linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Andy Lutomirski <luto@kernel.org>
To: "Chang S. Bae" <chang.seok.bae@intel.com>,
	linux-kernel@vger.kernel.org,
	the arch/x86 maintainers <x86@kernel.org>,
	Borislav Petkov <bp@alien8.de>,
	dave.hansen@intel.com, tony.luck@intel.com, ak@linux.intel.com
Cc: ravi.v.shankar@intel.com
Subject: Re: [PATCH v8 00/17] Enable FSGSBASE instructions
Date: Thu, 12 Sep 2019 21:10:44 -0700	[thread overview]
Message-ID: <034aaf3a-a93d-ec03-0bbd-068e1905b774@kernel.org> (raw)
In-Reply-To: <1568318818-4091-1-git-send-email-chang.seok.bae@intel.com>

On 9/12/19 1:06 PM, Chang S. Bae wrote:

> Updates from v7 [7]:
> (1) Consider FSGSBASE when determining which Spectre SWAPGS mitigations are
>      required.
> (2) Fixed save_fsgs() to be aware of interrupt conditions
> (3) Made selftest changes based on Andy's previous fixes and cleanups
> (4) Included Andy's paranoid exit cleanup
> (5) Included documentation rewritten by Thomas
> (6) Carried on Thomas' edits on multiple changelogs and comments
> (7) Used '[FS|GS] base' consistently, except for selftest where GSBASE has
>      been already used in its test messages
> (8) Dropped the READ_MSR_GSBASE macro
> 

This looks unpleasant to review.  I wonder if it would be better to 
unrevert the reversion, merge up to Linus' tree or -tip, and then base 
the changes on top of that.

I also think that, before this series can have my ack, it needs an 
actual gdb maintainer to chime in, publicly, and state that they have 
thought about and tested the ABI changes and that gdb still works on 
patched kernels with and without FSGSBASE enabled.  I realize that there 
were all kinds of discussions, but they were all quite theoretical, and 
I think that the actual patches need to be considered by people who 
understand the concerns.  Specific test cases would be nice, too.

Finally, I wrote up some notes here:

https://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git/commit/?h=x86/fixes&id=70a7d284989e3539ee84f9d709d6450099f773fb

I want to make sure that they're accounted for, and that patch should 
possibly be applied.  The parent (broken link, but should fix itself soon):

https://git.kernel.org/pub/scm/linux/kernel/git/luto/linux.git/commit/?h=x86/fixes&id=166324e907f8a71c823b41bbc2e1b5bc711532d8

may also help understand the relevant code.

--Andy

  parent reply	other threads:[~2019-09-13  4:11 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-12 20:06 [PATCH v8 00/17] Enable FSGSBASE instructions Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 01/17] x86/ptrace: Prevent ptrace from clearing the FS/GS selector Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 02/17] selftests/x86/fsgsbase: Test GS selector on ptracer-induced GS base write Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 03/17] x86/cpu: Add 'unsafe_fsgsbase' to enable CR4.FSGSBASE Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 04/17] x86/fsgsbase/64: Add intrinsics for FSGSBASE instructions Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 05/17] x86/fsgsbase/64: Enable FSGSBASE instructions in helper functions Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 06/17] x86/fsgsbase/64: Use FSGSBASE in switch_to() if available Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 07/17] x86/fsgsbase/64: Use FSGSBASE instructions on thread copy and ptrace Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 08/17] x86/entry/64: Clean up paranoid exit Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 09/17] x86/entry/64: Switch CR3 before SWAPGS in paranoid entry Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 10/17] x86/entry/64: Introduce the FIND_PERCPU_BASE macro Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 11/17] x86/entry/64: Handle FSGSBASE enabled paranoid entry/exit Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 12/17] x86/entry/64: Document GSBASE handling in the paranoid path Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 13/17] x86/speculation/swapgs: Check FSGSBASE in enabling SWAPGS mitigation Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 14/17] selftests/x86/fsgsbase: Test ptracer-induced GS base write with FSGSBASE Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 15/17] x86/fsgsbase/64: Enable FSGSBASE on 64bit by default and add a chicken bit Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 16/17] x86/elf: Enumerate kernel FSGSBASE capability in AT_HWCAP2 Chang S. Bae
2019-09-12 20:06 ` [PATCH v8 17/17] Documentation/x86/64: Add documentation for GS/FS addressing mode Chang S. Bae
2019-09-27 21:25   ` Randy Dunlap
2019-09-27 21:50     ` Bae, Chang Seok
2019-09-13  4:10 ` Andy Lutomirski [this message]
2019-09-16  9:21   ` [PATCH v8 00/17] Enable FSGSBASE instructions Thomas Gleixner
2019-09-18 21:02   ` Bae, Chang Seok

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=034aaf3a-a93d-ec03-0bbd-068e1905b774@kernel.org \
    --to=luto@kernel.org \
    --cc=ak@linux.intel.com \
    --cc=bp@alien8.de \
    --cc=chang.seok.bae@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ravi.v.shankar@intel.com \
    --cc=tony.luck@intel.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).