Received: by 10.223.176.46 with SMTP id f43csp491190wra; Wed, 24 Jan 2018 01:11:36 -0800 (PST) X-Google-Smtp-Source: AH8x224yvh3Ni+GB52vC2DKGuxqIM33sxfRXHTXOqpglryTpw97gKIwYQlp+5Wd5MyEZRoW4PYHs X-Received: by 10.99.172.86 with SMTP id z22mr10424828pgn.227.1516785096869; Wed, 24 Jan 2018 01:11:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516785096; cv=none; d=google.com; s=arc-20160816; b=o3nk0RjoWJNCJZaVSSwUij1xkX6sYzZke92epvVrz1cWPda8i8MNs8iYg/aesqdG99 7C2FlNjRWERz+LbMOYyhRzRL7HKzpKNtHdGlSHM7soorgKT1ML9DQ0yWxQ1skEh7FqNg vEHKF257x/SC4nFzKwmSvHMSd40xW9twT1JJInN8j58YYHgQaXz0GQNStrGk9MvbS79S HBJSfHmTY9EWxigBAupF8xaczji8K7c9m7iBrR4LbmwG6jaEtDKOqei0bZleKavKfWet pSNNmSXUINGpSi0Bwagz3oufzxnPyIyUDPGrYRAGL8pu7ri8p/QUTlndymuqmYk3fYhJ RFeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=5g3TP1xT53D0bXGeWjsAPZv6v2xVsZ3MYyzEa4BFwKw=; b=e5mODt2oNM5MgLdeiMeTNYGyJO8pXo7GZYWNFcYfNOIUv4ugB1byWZPZ1sUBYW3uye tMtfn6qWM4ZSCWZu8f2Oab33izri9GXmuEn/xHf8MMSn+V2vNZNlDjefRBQoiOZVkj2c xqk3dFaAHwC0WSVieSbB2Io3h1U+BeXevnGXYXz3f1QzryyI0UNYxOu6zmxp6aFJEOtd Sm0DX2OCDt3hk+OcikHo4eyEC1kMDmf/AFQu92eVKsipitDwAnqV8LUcCxOyugihmB1f CVDrI4Ue8d9Wpz6GYl9Vy4YzoctCp+5C/ZD2LWBECfTWHr1An1PYGq7TJ2AufvD1yiz7 JXLQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t17si2622793pfe.41.2018.01.24.01.11.22; Wed, 24 Jan 2018 01:11:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932728AbeAXJK5 (ORCPT + 99 others); Wed, 24 Jan 2018 04:10:57 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:51394 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932565AbeAXJKx (ORCPT ); Wed, 24 Jan 2018 04:10:53 -0500 Received: from localhost (unknown [37.169.27.19]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 161DFE01; Wed, 24 Jan 2018 09:10:52 +0000 (UTC) Date: Wed, 24 Jan 2018 10:10:49 +0100 From: Greg Kroah-Hartman To: David Woodhouse Cc: Peter Zijlstra , Thomas Gleixner , KarimAllah Ahmed , linux-kernel@vger.kernel.org, Andi Kleen , Andrea Arcangeli , Andy Lutomirski , Arjan van de Ven , Ashok Raj , Asit Mallick , Borislav Petkov , Dan Williams , Dave Hansen , "H . Peter Anvin" , Ingo Molnar , Janakarajan Natarajan , Joerg Roedel , Jun Nakajima , Laura Abbott , Linus Torvalds , Masami Hiramatsu , Paolo Bonzini , Radim =?utf-8?B?S3LEjW3DocWZ?= , Tim Chen , Tom Lendacky , kvm@vger.kernel.org, x86@kernel.org Subject: Re: [RFC 05/10] x86/speculation: Add basic IBRS support infrastructure Message-ID: <20180124091049.GB12100@kroah.com> References: <1516476182-5153-1-git-send-email-karahmed@amazon.de> <1516476182-5153-6-git-send-email-karahmed@amazon.de> <1516741116.13558.11.camel@infradead.org> <20180124084735.GM2228@hirez.programming.kicks-ass.net> <1516784541.13558.90.camel@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1516784541.13558.90.camel@infradead.org> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jan 24, 2018 at 09:02:21AM +0000, David Woodhouse wrote: > On Wed, 2018-01-24 at 09:47 +0100, Peter Zijlstra wrote: > > Typically tglx likes to use x86_match_cpu() for these things; see also > > commit: bd9240a18edfb ("x86/apic: Add TSC_DEADLINE quirk due to > > errata"). > > Thanks, will fix. I think we might also end up in whitelist mode, > adding "known good" microcodes to the list as they get released or > retroactively blessed. > > I would really have liked a new bit in IA32_ARCH_CAPABILITIES to say > that it's safe, but that's not possible for *existing* microcode which > actually turns out to be OK in the end. > > That means the whitelist ends up basically empty right now. Should I > add a command line parameter to override it? Otherwise we end up having > to rebuild the kernel every time there's a microcode release which > covers a new CPU SKU (which is why I kind of hate the whitelist, but > Arjan is very insistent...) Ick, no, whitelists are a pain for everyone involved. Don't do that unless it is absolutely the only way it will ever work. Arjan, why do you think this can only be done as a whitelist? It's much easier to just mark the "bad" microcode versions as those _should_ be a much smaller list that Intel knows about today. And of course, any future microcode updates will not be "bad" because they know how to properly test for this now before they are released :) thanks, greg k-h