Received: by 10.223.176.46 with SMTP id f43csp1900919wra;
        Sun, 21 Jan 2018 06:57:49 -0800 (PST)
X-Google-Smtp-Source: AH8x224BSmanbpm+BrMGyx+fiKIqPMuaAPbpn7E0t8raNkspkbjf6AlWBANwfcrnOG+RzXBJ5x4L
X-Received: by 10.99.182.12 with SMTP id j12mr4922905pgf.113.1516546669836;
        Sun, 21 Jan 2018 06:57:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516546669; cv=none;
        d=google.com; s=arc-20160816;
        b=pM4gR/KI9NftV5CAaNdCHix3qiNwJIAQX3ZXVJMZAnOlyhym3/X2suOpYRLg0zBNVf
         JRD33hwqsY/Ti7iZPLYtUtanDlVfqsARdtIJ9PxkIo6ul8e2ZMms9faeBA0iXTRi54TT
         Ini5dcsgYsbFIhi3lU5rmTrzCd1KiNf70JP1fhVRE4FYw/4bcfR2qTICBd9z383Z9pMp
         AAv+OBoCcKSe1H2o32kYoVUhTbNfDGxmL/YiMR7W7sOmLJWt0wBPEqBS43eHmcsLE5wF
         Ed+xNmQWvkg/gJT4Dm5gBC6ZVnr5vPnkah8NOwI1Rb9wyWTUHo/Wpk4O3JYX2STyzKbz
         dqXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=cS2DQ4emjVUYfKHRw0f4dkz4/TxvdpLy8uMgQL9UPRY=;
        b=ZCBjECwv0Y0vUku9sq2+wSbqPcn5+dD8feq/c9KGBca0ZqwFoVagVVoAb5NrPxzzM0
         vzMzGb26nTX4PyU1tTR3H+Wm710ey0SjVKkBdk8WkXgeGV2FF8B+iyF5dELvG0YFjCvk
         eD9xdfozbYg9ZzKXjYLJfLaKy2cX6uZcSZE1Ltd1FDzVSVhkhhD/K6e9YKNmoOgzO4Z6
         NnCgMHjJbe5oTaq0JgnbC+JduFEYUqQ4pV5eKoDyzVA687xM0/B3+5yLVFWMi6FiicHt
         PyFVbGSHWIdKMg622pkfe7zl7fMeF0NmA+B12YL6q+heM8C3i6a+GRMIya5aRA2NPrq/
         0kbg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id r2si12354391pge.772.2018.01.21.06.57.34;
        Sun, 21 Jan 2018 06:57:49 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751237AbeAUO5N (ORCPT <rfc822;yuankui.zhao@gmail.com>
        + 99 others); Sun, 21 Jan 2018 09:57:13 -0500
Received: from mx2.suse.de ([195.135.220.15]:54749 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751010AbeAUO5L (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 21 Jan 2018 09:57:11 -0500
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (charybdis-ext.suse.de [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id 98CDDAAB5;
        Sun, 21 Jan 2018 14:57:09 +0000 (UTC)
Date:   Sun, 21 Jan 2018 15:56:55 +0100
From:   Borislav Petkov <bp@suse.de>
To:     Thomas Gleixner <tglx@linutronix.de>
Cc:     KarimAllah Ahmed <karahmed@amazon.de>,
        linux-kernel@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>, kvm@vger.kernel.org,
        x86@kernel.org
Subject: Re: [RFC 05/10] x86/speculation: Add basic IBRS support
 infrastructure
Message-ID: <20180121145655.ddme3w6kzxthu6al@pd.tnic>
References: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
 <1516476182-5153-6-git-send-email-karahmed@amazon.de>
 <alpine.DEB.2.20.1801211524160.1998@nanos>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <alpine.DEB.2.20.1801211524160.1998@nanos>
User-Agent: NeoMutt/20170609 (1.8.3)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Jan 21, 2018 at 03:31:28PM +0100, Thomas Gleixner wrote:
> Oh yes, we want a microcode blacklist. Ideally we refuse to load the
> affected microcode in the first place and if its already loaded then at
> least avoid to use the borked features.
> 
> PR texts promising that Intel is committed to transparency in this matter
> are not sufficient. Intel, please provide the facts, i.e. a proper list of
> micro codes and affected SKUs, ASAP.

If we have to do blacklisting, then we need to blacklist microcode
revisions and fixed ones should be incremented. I.e., we need a way to
*detect* the faulty microcode revision at load time.

Also, blacklisting microcode for early loading will become an ugly dance
so I'd like to avoid it if possible.

Thus, it would be much much easier if dracut/initrd creation thing
already filters those blacklisted blobs by looking at the revision in
the header. Which is much easier.

Yeah, something like that.

-- 
Regards/Gruss,
    Boris.

SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--