Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>, "Xing, Cedric" <cedric.xing@xxxxxxxxx>
Subject: Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
From: Dave Hansen <dave.hansen@xxxxxxxxx>
Date: Wed, 30 Sep 2020 14:46:05 -0700
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jethro Beekman <jethro@xxxxxxxxxxxx>, Sean Christopherson <sean.j.christopherson@xxxxxxxxx>, linux-sgx@xxxxxxxxxxxxxxx, x86@xxxxxxxxxx, Haitao Huang <haitao.huang@xxxxxxxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxxxxxx>
In-reply-to: <20200930213625.GA66129@linux.intel.com>
References: <20200930142017.GA49393@linux.intel.com> <112ad81e-16ab-d6e0-09e7-3658874434f7@intel.com> <20200930152806.GA52739@linux.intel.com> <20200930154349.GB32672@linux.intel.com> <17231664-3735-2d57-fbfa-9af838e224ab@intel.com> <f5021328-2fab-a404-108f-e28e26e6996c@fortanix.com> <cc222137-e488-c48a-ca66-000e74944eea@citrix.com> <20200930192541.GA60658@linux.intel.com> <741b45d0-3833-4e5d-5974-81634d1b55eb@intel.com> <20200930212214.GD65339@linux.intel.com> <20200930213625.GA66129@linux.intel.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0

On 9/30/20 2:36 PM, Jarkko Sakkinen wrote:
> 1. Full reptoline is the safest alternative and we have it done already.

I wouldn't feel _quite_ comfortable saying this.

LFENCEs have architecturally defined behavior.  Retpolines have zero
future guarantees in the architecture.  I'll take an LFENCE that (versus
a retpoline) is:

1. Less code
2. Never has to be patched
3. Never causes functional problems (like with CET)
4. Has architectural semantics

The only advantage retpolines offer is that they have a well-defined
mitigations on existing microarchitectures.

To me, an LFENCE is waaaaaaay "safer".

Follow-Ups:
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Jarkko Sakkinen

References:
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Jarkko Sakkinen
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Dave Hansen
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Jarkko Sakkinen
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Sean Christopherson
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Dave Hansen
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Jethro Beekman
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Andrew Cooper
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Jarkko Sakkinen
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Xing, Cedric
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Jarkko Sakkinen
- Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
  - From: Jarkko Sakkinen

Prev by Date: Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
Next by Date: Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
Previous by thread: Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
Next by thread: Re: [PATCH] x86/vdso: Remove retpoline from SGX vDSO call
Index(es):
- Date
- Thread

[Index of Archives] [AMD Graphics] [Linux USB Devel] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]