Re: Spectre mitigation doesn't seem to work at all?!

From: Peter Zijlstra
Date: Mon Jun 04 2018 - 04:15:12 EST

Next message: Zhenzhong Duan: "[PATCH] x86/microcode/intel: Ensure new microcode processor flags match with cpu's pf"
Previous message: Yisheng Xie: "Re: [PATCH v2 02/21] mfd: omap-usb-host: use match_string() helper"
In reply to: Thomas Gleixner: "Re: Spectre mitigation doesn't seem to work at all?!"
Next in thread: Andreas Hartmann: "Re: Spectre mitigation doesn't seem to work at all?!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 01, 2018 at 02:19:38PM +0200, Andreas Hartmann wrote:

> I tested the spectre mitigation of different machines and kernels with
> https://github.com/crozone/SpectrePoC
>
> You can see the results below.

> My question: Did I miss something?

Yes.

> Build: ... INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED
> Build: ... INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED
> Build: ... INTEL_MITIGATION_DISABLED LINUX_KERNEL_MITIGATION_DISABLED

^^^^^^^^ ^^^^^^^^

The POC is a v1 on itself. V1 needs to be fixed for every individual
executable (worse, for every individual location in the code, and we're
still finding them). The kernel mitigation status for v1 only indicates
the kernel itself has mitigations (for some locations).

The POC is meant to test effectiveness of these mitigations, either the
original LFENCE or the dependent instruction thing, but you have to
enable one or the other.

Next message: Zhenzhong Duan: "[PATCH] x86/microcode/intel: Ensure new microcode processor flags match with cpu's pf"
Previous message: Yisheng Xie: "Re: [PATCH v2 02/21] mfd: omap-usb-host: use match_string() helper"
In reply to: Thomas Gleixner: "Re: Spectre mitigation doesn't seem to work at all?!"
Next in thread: Andreas Hartmann: "Re: Spectre mitigation doesn't seem to work at all?!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]