Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Hi Will, On Thursday, 18 January 2018 19:05:47 EET Will Deacon wrote: > On Thu, Jan 18, 2018 at 08:58:08AM -0800, Dan Williams wrote: > > On Thu, Jan 18, 2018 at 5:18 AM, Will Deacon wrote: > >> On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: > >>> On Thu, Jan 11, 2018 at 5:19 PM,

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Hi Will, On Thursday, 18 January 2018 19:05:47 EET Will Deacon wrote: > On Thu, Jan 18, 2018 at 08:58:08AM -0800, Dan Williams wrote: > > On Thu, Jan 18, 2018 at 5:18 AM, Will Deacon wrote: > >> On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: > >>> On Thu, Jan 11, 2018 at 5:19 PM,

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 18, 2018 at 08:58:08AM -0800, Dan Williams wrote: > On Thu, Jan 18, 2018 at 5:18 AM, Will Deacon wrote: > > On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: > >> On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds > >>

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 18, 2018 at 08:58:08AM -0800, Dan Williams wrote: > On Thu, Jan 18, 2018 at 5:18 AM, Will Deacon wrote: > > On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: > >> On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds > >> wrote: > >> > On Thu, Jan 11, 2018 at 4:46 PM, Dan

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 18, 2018 at 5:18 AM, Will Deacon wrote: > Hi Dan, Linus, > > On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: >> On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds >> wrote: >> > On Thu, Jan 11, 2018 at 4:46 PM, Dan

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 18, 2018 at 5:18 AM, Will Deacon wrote: > Hi Dan, Linus, > > On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: >> On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds >> wrote: >> > On Thu, Jan 11, 2018 at 4:46 PM, Dan Williams >> > wrote: >> >> >> >> This series

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Hi Dan, Linus, On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: > On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds > wrote: > > On Thu, Jan 11, 2018 at 4:46 PM, Dan Williams > > wrote: > >> > >> This series incorporates Mark

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Hi Dan, Linus, On Thu, Jan 11, 2018 at 05:41:08PM -0800, Dan Williams wrote: > On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds > wrote: > > On Thu, Jan 11, 2018 at 4:46 PM, Dan Williams > > wrote: > >> > >> This series incorporates Mark Rutland's latest ARM changes and adds > >> the x86

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Sat, Jan 13, 2018 at 10:51 AM, Linus Torvalds wrote: > On Fri, Jan 12, 2018 at 4:15 PM, Tony Luck wrote: > So your argument depends on "the uarch will actually run the code in > order if there are no events that block the pipeline". And

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Sat, Jan 13, 2018 at 10:51 AM, Linus Torvalds wrote: > On Fri, Jan 12, 2018 at 4:15 PM, Tony Luck wrote: > So your argument depends on "the uarch will actually run the code in > order if there are no events that block the pipeline". And might be bogus ... I'm a software person not a u-arch

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Fri, Jan 12, 2018 at 4:15 PM, Tony Luck wrote: > > Here there isn't any reason for speculation. The core has the > value of 'x' in a register and the upper bound encoded into the > "cmp" instruction. Both are right there, no waiting, no speculation. So this is an

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Fri, Jan 12, 2018 at 4:15 PM, Tony Luck wrote: > > Here there isn't any reason for speculation. The core has the > value of 'x' in a register and the upper bound encoded into the > "cmp" instruction. Both are right there, no waiting, no speculation. So this is an argument I haven't seen

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds wrote: > Should the array access in entry_SYSCALL_64_fastpath be made to use > the masking approach? That one has a bounds check for an inline constant. cmpq$__NR_syscall_max, %rax so should be safe. The

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds wrote: > Should the array access in entry_SYSCALL_64_fastpath be made to use > the masking approach? That one has a bounds check for an inline constant. cmpq$__NR_syscall_max, %rax so should be safe. The classic Spectre variant #1 code

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Do you think that the appropriate patches could be copied to the appropriate people please? On Thu, Jan 11, 2018 at 04:46:24PM -0800, Dan Williams wrote: > Changes since v1 [1]: > * fixup the ifence definition to use alternative_2 per recent AMD > changes in tip/x86/pti (Tom) > > * drop

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Do you think that the appropriate patches could be copied to the appropriate people please? On Thu, Jan 11, 2018 at 04:46:24PM -0800, Dan Williams wrote: > Changes since v1 [1]: > * fixup the ifence definition to use alternative_2 per recent AMD > changes in tip/x86/pti (Tom) > > * drop

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds wrote: > On Thu, Jan 11, 2018 at 4:46 PM, Dan Williams > wrote: >> >> This series incorporates Mark Rutland's latest ARM changes and adds >> the x86 specific implementation of

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 11, 2018 at 5:19 PM, Linus Torvalds wrote: > On Thu, Jan 11, 2018 at 4:46 PM, Dan Williams > wrote: >> >> This series incorporates Mark Rutland's latest ARM changes and adds >> the x86 specific implementation of 'ifence_array_ptr'. That ifence >> based approach is provided as an

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 11, 2018 at 4:46 PM, Dan Williams wrote: > > This series incorporates Mark Rutland's latest ARM changes and adds > the x86 specific implementation of 'ifence_array_ptr'. That ifence > based approach is provided as an opt-in fallback, but the default >

Re: [PATCH v2 00/19] prevent bounds-check bypass via speculative execution

On Thu, Jan 11, 2018 at 4:46 PM, Dan Williams wrote: > > This series incorporates Mark Rutland's latest ARM changes and adds > the x86 specific implementation of 'ifence_array_ptr'. That ifence > based approach is provided as an opt-in fallback, but the default > mitigation, '__array_ptr', uses a

[PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Changes since v1 [1]: * fixup the ifence definition to use alternative_2 per recent AMD changes in tip/x86/pti (Tom) * drop 'nospec_ptr' (Linus, Mark) * rename 'nospec_array_ptr' to 'array_ptr' (Alexei) * rename 'nospec_barrier' to 'ifence' (Peter, Ingo) * clean up occasions of 'variable

[PATCH v2 00/19] prevent bounds-check bypass via speculative execution

Changes since v1 [1]: * fixup the ifence definition to use alternative_2 per recent AMD changes in tip/x86/pti (Tom) * drop 'nospec_ptr' (Linus, Mark) * rename 'nospec_array_ptr' to 'array_ptr' (Alexei) * rename 'nospec_barrier' to 'ifence' (Peter, Ingo) * clean up occasions of 'variable