On Wed, Jan 16, 2019 at 02:40:10PM -0500, David Long wrote:
On 1/16/19 2:33 PM, Greg KH wrote:
On Wed, Jan 16, 2019 at 02:27:13PM -0500, David Long wrote:
On 1/15/19 12:19 PM, Greg KH wrote:
On Tue, Jan 15, 2019 at 05:06:59PM +0000, Russell King - ARM Linux admin wrote:
On Tue, Jan 15, 2019 at 05:30:51PM +0100, Greg KH wrote:
On Tue, Jan 15, 2019 at 11:07:08AM -0500, David Long wrote: > On 1/15/19 10:45 AM, Greg KH wrote: > > On Thu, Jan 10, 2019 at 12:51:33PM -0500, David Long wrote: > > > From: "David A. Long" dave.long@linaro.org > > > > > > V4.14 backport of spectre patches from Russell M. King's spectre branch. > > > > If I take these, than 4.19 is vulnerable. So someone upgrading from > > 4.14 to 4.19 will regress :( > > > > Can you please send me a 4.19 series so I can apply that before this > > one? > > > > thanks, > > > > greg k-h > > > > > OK, didn't think about that being a problem. Working on it. Pretty sure > there's exactly one patch needed for that.
one? All of these except one showed up in 4.20 and were not backported to 4.19 from what I can tell. The last one is in 5.0-rc1 and not even backported to 4.20 either, which means someone messed up and didn't tag it properly with a cc: stable patch :(
My bad, I see now I was looking at v4.20 when I made that comment, not v4.19.
Or they didn't think it was important enough to warrant backporting.
Fair enough, then I have to ask why it's included in this series at all...
I've been backporting all "spectre" branch patches as kept in the linux-arm repo, with the assumption they're all important. If the last patch is not deemed worthy of going into stable now would be a good time to declare it so as I have patch sets for v4.19 and v4.9 stable versions about ready to publish.
Isn't it up to you to determine what is and is not important to get this all working properly? You are testing all of this, right? :)
It is all going through kernelci and a local kvm unit test.
That just tests if you didn't break anything, how are you testing that you really are mitigating the issue that you think you are fixing? What spectre-specific tests are you using to validate all of this?
The last patch in this set exists to fix a (apparently) non-critical regression in a security patch preceding it. How worried are we about patches to stable introducing regressions? My assumption was that this is a bad enough thing to be fixed, but maybe not.
You tell me, what is the result if that patch is not applied? Is it a bug? Performance issue? Documentation issue? Something else?
I understand why it was fixed (cleanups are good to do), but you need to determine if what the cleanup is doing is actually something that matters.
thanks,
greg k-h