From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.6 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 79E88C43465 for ; Fri, 18 Sep 2020 21:08:44 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id F0801221EC for ; Fri, 18 Sep 2020 21:08:43 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="COcuUjQK" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F0801221EC Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 7A3816B0093; Fri, 18 Sep 2020 17:08:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7546B8E0001; Fri, 18 Sep 2020 17:08:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6685B6B0096; Fri, 18 Sep 2020 17:08:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0165.hostedemail.com [216.40.44.165]) by kanga.kvack.org (Postfix) with ESMTP id 51BE86B0093 for ; Fri, 18 Sep 2020 17:08:43 -0400 (EDT) Received: from smtpin05.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 13A07180AD807 for ; Fri, 18 Sep 2020 21:08:43 +0000 (UTC) X-FDA: 77277421326.05.party57_280f4f02712e Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin05.hostedemail.com (Postfix) with ESMTP id E9B4F1801610B for ; Fri, 18 Sep 2020 21:08:42 +0000 (UTC) X-HE-Tag: party57_280f4f02712e X-Filterd-Recvd-Size: 6177 Received: from mail-il1-f193.google.com (mail-il1-f193.google.com [209.85.166.193]) by imf41.hostedemail.com (Postfix) with ESMTP for ; Fri, 18 Sep 2020 21:08:42 +0000 (UTC) Received: by mail-il1-f193.google.com with SMTP id t18so7692806ilp.5 for ; Fri, 18 Sep 2020 14:08:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=w+JRBudUXUwvhqWVD0MYK11LyJ0UI5c0AJ1zYb0I180=; b=COcuUjQKCDlxz7P+q4njzvsBKQTbn10AHmBYf8JO+acP1tpubCco3zjeXuqVPZwPJh HVv6c4k+SRu1ZGz5olK0H/NuLJoEmr8aupTuMU2dEgwGZkUzBg/PnM4dLRpyzLF3vOFw F/UXet7zP/niFPvLImNwwbYsTXI4Qt8tRV37wR5IFmq5bIjuW1po8xRNKoz2zLTLdTSw k2QGytd4NWpYwi9O/IGV3sU0LkYz/J6Oo1ZKJ8GGLQz7yQ4Tw2v/prTxK4ulQQL/RM+e Cg+zpkArA+WJ+1D2KOOb4f2XDlQK+ZZaOJmmgqY77d/utgEM9990u1DP3PIcX7wVT0Rc At2Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=w+JRBudUXUwvhqWVD0MYK11LyJ0UI5c0AJ1zYb0I180=; b=WU2j2eQsOawlxhzScSJD4Z3whPY6r4lsHIXik9jd9oglY03yOxroOW6G8Gfu5xe/9j WFvO5nvrriWNzfkgfPvB9fcUPbZB+0cqauKM7VMPsHdrn0pje4ZRuRV3QF8NvD0nuofS sQKc0C3nbtW/bQc8J8Of+3lwZtA16I4mehEqCwcw9dbhrBvB0T5Z0EjV98VoAIKrY72D qwANFXa3F2NW0r+3j8QfhCssCFe837aq2h9NMpBL7LzP+SK4yTl2PQ+o8MioiUuUOCJb cyblNXUqPLpPFcv8a2FBm9S9zXSslKTo+UTOaWRu3Z9FX5xj0ekCeVD2YO7LmXdP+zVv F9hw== X-Gm-Message-State: AOAM530xzLZ89rh+U2HpmKJyfNxJue/xpN4tk9n1zhd6b3/AXGAJ/qHz qicd2szN/NMOD32jmE3HfQ0RnG3WUC76EDXZppM= X-Google-Smtp-Source: ABdhPJxZEQXrubgajxh6S5Fs6RVJhmLJ7t/k8ApKr0k10nzDecVw17zd5aRBfJHb+XbqUoMEG9knzYtSnzOXtRQvBu4= X-Received: by 2002:a92:6a09:: with SMTP id f9mr31765508ilc.273.1600463321963; Fri, 18 Sep 2020 14:08:41 -0700 (PDT) MIME-Version: 1.0 References: <20200918192312.25978-1-yu-cheng.yu@intel.com> <20200918192312.25978-2-yu-cheng.yu@intel.com> <20200918205933.GB4304@duo.ucw.cz> In-Reply-To: <20200918205933.GB4304@duo.ucw.cz> From: "H.J. Lu" Date: Fri, 18 Sep 2020 14:08:06 -0700 Message-ID: Subject: Re: [PATCH v12 1/8] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking To: Pavel Machek Cc: Randy Dunlap , Yu-cheng Yu , "the arch/x86 maintainers" , "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , LKML , "open list:DOCUMENTATION" , Linux-MM , linux-arch , Linux API , Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , Jann Horn , Jonathan Corbet , Kees Cook , Mike Kravetz , Nadav Amit , Oleg Nesterov , Peter Zijlstra , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , Weijiang Yang Content-Type: text/plain; charset="UTF-8" X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Sep 18, 2020 at 1:59 PM Pavel Machek wrote: > > On Fri 2020-09-18 13:24:13, Randy Dunlap wrote: > > Hi, > > > > If you do another version of this: > > > > On 9/18/20 12:23 PM, Yu-cheng Yu wrote: > > > Introduce Kconfig option X86_INTEL_BRANCH_TRACKING_USER. > > > > > > Indirect Branch Tracking (IBT) provides protection against CALL-/JMP- > > > oriented programming attacks. It is active when the kernel has this > > > feature enabled, and the processor and the application support it. > > > When this feature is enabled, legacy non-IBT applications continue to > > > work, but without IBT protection. > > > > > > Signed-off-by: Yu-cheng Yu > > > --- > > > v10: > > > - Change build-time CET check to config depends on. > > > > > > arch/x86/Kconfig | 16 ++++++++++++++++ > > > 1 file changed, 16 insertions(+) > > > > > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > > > index 6b6dad011763..b047e0a8d1c2 100644 > > > --- a/arch/x86/Kconfig > > > +++ b/arch/x86/Kconfig > > > @@ -1963,6 +1963,22 @@ config X86_INTEL_SHADOW_STACK_USER > > > > > > If unsure, say y. > > > > > > +config X86_INTEL_BRANCH_TRACKING_USER > > > + prompt "Intel Indirect Branch Tracking for user-mode" > > > + def_bool n > > > + depends on CPU_SUP_INTEL && X86_64 > > > + depends on $(cc-option,-fcf-protection) > > > + select X86_INTEL_CET > > > + help > > > + Indirect Branch Tracking (IBT) provides protection against > > > + CALL-/JMP-oriented programming attacks. It is active when > > > + the kernel has this feature enabled, and the processor and > > > + the application support it. When this feature is enabled, > > > + legacy non-IBT applications continue to work, but without > > > + IBT protection. > > > + > > > + If unsure, say y > > > > If unsure, say y. > > Actually, it would be "If unsure, say Y.", to be consistent with the > rest of the Kconfig. > > But I wonder if Yes by default is good idea. Only very new CPUs will > support this, right? Are they even available at the market? Should the > help text say "if your CPU is Whatever Lake or newer, ...." :-) ? > CET enabled kernel runs on all x86-64 processors. All my machines are running the same CET enabled kernel binary. -- H.J.