Received: by 10.223.176.46 with SMTP id f43csp1125396wra;
        Sat, 20 Jan 2018 11:25:32 -0800 (PST)
X-Google-Smtp-Source: AH8x2242JS8hRqXVJGyjgsBK4UXBUGX0AXDmHjJdotLY2dT5HFnCaQKhUrBy6Dw4K1cs9Fqw8O5A
X-Received: by 10.99.56.18 with SMTP id f18mr2741280pga.438.1516476332620;
        Sat, 20 Jan 2018 11:25:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516476332; cv=none;
        d=google.com; s=arc-20160816;
        b=M9+r9unIaxXZWEUAVaEK/nL0saZwOx+ESpkdkk2cwl45iC+HRl4V3KOB6opwi0U0/X
         ol3dhFZsaZWK+5fbkE5+snXGhimqg+4h/8hRY/opeHBt6LlfASUGJwBpbVPM0cPN+o32
         ibxTXPXLmlpLDcVh1p8Y1a0gOafbSsFVWZT7K4TAqbe0/ILU1y2O1Tvmau3w/38KgAx+
         4HvcKN0eKgw1SLIlN+Kl7ZxAS/Tlcr//lnm/KeCH89zDtlIRAMhta1X5KAB/zK0vt8M5
         bvb+Wyg6fyv1Jq3AjBVC0F3fOCO7gofM3HsebwhRqEDsS09E2oEazxr0ZbFkDIbSeTsN
         G4sg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature
         :arc-authentication-results;
        bh=qD66IVTN2xAui9VTSC/NLrV3jxzxyCjSKrpmg9COAv4=;
        b=BHfnxd5lDndhkpI3nVdhDVsLIGWhO+e0H1UqwQZ77dOdiyQbE5PwU97eXMJ8SVJ6G/
         +TqT2RbpMMHUqv63+vvnvmXkL72KUwXJMJt00lvFSggHpj/f64fk1o1yp/f7zAmsdNHh
         JvZ95T/Zk+E22x9cM6T/lSCQqkSu9tv9Zi/9cqjxeEU9I0Fs3ids5adfx07xpd+y7oXb
         1DrsZmmk/PqvTkXHTl1vNFoYpRwjmRiJRzA+d5pjstoGeAArw2T34CjVjhNCF5sMRsZ+
         UWT4z05wiyQkfzrtq6zdJwSXxPq0UBUAyns9s9YwW1eOOVyTwpuNS3d70YH3QLkyrh7y
         FvSQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=e08FulhM;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z7si5833777pfa.360.2018.01.20.11.24.45;
        Sat, 20 Jan 2018 11:25:32 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=e08FulhM;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932503AbeATTXn (ORCPT <rfc822;mahoosoft4you@gmail.com>
        + 99 others); Sat, 20 Jan 2018 14:23:43 -0500
Received: from smtp-fw-4101.amazon.com ([72.21.198.25]:57033 "EHLO
        smtp-fw-4101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932182AbeATTXi (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 20 Jan 2018 14:23:38 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209;
  t=1516476218; x=1548012218;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=qD66IVTN2xAui9VTSC/NLrV3jxzxyCjSKrpmg9COAv4=;
  b=e08FulhMxl2Fo9wTJ7bDDS/apifD9qjGQi/WakpA1ZeYno31/tV00RWn
   sPNacy0GrN7yKSo+PxqhEXObQPf2NDoIi1sIwcvENZo1eoQE1KaLcmUEi
   8WnPvWzhSPDhtfgIY0R0DFmVTQ+GvkXjO9dgubN1pfy6wNSjmU2v6TYGA
   4=;
X-IronPort-AV: E=Sophos;i="5.46,387,1511827200"; 
   d="scan'208";a="704529209"
Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-1a-715bee71.us-east-1.amazon.com) ([10.124.125.6])
  by smtp-border-fw-out-4101.iad4.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 20 Jan 2018 19:23:30 +0000
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (iad1-ws-svc-lb91-vlan2.amazon.com [10.0.103.146])
        by email-inbound-relay-1a-715bee71.us-east-1.amazon.com (8.14.7/8.14.7) with ESMTP id w0KJNGC9128300
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
        Sat, 20 Jan 2018 19:23:18 GMT
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (localhost [127.0.0.1])
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Debian-3) with ESMTP id w0KJNCQj005235;
        Sat, 20 Jan 2018 20:23:12 +0100
Received: (from karahmed@localhost)
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Submit) id w0KJN9xm005232;
        Sat, 20 Jan 2018 20:23:09 +0100
From:   KarimAllah Ahmed <karahmed@amazon.de>
To:     linux-kernel@vger.kernel.org
Cc:     KarimAllah Ahmed <karahmed@amazon.de>,
        Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>, kvm@vger.kernel.org,
        x86@kernel.org
Subject: [RFC 00/10] Speculation Control feature support
Date:   Sat, 20 Jan 2018 20:22:51 +0100
Message-Id: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Start using the newly-added microcode features for speculation control on both
Intel and AMD CPUs to protect against Spectre v2.

This patch series covers interrupts, system calls, context switching between
processes, and context switching between VMs. It also exposes Indirect Branch
Prediction Barrier MSR, aka IBPB MSR, to KVM guests.

TODO:

- Introduce a microcode blacklist to disable the feature for broken microcodes.
- Restrict/Unrestrict the speculation (by toggling IBRS) around VMExit and
  VMEnter for KVM and expose IBRS to guests.

Ashok Raj (1):
  x86/kvm: Add IBPB support

David Woodhouse (1):
  x86/speculation: Add basic IBRS support infrastructure

KarimAllah Ahmed (1):
  x86: Simplify spectre_v2 command line parsing

Thomas Gleixner (4):
  x86/speculation: Add basic support for IBPB
  x86/speculation: Use Indirect Branch Prediction Barrier in context
    switch
  x86/speculation: Add inlines to control Indirect Branch Speculation
  x86/idle: Control Indirect Branch Speculation in idle

Tim Chen (3):
  x86/mm: Only flush indirect branches when switching into non dumpable
    process
  x86/enter: Create macros to restrict/unrestrict Indirect Branch
    Speculation
  x86/enter: Use IBRS on syscall and interrupts

 Documentation/admin-guide/kernel-parameters.txt |   1 +
 arch/x86/entry/calling.h                        |  73 ++++++++++
 arch/x86/entry/entry_64.S                       |  35 ++++-
 arch/x86/entry/entry_64_compat.S                |  21 ++-
 arch/x86/include/asm/cpufeatures.h              |   2 +
 arch/x86/include/asm/mwait.h                    |  14 ++
 arch/x86/include/asm/nospec-branch.h            |  54 ++++++-
 arch/x86/kernel/cpu/bugs.c                      | 183 +++++++++++++++---------
 arch/x86/kernel/process.c                       |  14 ++
 arch/x86/kvm/svm.c                              |  14 ++
 arch/x86/kvm/vmx.c                              |   4 +
 arch/x86/mm/tlb.c                               |  21 ++-
 12 files changed, 359 insertions(+), 77 deletions(-)


Cc: Andi Kleen <ak@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Asit Mallick <asit.k.mallick@intel.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: x86@kernel.org

-- 
2.7.4