From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: ACJfBov8NmV7MED+rTRX45PiSkBT+PUB1abGzBRoCUTf5emoCau2NZDJr++lynGZwsrDTLpZHisg ARC-Seal: i=1; a=rsa-sha256; t=1515844534; cv=none; d=google.com; s=arc-20160816; b=Y4O5VocswKFulYC/NUxT2tCMzbJiJPwUIEGuB+W55UW45pye3hFow+iX/pYI/xrzzH NWZKWVfPaNePid+MKju2BSXzDd1cVE0Cu1CmyyzXoTmsRjWWa3++/ZscsUaAVppudwSQ TbSKJLSycYdeVlpUss9hoolyKCcD/Ovllp24cHhb85d0jLdaT6SGQcIUD643srsg0vix ZMdMDRv+lQqT8jlp5s6cujTzo/xhuIXGGAsh2m5mFYtKlL8M1UmhmApktW3QqB/fJtmG wPjAIv0ixAOJJM0M0eYy523ZRV/6dLwGHUZi7ftxvT2BVrilu1Q/TtIW8PY4k81uuZqT duPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=precedence:mime-version:accept-language:in-reply-to:references :message-id:date:thread-index:thread-topic:subject:cc:to:from :mime-version:dkim-signature:arc-authentication-results; bh=uVTpT6yyd/GBvJ1Nhza5mKukPyvJvqT0QjKwTBhmyA8=; b=MOgysMo8oR0o0trrnUV6JRVvqMpvbzmbog3clqweuU6FwwB4PLtIe77p8xrZgxYIGJ Efu7unymR5wXQGZWeg8sB3OGan6+6aM48nwV+ExgPuY2UiXvHRMVUSb7lgVeh+LE+hN6 I8N4ACAQahgSxWuR+umXnQeAkPCDZ4qWH8Or7HR3hcjrKLlZpl5JeNqpny3UwEeptlIZ DmSDfNbnxzFyas5y7kWhmMkFSCUl5XyaCYnogSCd7WZP56LiSVG12FUEAVT516rhuswF cBN+joiOdwChgSiVms+rA8HyF/IyUnn0FW3JS3jRadPY9vR/p6ZURDloUsERrVUFkan8 oKrA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=A5Y4wez9; spf=pass (google.com: domain of prvs=544830cdf=dwmw@amazon.co.uk designates 207.171.184.29 as permitted sender) smtp.mailfrom=prvs=544830cdf=dwmw@amazon.co.uk; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=A5Y4wez9; spf=pass (google.com: domain of prvs=544830cdf=dwmw@amazon.co.uk designates 207.171.184.29 as permitted sender) smtp.mailfrom=prvs=544830cdf=dwmw@amazon.co.uk; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk X-Amazon-filename: smime.p7s X-IronPort-AV: E=Sophos;i="5.46,353,1511827200"; d="p7s'?scan'208";a="586182061" Content-Type: multipart/mixed; boundary="===============2758191551248475519==" MIME-Version: 1.0 From: "Woodhouse, David" To: "tglx@linutronix.de" , "jpoimboe@redhat.com" CC: "linux-kernel@vger.kernel.org" , "peterz@infradead.org" , "arjan@linux.intel.com" , "mingo@kernel.org" , "torvalds@linux-foundation.org" , "tim.c.chen@linux.intel.com" , "ak@linux.intel.com" , "pjt@google.com" , "bp@alien8.de" , "dave.hansen@intel.com" , "jikos@kernel.org" , "thomas.lendacky@amd.com" , "gregkh@linux-foundation.org" Subject: Re: x86: Meltdown/Spectre_v2 status Thread-Topic: x86: Meltdown/Spectre_v2 status Thread-Index: AQHTi+6aYXVTkSIMTk68LGc36v0hVqNw1v4AgADb4AA= Date: Sat, 13 Jan 2018 11:55:17 +0000 Message-ID: <1515844512.22302.543.camel@amazon.co.uk> References: <20180112224814.q722naei5qs76bam@treble> In-Reply-To: <20180112224814.q722naei5qs76bam@treble> Accept-Language: en-GB, en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.43.62.4] MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1589424695695259505?= X-GMAIL-MSGID: =?utf-8?q?1589478198446972650?