RFC: default to spec_store_bypass_disable=prctl spectre_v2_user=prctl

From: Andrea Arcangeli
Date: Wed Nov 04 2020 - 17:02:41 EST

Next message: Lars Povlsen: "[PATCH] HID: mcp2221: Fix GPIO output handling"
Previous message: Thomas Gleixner: "Re: [PATCH V2 00/10] PKS: Add Protection Keys Supervisor (PKS) support"
Next in thread: Kees Cook: "Re: RFC: default to spec_store_bypass_disable=prctl spectre_v2_user=prctl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

[ Given the CC list and your mention of spectre_v2_user=prctl is spot
on to show the badness... I spawned a new thread to suggest another
thing related to seccomp that I've been intending to suggest for
a while ]

On Tue, Nov 03, 2020 at 04:29:38PM -0800, Kees Cook wrote:
> I assume this is from Indirect Branch Prediction Barrier (IBPB) and
> Single Threaded Indirect Branch Prediction (STIBP) (which get enabled
> for threads under seccomp by default).
>
> Try booting with "spectre_v2_user=prctl"

We need to change the kernel default to
"spec_store_bypass_disable=prctl spectre_v2_user=prctl".

I've been recommending to everyone to use
"spec_store_bypass_disable=prctl spectre_v2_user=prctl" for a while
now. I already recommend to Yifei too a few months ago when he first
found out of the huge seccomp regression when he upgraded his codebase
to the upstream kernel with both STIBP/SSBD enabled in seccomp jails.

Here's below a tentative RFC, the code is actually trivial, if you
could help reviewing/improving the commit header it would be great.

Thanks,
Andrea

Next message: Lars Povlsen: "[PATCH] HID: mcp2221: Fix GPIO output handling"
Previous message: Thomas Gleixner: "Re: [PATCH V2 00/10] PKS: Add Protection Keys Supervisor (PKS) support"
Next in thread: Kees Cook: "Re: RFC: default to spec_store_bypass_disable=prctl spectre_v2_user=prctl"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]