Received: by 10.223.176.46 with SMTP id f43csp468169wra; Fri, 26 Jan 2018 01:41:26 -0800 (PST) X-Google-Smtp-Source: AH8x2271cBAqWg8HN2SBm+1iwLPuKJP7lAFsgAn4o6D+2N0esrN/FgT4oE5DOzyfz2zuSnZR5f0L X-Received: by 10.99.180.67 with SMTP id n3mr14363024pgu.169.1516959686433; Fri, 26 Jan 2018 01:41:26 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516959686; cv=none; d=google.com; s=arc-20160816; b=oLDZP0uCpTWL2glrYkjUvh4jxFc0BLJYIrjaShbrwwiwo0N7siHSSP9hfdLetMVayt HkEOI6HV9pIobSZzV/0pyMtP/BVqb3gDRcaTf0ZJ+erAJyLNEnrfirKtklvznmGFl1zb mI9V9b2+K0ju6uzq9+Sk3mxaH8u4xz+Kk/3b/eu7Bt9+bcooElZwfOChxM9cDGHpOIcZ Jcpb9JT1WN3b+XdMQJa5wsoWjXAwixPuwZjzpnEXhWc8X2h/vS6Z6EXHeUM67fyX5H8d K35v+kDkH/HI5wvlMMaKnXYTb2/lh6w5XHjnxlEt0cRxQNr9ychUGp9V1ebozLCNggDT IraA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=ZYkE8slF9ZA3M1aGiKqvNquU78O6Rudt/egnMJwFl1c=; b=fU/PQnMbzwnGhOm3HXbFCeSTMX6oXzCRO43Nsmzb3N+Vytzdbf12OJ6wFMyH9SdjpM LtOfVca6bcnvIIZN+MzkbDnsPICHwkrtLGoKRSd1N4RpGFgGSTs0w/YWgNz80LSLr21c BOBas9Lpuv5f3P2JrD+S+Q1jGkNs8bq2HzqqR/UdYjmUiJUGaobv13GY56mJJFRrY1K2 ikOcsziTGLXAo8FMlp79rP1lUcYKcG+FggjAjRQsnR7U/goUNwIyupSbnCopO32RQVO+ 9JCiJAvr9fnb4gb0f8AN1Z8F+SreOHTZtML56CZP8nWDUjgzmmFLfQrF3dw71jFaYg2o +U0g== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=H8aixAaS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l9si6046874pff.155.2018.01.26.01.41.11; Fri, 26 Jan 2018 01:41:26 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=H8aixAaS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752873AbeAZJko (ORCPT + 99 others); Fri, 26 Jan 2018 04:40:44 -0500 Received: from mail-wm0-f68.google.com ([74.125.82.68]:37366 "EHLO mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751395AbeAZJkl (ORCPT ); Fri, 26 Jan 2018 04:40:41 -0500 Received: by mail-wm0-f68.google.com with SMTP id v71so20019804wmv.2 for ; Fri, 26 Jan 2018 01:40:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=ZYkE8slF9ZA3M1aGiKqvNquU78O6Rudt/egnMJwFl1c=; b=H8aixAaS0/2RoOOoHIF27/C+67ytECAJVJF64WNIMmB7pxmryGq+w72rxnww3gGBaL +hLkZkAVVBJkBjvS8Yn/LdMKMqwEvHUFXI5tg3/qKvl4p443nv0XG6EbxsLjfKo7dxKg 2wHAShtRJxvQxxxcXG9rRZSLb23tU42JlzpuOgBWzXiazuiOSQ3rh+Gozllr2cM7SYwR LNbzChp97gExtDLf2Q+4Ktfv+WOk53y9zihRUfEwgWWdR7v2xRmiu11UFxJsQn2DE9Vy xy26gobrVcTlhW+rYbMCyEujLzSrY1nSIK1XIFNPHwr1NY3+stVhO/hRDPYggEuWdJqn nN3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to:user-agent; bh=ZYkE8slF9ZA3M1aGiKqvNquU78O6Rudt/egnMJwFl1c=; b=NAtf42KAwLIKz2pCPzqhR2742F2zQhAzQJ1vv028ZWhoiDpE6iZImJRxF4NfHbVITw 6ip3J3gVNcUe8hRZDK12IBnUScm+3lvfGyLtA1PUJ156ucmwzoRMnZTuaowuZ1SKx6gK INRoY5nF+Bj9dg8HmJ1Xzw8doSqNvgJMqz9NulsCcA9WthKdNG3qeLWmL5/HG4PxWBid