All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jon Masters <jcm@redhat.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: spectrev1+
Date: Mon, 4 Jun 2018 21:09:52 -0400	[thread overview]
Message-ID: <d46a7249-1d3e-89fd-f7e2-8a8c82f12120@redhat.com> (raw)
In-Reply-To: <20180604195120.lp5ryit4yrvjms76@treble>

[-- Attachment #1: Type: text/plain, Size: 2143 bytes --]

On 06/04/2018 03:51 PM, speck for Josh Poimboeuf wrote:
> On Mon, Jun 04, 2018 at 09:10:50PM +0200, speck for Peter Zijlstra wrote:
>> On Mon, Jun 04, 2018 at 12:36:23PM -0500, speck for Josh Poimboeuf wrote:
>>> On Mon, Jun 04, 2018 at 10:18:09AM -0700, speck for Dave Hansen wrote:
>>>> On 06/04/2018 10:14 AM, speck for Josh Poimboeuf wrote:
>>>>> So is the general idea that we're going to insert 3,000 lfences???  Or
>>>>> is there some reasonable way to weed out false positives?
>>>>
>>>> I think the original ~800 "hits" from Coverity ended up in something
>>>> like 10 places that we had to mitigate, either with lfence or
>>>> array_index_nospec().  They had to be culled down manually, though.
>>>
>>> Right, but since the Smatch v1 scanner was introduced in April, that has
>>> ballooned to 50 array_index_nospec() call sites.  In many (most?) cases
>>> I think it's difficult to definitively say "this is a false positive"
>>> with full certainty.
>>>
>>> So I'm just wondering what (if any) criteria we're using to make that
>>> determination.
>>
>> Yeah, that Coverity stuff missed a metric ton of sites.
> 
> Based on what Jiri said, it sounds like *three* metric tons.
> 
>> Many of the smatch results need fixing, mostly because even if you
>> cannot find a cache side-channel after most of them, there's no saying
>> there's no other side-channel hiding in plain sight.
>>
>> And if you kill all possible user input speculation, you don't have to
>> worry about someone changing the code and adding whatever it needs
>> later.
> 
> So we need to add ~3,000 array_index_nospec() calls, preferably before
> next Tuesday.  No problem!

Given the severity of this (sub)variant (which allows more precise
manipulation of program control flow during speculation) I really think
next Tuesday is not the time to be having the unembargo. I made a
request once again during a call with Intel for this to be delayed.

There's another MS patch Tuesday next month folks...I'll go ask
Microsoft to ask Intel for the same.

Jon.

-- 
Computer Architect | Sent from my Fedora powered laptop


  reply	other threads:[~2018-06-05  1:10 UTC|newest]

