Re: Avoid speculative indirect calls in kernel

From: Willy Tarreau
Date: Mon Jan 08 2018 - 11:53:59 EST

Next message: Michael Ellerman: "[PATCH 01/11] powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper"
Previous message: James Simmons: "Re: [PATCH 04/19] staging: lustre: discard cfs_time_seconds()"
In reply to: Borislav Petkov: "Re: Avoid speculative indirect calls in kernel"
Next in thread: Samir Bellabes: "Re: Avoid speculative indirect calls in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 08, 2018 at 05:22:41PM +0100, Borislav Petkov wrote:
> On Sun, Jan 07, 2018 at 11:10:38PM +0100, Willy Tarreau wrote:
> > I just want to be clear that the big drop some of us are facing is
> > not an option *at all* for certain processes in certain environments
> > and that we'll either continue to run with pti=off or with pti=on + a
> > finer grained setting ASAP.
>
> And that's all I'm saying: do pti=off in that case. The finer-grained
> "solution" is just silly.

I disagree because I want that, as much as possible, occasional
unprivileged local users can't exploit it. pti=off gives them full
access. The finer-grained solution ensures that only a few processes
share the same risk as the kernel as they work together to deliver
the service. And that's what I've implemented in a patch series I
sent in another thread :-)

https://www.mail-archive.com/linux-kernel@xxxxxxxxxxxxxxx/msg1580131.html

Cheers,
Willy

Next message: Michael Ellerman: "[PATCH 01/11] powerpc/pseries: Add H_GET_CPU_CHARACTERISTICS flags & wrapper"
Previous message: James Simmons: "Re: [PATCH 04/19] staging: lustre: discard cfs_time_seconds()"
In reply to: Borislav Petkov: "Re: Avoid speculative indirect calls in kernel"
Next in thread: Samir Bellabes: "Re: Avoid speculative indirect calls in kernel"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]