Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Message-ID: <37cf9ba3941a51e8db27f9f4c21b5b7e.squirrel@twosheds.infradead.org>
In-Reply-To: <alpine.DEB.2.20.1801211524160.1998@nanos>
References: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
    <1516476182-5153-6-git-send-email-karahmed@amazon.de>
    <alpine.DEB.2.20.1801211524160.1998@nanos>
Date:   Sun, 21 Jan 2018 15:25:38 -0000
Subject: Re: [RFC 05/10] x86/speculation: Add basic IBRS support
 infrastructure
From:   "David Woodhouse" <dwmw2@infradead.org>
To:     "Thomas Gleixner" <tglx@linutronix.de>
Cc:     "KarimAllah Ahmed" <karahmed@amazon.de>,
        linux-kernel@vger.kernel.org, "Andi Kleen" <ak@linux.intel.com>,
        "Andrea Arcangeli" <aarcange@redhat.com>,
        "Andy Lutomirski" <luto@kernel.org>,
        "Arjan van de Ven" <arjan@linux.intel.com>,
        "Ashok Raj" <ashok.raj@intel.com>,
        "Asit Mallick" <asit.k.mallick@intel.com>,
        "Borislav Petkov" <bp@suse.de>,
        "Dan Williams" <dan.j.williams@intel.com>,
        "Dave Hansen" <dave.hansen@intel.com>,
        "David Woodhouse" <dwmw@amazon.co.uk>,
        "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>,
        "Ingo Molnar" <mingo@redhat.com>,
        "Janakarajan Natarajan" <janakarajan.natarajan@amd.com>,
        "Joerg Roedel" <joro@8bytes.org>,
        "Jun Nakajima" <jun.nakajima@intel.com>,
        "Laura Abbott" <labbott@redhat.com>,
        "Linus Torvalds" <torvalds@linux-foundation.org>,
        "Masami Hiramatsu" <mhiramat@kernel.org>,
        "Paolo Bonzini" <pbonzini@redhat.com>,
        "Peter Zijlstra" <peterz@infradead.org>,
        =?utf-8?B?IlJhZGltIEtyxI1tw6HFmSI=?= <rkrcmar@redhat.com>,
        "Tim Chen" <tim.c.chen@linux.intel.com>,
        "Tom Lendacky" <thomas.lendacky@amd.com>, kvm@vger.kernel.org,
        x86@kernel.org
User-Agent: SquirrelMail/1.4.22-21.fc27
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
Importance: Normal
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk


> On Sat, 20 Jan 2018, KarimAllah Ahmed wrote:
>> From: David Woodhouse <dwmw@amazon.co.uk>
>>
>> Not functional yet; just add the handling for it in the Spectre v2
>> mitigation selection, and the X86_FEATURE_IBRS flag which will control
>> the code to be added in later patches.
>>
>> Also take the #ifdef CONFIG_RETPOLINE from around the RSB-stuffing; IBRS
>> mode will want that too.
>>
>> For now we are auto-selecting IBRS on Skylake. We will probably end up
>> changing that but for now let's default to the safest option.
>>
>> XX: Do we want a microcode blacklist?
>
> Oh yes, we want a microcode blacklist. Ideally we refuse to load the
> affected microcode in the first place and if its already loaded then at
> least avoid to use the borked features.
>
> PR texts promising that Intel is committed to transparency in this matter
> are not sufficient. Intel, please provide the facts, i.e. a proper list of
> micro codes and affected SKUs, ASAP.

Perhaps we could start with the list already published by VMware at
https://kb.vmware.com/s/article/52345


-- 
dwmw2