[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [RESEND] Spectre-v2 (IBPB/IBRS) and SSBD fixes for 4.4.y
- To: Jiri Kosina <jikos@xxxxxxxxxx>
- From: "Srivatsa S. Bhat" <srivatsa@xxxxxxxxxxxxx>
- Date: Tue, 24 Jul 2018 13:13:18 -0700
- Cc: Dave Hansen <dave@xxxxxxxx>, Wanpeng Li <kernellwp@xxxxxxxxx>, Andi Kleen <ak@xxxxxxxxxxxxxxx>, linux-tip-commits@xxxxxxxxxxxxxxx, Piotr Luc <piotr.luc@xxxxxxxxx>, Mel Gorman <mgorman@xxxxxxx>, arjan.van.de.ven@xxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx, Alexander Sergeyev <sergeev917@xxxxxxxxx>, Brian Gerst <brgerst@xxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, MickaëlSalaün <mic@xxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Joe Konno <joe.konno@xxxxxxxxxxxxxxx>, Laura Abbott <labbott@xxxxxxxxxxxxxxxxx>, Will Drewry <wad@xxxxxxxxxxxx>, gregkh@xxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, Jia Zhang <qianyue.zj@xxxxxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>, David Woodhouse <dwmw@xxxxxxxxxxxx>, KarimAllah Ahmed <karahmed@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, linux@xxxxxxxxxxxxxxxxxxxx, Bo Gan <ganb@xxxxxxxxxx>, Andrey Ryabinin <ryabinin.a.a@xxxxxxxxx>, Kristen Carlson Accardi <kristen@xxxxxxxxxxxxxxx>, Nadav Amit <nadav.amit@xxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Prarit Bhargava <prarit@xxxxxxxxxx>, Shuah Khan <shuahkh@xxxxxxxxxxxxxxx>, Ross Zwisler <ross.zwisler@xxxxxxxxxxxxxxx>, Borislav Petkov <bp@xxxxxxx>, Tom Lendacky <thomas.lendacky@xxxxxxx>, Rik van Riel <riel@xxxxxxxxxx>, Denys Vlasenko <dvlasenk@xxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Arjan van de Ven <arjan@xxxxxxxxxxxxxxx>, Tony Luck <tony.luck@xxxxxxxxx>, Vince Weaver <vincent.weaver@xxxxxxxxx>, Mike Galbraith <efault@xxxxxx>, Yazen Ghannam <Yazen.Ghannam@xxxxxxx>, Kyle Huey <me@xxxxxxxxxxxx>, Sherry Hurwitz <sherry.hurwitz@xxxxxxx>, Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx>, Thomas Garnier <thgarnie@xxxxxxxxxx>, gnomes@xxxxxxxxxxxxxxxxxxx, Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx>, Frederic Weisbecker <fweisbec@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, srivatsab@xxxxxxxxxx, ashok.raj@xxxxxxxxx, Jörg Otte <jrg.otte@xxxxxxxxx>, Jim Mattson <jmattson@xxxxxxxxxx>, Alexander Popov <alpopov@xxxxxxxxxxxxxx>, Fenghua Yu <fenghua.yu@xxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, Ricardo Neri <ricardo.neri-calderon@xxxxxxxxxxxxxxx>, Josh Triplett <josh@xxxxxxxxxxxxxxxx>, Steven Rostedt <rostedt@xxxxxxxxxxx>, Quentin Casasnovas <quentin.casasnovas@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Stephane Eranian <eranian@xxxxxxxxxx>, Dan Williams <dan.j.williams@xxxxxxxxx>, gregkh@xxxxxxxxxxxxxxxxxxxx, Kyle Huey <khuey@xxxxxxxxxxxx>, Oleg Nesterov <oleg@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxxxxxx>, "Kirill A. Shutemov" <kirill.shutemov@xxxxxxxxxxxxxxx>, kvm <kvm@xxxxxxxxxxxxxxx>, Krčmář <rkrcmar@xxxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Alexey Makhalov <amakhalov@xxxxxxxxxx>, linux-mm@xxxxxxxxx, "H. Peter Anvin" <hpa@xxxxxxxxx>, Jiri Olsa <jolsa@xxxxxxxxxx>, Alexander Kuleshov <kuleshovmail@xxxxxxxxx>, sironi@xxxxxxxxx, Joerg Roedel <joro@xxxxxxxxxx>, Jon Masters <jcm@xxxxxxxxxx>, Dave Young <dyoung@xxxxxxxxxx>, Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>, Josh Poimboeuf <jpoimboe@xxxxxxxxxx>, Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>, "Matt Helsley \(VMware\)" <matt.helsley@xxxxxxxxx>, linux-edac <linux-edac@xxxxxxxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, stable@xxxxxxxxxxxxxxx, Paolo Bonzini <pbonzini@xxxxxxxxxx>, David Woodhouse <dwmw2@xxxxxxxxxxxxx>
- Delivery-date: Tue, 24 Jul 2018 20:14:56 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 7/23/18 3:06 PM, Jiri Kosina wrote:
> On Sat, 14 Jul 2018, Srivatsa S. Bhat wrote:
>
>> This patch series is a backport of the Spectre-v2 fixes (IBPB/IBRS)
>> and patches for the Speculative Store Bypass vulnerability to 4.4.y
>> (they apply cleanly on top of 4.4.140).
>
> FWIW -- not sure how much inspiration you took from our SLE 4.4-based
> tree, but most of the stuff is already there for quite some time
> (including the non-upstream IBRS on kernel boundary on SKL+, trampoline
> stack for PTI (which the original port didn't have), etc).
>
> The IBRS SKL+ stuff has not been picked up by Greg, as it's non-upstream,
> and the trampoline stack I believe was pointed out to stable@, but noone
> really sat down and did the port (our codebase is different than 4.4.x
> stable base), but it definitely should be done if someone has to put 100%
> trust into the PTI port (either that, or at least zeroing out the kernel
> thread thread stack ... we used to have temporarily that before we
> switched over to proper entry trampoline in this version as well).
>
I did glance at the SLES 4.4 kernel sometime ago, but there seemed to
be way too many custom patches and I wasn't sure in what ways your
PTI/Spectre fixes depended on the other (x86) patches in your tree. So
I decided to backport entirely from the 4.9 stable tree instead. My
reasoning was that, since the 4.9 stable patches were trusted to work
well, their 4.4 backports should work well too, as long as they are
backported correctly.
However, if you are proposing that you'd like to contribute the
enhanced PTI/Spectre (upstream) patches from the SLES 4.4 tree to 4.4
stable, and have them merged instead of this patch series, then I
would certainly welcome it!
Regards,
Srivatsa
VMware Photon OS
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
