From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from p4fea4eb5.dip0.t-ipconnect.de ([79.234.78.181] helo=nanos) by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fKl1V-00010n-Ij for speck@linutronix.de; Mon, 21 May 2018 15:38:49 +0200 Date: Mon, 21 May 2018 15:38:48 +0200 (CEST) From: Thomas Gleixner Subject: Re: [PATCH 5/5] SSB extra 4 In-Reply-To: Message-ID: References: =?utf-8?q?=3C690644?= =?utf-8?q?befb780c7b700274574d270620a17e6ed8=2E1525383411=2Egit=2Edave=2E?= =?utf-8?q?hansen=40intel=2Ecom=3E?= MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII To: speck@linutronix.de List-ID: On Mon, 21 May 2018, speck for Jiri Kosina wrote: > On Thu, 3 May 2018, speck for Dave Hansen wrote: > > > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > > index 0e17379..947ae8a 100644 > > --- a/arch/x86/kernel/cpu/bugs.c > > +++ b/arch/x86/kernel/cpu/bugs.c > > @@ -11,6 +11,7 @@ > > #include > > #include > > #include > > +#include > > #include > > #include > > #include > > @@ -148,10 +149,23 @@ EXPORT_SYMBOL_GPL(x86_get_default_spec_ctrl); > > > > static inline u64 intel_rds_mask(void) > > { > > + u64 mask; > > + > > if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) > > return 0; > > > > - return rds_tif_to_spec_ctrl(current_thread_info()->flags); > > + mask = rds_tif_to_spec_ctrl(current_thread_info()->flags); > > + > > + /* > > + * BPF programs can be exploited to attack the kernel. > > + * Leave the RDS bit on when we recently ran one. This > > + * bit gets cleared after a BFP program has not run on > > + * the CPU for a while. > > + */ > > + if (get_cpu_var(bpf_prog_ran)) > > + mask |= SPEC_CTRL_RDS; > > + > > + return mask; > > I know that different aproach is being taken for BPF mitigation, but in > case anyone is basing his first wave of updates on this ... Please don't. It's not working in several ways. Thanks, tglx