Date: Fri, 5 Jan 2018 00:00:29 +0100
From: Andrea Arcangeli <aarcange@redhat.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Tim Chen <tim.c.chen@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Andy Lutomirski <luto@kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Greg KH <gregkh@linuxfoundation.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Andi Kleen <ak@linux.intel.com>,
        Arjan Van De Ven <arjan.van.de.ven@intel.com>,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH 4/7] x86/idle: Disable IBRS entering idle and enable it
 on wakeup
Message-ID: <20180104230029.GZ13348@redhat.com>
References: <cover.1515086770.git.tim.c.chen@linux.intel.com>
 <50b92931dd3cd403d60e69533f5583bbdbbb88d0.1515086770.git.tim.c.chen@linux.intel.com>
 <20180104224731.GE32035@hirez.programming.kicks-ass.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180104224731.GE32035@hirez.programming.kicks-ass.net>
User-Agent: Mutt/1.9.2 (2017-12-15)
Sender: linux-kernel-owner@vger.kernel.org

On Thu, Jan 04, 2018 at 11:47:31PM +0100, Peter Zijlstra wrote:
> Argh.. no. Who is calling this with IRQs enabled? And why can't we frob
> the MSR with IRQs enabled? That comment doesn't seem to explain
> anything.

Why we can't is easy to explain, the irq handler would run in such
case and that isn't using save paranoid, it relies on KERNEL_CS and it
assumes IBRS already set.

The irqs_disabled() check can be dropped if you do enough verification
that it never happens. Initially it wasn't obvious the irq disabled
invariant would be always enforced from the multitude of callers it
has (and that varies on different codebases). I didn't want to deal
with such an occurrence and risk even more trouble. Later I did the
verifications and I dropped the irqs_disabled() too.

It should be possible to drop it but it generally doesn't hurt to
start more obviously safe and optimize it later.