From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from hsi-kbw-5-158-153-52.hsi19.kabel-badenwuerttemberg.de ([5.158.153.52] helo=nanos.tec.linutronix.de) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fGR9D-00071g-HL for speck@linutronix.de; Wed, 09 May 2018 17:36:55 +0200 Date: Wed, 9 May 2018 17:36:55 +0200 (CEST) From: Thomas Gleixner Subject: Re: [PATCH 5/5] SSB extra v2 5 In-Reply-To: <1ae07e8f-636f-0cbd-399c-e5d538dc93ea@linux.intel.com> Message-ID: References: =?utf-8?q?=3C3c3bda?= =?utf-8?q?6cd68a91d9e79ef1da60d481180d544d20=2E1525734796=2Egit=2Edave=2E?= =?utf-8?q?hansen=40intel=2Ecom=3E?= <20180508003632.GH4050@tassilo.jf.intel.com> <1ae07e8f-636f-0cbd-399c-e5d538dc93ea@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Mon, 7 May 2018, speck for Dave Hansen wrote: > On 05/07/2018 05:36 PM, speck for Andi Kleen wrote: > >> + /* To mitigate speculative-store-bypass, we only need > >> + * mitigation for programs that write to memory. Mark that > >> + * the program needs mitigation if loaded without > >> + * CAP_SYS_ADMIN: > >> + */ > >> + if (env->saw_memory_write && !capable(CAP_SYS_ADMIN)) > >> + env->prog->need_mitigation = true; > > Flag should have a more descriptive name specific to SSB. > > I bet this won't be the last mitigation needed for EBPF :| > > For now, it *is* generic, though. It's whether the mitigation function > gets injected into the call path or not. > > Once we have multiple things we have to mitigate for at entry/exit, we > may need to add some other flags to the bpf_prog that say exactly what > mitigations we need, like a "bfp_prog->does_memory_write" that > explicitly tells us if we need the SSB mitigation. Now looking at the overhead of this SSB hardware mitigation stuff I really wonder what's the state on investigating software mitigations for BPF. The magic PDF talks about that, but has anyone looked at that? Thanks, tglx