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: --===============2758191551248475519== Content-Language: en-US Content-Type: multipart/signed; micalg=sha-256; protocol="application/x-pkcs7-signature"; boundary="=-pgXL9TpYtwSji+XsJ0ok" --=-pgXL9TpYtwSji+XsJ0ok Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, 2018-01-12 at 16:48 -0600, Josh Poimboeuf wrote: > > =C2=A0 1) Meltdown is addressed > > =C2=A0 2) Retpoline mostly covered if we have working compilers some da= y=C2=A0 > > =C2=A0 3) RSB after vmexit and on context switch (pending) > >=20 > > plus the infrastructure and basic building blocks are in place. > >=20 > > That's what is going to be in 4.15 (unless Linus goes berserk on the pu= ll > > requests) To be clear: This doesn't include IBPB and thus userspace processes (and VM guests) are not protected from each other. But the attacks there are extremely hard to pull off, and I think we can live with that in the short term. IBPB does need to be next, but I think we're entirely correct to proceed without it for now. I just want to make sure we're clear about the status. > And for those who are curious (I was) it looks like the BPF variant 1 > fix has already been merged into Linus' tree. Great. I was going to check on that too. > Thomas, amazing job distilling some sanity out of the pandemonium. Indeed. Thank you, Thomas. FWIW we've done a backport of the sysfs/vulnerability and retpoline parts to 4.9, including cherry-picking a few earlier needed commits: http://git.infradead.org/retpoline-stable.git/shortlog/refs/heads/linux-4.9= .y Josh, I'd very much appreciate your eyes on my objtool-related backports =E2=80=94 both your retpoline-specific patches, as well as the .discard.* bits they depended on. Thanks. Bringing ASM_CALL_CONSTRAINT in as-is seemed like the same thing to do too. --=-pgXL9TpYtwSji+XsJ0ok Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCCEE4w ggUuMIIEFqADAgECAhEApEtL31g6H7ROXdOiQnA9RjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UE BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhl bnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwHhcNMTcxMjIxMDAwMDAwWhcNMTgxMjIxMjM1 OTU5WjAiMSAwHgYJKoZIhvcNAQkBFhFkd213QGFtYXpvbi5jby51azCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAKdGKgXuwKMg2r+i/4BZZC0ddRxNq3xIKTakie/VCSzoO7P17A36ZzUc VMEYPfqDt/65xoc6Tdih+qkY2pNDppZ1DZ8mVrAX6O2O60ZhmXB60wMoDvXPZInvkMOW4drqnje/ 7/NOypn/XQAY+ln4KT+3tHG3TfryyJFMedqC/r29KJlCeeCxIzdtq2j5mN42tvPVv4+p+Kr77uui GOASNdFJbNdgx7UGF+il6kRGSle17LJZKMgRiLJXYjECwnGwdfLdN5SINWD5IC3yXY8d14Bq6DyD jNts1DFw+SKhW8kVFYRZpv7TE3/42QJKQVL6YWka5T4EJO7AD3gy2ypRsd8CAwEAAaOCAecwggHj MB8GA1UdIwQYMBaAFIKvbIz4xf6WYXzoHz0rcUhexIvAMB0GA1UdDgQWBBT/vhvBExl2wDr8f50u b+0yzFyZRjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAgBgNVHSUEGTAXBggrBgEFBQcD BAYLKwYBBAGyMQEDBQIwEQYJYIZIAYb4QgEBBAQDAgUgMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQEC AQEBMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5uZXQvQ1BTMFoGA1UdHwRT MFEwT6BNoEuGSWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNsaWVudEF1dGhlbnRp Y2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmwwgYsGCCsGAQUFBwEBBH8wfTBVBggrBgEFBQcwAoZJ aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRT ZWN1cmVFbWFpbENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMBwG A1UdEQQVMBOBEWR3bXdAYW1hem9uLmNvLnVrMA0GCSqGSIb3DQEBCwUAA4IBAQCK2HofespbCaDu udwwfh8GxDpVUnVbZZVWScpZMxfYpXzLot7L6iZrr16oMQ+UOiDDAK6/D3+u2QN8u0lJ6yLKVmvh lGOzDywGsyG2Ohy8Dt5jcEK5sz84OsPtrRH7ahZHLxYPhWlUKOjOPN6sb9h6uMYlXmG/KmAr2rwF exN6Zrwh6YwF7ukuMs175YcNyYRdB8kVYq3WikfbTHOoRbJiu9Unw7LqnvPTfx+xUvD6aN2CKLtr mactWbk98swNgbI18UWjfEpugvAqw09CDLjeq7N1v0SkUkQEDqGSUE+hKFryTNXtZ6zOfl+MQfD8 U7T5oJa34DmWXK9+x7dl+MrqMIIFLjCCBBagAwIBAgIRAKRLS99YOh+0Tl3TokJwPUYwDQYJKoZI hvcNAQELBQAwgZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMT0wOwYDVQQDEzRDT01P RE8gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTE3MTIy MTAwMDAwMFoXDTE4MTIyMTIzNTk1OVowIjEgMB4GCSqGSIb3DQEJARYRZHdtd0BhbWF6b24uY28u dWswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnRioF7sCjINq/ov+AWWQtHXUcTat8 SCk2pInv1Qks6Duz9ewN+mc1HFTBGD36g7f+ucaHOk3YofqpGNqTQ6aWdQ2fJlawF+jtjutGYZlw etMDKA71z2SJ75DDluHa6p43v+/zTsqZ/10AGPpZ+Ck/t7Rxt0368siRTHnagv69vSiZQnngsSM3 bato+ZjeNrbz1b+Pqfiq++7rohjgEjXRSWzXYMe1BhfopepERkpXteyyWSjIEYiyV2IxAsJxsHXy 3TeUiDVg+SAt8l2PHdeAaug8g4zbbNQxcPkioVvJFRWEWab+0xN/+NkCSkFS+mFpGuU+BCTuwA94 MtsqUbHfAgMBAAGjggHnMIIB4zAfBgNVHSMEGDAWgBSCr2yM+MX+lmF86B89K3FIXsSLwDAdBgNV HQ4EFgQU/74bwRMZdsA6/H+dLm/tMsxcmUYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw IAYDVR0lBBkwFwYIKwYBBQUHAwQGCysGAQQBsjEBAwUCMBEGCWCGSAGG+EIBAQQEAwIFIDBGBgNV HSAEPzA9MDsGDCsGAQQBsjEBAgEBATArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21v ZG8ubmV0L0NQUzBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01P RE9SU0FDbGllbnRBdXRoZW50aWNhdGlvbmFuZFNlY3VyZUVtYWlsQ0EuY3JsMIGLBggrBgEFBQcB AQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNsaWVu dEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v Y3NwLmNvbW9kb2NhLmNvbTAcBgNVHREEFTATgRFkd213QGFtYXpvbi5jby51azANBgkqhkiG9w0B AQsFAAOCAQEAith6H3rKWwmg7rncMH4fBsQ6VVJ1W2WVVknKWTMX2KV8y6Ley+oma69eqDEPlDog wwCuvw9/rtkDfLtJSesiylZr4ZRjsw8sBrMhtjocvA7eY3BCubM/ODrD7a0R+2oWRy8WD4VpVCjo zjzerG/YerjGJV5hvypgK9q8BXsTema8IemMBe7pLjLNe+WHDcmEXQfJFWKt1opH20xzqEWyYrvV J8Oy6p7z038fsVLw+mjdgii7a5mnLVm5PfLMDYGyNfFFo3xKboLwKsNPQgy43quzdb9EpFJEBA6h klBPoSha8kzV7Weszn5fjEHw/FO0+aCWt+A5llyvfse3ZfjK6jCCBeYwggPOoAMCAQICEGqb4Tg7 /ytrnwHV2binUlYwDQYJKoZIhvcNAQEMBQAwgYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVh dGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1p dGVkMSswKQYDVQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDEx MDAwMDAwMFoXDTI4MDEwOTIzNTk1OVowgZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVy IE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVk MT0wOwYDVQQDEzRDT01PRE8gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVt YWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrOeV6wodnVAFsc4A5jTxhh2 IVDzJXkLTLWg0X06WD6cpzEup/Y0dtmEatrQPTRI5Or1u6zf+bGBSyD9aH95dDSmeny1nxdlYCeX IoymMv6pQHJGNcIDpFDIMypVpVSRsivlJTRENf+RKwrB6vcfWlP8dSsE3Rfywq09N0ZfxcBa39V0 wsGtkGWC+eQKiz4pBZYKjrc5NOpG9qrxpZxyb4o4yNNwTqzaaPpGRqXB7IMjtf7tTmU2jqPMLxFN e1VXj9XB1rHvbRikw8lBoNoSWY66nJN/VCJv5ym6Q0mdCbDKCMPybTjoNCQuelc0IAaO4nLUXk0B OSxSxt8kCvsUtQIDAQABo4IBPDCCATgwHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t7jiY7NkyMtQw HQYDVR0OBBYEFIKvbIz4xf6WYXzoHz0rcUhexIvAMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E CDAGAQH/AgEAMBEGA1UdIAQKMAgwBgYEVR0gADBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3Js LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEF BQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUFk ZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZI hvcNAQEMBQADggIBAHhcsoEoNE887l9Wzp+XVuyPomsX9vP2SQgG1NgvNc3fQP7TcePo7EIMERoh 42awGGsma65u/ITse2hKZHzT0CBxhuhb6txM1n/y78e/4ZOs0j8CGpfb+SJA3GaBQ+394k+z3ZBy WPQedXLL1OdK8aRINTsjk/H5Ns77zwbjOKkDamxlpZ4TKSDMKVmU/PUWNMKSTvtlenlxBhh7ETrN 543j/Q6qqgCWgWuMAXijnRglp9fyadqGOncjZjaaSOGTTFB+E2pvOUtY+hPebuPtTbq7vODqzCM6 ryEhNhzf+enm0zlpXK7q332nXttNtjv7VFNYG+I31gnMrwfHM5tdhYF/8v5UY5g2xANPECTQdu9v WPoqNSGDt87b3gXb1AiGGaI06vzgkejL580ul+9hz9D0S0U4jkhJiA7EuTecP/CFtR72uYRBcunw wH3fciPjviDDAI9SnC/2aPY8ydehzuZutLbZdRJ5PDEJM/1tyZR2niOYihZ+FCbtf3D9mB12D4ln 9icgc7CwaxpNSCPt8i/GqK2HsOgkL3VYnwtx7cJUmpvVdZ4ognzgXtgtdk3ShrtOS1iAN2ZBXFiR mjVzmehoMof06r1xub+85hFQzVxZx5/bRaTKTlL8YXLI8nAbR9HWdFqzcOoB/hxfEyIQpx9/s81r gzdEZOofSlZHynoSMYIDyjCCA8YCAQEwga0wgZcxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVh dGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1p dGVkMT0wOwYDVQQDEzRDT01PRE8gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJl IEVtYWlsIENBAhEApEtL31g6H7ROXdOiQnA9RjANBglghkgBZQMEAgEFAKCCAe0wGAYJKoZIhvcN AQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTgwMTEzMTE1NTEyWjAvBgkqhkiG9w0B CQQxIgQgdLgd54UGqfGxMemOrX6t/DvUCKHJhoov6DNQJwdOI34wgb4GCSsGAQQBgjcQBDGBsDCB rTCBlzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMH U2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0Eg Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0ECEQCkS0vfWDoftE5d06JC cD1GMIHABgsqhkiG9w0BCRACCzGBsKCBrTCBlzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0 ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0 ZWQxPTA7BgNVBAMTNENPTU9ETyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUg RW1haWwgQ0ECEQCkS0vfWDoftE5d06JCcD1GMA0GCSqGSIb3DQEBAQUABIIBAGazA1yLaPTEjRCY gzy2jB5Ci8EjimtwVthuRaqyQYl2dOrFrYC7H3Y0qk6j92iqfhV7zvc3Go5sZlXjmKPsTHxrVN4o AbdG5aSTiE50J1PTHc+6v6gP7lZkIccLeWT1QAYqv55tjDhaqgUyFBxelC53rizLB/KXU/nxuHR9 t4lu6z9tjIGHSjWUe2Y4Xx9lelH5Ft+LHa3r2Wc0CuLrUTP2PO3jlUtYWHQvR0x+ESs8sEBMXlII U4aX2ghS0WV6aPw1E+RmqhaoorEq7lrkRfA+9oISXAsFQO1KWcei+p8i5tU56NvsJfWPEZj+MnqP qsnTxRxVRnxE/r3xIhz35pIAAAAAAAA= --=-pgXL9TpYtwSji+XsJ0ok-- --===============2758191551248475519== Content-Type: multipart/alternative; boundary="===============4497132572168833135==" MIME-Version: 1.0 Content-Disposition: inline --===============4497132572168833135== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Amazon Web Services UK Limited. Registered in England and Wales with regist= ration number 08650665 and which has its registered office at 60 Holborn Vi= aduct, London EC1A 2FD, United Kingdom. --===============4497132572168833135== Content-Type: text/html; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Amazon Web Services UK Limited. Registered in England and Wales with regist= ration number 08650665 and which has its registered office at 60 Holborn Vi= aduct, London EC1A 2FD, United Kingdom. --===============4497132572168833135==-- --===============2758191551248475519==--