Re: [PATCH v5 02/12] x86/retpoline: Add initial retpoline support

From: Andrew Cooper
Date: Sat Jan 06 2018 - 16:17:20 EST

Next message: Alexei Starovoitov: "Re: [PATCH 06/18] x86, barrier: stop speculation for failed access_ok"
Previous message: Daniel Borkmann: "Re: [PATCH bpf-next v5 2/4] libbpf: add error reporting in XDP"
In reply to: David Woodhouse: "Re: [PATCH v5 02/12] x86/retpoline: Add initial retpoline support"
Next in thread: Woodhouse, David: "Re: [PATCH v5 02/12] x86/retpoline: Add initial retpoline support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/01/18 11:49, David Woodhouse wrote:
> diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
> index 372ba3f..40e6e54 100644
> --- a/arch/x86/kernel/cpu/common.c
> +++ b/arch/x86/kernel/cpu/common.c
> @@ -904,6 +904,11 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
>
> setup_force_cpu_bug(X86_BUG_SPECTRE_V1);
> setup_force_cpu_bug(X86_BUG_SPECTRE_V2);
> +#ifdef CONFIG_RETPOLINE
> + setup_force_cpu_cap(X86_FEATURE_RETPOLINE);
> + if (c->x86_vendor == X86_VENDOR_AMD)
> + setup_force_cpu_cap(X86_FEATURE_RETPOLINE_AMD);

This isn't safe.Â It needs to be dependant on finding that LFENCEs are
actually dispatch serialising.

In particular, when virtualised, you'll most likely be saddled with the
hypervisors choice of setting, in which case you need to use retpoline
as a fallback.

~Andrew

> +#endif
>
> fpu__init_system(c);
>
>

Next message: Alexei Starovoitov: "Re: [PATCH 06/18] x86, barrier: stop speculation for failed access_ok"
Previous message: Daniel Borkmann: "Re: [PATCH bpf-next v5 2/4] libbpf: add error reporting in XDP"
In reply to: David Woodhouse: "Re: [PATCH v5 02/12] x86/retpoline: Add initial retpoline support"
Next in thread: Woodhouse, David: "Re: [PATCH v5 02/12] x86/retpoline: Add initial retpoline support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]