From: Andi Kleen <ak@linux.intel.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: [PATCH v3 00/32] MDSv3 12
Date: Thu, 10 Jan 2019 08:05:01 -0800 [thread overview]
Message-ID: <20190110160501.GY6118@tassilo.jf.intel.com> (raw)
In-Reply-To: <nycvar.YFH.7.76.1901100700300.6626@cbobk.fhfr.pm>
On Thu, Jan 10, 2019 at 07:01:21AM +0100, speck for Jiri Kosina wrote:
> On Wed, 9 Jan 2019, speck for Andi Kleen wrote:
>
> > The case that worried me is that with this we would end up with some
> > systems which are actually protected, but report vulnerable.
> >
> > So you could not simply say
> >
> > "If the sysfs file says you're vulnerable you're vulnerable"
> >
> > but would need
> >
> > "If the sysfs file says you're vulnerable, you're vulnerable except
> > <add some long paragraph of small print enumerating different
> > vmware and other hyper visor versions>"
> >
> > Doesn't seem like a clear message for me.
>
> Please see what I did for Meltdown and XenPV in commit 6cb2b08ff92. I
> believe something similar could be easily used there.
This is different because it doesn't require para virtualization.
For paravirtualization we are guaranteed that Linux knows
all cases and can enumerate them, and yes with that
it's possible to add ifs for the specific cases.
But VERW is not paravirtualized.
But for a non PV hypervisor there is no guarantee Linux even
knows about all the HyperVisors in existence (undoubtedly there
are many about which Linux has no clue of)
I don't think this is a scalable solution.
-Andi
next prev parent reply other threads:[~2019-01-10 16:05 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-21 0:27 [MODERATED] [PATCH v3 00/32] MDSv3 12 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 01/32] MDSv3 7 Andi Kleen
2019-01-09 17:38 ` [MODERATED] " Konrad Rzeszutek Wilk
2018-12-21 0:27 ` [MODERATED] [PATCH v3 02/32] MDSv3 22 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 03/32] MDSv3 5 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 04/32] MDSv3 3 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 05/32] MDSv3 0 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 06/32] MDSv3 8 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 07/32] MDSv3 21 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 08/32] MDSv3 15 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 09/32] MDSv3 10 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 10/32] MDSv3 11 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 11/32] MDSv3 29 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 12/32] MDSv3 19 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 13/32] MDSv3 6 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 14/32] MDSv3 28 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 15/32] MDSv3 27 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 16/32] MDSv3 4 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 17/32] MDSv3 13 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 18/32] MDSv3 32 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 19/32] MDSv3 16 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 20/32] MDSv3 24 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 21/32] MDSv3 25 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 22/32] MDSv3 23 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 23/32] MDSv3 31 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 24/32] MDSv3 30 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 25/32] MDSv3 9 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 26/32] MDSv3 14 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 27/32] MDSv3 18 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 28/32] MDSv3 20 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 29/32] MDSv3 26 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 30/32] MDSv3 17 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 31/32] MDSv3 1 Andi Kleen
2018-12-21 0:27 ` [MODERATED] [PATCH v3 32/32] MDSv3 2 Andi Kleen
2019-01-09 17:09 ` [MODERATED] Re: [PATCH v3 00/32] MDSv3 12 Linus Torvalds
2019-01-09 17:31 ` Andi Kleen
2019-01-09 17:38 ` Linus Torvalds
2019-01-09 18:06 ` Andi Kleen
2019-01-09 18:14 ` Linus Torvalds
2019-01-09 19:49 ` Andi Kleen
2019-01-09 17:18 ` Konrad Rzeszutek Wilk
2019-01-09 17:41 ` Andi Kleen
2019-01-09 18:09 ` Konrad Rzeszutek Wilk
2019-01-09 18:42 ` Andi Kleen
2019-01-09 17:35 ` Linus Torvalds
2019-01-09 18:14 ` Andi Kleen
2019-01-09 18:32 ` Linus Torvalds
2019-01-10 6:01 ` Jiri Kosina
2019-01-10 16:05 ` Andi Kleen [this message]
2019-01-09 17:39 ` Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190110160501.GY6118@tassilo.jf.intel.com \
--to=ak@linux.intel.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).