CTYBkNUl1+g0Z1TFtzxWAyztLBpYa8iPfRnQxR+aD22boL6PiIfwgT9OeZ+Acm2tV7Ag 7vvl7AgMRej0uK7ZhAkmHg7FmRBo0mD8Jlz8llJPoSeyMs+6BUUU0KDTPtV0cs5QPIEx 24ww== X-Gm-Message-State: AKwxytclUjRikoFJ41sgeI6SgaJ//sAqxs5mp1OLbwtvv9UypU4vSyse 3nMRdHSSXFMd1Ez/P1/qFB8= X-Received: by 10.28.147.66 with SMTP id v63mr9436636wmd.118.1516959640045; Fri, 26 Jan 2018 01:40:40 -0800 (PST) Received: from gmail.com (2E8B0CD5.catv.pool.telekom.hu. [46.139.12.213]) by smtp.gmail.com with ESMTPSA id p32sm8952045wrc.9.2018.01.26.01.40.38 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 26 Jan 2018 01:40:39 -0800 (PST) Date: Fri, 26 Jan 2018 10:40:37 +0100 From: Ingo Molnar To: David Woodhouse Cc: Thomas Gleixner , arjan@linux.intel.com, karahmed@amazon.de, x86@kernel.org, linux-kernel@vger.kernel.org, tim.c.chen@linux.intel.com, bp@alien8.de, peterz@infradead.org, pbonzini@redhat.com, ak@linux.intel.com, torvalds@linux-foundation.org, gregkh@linux-foundation.org, dave.hansen@intel.com, gnomes@lxorguk.ukuu.org.uk, ashok.raj@intel.com Subject: Re: [PATCH v4 6/7] x86/cpufeature: Blacklist SPEC_CTRL on early Spectre v2 microcodes Message-ID: <20180126094036.uqi5w4qfvbuic37t@gmail.com> References: <1516872189-16577-1-git-send-email-dwmw@amazon.co.uk> <1516872189-16577-7-git-send-email-dwmw@amazon.co.uk> <1516876994.30244.51.camel@infradead.org> <1516879213.30244.74.camel@infradead.org> <1516887714.30244.121.camel@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1516887714.30244.121.camel@infradead.org> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * David Woodhouse wrote: > On Thu, 2018-01-25 at 12:34 +0100, Thomas Gleixner wrote: > > > > This stuff is really a master piece of trainwreck engineering. > > > > So yeah, whatever we do we end up with a proper mess. Lets go for a > > blacklist and hope that we'll have something which holds at some > > foreseeable day in the future. > > > > The other concern I have is IBRS vs. IBPB. Are we sufficiently sure that > > IBPB is working on those IBRS blacklisted ucode revisions? Or should we > > just play safe and not touch any of this at all when we detect a > > blacklisted one? > > That isn't sufficiently clear to me. I've changed it back to blacklist > *everything* for now, to be safe. If at any point Intel want to get > their act together and give us coherent information to the contrary, we > can change to separate IBPB/IBRS blacklists. Yes. I also agree that blacklists are the fundamentally correct approach here: a bit-rotting blacklist is far better to users than a bit-rotting whitelist, assuming that the number of CPU and microcode bugs goes down with time. Thanks, Ingo