From: "Richard Earnshaw (lists)" <Richard.Earnshaw@arm.com>
To: John David Anglin <dave.anglin@bell.net>, Jeff Law <law@redhat.com>
Cc: GCC Patches <gcc-patches@gcc.gnu.org>
Subject: Re: [PATCH 00/11] (v2) Mitigation against unsafe data speculation (CVE-2017-5753)
Date: Fri, 03 Aug 2018 09:06:00 -0000 [thread overview]
Message-ID: <619c1feb-f7fa-3865-8b45-405537e97f87@arm.com> (raw)
In-Reply-To: <1ed6a085-faf7-cfc0-af4a-7d4de8aeab46@bell.net>
On 02/08/18 21:19, John David Anglin wrote:
> On 2018-08-02 2:40 PM, Jeff Law wrote:
>> It's been eons.  I think there's enough building blocks on the PA to
>> mount a spectre v1 attack. They've got branch prediction with varying
>> degress of speculative execution, caches and user accessable cycle
>> timers.
> Yes.
>>
>> There's varying degrees of out of order execution all the way back in
>> the PA7xxx processors (hit-under-miss) to full o-o-o execution in the
>> PA8xxx series (including the PA8900 that's in the rp3440).
> However, as far as I know, loads and stores are always ordered.
>>
>> I suspect that given enough time we could figure out why the test didn't
>> indicate spectre v1 vulnerability on your system and twiddle it, but
>> given it's a dead processor, I doubt it's worth the effort.
> Spectre output looks like this:
> dave@mx3210:~/meltdown$ ./spectre
> Reading 40 bytes:
> Reading at malicious_x = 0xffffef10... Unclear: 0xFE='?' score=999Â Â Â
> (second best: 0xFC score=999)
> Reading at malicious_x = 0xffffef11... Unclear: 0xFC='?' score=999Â Â Â
> (second best: 0xFB score=999)
> Reading at malicious_x = 0xffffef12... Unclear: 0xFE='?' score=999Â Â Â
> (second best: 0xFC score=999)
>
> I don't think there's a suitable barrier. The sync instruction seems
> like overkill.
>
> So, I'm going to install attached change after testing is complete.
>
It's your call as port maintainers.
I've created a PR for each unfixed architecture. Please can you commit
the patch against that so that I can track things for back-porting.
Thanks,
R.
> Dave
>
>
> pa-spectre.d
>
>
> Index: config/pa/pa.c
> ===================================================================
> --- config/pa/pa.c (revision 263228)
> +++ config/pa/pa.c (working copy)
> @@ -428,6 +428,9 @@
> #undef TARGET_STARTING_FRAME_OFFSET
> #define TARGET_STARTING_FRAME_OFFSET pa_starting_frame_offset
>
> +#undef TARGET_HAVE_SPECULATION_SAFE_VALUE
> +#define TARGET_HAVE_SPECULATION_SAFE_VALUE speculation_safe_value_not_needed
> +
> struct gcc_target targetm = TARGET_INITIALIZER;
> \f
> /* Parse the -mfixed-range= option string. */
>
next prev parent reply other threads:[~2018-08-03 9:06 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-09 16:39 [PATCH 0/7] " Richard Earnshaw
2018-07-09 16:39 ` [PATCH 6/7] AArch64 - new pass to add conditional-branch speculation tracking Richard Earnshaw
2018-07-11 21:01 ` Jeff Law
2018-07-23 14:33 ` Richard Earnshaw (lists)
2018-07-24 21:31 ` Jeff Law
2018-07-09 16:39 ` [PATCH 1/7] Add __builtin_speculation_safe_value Richard Earnshaw
2018-07-23 14:28 ` Richard Earnshaw (lists)
2018-07-24 17:26 ` Richard Biener
2018-07-25 9:49 ` Richard Earnshaw (lists)
2018-07-25 10:36 ` Richard Biener
2018-07-25 12:41 ` Richard Earnshaw (lists)
2018-07-25 13:47 ` Richard Biener
2018-07-26 10:03 ` Richard Earnshaw (lists)
2018-07-26 12:41 ` Richard Biener
2018-07-26 13:06 ` Richard Earnshaw (lists)
2018-07-26 13:13 ` Richard Biener
2018-07-26 23:34 ` Joseph Myers
2018-07-27 0:46 ` Paul Koning
2018-07-27 8:59 ` Richard Earnshaw (lists)
2018-07-27 10:59 ` Joseph Myers
2018-07-25 18:03 ` Richard Earnshaw (lists)
2018-07-26 8:42 ` Richard Biener
