From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dan.j.williams@intel.com>
ARC-Seal: i=1; a=rsa-sha256; t=1517343198; cv=none;
        d=google.com; s=arc-20160816;
        b=fLTtsvf14JwuI7rSZlZs6knKq1wIcjhR5T093Apzws1B2MRiECVq8HaHVSug+Iu0Th
         mqYcppq2TQZbSpVlXAf621+TAO2pUEx5ZNc92tUJ07ZZIbLUtl6K/SFiiww6w6HrGk6f
         T3ZeQ/qPdR1/a+6rxMpNHhNa+UOuQiiAGbpsBiQtmy5n8Wk1y1PX72Ta8q7AdGwmHB2C
         /tJzD+yNqeYgDoPK5YKbEMiXGkFdQpCHhbCpev0a4UqKxHFUjvRDm/z4TmYwnjbTSHyG
         3GrBY26ycHKXJDprVHnvtLcubxG2o4m2v62zlx0fMpX1VMPPZEV7zwt1e4P1VHGxBzbE
         XL/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=cc:to:subject:message-id:date:from:references:in-reply-to
         :mime-version:dkim-signature:arc-authentication-results;
        bh=amzb0920NnVI7zS+8rvQzjWmkc5hlWr20I5DQZ1WnC4=;
        b=v+pHnzAgwXF/wbtNuh/WIrPyGyO1RsBWAa7T3XHzTENUZjTh4tUjZIR9sv8gIKt69m
         aINyGfFVAZHn2PJ4ourzuQ+iFH185BpzJCjwTLTgjD3Cy9+1TMY7p8n6UMqA4z1ysgN3
         jdQaKln/aiyFQ7HCvFJvl8Li30/C9QUSaIqsDXd5FOx7tFr82g+zx4amYAPBb1pBDkmZ
         o7lrD1lC//1zhA/ivVytb0KzLCcKGS5S+4IPmkSjXw2te1/s3iSmzIQwXY+tChsOIQFO
         zQH52qdcZnvK1d96io1PZ3LD1Pm7J3kkhL98MOw3V59cClK/1eSfV/lhBueIM2TakW/C
         FZ1w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=JxZjnKy6;
       spf=pass (google.com: domain of dan.j.williams@intel.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=dan.j.williams@intel.com
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=JxZjnKy6;
       spf=pass (google.com: domain of dan.j.williams@intel.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=dan.j.williams@intel.com
X-Google-Smtp-Source: AH8x224tur3fcca8uIo7BmjKJyuwTd1J/pH9T4SWgfdTgyCjEr2ojDpyaLvOmvHQ2fl69jqt6/xFdVF/q7c2ni2ByMQ=
MIME-Version: 1.0
In-Reply-To: <CA+55aFxLEL+8YA4MYkeyeUH7K8rZwBmGe6Z9V8QS=TYCREWDTQ@mail.gmail.com>
References: <151703971300.26578.1185595719337719486.stgit@dwillia2-desk3.amr.corp.intel.com>
 <151703972396.26578.7326612698912543866.stgit@dwillia2-desk3.amr.corp.intel.com>
 <20180128085500.djlm5rlbhjlpfj4i@gmail.com> <CAPcyv4jTaskPT1qXhdCO2mWVkcaMDMBq12vUJ_hSfjOU49qvgQ@mail.gmail.com>
 <alpine.DEB.2.20.1801281931180.2126@nanos> <CAPcyv4hSZ7=+076s+fmJ0HQ293H4X8829-LTrbvd8ZqJygGV6A@mail.gmail.com>
 <CA+55aFxLEL+8YA4MYkeyeUH7K8rZwBmGe6Z9V8QS=TYCREWDTQ@mail.gmail.com>
From: Dan Williams <dan.j.williams@intel.com>
Date: Tue, 30 Jan 2018 12:13:18 -0800
Message-ID: <CAPcyv4jTbH6As_SC2Po8j5mB6jKLcwMr3Yn=19aTN2yMgBR=iw@mail.gmail.com>
Subject: Re: [PATCH v5 02/12] array_idx: sanitize speculative array de-references
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@kernel.org>,
	linux-arch <linux-arch@vger.kernel.org>, Cyril Novikov <cnovikov@lynx.com>,
	Kernel Hardening <kernel-hardening@lists.openwall.com>, Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, X86 ML <x86@kernel.org>,
	Will Deacon <will.deacon@arm.com>, Russell King <linux@armlinux.org.uk>,
	Ingo Molnar <mingo@redhat.com>, Greg KH <gregkh@linuxfoundation.org>,
	"H. Peter Anvin" <hpa@zytor.com>, Alan Cox <alan@linux.intel.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Arjan Van De Ven <arjan.van.de.ven@intel.com>
Content-Type: text/plain; charset="UTF-8"
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1590732017653801778?=
X-GMAIL-MSGID: =?utf-8?q?1591049662152300993?=
X-Mailing-List: linux-kernel@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>

[ adding Arjan ]

On Tue, Jan 30, 2018 at 11:38 AM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
[..]
> Anyway, I do think the patches I've seen so far are ok, and the real
> reason I'm writing this email is actually more about future patches:
> do we have a good handle on where these array index sanitations will
> be needed?
>
> Also, while array limit checking was obviously the official
> "spectre-v1" issue, I do wonder if there are possible other issues
> where mispredicted conditional branches can end up leaking
> information?
>
> IOW, is there some work on tooling/analysis/similar? Not asking for
> near-term, but more of a "big picture" question..
>
>             Linus