Re: [PATCH 4.14 00/17] V4.14 backport of more 32-bit arm spectre patches

[David Long <dave.long@xxxxxxxxxx>]

On 1/16/19 2:33 PM, Greg KH wrote:
> On Wed, Jan 16, 2019 at 02:27:13PM -0500, David Long wrote:
> > On 1/15/19 12:19 PM, Greg KH wrote:
> > > On Tue, Jan 15, 2019 at 05:06:59PM +0000, Russell King - ARM Linux admin wrote:
> > > > On Tue, Jan 15, 2019 at 05:30:51PM +0100, Greg KH wrote:
> > > > > On Tue, Jan 15, 2019 at 11:07:08AM -0500, David Long wrote:
> > > > > > On 1/15/19 10:45 AM, Greg KH wrote:
> > > > > > > On Thu, Jan 10, 2019 at 12:51:33PM -0500, David Long wrote:
> > > > > > > > From: "David A. Long" <dave.long@xxxxxxxxxx>
> > > > > > > >
> > > > > > > > V4.14 backport of spectre patches from Russell M. King's spectre branch.
> > > > > > >
> > > > > > > If I take these, than 4.19 is vulnerable.  So someone upgrading from
> > > > > > > 4.14 to 4.19 will regress :(
> > > > > > >
> > > > > > > Can you please send me a 4.19 series so I can apply that before this
> > > > > > > one?
> > > > > > >
> > > > > > > thanks,
> > > > > > >
> > > > > > > greg k-h
> > > > > >
> > > > > >
> > > > > > OK, didn't think about that being a problem. Working on it. Pretty sure
> > > > > > there's exactly one patch needed for that.
> > > > >
> > > > > one?  All of these except one showed up in 4.20 and were not backported
> > > > > to 4.19 from what I can tell.  The last one is in 5.0-rc1 and not even
> > > > > backported to 4.20 either, which means someone messed up and didn't tag
> > > > > it properly with a cc: stable patch :(
> >
> > My bad, I see now I was looking at v4.20 when I made that comment, not
> > v4.19.
> >
> > > > Or they didn't think it was important enough to warrant backporting.
> > >
> > > Fair enough, then I have to ask why it's included in this series at
> > > all...
> >
> > I've been backporting all "spectre" branch patches as kept in the linux-arm
> > repo, with the assumption they're all important. If the last patch is not
> > deemed worthy of going into stable now would be a good time to declare it so
> > as I have patch sets for v4.19 and v4.9 stable versions about ready to
> > publish.
>
> Isn't it up to you to determine what is and is not important to get this
> all working properly?  You are testing all of this, right?  :)

It is all going through kernelci and a local kvm unit test.

The last patch in this set exists to fix a (apparently) non-critical 
regression in a security patch preceding it.  How worried are we about 
patches to stable introducing regressions? My assumption was that this 
is a bad enough thing to be fixed, but maybe not.

> thanks,
>
> greg k-h

Thanks,
-dl