Re: [PATCH 04/13] xen/arm: Add ARCH_WORKAROUND_2 probing

From: Stefano Stabellini <sstabellini@kernel.org>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: xen-devel@lists.xenproject.org,
	Julien Grall <julien.grall@arm.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	andre.przywara@arm.com
Subject: Re: [PATCH 04/13] xen/arm: Add ARCH_WORKAROUND_2 probing
Date: Tue, 29 May 2018 14:35:26 -0700 (PDT)	[thread overview]
Message-ID: <alpine.DEB.2.10.1805291430490.5563@sstabellini-ThinkPad-X260> (raw)
In-Reply-To: <68d78c21-0404-ec12-e08c-c379db27daf5@citrix.com>

[-- Attachment #1: Type: TEXT/PLAIN, Size: 3014 bytes --]

On Sat, 26 May 2018, Andrew Cooper wrote:
> On 25/05/2018 21:51, Stefano Stabellini wrote:
> > On Wed, 23 May 2018, Julien Grall wrote:
> >> Hi,
> >>
> >> On 05/23/2018 10:57 PM, Stefano Stabellini wrote:
> >>> On Tue, 22 May 2018, Julien Grall wrote:
> >>>> As for Spectre variant-2, we rely on SMCCC 1.1 to provide the discovery
> >>>> mechanism for detecting the SSBD mitigation.
> >>>>
> >>>> A new capability is also allocated for that purpose, and a config
> >>>> option.
> >>>>
> >>>> This is part of XSA-263.
> >>>>
> >>>> Signed-off-by: Julien Grall <julien.grall@arm.com>
> >>>> ---
> >>>>   xen/arch/arm/Kconfig             | 10 ++++++++++
> >>>>   xen/arch/arm/cpuerrata.c         | 39
> >>>> +++++++++++++++++++++++++++++++++++++++
> >>>>   xen/include/asm-arm/cpuerrata.h  | 21 +++++++++++++++++++++
> >>>>   xen/include/asm-arm/cpufeature.h |  3 ++-
> >>>>   xen/include/asm-arm/smccc.h      |  6 ++++++
> >>>>   5 files changed, 78 insertions(+), 1 deletion(-)
> >>>>
> >>>> diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig
> >>>> index 8174c0c635..0e2d027060 100644
> >>>> --- a/xen/arch/arm/Kconfig
> >>>> +++ b/xen/arch/arm/Kconfig
> >>>> @@ -73,6 +73,16 @@ config SBSA_VUART_CONSOLE
> >>>>   	  Allows a guest to use SBSA Generic UART as a console. The
> >>>>   	  SBSA Generic UART implements a subset of ARM PL011 UART.
> >>>>   +config ARM_SSBD
> >>>> +	bool "Speculative Store Bypass Disable" if EXPERT = "y"
> >>>> +	depends on HAS_ALTERNATIVE
> >>>> +	default y
> >>>> +	help
> >>>> +	  This enables mitigation of bypassing of previous stores by
> >>>> speculative
> >>>> +	  loads.
> >>> I would add a reference to spectre v4. What do you think of:
> >>>
> >>>    This enables the mitigation of Spectre v4 attacks based on bypassing
> >>>    of previous memory stores by speculative loads.
> >> Well, the real name is SSBD (Speculative Store Bypass Disable). AFAIK, Spectre
> >> only refers to variant 1 and 2 so far. This one has no fancy name and the
> >> specifications is using SSBD.
> > Googling for Spectre Variant 4 returns twice as many results as Googling
> > for Speculative Store Bypass Disable. It doesn't matter what is the
> > official name for the security issue, I think we need to include a
> > reference to the most common name for it.
> 
> "Speculative Store Bypass" is the agreed vendor-neutral name for the
> issue.  This is why all the mitigation is SSBD, where the D on the end
> is Disable.
> 
> Google SP4 is a common name (but only covers one reporter of the issue),
> whereas Spectre has nothing to do with this issue, and is definitely
> wrong to use.
> 
> If in doubt, use SSB(D).

I think we should definitely call it SSBD, I was just saying that it
might be helpful to include also "Variant 4" in the description, such
as:

 This is also known as Variant 4.

to help users find the right results on Google. Anyway, given that you
are certainly better informed than me about it, I won't insist on this
point, I am OK without mentioning "Variant 4".

[-- Attachment #2: Type: text/plain, Size: 157 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel