From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x224da0T3WA+QWvN6eK9POpvNhKYQzFAfV6Jx39aep8Nz32O6UCJihFqXU/04JYFcUj0Sytba ARC-Seal: i=1; a=rsa-sha256; t=1516905666; cv=none; d=google.com; s=arc-20160816; b=Hltn39wyBr6NWXq2V2cwfPjLWnRyVJh1PB5u9dxGr6hbkqukm7+trMPd4BqNdjT+8j dZoW98IwaEqw4E7zbor/qnxu/WDTXerS3XNqEVjLMwE1t336XsD6DFhyv+G3OCCM9XAn Ej8J2tg2mN/8oj6HoMe8BWyK+Hh5qs6vBXwPQBTqTLMInn8gumRIYVz1nbdniwwGDOed 2W1/cenARNt9q9SOw1FaK5lVnAOyiLzPH06cy1ZjxLNwXfTdZMU5JIJLln/AwTXS730g TPt1qH0yyeI/wFDN/M4r+Q1lhsGzzdt/utWwjeWid1ybxxxSUrMttJvJDmEfPZ89G+CF Yigg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:user-agent:references:message-id:in-reply-to:subject :cc:to:from:date:arc-authentication-results; bh=NHSUsFCEhAao+FMLrWG6wO7UjTEIvL+C5a61rHeqtGI=; b=fUr9/Pf/PanzKBMGTiED3clg71TGkm1Nml0v/wcbJ3et8g1paMOM3nCK2DtdUws7nb gIUbcYc4xAlykjlZvqJxWc4v0P4tIbhKDKidaA5EOZC7oHlL4HATj5HeAM6OkdGpxoaz 2C6ZLfOY2tOPlsrJtHIV/hfLSzZdbFaFxpnwqEt46tZFEsMo+/LDlSaSFG0s5Nr9iOWM 0bFVj+olpTGnZnQ7SgV7TYSdOnE7Vaey+35HibzJUlWzgrZJ9Ds/azJisG4BQ2nSMol7 e6ibZysate7sMB28Ng0QmGOwv3bdc66s4wUp5uxGMKyw+HtAhx+Rks3v6DV8v7FNg7H9 2JlQ== ARC-Authentication-Results: i=1; mx.google.com; spf=neutral (google.com: 195.135.220.15 is neither permitted nor denied by best guess record for domain of jikos@kernel.org) smtp.mailfrom=jikos@kernel.org Authentication-Results: mx.google.com; spf=neutral (google.com: 195.135.220.15 is neither permitted nor denied by best guess record for domain of jikos@kernel.org) smtp.mailfrom=jikos@kernel.org Date: Thu, 25 Jan 2018 19:41:03 +0100 (CET) From: Jiri Kosina To: Andy Lutomirski cc: David Woodhouse , Josh Poimboeuf , Borislav Petkov , Tim Chen , Paul Turner , Greg Kroah-Hartman , Dave Hansen , Ingo Molnar , Rik van Riel , Linus Torvalds , Andi Kleen , Kees Cook , Peter Zijlstra , Thomas Gleixner , "H. Peter Anvin" , LKML , linux-tip-commits@vger.kernel.org Subject: Re: [tip:x86/pti] x86/retpoline: Fill return stack buffer on vmexit In-Reply-To: Message-ID: References: <1515755487-8524-1-git-send-email-dwmw@amazon.co.uk> <20180125120743.ey32gvl5mjam4r2s@pd.tnic> <1516882849.30244.94.camel@infradead.org> <20180125124554.vdx7rrnfrxrzl2ng@pd.tnic> <20180125151024.bidjr26r667vs7h5@treble> <20180125155110.mw655b7fwgm7qqc7@pd.tnic> <1516896198.30244.133.camel@infradead.org> <20180125165646.ytc4upthpaqtwi45@treble> <1516899639.30244.145.camel@infradead.org> User-Agent: Alpine 2.21 (LSU 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1589334225298273984?= X-GMAIL-MSGID: =?utf-8?q?1590590876079760390?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: On Thu, 25 Jan 2018, Andy Lutomirski wrote: > Distros that use retpolines need their driver vendors to recompile no > matter what. Absolutely. Tainting a kernel, issuing a warning, or even voluntarily deciding to not load modules loaded without retpolines, that all sounds like reasonable aproaches. Artificially introducing kernel ABI breakage which is not there (as retpolines are fully compatible when it comes to ABI between modules and kernel ... the fact that it potentially brings non-retpolined indirect jump into the kernel is a security concent, but not ABI issue) sounds like a bad idea. Those two things (ABI and security concerns) are independent. > Distros that use IBRS and refuse to use retpolines should get put on a > list of "didn't actually adequately mitigate spectre". Oh absolutely, especially on archs where there is no IBRS. But how is this relevant to ABI? Thanks, -- Jiri Kosina SUSE Labs