2018-07-09 16:39 ` [PATCH 4/7] AArch64 - Add new option -mtrack-speculation Richard Earnshaw
2018-07-09 16:39 ` [PATCH 2/7] Arm - add speculation_barrier pattern Richard Earnshaw
2018-07-09 16:39 ` [PATCH 5/7] AArch64 - disable CB[N]Z TB[N]Z when tracking speculation Richard Earnshaw
2018-07-09 16:39 ` [PATCH 7/7] AArch64 - use CSDB based sequences if speculation tracking is enabled Richard Earnshaw
2018-07-09 16:39 ` [PATCH 3/7] AArch64 - add speculation barrier Richard Earnshaw
2018-07-09 23:13 ` [PATCH 0/7] Mitigation against unsafe data speculation (CVE-2017-5753) Jeff Law
2018-07-10 8:49 ` Richard Earnshaw (lists)
2018-07-10 13:48 ` Bill Schmidt
2018-07-10 14:14 ` Richard Earnshaw (lists)
2018-07-10 15:44 ` Jeff Law
2018-07-10 15:42 ` Jeff Law
2018-07-10 16:43 ` Richard Earnshaw (lists)
2018-07-11 20:47 ` Jeff Law
2018-07-11 22:31 ` Richard Earnshaw (lists)
2018-07-10 7:19 ` Richard Biener
2018-07-10 8:39 ` Richard Earnshaw (lists)
2018-07-10 10:10 ` Richard Biener
2018-07-10 10:53 ` Richard Earnshaw (lists)
2018-07-10 11:22 ` Richard Biener
2018-07-10 13:43 ` Richard Earnshaw (lists)
2018-07-10 15:56 ` Jeff Law
2018-07-27 9:38 ` [PATCH 00/11] (v2) " Richard Earnshaw
2018-07-27 9:38 ` [PATCH 11/11] rs6000 - add speculation_barrier pattern Richard Earnshaw
2018-07-31 22:01 ` Bill Schmidt
2018-07-31 23:31 ` Segher Boessenkool
2018-07-27 9:38 ` [PATCH 10/11] x86 " Richard Earnshaw
2018-07-28 8:25 ` Uros Bizjak
2018-07-31 23:15 ` H.J. Lu
2018-07-27 9:38 ` [PATCH 01/11] Add __builtin_speculation_safe_value Richard Earnshaw
2018-07-27 12:11 ` Nathan Sidwell
2018-07-27 12:32 ` Richard Earnshaw (lists)
2018-07-27 12:49 ` Nathan Sidwell
2018-07-27 12:53 ` Richard Earnshaw (lists)
2018-07-30 13:16 ` Richard Biener
2018-07-31 19:25 ` H.J. Lu
2018-07-31 20:51 ` Ian Lance Taylor via gcc-patches
2018-08-01 8:50 ` Richard Earnshaw (lists)
2018-08-01 8:54 ` Jakub Jelinek
2018-08-01 9:25 ` Richard Earnshaw (lists)
2018-07-27 9:38 ` [PATCH 07/11] AArch64 - use CSDB based sequences if speculation tracking is enabled Richard Earnshaw
2018-07-27 9:38 ` [PATCH 03/11] AArch64 - add speculation barrier Richard Earnshaw
2018-07-27 9:38 ` [PATCH 02/11] Arm - add speculation_barrier pattern Richard Earnshaw
2018-08-06 14:01 ` Christophe Lyon
2018-08-06 15:59 ` Richard Earnshaw (lists)
2018-07-27 9:38 ` [PATCH 05/11] AArch64 - disable CB[N]Z TB[N]Z when tracking speculation Richard Earnshaw
2018-07-27 9:38 ` [PATCH 04/11] AArch64 - Add new option -mtrack-speculation Richard Earnshaw
2018-07-27 9:38 ` [PATCH 06/11] AArch64 - new pass to add conditional-branch speculation tracking Richard Earnshaw
2018-07-27 9:38 ` [PATCH 08/11] targhooks - provide an alternative hook for targets that never execute speculatively Richard Earnshaw
2018-07-30 13:17 ` Richard Biener
2018-07-27 9:38 ` [PATCH 09/11] pdp11 - example of a port not needing a speculation barrier Richard Earnshaw
2018-07-27 13:27 ` Paul Koning
2018-07-27 15:19 ` Richard Biener
2018-07-27 19:49 ` [PATCH 00/11] (v2) Mitigation against unsafe data speculation (CVE-2017-5753) John David Anglin
2018-08-02 18:40 ` Jeff Law
2018-08-02 20:19 ` John David Anglin
2018-08-03 9:06 ` Richard Earnshaw (lists) [this message]
2018-08-06 21:52 ` John David Anglin
2018-08-07 14:05 ` Richard Earnshaw (lists)
2018-08-07 14:56 ` John David Anglin
2018-08-03 17:26 ` Jeff Law
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=619c1feb-f7fa-3865-8b45-405537e97f87@arm.com \
--to=richard.earnshaw@arm.com \
--cc=dave.anglin@bell.net \
--cc=gcc-patches@gcc.gnu.org \
--cc=law@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).