RE: [PATCH 0/7] IBRS patch series

From: Van De Ven, Arjan
Date: Fri Jan 05 2018 - 09:43:02 EST

Next message: Andrea Arcangeli: "Re: [PATCH 0/7] IBRS patch series"
Previous message: Petr Mladek: "Re: [PATCH 00/13] replace print_symbol() with printk()-s"
In reply to: David Woodhouse: "Re: [PATCH 0/7] IBRS patch series"
Next in thread: David Woodhouse: "Re: [PATCH 0/7] IBRS patch series"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > So long as the underlying binary satisfies the precondition that it
> > will not underflow its own RSB.
> >
> > Then we if we subsequently guarantee never to _reduce_ the number of
> > entries in its RSB at any point remote to its own execution, then the
> > precondition is preserved and underflow will not occur.
>
> The problem is that underflow can occur not only on a retpoline, but
> also on *any* bare ret.

that is not true though

yes there's NMIs and interrupts but those Paul managed.

the cases where underflow can happen are not infinite or unbound, but a specific set of causes as Paul already mentioned.

Now there is complexity in proving that all that is there, and if you're that paranoid, IBRS is certainly an option and the performance, while not nearly as good as retpoline, is not horrid either on Skylake.

This is why I said I would like to see retpoline be the default, with IBRS an opt-in for the paranoid. I guess David will turn that on ;-)

Next message: Andrea Arcangeli: "Re: [PATCH 0/7] IBRS patch series"
Previous message: Petr Mladek: "Re: [PATCH 00/13] replace print_symbol() with printk()-s"
In reply to: David Woodhouse: "Re: [PATCH 0/7] IBRS patch series"
Next in thread: David Woodhouse: "Re: [PATCH 0/7] IBRS patch series"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]