From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from hsi-kbw-5-158-153-52.hsi19.kabel-badenwuerttemberg.de ([5.158.153.52] helo=nanos.tec.linutronix.de) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fEdd9-0007ds-6u for speck@linutronix.de; Fri, 04 May 2018 18:32:23 +0200 Date: Fri, 4 May 2018 18:32:22 +0200 (CEST) From: Thomas Gleixner Subject: Re: [PATCH 3/5] SSB extra 1 In-Reply-To: <20180504162813.GH75137@tassilo.jf.intel.com> Message-ID: References: =?utf-8?q?=3Cd4ffdf?= =?utf-8?q?50f25bca207b3942fc4a390d2273487517=2E1525383411=2Egit=2Edave=2E?= =?utf-8?q?hansen=40intel=2Ecom=3E?= <1bf0c44d-c972-2c2e-5d90-4f51b8f2c4c9@linux.intel.com> <20180504160408.GG75137@tassilo.jf.intel.com> <20180504162813.GH75137@tassilo.jf.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII To: speck@linutronix.de List-ID: On Fri, 4 May 2018, speck for Andi Kleen wrote: > On Fri, May 04, 2018 at 06:09:04PM +0200, speck for Thomas Gleixner wrote: > > On Fri, 4 May 2018, speck for Andi Kleen wrote: > > > > > > > Ahhh, that's an interesting point. Are you thinking that we add a BPF > > > > > "instruction" to enable or disable the mitigations, and then have the > > > > > verifier insert it as the first instruction and then before any exit > > > > > instructions? Is there some precedent for doing this? > > > > > > > > Dunno, but it would be the obvious thing to do I think. > > > > > > Other option would be a preempt notifier migrating the SSB state? > > > > Why so? Because it's more complex than just using the TIF_RDS flag which > > gets evaluated anyway? > > The flag doesn't know anything about the timer. You would > need another flag that says "start a delay timer on the new CPU > too". Color me confused. I dont see a timer anywhere.