From: "Singh, Balbir" <sblbir@amazon.com>
To: "keescook@chromium.org" <keescook@chromium.org>
Cc: "tglx@linutronix.de" <tglx@linutronix.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"tony.luck@intel.com" <tony.luck@intel.com>,
"benh@kernel.crashing.org" <benh@kernel.crashing.org>,
"jpoimboe@redhat.com" <jpoimboe@redhat.com>,
"x86@kernel.org" <x86@kernel.org>,
"dave.hansen@intel.com" <dave.hansen@intel.com>
Subject: Re: [PATCH v2 3/4] arch/x86: Optionally flush L1D on context switch
Date: Tue, 19 May 2020 23:41:23 +0000 [thread overview]
Message-ID: <1236b19be51d0d47ba73016b2bac352983107ce9.camel@amazon.com> (raw)
In-Reply-To: <202004071125.605F665@keescook>
On Tue, 2020-04-07 at 11:26 -0700, Kees Cook wrote:
>
>
> On Mon, Apr 06, 2020 at 01:19:45PM +1000, Balbir Singh wrote:
> > Implement a mechanism to selectively flush the L1D cache. The goal is to
> > allow tasks that are paranoid due to the recent snoop assisted data sampling
> > vulnerabilites, to flush their L1D on being switched out. This protects
> > their data from being snooped or leaked via side channels after the task
> > has context switched out.
> >
> > There are two scenarios we might want to protect against, a task leaving
> > the CPU with data still in L1D (which is the main concern of this patch),
> > the second scenario is a malicious task coming in (not so well trusted)
> > for which we want to clean up the cache before it starts. Only the case
> > for the former is addressed.
> >
> > Add arch specific prctl()'s to opt-in to the L1D cache on context switch
> > out, the existing mechanisms of tracking prev_mm via cpu_tlbstate is
> > reused. cond_ibpb() is refactored and renamed into cond_mitigation().
>
> I still think this should be a generic prctl(). If there is a strong
> reason not to do this, can it be described in the commit log here?
Kees, the context in the changelog might be misleading, the prctl is generic,
the implementation is arch specific as you can see from the following patches.
I can reword the change log, sorry for the confusion.
Balbir Singh.
next prev parent reply other threads:[~2020-05-19 23:41 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-06 3:19 [PATCH v2 0/4] arch/x86: Optionally flush L1D on context switch Balbir Singh
2020-04-06 3:19 ` [PATCH v2 1/4] arch/x86/kvm: Refactor l1d flush lifecycle management Balbir Singh
2020-04-07 18:21 ` Kees Cook
2020-04-06 3:19 ` [PATCH v2 2/4] arch/x86: Refactor tlbflush and l1d flush Balbir Singh
2020-04-07 18:25 ` Kees Cook
2020-04-08 0:22 ` Singh, Balbir
2020-04-06 3:19 ` [PATCH v2 3/4] arch/x86: Optionally flush L1D on context switch Balbir Singh
2020-04-07 18:26 ` Kees Cook
2020-04-07 23:37 ` Benjamin Herrenschmidt
2020-04-07 23:39 ` Singh, Balbir
2020-04-07 23:49 ` Thomas Gleixner
2020-05-19 23:41 ` Singh, Balbir [this message]
2020-04-07 23:52 ` Thomas Gleixner
2020-04-08 0:14 ` Singh, Balbir
2020-04-06 3:19 ` [PATCH v2 4/4] arch/x86: Add L1D flushing Documentation Balbir Singh
2020-05-19 15:39 ` Randy Dunlap
2020-05-20 0:47 ` Singh, Balbir
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1236b19be51d0d47ba73016b2bac352983107ce9.camel@amazon.com \
--to=sblbir@amazon.com \
--cc=benh@kernel.crashing.org \
--cc=dave.hansen@intel.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).