From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x227cyuy1JMHAKhysYL00cNDkIKxovfZIreJJhWxiiBlt4+vmO/Q48CC/CcOTz4aL+My3ldTh ARC-Seal: i=1; a=rsa-sha256; t=1516748108; cv=none; d=google.com; s=arc-20160816; b=pAX4UoW3I0DrfEas1TtvwOA+xFuAuAmi36hDS2W1L8lZbLa3pH2Rg2ZX7NEkDKvNZC bK6RR30SaqotJaCc6GBu2PHbK0OpOyyEoeqIAmLb4tIOTaESx/GerFOMbkLqyqyuv378 1ZJES+TP4VpQbXYvybHE4++jR9Nw4mslOEkHTvsQPXVXtb4Pz71nvj8DoHDMjlfiBp/9 /dFvmjYCOjhnS6NKKlQgCuucb2w37dKlJ4Zqc8cxYSRVfU39ddefnxfyleL7N0od7s9/ lpGD5q+ZHVBa6Ugj49gwed4BQZAMH7tOM8zma7UqiUcypk9snmL5MORI0/K3lilimn+B LjXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:user-agent:references:message-id:in-reply-to:subject :cc:to:from:date:arc-authentication-results; bh=S78u017534zKfbsHsY9odGRbH2I/Upbr5X94ME9cWbw=; b=FFQwcU5wgcSL6rW478Q252dVUmh7VHWgnk8EWkBgjWUQIg5IIme5Hwf+UhIN8qfn/0 gGFBIQdphN9eOJT59pwVBGLMdhb5NbM+d0o8mEddU1sy6m27erHTUEtZP9oKSA/FoTjx uM2VaVmyyXiJpmc4skPi9Wbh4zYXoxJPMTuJEaLffP8CKPeDLBGZiffYU3/qCeIXp5AK Np2QXp4Pfp3x6lGzUZIjY7PwTAmSmFtvgoO3bhKv0eNr0pTUIgwotKaH547rH4hE7T6d hE8oWVuIqvS2YDq3bLccrl//naikE8Fg81pRKu50wN4f47OOnUV6DYO1cdN95AX1yMiA hWsg== ARC-Authentication-Results: i=1; mx.google.com; spf=neutral (google.com: 195.135.220.15 is neither permitted nor denied by best guess record for domain of jikos@kernel.org) smtp.mailfrom=jikos@kernel.org Authentication-Results: mx.google.com; spf=neutral (google.com: 195.135.220.15 is neither permitted nor denied by best guess record for domain of jikos@kernel.org) smtp.mailfrom=jikos@kernel.org Date: Tue, 23 Jan 2018 23:55:05 +0100 (CET) From: Jiri Kosina To: Borislav Petkov cc: David Woodhouse , Andi Kleen , Paul Turner , LKML , Linus Torvalds , Greg Kroah-Hartman , Tim Chen , Dave Hansen , Thomas Gleixner , Kees Cook , Rik van Riel , Peter Zijlstra , Andy Lutomirski , gnomes@lxorguk.ukuu.org.uk, x86@kernel.org, thomas.lendacky@amd.com, Josh Poimboeuf Subject: Re: [PATCH v8 04/12] x86/spectre: Add boot time option to select Spectre v2 mitigation In-Reply-To: <20180123224014.dsbzps4hydt6h7ed@pd.tnic> Message-ID: References: <1515707194-20531-1-git-send-email-dwmw@amazon.co.uk> <1515707194-20531-5-git-send-email-dwmw@amazon.co.uk> <20180123224014.dsbzps4hydt6h7ed@pd.tnic> User-Agent: Alpine 2.21 (LSU 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1589334464875796449?= X-GMAIL-MSGID: =?utf-8?q?1590425664836013673?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: On Tue, 23 Jan 2018, Borislav Petkov wrote: > > + mode = retp_compiler() ? SPECTRE_V2_RETPOLINE_GENERIC : > > + SPECTRE_V2_RETPOLINE_MINIMAL; > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > but that might not always be an option. I think we should start recording CFLAGS the kernel has been compiled with anyway; doesn't hurt and might come handy when debugging. /proc/version is probably not the best place ... /proc/cflags? > And it probably should be a more reliable method which we probably could > use to detect !retpolined modules too. That's the vermagic stuff Andi pushed. But that's not really acceptable for distros. Distros have always been in the situation "we let the external modules to load, as it'll work when it comes to functionality, but then it's our duty/responsibility to explain to 3rd parties that they *really* should recompile". Mostly because of security fixes to static inlines, but not only that. So that vermagic patch doesn't really help anything in real world (FWIW I've just dropped it from SLE kernel). "Potentially insecure" doesn't mean it shouldn't be loaded if the user wishes so. Only "functionally incorrect" (which is the kernel ABI compatibility check) should be the show stopper. -- Jiri Kosina SUSE Labs