Re: STIBP by default.. Revert?

From: Andi Kleen
Date: Sun Nov 18 2018 - 18:57:59 EST

Next message: Andi Kleen: "Re: STIBP by default.. Revert?"
Previous message: Sergio Correia: "[PATCH] drm: restore is_master upon failure in drm_new_set_master()"
In reply to: Tim Chen: "Re: STIBP by default.. Revert?"
Next in thread: Tony Luck: "Re: STIBP by default.. Revert?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> writes:

> On Sun, Nov 18, 2018 at 2:17 PM Jiri Kosina <jikos@xxxxxxxxxx> wrote:
>> Which gets us back to Tim's fixup patch. Do you still prefer the revert,
>> given the existence of that?
>
> I don't think the code needs to be reverted, but the *behavior* of
> just unconditionally enabling STIBP needs to be reverted.

Actually I think it should be reverted. Yes of course opt-in
is needed.

But also when you opt-in it doesn't make sense to set STIBP
when the sibling is running the same security context, which
is actually a common case. So to even use it properly you would
need some scheduler support to detect these cases and only
enable it then with opt-in. These patches didn't even try to tackle
this problem.

-Andi

Next message: Andi Kleen: "Re: STIBP by default.. Revert?"
Previous message: Sergio Correia: "[PATCH] drm: restore is_master upon failure in drm_new_set_master()"
In reply to: Tim Chen: "Re: STIBP by default.. Revert?"
Next in thread: Tony Luck: "Re: STIBP by default.. Revert?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]