Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution

From: Peter Zijlstra
Date: Mon Jan 08 2018 - 05:09:26 EST

Next message: Thomas Gleixner: "Re: [tip:x86/pti] x86/cpu/AMD: Use LFENCE_RDTSC instead of MFENCE_RDTSC"
Previous message: Vinod Koul: "Re: [alsa-devel] [PATCH v7] regmap: Add SoundWire bus support"
Next in thread: Alan Cox: "Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 05, 2018 at 10:30:16PM -0800, Dan Williams wrote:
> On Fri, Jan 5, 2018 at 6:22 PM, Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote:
> > In at least one place (mpls) you are patching a fast path. Compile out
> > or don't load mpls by all means. But it is not acceptable to change the
> > fast path without even considering performance.
>
> Performance matters greatly, but I need help to identify a workload
> that is representative for this fast path to see what, if any, impact
> is incurred. Even better is a review that says "nope, 'index' is not
> subject to arbitrary userspace control at this point, drop the patch."

I think we're focussing a little too much on pure userspace. That is, we
should be saying under the attackers control. Inbound network packets
could equally be under the attackers control.

Sure, userspace is the most direct and highest bandwidth one, but I
think we should treat all (kernel) external values with the same
paranoia.

Next message: Thomas Gleixner: "Re: [tip:x86/pti] x86/cpu/AMD: Use LFENCE_RDTSC instead of MFENCE_RDTSC"
Previous message: Vinod Koul: "Re: [alsa-devel] [PATCH v7] regmap: Add SoundWire bus support"
Next in thread: Alan Cox: "Re: [PATCH 00/18] prevent bounds-check bypass via speculative execution"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]