Thread overview: 78+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-31 12:50 [MODERATED] spectrev1+ Jiri Kosina
2018-05-31 13:57 ` [MODERATED] spectrev1+ Josh Poimboeuf
2018-06-01 11:14   ` Peter Zijlstra
2018-06-01 12:46     ` Josh Poimboeuf
2018-05-31 14:11 ` David Woodhouse
2018-05-31 14:18   ` Linus Torvalds
2018-05-31 14:39     ` Jiri Kosina
2018-05-31 14:46 ` Peter Zijlstra
2018-05-31 14:55   ` Jiri Kosina
2018-05-31 18:49     ` Josh Poimboeuf
2018-05-31 18:55       ` Jiri Kosina
2018-05-31 20:36         ` Josh Poimboeuf
2018-05-31 20:52           ` Jiri Kosina
2018-05-31 21:28             ` Jiri Kosina
2018-05-31 21:51               ` Josh Poimboeuf
2018-05-31 21:59                 ` Jiri Kosina
2018-05-31 23:09                 ` Jon Masters
2018-05-31 20:54           ` Linus Torvalds
2018-06-01 11:03           ` Peter Zijlstra
2018-06-01 16:28             ` Jon Masters
2018-05-31 14:58   ` Peter Zijlstra
2018-05-31 18:41 ` Jon Masters
2018-05-31 21:02   ` Peter Zijlstra
2018-05-31 21:39     ` Josh Poimboeuf
2018-06-01 17:12   ` Konrad Rzeszutek Wilk
2018-06-01 21:29     ` Konrad Rzeszutek Wilk
2018-06-04 15:38       ` Peter Zijlstra
2018-06-04 15:44         ` Jiri Kosina
2018-06-04 16:23           ` Greg KH
2018-06-05 17:58           ` Josh Poimboeuf
2018-06-05 21:58             ` Jiri Kosina
2018-06-05 22:14               ` Linus Torvalds
2018-06-05 22:23                 ` Jiri Kosina
2018-06-05 22:48                   ` Linus Torvalds
2018-06-05 23:56                     ` Jiri Kosina
2018-06-06  8:06                       ` Norbert Manthey
2018-06-06  9:50                       ` [MODERATED] spectrev1+ Norbert Manthey
2018-06-06 10:48                         ` [MODERATED] spectrev1+ Greg KH
2018-06-06 16:14                           ` [MODERATED] Is: smack, Was:Re: spectrev1+ Konrad Rzeszutek Wilk
2018-06-06 16:24                             ` [MODERATED] " Konrad Rzeszutek Wilk
2018-06-06 18:30                             ` [MODERATED] " Norbert Manthey
2018-06-06 19:09                               ` Thomas Gleixner
2018-06-07 11:38                                 ` [MODERATED] " Norbert Manthey
2018-06-07 12:31                                   ` Peter Zijlstra
2018-06-07 15:45                                 ` Konrad Rzeszutek Wilk
2018-06-07 16:10                                   ` Thomas Gleixner
2018-06-07 16:41                                     ` [MODERATED] " Konrad Rzeszutek Wilk
2018-06-07 16:58                                       ` Josh Poimboeuf
2018-06-07 17:39                                         ` Norbert Manthey
2018-06-08  8:33                                           ` Martin Pohlack
2018-06-08  8:38                                           ` David Woodhouse
2018-06-09 12:31                                             ` Thomas Gleixner
2018-06-07 20:13                                       ` Is: smack, Was:Re: spectrev1+c Thomas Gleixner
2018-06-08 18:39                                     ` [MODERATED] Re: Is: smack, Was:Re: spectrev1+ Dave Hansen
2018-06-08  8:51                                 ` Jiri Kosina
2018-06-09 12:28                                   ` Thomas Gleixner
2018-06-08 18:15                                 ` [MODERATED] " Josh Poimboeuf
2018-06-08 18:19                                   ` Andrew Cooper
2018-06-08 19:04                                     ` Josh Poimboeuf
2018-06-09 12:35                                 ` Thomas Gleixner
2018-06-07 18:00                       ` [MODERATED] spectrev1+ Jiri Kosina
2018-06-07 18:02                         ` Andrew Cooper
2018-06-12 17:00                 ` Jon Masters
2018-06-04 16:36         ` Josh Poimboeuf
2018-06-04 16:55           ` Peter Zijlstra
2018-06-04 17:02             ` Andrew Cooper
2018-06-04 18:53               ` Jiri Kosina
2018-06-04 19:07               ` Peter Zijlstra
2018-06-04 19:20                 ` Jiri Kosina
2018-06-04 20:33                 ` Jiri Kosina
2018-06-05  8:19                   ` Peter Zijlstra
2018-06-04 17:14             ` Josh Poimboeuf
2018-06-04 17:18               ` Dave Hansen
2018-06-04 17:36                 ` Josh Poimboeuf
2018-06-04 19:10                   ` Peter Zijlstra
2018-06-04 19:51                     ` Josh Poimboeuf
2018-06-05  1:09                       ` Jon Masters [this message]
2018-06-05  1:15                         ` Jon Masters

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d46a7249-1d3e-89fd-f7e2-8a8c82f12120@redhat.com \
    --to=jcm@redhat.com \
    --cc=speck@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.