From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tglx@linutronix.de>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 10 Jul
  2018 11:53:26 -0000
Received: from hsi-kbw-5-158-153-52.hsi19.kabel-badenwuerttemberg.de
 ([5.158.153.52] helo=nanos)	by Galois.linutronix.de with esmtpsa
 (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)	(Exim 4.80)	(envelope-from
 <tglx@linutronix.de>)	id 1fcrCw-0008AK-2H	for speck@linutronix.de; Tue, 10
 Jul 2018 13:53:26 +0200
Date: Tue, 10 Jul 2018 13:53:25 +0200 (CEST)
From: Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [patch 1/2] Command line and documentation 1
In-Reply-To: <20180709214557.GM25550@tassilo.jf.intel.com>
Message-ID: <alpine.DEB.2.21.1807101345490.4356@nanos.tec.linutronix.de>
References: <20180708125216.197406530@linutronix.de>
 <20180708125654.729119463@linutronix.de>
 <20180709214557.GM25550@tassilo.jf.intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Mon, 9 Jul 2018, speck for Andi Kleen wrote:
> > +			full,force
> > +				Same as 'full', but disables SMT
> > +				control. Implies the 'nosmt=force' command
> > +				line option.
> 
> I'm still unclear what the use case for this force thing is. Can you please
> clarify? If someone controls the host kernel they can do all kinds of insecure 
> things, so why go to all this effort just to prevent them from 
> opening a side channel.  It seems like unnecessary complexity.
> I would remove all the force options.

That's neither lots of effort nor a huge complexity. And this has been
discussed to death already with the nosmt option.

> > +enum l1tf_mitigations l1tf_mitigation __ro_after_init = L1TF_MITIGATION_NOVIRT;
> 
> Can you remind me why there is no sysfs interface for this?

because we need to sort out the options first and then adding a sysfs entry
is just a patch on top.

> > +	[VMENTER_L1D_FLUSH_ALWAYS]	= "fully protected"
> > +};
> > +
> > +static ssize_t l1tf_show_state(char *buf)
> > +{
> > +	if (l1tf_vmx_mitigation == L1TF_VMX_UNKNOWN)
> > +		return sprintf(buf, "%s\n", l1tf_states[l1tf_mitigation]);
> > +
> > +	return sprintf(buf, "%s, VMX: SMT %s L1D %s\n",
> 
> I would call it Single-Thread instead of L1D
> 
> That's much more intuitive for someone who is not deep into
> micro architecture.

I can see how

'L1TF: Mitigation: PTE inversion, VMX: SMT disabled, Single-Thread conditional flush'

is more intuitive.

Thanks,

	tglx