[PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation

[PATCH 00/14] arm64 SSBD (aka Spectre-v4) mitigation · Marc Zyngier <hidden> · 2018-05-22
[PATCH 01/14] arm/arm64: smccc: Add SMCCC-specific return codes · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 01/14] arm/arm64: smccc: Add SMCCC-specific return codes · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 03/14] arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 03/14] arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 03/14] arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 06/14] arm64: ssbd: Add global mitigation state accessor · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 06/14] arm64: ssbd: Add global mitigation state accessor · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 06/14] arm64: ssbd: Add global mitigation state accessor · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 05/14] arm64: Add 'ssbd' command-line option · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Randy Dunlap <hidden> · 2018-05-22
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 05/14] arm64: Add 'ssbd' command-line option · Marc Zyngier <hidden> · 2018-05-24
[PATCH 07/14] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 07/14] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 07/14] arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Dominik Brodowski <linux@dominikbrodowski.net> · 2018-05-22
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 10/14] arm64: ssbd: Add prctl interface for per-thread mitigation · Will Deacon <hidden> · 2018-05-24
[PATCH 12/14] arm64: KVM: Add ARCH_WORKAROUND_2 support for guests · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 12/14] arm64: KVM: Add ARCH_WORKAROUND_2 support for guests · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 14/14] arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 14/14] arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 13/14] arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 13/14] arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 11/14] arm64: KVM: Add HYP per-cpu accessors · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 11/14] arm64: KVM: Add HYP per-cpu accessors · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Marc Zyngier <hidden> · 2018-05-24
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Will Deacon <hidden> · 2018-05-24
Re: [PATCH 09/14] arm64: ssbd: Introduce thread flag to control userspace mitigation · Marc Zyngier <hidden> · 2018-05-24
[PATCH 08/14] arm64: ssbd: Disable mitigation on CPU resume if required by user · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 08/14] arm64: ssbd: Disable mitigation on CPU resume if required by user · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 08/14] arm64: ssbd: Disable mitigation on CPU resume if required by user · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Suzuki K Poulose <Suzuki.Poulose@arm.com> · 2018-05-24
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Will Deacon <hidden> · 2018-05-24
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Suzuki K Poulose <Suzuki.Poulose@arm.com> · 2018-05-24
Re: [PATCH 04/14] arm64: Add ARCH_WORKAROUND_2 probing · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
[PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Marc Zyngier <hidden> · 2018-05-22
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Julien Grall <hidden> · 2018-05-23
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Robin Murphy <robin.murphy@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Mark Rutland <mark.rutland@arm.com> · 2018-05-24
Re: [PATCH 02/14] arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1 · Marc Zyngier <hidden> · 2018-05-24

From: Marc Zyngier <hidden>
Date: 2018-05-24 12:16:52
Also in: kvmarm, lkml

On 24/05/18 13:01, Mark Rutland wrote:

On Tue, May 22, 2018 at 04:06:43PM +0100, Marc Zyngier wrote:

quoted

In order to allow userspace to be mitigated on demand, let's
introduce a new thread flag that prevents the mitigation from
being turned off when exiting to userspace, and doesn't turn
it on on entry into the kernel (with the assumtion that the

Nit: s/assumtion/assumption/

quoted

mitigation is always enabled in the kernel itself).

This will be used by a prctl interface introduced in a later
patch.

Signed-off-by: Marc Zyngier <redacted>

On the assumption that this flag cannot be flipped while a task is in
userspace:

Well, that's the case unless you get into the seccomp thing, which does
change TIF_SSBD on all threads of the task, without taking it to the
kernel first. That nicely breaks the state machine, and you end-up
running non-mitigated in the kernel. Oops.

I have a couple of patches fixing that, using a second flag
(TIF_SSBD_PENDING) that gets turned into the real thing on exit to
userspace. It's pretty ugly though.

Thanks,

	M.
-- 
Jazz is not dead. It just smells funny...

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help