From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 2CDCC4306E; Tue, 15 Aug 2023 11:21:00 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id ACC7F427E9; Tue, 15 Aug 2023 11:20:59 +0200 (CEST) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) by mails.dpdk.org (Postfix) with ESMTP id A6408406B6 for ; Tue, 15 Aug 2023 11:20:57 +0200 (CEST) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 2541D5C00FD; Tue, 15 Aug 2023 05:20:55 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Tue, 15 Aug 2023 05:20:55 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=monjalon.net; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :sender:subject:subject:to:to; s=fm1; t=1692091255; x= 1692177655; bh=dgR7sW0IIz0z9y8tLEPTDzpGng4KwJbefPqi0GM77Cc=; b=c kwOvkfU/RAbB90OF0t+opTFnUOMM+Y/cJFhE2cuAJxALjtjpMckl2VDYt6to71qF E534K+BLp6laKs/olE0WlVZNnR4RwDP31sUXTFaOekHbvscz5LGU2zJTbjxzBNth yVP3CTsbmHS2PSkEvQj/FsAlt/K5DCeevU+qbo1YECNwAVe8r5z5rTOOUXRTPXqd ppTPQowwpFR8xPM6kzqH6G5AD79CxNGJXLOr+cfIdDMfNmeerR0MtTcSOJdUO8yT XwMVvRcEfULtG75eKcNzrMKv9JBDuadgWXpLqOC2pLzMefa2yiav1R22uWCISj1i m3jJGJLyOOMwsbbs4eUNQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:sender :subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1692091255; x=1692177655; bh=d gR7sW0IIz0z9y8tLEPTDzpGng4KwJbefPqi0GM77Cc=; b=DFy5D5W+KW0QX2wwu ac6d4Lq6UEGR8vvwAzb6ZftkUx//vC9P7QEJNYw6AoLBvGvUo7XSCEGitSxUdWqw 6OmGibl4MuitP1UM3Kj3p4kUIxOsFffiCHt0mvjV87pnq/TqNrgVhCX70cqSaYxm wuBEPM6kCVhbWFGiUof3vpG8X9V8PbweslfjMViGfoKYKtEWe4t/TMTrohuzb57b A47Y8v71THqtxEG2J+/5akY4jDXze/1rlZ+ABlt7GMRo16GP8t8HUmEdTjF08ceY UldDDvoT/P39eoETMG8jXCu2GaY/oH0E/rzVbhxU1qZ8vAh72ehe4oX6sUM30O28 RqjQQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedruddtjedgudehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkggfgtgesthfuredttddtvdenucfhrhhomhepvfhhohhmrghs ucfoohhnjhgrlhhonhcuoehthhhomhgrshesmhhonhhjrghlohhnrdhnvghtqeenucggtf frrghtthgvrhhnpeevvedvhefgieehhfduudfhhfdvieeiudffjeeujefhtefhkeevvedu ueegkeehheenucffohhmrghinhepughofihnfhgrlhhlrdhprghgvgenucevlhhushhtvg hrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehthhhomhgrshesmhhonhhj rghlohhnrdhnvght X-ME-Proxy: Feedback-ID: i47234305:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 15 Aug 2023 05:20:53 -0400 (EDT) From: Thomas Monjalon To: Konstantin Ananyev , Bruce Richardson , john.mcnamara@intel.com, anatoly.burakov@intel.com, ciara.power@intel.com Cc: dev@dpdk.org Subject: Intel Downfall mitigation Date: Tue, 15 Aug 2023 11:20:50 +0200 Message-ID: <2884378.BEx9A2HvPv@thomas> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Hello all, Regarding the vulnerability recently discovered on Intel AVX CPU: https://downfall.page/ Some microcode fixes are published by Intel. Should we mitigate the vulnerability in DPDK as well? In general, AVX512 is disabled by default in DPDK. Other AVX sizes are enabled if possible. The memcpy 512 is enabled at compilation only with RTE_MEMCPY_AVX512. For now, there is no switch for other memcpy paths. There is a method to disable most SIMD code at runtime. >From the application before EAL init: rte_vect_set_max_simd_bitwidth(RTE_VECT_SIMD_DISABLED) or from user input: --force-max-simd-bitwidth=64 As far as I know it will disable any SIMD code (including AVX) in most code paths except for rte_memcpy(). Opinions, comments?