So we need to close on the following urgently:
>>
>> 1). What are we going to refer to this as?
>> 	- MDD
>> 	- SSB
>> 	- something else?
>> 
>> In the case of "MDD" it's x86 specific and "enabling" it means you
>> disable a feature (MD). To me, that seems to be inverted logic. You
>> would set it to "on", "off", or "kernel" (MD only in userspace).
> 
> No it's not inverted logic. It's the same logic as kpti= and spectre_v2=
> and we are not going to make this one the other way round just because.
> 
> So we need a acronym for it, which fits the problem. Either use the code
> name for this thing like we did with spectre or 'mdd' which describes it
> really well.

Ok, how about "ssbd" for the generic term then? And you can have "mdd"
be a synonym on x86 if you like? So we would have "Speculative Store
Bypass Disable" with the same options as currently in Konrad's patch.
Let's just agree on something now so that the other arches can follow
(e.g. IBM POWER folks say they are waiting to hear what they should use)

>> 2). We need a prctl option for a task to request behavior for SSB. One
>> option could be a new PR_SET_MITIGATION where we then have minor
>> parameters for additional mitigations that are required later.
> 
> And we need ponies.....
> 
> Seriously. We do the simple 'xxx=' command line option now and have that
> ready ASAP in case the embargo ends early.

Agree strongly. We should first simplify Konrad's patches to just do the
big hammer without trying to do per-entry/exit frobbing. I am looking at
that currently and will ping Konrad with some feedback in a few hours.

> The prctl is an optimization which can be done afterwards and we first need
> to agree whether we want it at all. I'm not too fond of yet another
> conditional branch in the entry/exit code. The code patching there is
> already bad enough. If we keep up adding this crap at that rate then we
> have sooner than later more NOOPs and conditionals than actual code.

However, I've a concern with the above. If you want to be able to run
with MD enabled in userspace by default then you'll soon need a way to
turn it off that isn't global. And folks working on patches are going to
ask for something that can be used from userspace for pre-embargo lift
patches, e.g. in OpenJDK. A prctl can't be added that isn't agreed, and
this all takes time to stage, so it would be better to agree soon prior
to the planned embargo lift, but it's fine if after the big hammer.

Jon.

-- 
Computer Architect | Sent from my Fedora powered laptop