Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751210AbeADX0z (ORCPT + 1 other); Thu, 4 Jan 2018 18:26:55 -0500 Received: from mga09.intel.com ([134.134.136.24]:55502 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751029AbeADX0y (ORCPT ); Thu, 4 Jan 2018 18:26:54 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,316,1511856000"; d="scan'208";a="18314515" Subject: Re: [PATCH 6/7] x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature To: Peter Zijlstra Cc: Thomas Gleixner , Andy Lutomirski , Linus Torvalds , Greg KH , Dave Hansen , Andrea Arcangeli , Andi Kleen , Arjan Van De Ven , linux-kernel@vger.kernel.org References: <4d4b3752e8e533201c6983d8473eea95c747ea33.1515086770.git.tim.c.chen@linux.intel.com> <20180104225422.GG32035@hirez.programming.kicks-ass.net> From: Tim Chen Message-ID: Date: Thu, 4 Jan 2018 15:26:52 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0 MIME-Version: 1.0 In-Reply-To: <20180104225422.GG32035@hirez.programming.kicks-ass.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On 01/04/2018 02:54 PM, Peter Zijlstra wrote: > On Thu, Jan 04, 2018 at 09:56:47AM -0800, Tim Chen wrote: >> .macro ENABLE_IBRS >> - ALTERNATIVE "jmp 10f", "", X86_FEATURE_SPEC_CTRL >> + testl $SPEC_CTRL_IBRS_INUSE, spec_ctrl_ibrs >> + jz .Lskip_\@ >> + >> PUSH_MSR_REGS >> WRMSR_ASM $MSR_IA32_SPEC_CTRL, $SPEC_CTRL_FEATURE_ENABLE_IBRS >> POP_MSR_REGS >> -10: >> + >> + jmp .Ldone_\@ >> +.Lskip_\@: >> + /* >> + * prevent speculation beyond here as we could want to >> + * stop speculation by enabling IBRS >> + */ >> + lfence >> +.Ldone_\@: >> .endm > > > Yeah no. We have jump labels for this stuff. There is no reason what so > ever to do dynamic tests for a variable that _never_ changes. > Admin can change spec_ctrl_ibrs value at run time, or when we scan new microcode. So it doesn't often change, but it could. There may be time when the admin wants to run the system in a more secure mode, and time when it is okay to leave out IBRS. Tim