From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 2CDCC4306E;
	Tue, 15 Aug 2023 11:21:00 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id ACC7F427E9;
	Tue, 15 Aug 2023 11:20:59 +0200 (CEST)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com
 [66.111.4.29]) by mails.dpdk.org (Postfix) with ESMTP id A6408406B6
 for <dev@dpdk.org>; Tue, 15 Aug 2023 11:20:57 +0200 (CEST)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
 by mailout.nyi.internal (Postfix) with ESMTP id 2541D5C00FD;
 Tue, 15 Aug 2023 05:20:55 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute2.internal (MEProxy); Tue, 15 Aug 2023 05:20:55 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=monjalon.net; h=
 cc:cc:content-transfer-encoding:content-type:content-type:date
 :date:from:from:in-reply-to:message-id:mime-version:reply-to
 :sender:subject:subject:to:to; s=fm1; t=1692091255; x=
 1692177655; bh=dgR7sW0IIz0z9y8tLEPTDzpGng4KwJbefPqi0GM77Cc=; b=c
 kwOvkfU/RAbB90OF0t+opTFnUOMM+Y/cJFhE2cuAJxALjtjpMckl2VDYt6to71qF
 E534K+BLp6laKs/olE0WlVZNnR4RwDP31sUXTFaOekHbvscz5LGU2zJTbjxzBNth
 yVP3CTsbmHS2PSkEvQj/FsAlt/K5DCeevU+qbo1YECNwAVe8r5z5rTOOUXRTPXqd
 ppTPQowwpFR8xPM6kzqH6G5AD79CxNGJXLOr+cfIdDMfNmeerR0MtTcSOJdUO8yT
 XwMVvRcEfULtG75eKcNzrMKv9JBDuadgWXpLqOC2pLzMefa2yiav1R22uWCISj1i
 m3jJGJLyOOMwsbbs4eUNQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:cc:content-transfer-encoding
 :content-type:content-type:date:date:feedback-id:feedback-id
 :from:from:in-reply-to:message-id:mime-version:reply-to:sender
 :subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender
 :x-me-sender:x-sasl-enc; s=fm1; t=1692091255; x=1692177655; bh=d
 gR7sW0IIz0z9y8tLEPTDzpGng4KwJbefPqi0GM77Cc=; b=DFy5D5W+KW0QX2wwu
 ac6d4Lq6UEGR8vvwAzb6ZftkUx//vC9P7QEJNYw6AoLBvGvUo7XSCEGitSxUdWqw
 6OmGibl4MuitP1UM3Kj3p4kUIxOsFffiCHt0mvjV87pnq/TqNrgVhCX70cqSaYxm
 wuBEPM6kCVhbWFGiUof3vpG8X9V8PbweslfjMViGfoKYKtEWe4t/TMTrohuzb57b
 A47Y8v71THqtxEG2J+/5akY4jDXze/1rlZ+ABlt7GMRo16GP8t8HUmEdTjF08ceY
 UldDDvoT/P39eoETMG8jXCu2GaY/oH0E/rzVbhxU1qZ8vAh72ehe4oX6sUM30O28
 RqjQQ==
X-ME-Sender: <xms:dkPbZMQhDooWwvXYwtTet3CTQ4x7Qg1Na-IRYIMTSV6wLZ0dQr9XAQ>
 <xme:dkPbZJyUANtpS4iPp_Pn14b3auz6LXisjAhv_nLwoSGstlp9JCxbINvqi7w4u2sBp
 clb4GUZgOMg2wwAQw>
X-ME-Received: <xmr:dkPbZJ3G8wNsOLLWYDhP7551DNseqDtkZvSQoArONBrJ2wNxL7W7vw-NgWE3HwmT-C3WRRyE5sGSKUbLEl2SCqKLQQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedruddtjedgudehucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhephffvvefufffkggfgtgesthfuredttddtvdenucfhrhhomhepvfhhohhmrghs
 ucfoohhnjhgrlhhonhcuoehthhhomhgrshesmhhonhhjrghlohhnrdhnvghtqeenucggtf
 frrghtthgvrhhnpeevvedvhefgieehhfduudfhhfdvieeiudffjeeujefhtefhkeevvedu
 ueegkeehheenucffohhmrghinhepughofihnfhgrlhhlrdhprghgvgenucevlhhushhtvg
 hrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehthhhomhgrshesmhhonhhj
 rghlohhnrdhnvght
X-ME-Proxy: <xmx:dkPbZAAL3DZ3JDxjruLuNZp9En9lDFojGTK4jjSXLd5c0kfZTtQM8g>
 <xmx:dkPbZFhz1m1-qls-D---2On1Ju1kCGlQYBG3_9HT8DJCm3nqWz_a-w>
 <xmx:dkPbZMrI9pWPVFFXmlEPYRKJ7mxoAFadbPBSgxgUofENGCmnLEujGQ>
 <xmx:d0PbZFcDY3VIpC-5V9GAuIkFON6cTet1mB7HchklBqKJDtP9wibbgA>
Feedback-ID: i47234305:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue,
 15 Aug 2023 05:20:53 -0400 (EDT)
From: Thomas Monjalon <thomas@monjalon.net>
To: Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>,
 Bruce Richardson <bruce.richardson@intel.com>, john.mcnamara@intel.com,
 anatoly.burakov@intel.com, ciara.power@intel.com
Cc: dev@dpdk.org
Subject: Intel Downfall mitigation
Date: Tue, 15 Aug 2023 11:20:50 +0200
Message-ID: <2884378.BEx9A2HvPv@thomas>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Hello all,

Regarding the vulnerability recently discovered on Intel AVX CPU:
	https://downfall.page/
Some microcode fixes are published by Intel.

Should we mitigate the vulnerability in DPDK as well?
In general, AVX512 is disabled by default in DPDK.
Other AVX sizes are enabled if possible.

The memcpy 512 is enabled at compilation only with RTE_MEMCPY_AVX512.
For now, there is no switch for other memcpy paths.

There is a method to disable most SIMD code at runtime.
>From the application before EAL init:
	rte_vect_set_max_simd_bitwidth(RTE_VECT_SIMD_DISABLED)
or from user input:
	--force-max-simd-bitwidth=64
As far as I know it will disable any SIMD code (including AVX)
in most code paths except for rte_memcpy().

Opinions, comments?