[SRU][Trusty][PULL] Cleanup Meltdown/Spectre implementation (LP: #1779848)

Juerg Haefliger juerg.haefliger at canonical.com
Thu Oct 18 10:22:57 UTC 2018


On Thu, 18 Oct 2018 11:47:02 +0200
Stefan Bader <stefan.bader at canonical.com> wrote:

> On 18.10.18 08:14, Juerg Haefliger wrote:
> > On Thu, 11 Oct 2018 09:49:33 +0200
> > Stefan Bader <stefan.bader at canonical.com> wrote:
> >   
> >> On 09.10.2018 15:37, Juerg Haefliger wrote:  
> >>> BugLink: https://bugs.launchpad.net/bugs/1779848
> >>>
> >>> == SRU Justification ==
> >>>
> >>> Ubuntu kernels contain Meltdown and Spectre mitigations that are
> >>> largely based on embargoed patches but what eventually landed in
> >>> upstream is different in some places. We should clean up the
> >>> different kernels to bring them closer in line with upstream.   
> >>
> >> The testing for this is as good as one can get. Just for clarity, I
> >> believe the main difference we had and possibly still have in some
> >> cases is the handling of IBRS/IBPB and how things are exposed as
> >> knobs to twiddle. How did you do those and (that might be for
> >> Tyler) do we have a somehow documented decision of the goal. I
> >> made some decision when working on Xenial and I fear those might
> >> be different than yours for the lack of guidance.  
> > 
> > Sorry, your reply slipped through the cracks. I'm not sure what you
> > mean. AFAIK our specific runtime control knobs and boottime options
> > and their implementations are identical for Trusty and Xenial. I
> > just rearranged things to integrate it more logically with all the
> > other modifications but there should be no functional changes.
> > These are the last 2 commits in the PR. As for testing those
> > changes, I just verified that I can twiddle the knobs as before and
> > that the kernel boots.  
> 
> OK, maybe its better than I feared. It is just very hard to keep
> track of things with other stuff going on in parallel. I just very
> vaguely remember that for Bionic/4.15 and possibly later, IBRS/IBPB
> was only decided based on cpu features while some of what we did
> there was an additional sysfs interface.

Yes, the sysfs knobs and noib{rs,pb} commandline options were part of
the embargoed patches but that never went upstream. We only have this in
Xenial 4.4 and Trusty 3.13. And since it's user exposed we probably
can't rip it out :-(

...Juerg

> -Stefan
> > 
> > ...Juerg
> >   
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20181018/18155954/attachment.sig>


More information about the kernel-team mailing list