From: Borislav Petkov <bp@alien8.de>
To: Dimitri John Ledkov <dimitri.ledkov@canonical.com>,
Thadeu Lima de Souza Cascardo <cascardo@canonical.com>,
Andrew Cooper <andrew.cooper3@citrix.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
Peter Zijlstra <peterz@infradead.org>
Subject: Re: [PATCH] x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
Date: Thu, 28 Jul 2022 17:50:06 +0200 [thread overview]
Message-ID: <YuKwLnYlzC0R8xrF@zn.tnic> (raw)
In-Reply-To: <YuKoxyUdAWsTfKez@zn.tnic>
+ Cooper to sanity-check me.
On Thu, Jul 28, 2022 at 05:18:31PM +0200, Borislav Petkov wrote:
> On Thu, Jul 28, 2022 at 03:33:35PM +0100, Dimitri John Ledkov wrote:
> > Azure public cloud (so it is Azure custom hyper-v hypervisor) these
> > instance types https://docs.microsoft.com/en-us/azure/virtual-machines/dav4-dasv4-series
>
> Thank you both for the info.
>
> Virt is an awful piece of sh*t when it goes and emulates all kinds of
> imaginary CPUs. And AMD machine *without* an IBPB which is affected by
> retbleed. Well, f*ck that.
>
> Does that say somewhere on azure that those guests need to even enable
> the mitigation or does the HV mitigate it for them?
>
> Because I wouldn't mind to simply disable the mitigation when on a
> hypervisor which doesn't support IBPB.
So for 5.19 we probably should take the one-liner just so that we
release with all known issues fixed.
Going forward, I'm thinking all that FW-mitigation selection should go
into a function called something like firmware_select_mitigations()
which gets called at the end of check_bugs(), after all mitigation
selectors have run.
And in there, the first check should be if X86_FEATURE_HYPERVISOR and if
set, not set any mitigations for firmware calls.
Because, frankly, is there any point in protecting against firmware
calls in the guest? The guest firmware is part of the hypervisor which
gets supplied by the guest owner or cloud provider or so.
In the former case you probably don't need protection and in the latter,
you don't have a choice.
But I'm unclear on the fw-in-the-guest thing - I'm sure Andy has a
better idea...
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
next prev parent reply other threads:[~2022-07-28 15:50 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-28 12:26 [PATCH] x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available Thadeu Lima de Souza Cascardo
2022-07-28 12:35 ` Borislav Petkov
2022-07-28 12:39 ` Thadeu Lima de Souza Cascardo
2022-07-28 14:33 ` Dimitri John Ledkov
2022-07-28 15:18 ` Borislav Petkov
2022-07-28 15:50 ` Borislav Petkov [this message]
2022-07-28 17:01 ` Thadeu Lima de Souza Cascardo
2022-07-29 18:22 ` Borislav Petkov
2022-07-28 15:16 ` Peter Zijlstra
2022-07-29 8:11 ` [tip: x86/urgent] " tip-bot2 for Thadeu Lima de Souza Cascardo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YuKwLnYlzC0R8xrF@zn.tnic \
--to=bp@alien8.de \
--cc=andrew.cooper3@citrix.com \
--cc=cascardo@canonical.com \
--cc=dimitri.ledkov@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.