[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 for-4.18?] x86: support data operand independent timing mode

  • To: Julien Grall <julien@xxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 14 Sep 2023 13:01:09 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6oj7Tp7zoyvd889iuVla1qheRc4l4dymx+ihoCo03fI=; b=OMvcaQeY/dqVXwlhrsUyApbkgW6BA3EMN8M+FMhbrkb+eMb0Vqu7m+rNxcSmCpFIG+CGz+nG1lrDZcjfb+UCPp5oUFz1tn9yLTfDGc2b5KkoHWVSvRvFpU/u0GS3hWaLuu5OKjIcvV5TF4igaNGcTk7CxXsK6YV5G4G3vbpRp53qDP9vQY3clRR2FZnbQT4Lq4xRcYGYD3y88AsOky23hdLeqK9N6VKVTt/HB8L6XhT+FBI/XEkvGruzwQLtP1IHdJOWVjusIfIIP32HXIzsMZspkqQ3mTxpGD3tyW9mWucfQh2vKcn7ItdkrweouUKpSrJQMXEEY2G5PWDHpAkqRQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ROcyILzWH2WnrgJgNOtaT2752cVS9pYUVx1I7ibqDOHY1iu0QhwyI78evNJVI5O04QUHFsC1BfY08Z23b86ZEgdvOEyNGP5gWVx3Y/VDAm8a9heR2kh5Wu8C9At6p12ImW6IQE1ib+LkGdiFcVFqde8RD+2BPPRn05zMEWrTAIsqYdn+UFX2ejrrdzInCkdPNkOxac6kzeW/snxHMqxvebGSXrktfS0RCpWa5EhyPrlgA8aBVREdF/jW5R52ahAhdJOnIAykNzIXHwLk5uURhPcHSzUs5QOPU2tfbtTzVvcu/Nvpg3wA4A1Y/qqy98O9l7zE8U1atHzlHRKnhuIDGw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Demi Marie Obenour <demi@xxxxxxxxxxxxxxxxxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 14 Sep 2023 11:01:27 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 14.09.2023 11:18, Julien Grall wrote:
> On 14/09/2023 10:11, Jan Beulich wrote:
>> On 14.09.2023 11:04, Julien Grall wrote:
>>> On 14/09/2023 07:32, Jan Beulich wrote:
>>>> On 13.09.2023 19:56, Julien Grall wrote:
>>>>> If not, I think we should taint Xen and/or print a message if the admin
>>>>> requested to use DIT. This would make clear that the admin is trying to
>>>>> do something that doesn't work.
>>>>
>>>> Tainting Xen on all hardware not exposing the bit would seem entirely
>>>> unreasonable to me. If we learned of specific cases where the vendor
>>>> promises are broken, we could taint there, sure. I guess that would be
>>>> individual XSAs / CVEs then for each instance.
>>>
>>> ... we need to somehow let the user know that the HW it is running on
>>> may not honor DIT. Tainting might be a bit too harsh, but I think
>>> printing a
>>> message with warning_add() is necessary.
>>
>> But Intel's claim is that with the bit unavailable hardware behaves as
>> if DIT was in effect.
> 
> I am confused. Above, you suggested it cannot be guaranteed. So I 
> interpreted we don't know what's happening on any processor.

Right. We can trust vendors, or not.

> So where 
> you referring to...
> 
> 
>   Therefore you're still suggesting to emit a
>> warning on most of Intel's hardware and on all non-Intel one.
> 
> ... non-Intel HW?
> 
>> That's
>> going too far, imo.
> 
> We could restrict the warning to non-Intel platform.

That still goes too far imo. I'm not convinced we should cover for
vendor uncertainty here. We can't make a system any safer than its
hardware is, in this regard. We simply have no (or not enough)
influence on the internal workings of their pipelines.

What I have done is add a sentence to the command line option's
documentation:

"Note that enabling this option cannot guarantee anything beyond what
 underlying hardware guarantees (with, where available and known to Xen,
 respective tweaks applied)."

Plus I've further qualified the option:

### dit (x86/Intel)

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.