Received: by 10.223.176.46 with SMTP id f43csp615324wra;
        Fri, 26 Jan 2018 04:16:10 -0800 (PST)
X-Google-Smtp-Source: AH8x227GsnFO+fuLmA44dQhJmcnOqsX7mdHevoa+paWezh298+467RsFikYvLZm3TeEjCczpGKhw
X-Received: by 2002:a17:902:3183:: with SMTP id x3-v6mr14164501plb.290.1516968970477;
        Fri, 26 Jan 2018 04:16:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516968970; cv=none;
        d=google.com; s=arc-20160816;
        b=ignf/FP/cQ98wBHH4E1tY1LGlwRZ0cEn/E/uYiq1yN+A6aRIqmSsXsgiC/FEQDB5b3
         XRdJNJvnckoj8E14fAjXWiTduDzLv500GFjk57ZEoTahBf90ggA+lmram9DW7Y90O3v/
         TeLz5OAZvGkKOktfG8ssLxw/SN05zYnuUXtuIxKYghXkXqXZX5gmd0Y8SK+a21n2xtFc
         0KoCKgeIEJMKC8hWt+dzAp3BnGgTwdSvZjPpk7AhL1qNViftSDoCRUOtf9YgjZESYn5Y
         MR66GC/6/8li7XeZDBgx60exmCbe8u+zVk8X6hRCTBAsJv/ORWdR8TJ3Z2Ff8ZLcYQLZ
         7uVw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:references:in-reply-to:date
         :to:from:subject:message-id:arc-authentication-results;
        bh=D2HBVo08wiGpTquuDE+X0TBG+Wtpdzxmmxxs+8WgAsM=;
        b=JeUAn0Y5y/GE+akGzKRh2ZkoSYwMio/HAI5/MrqatfIBHFEFTKsq3FceMGOBVfY+2L
         RWYUCTdfpXBs6pOssxjSJKCa0LhkgIyeZv5stOWzyn+Ldz7WDKIDEhCovb8PHogfsl5M
         a0VEbmA2AT+L2gnN9P/2pPll9zrXV0m8ca+mWqduoWGIOC7m0IJhS7es4XH1d1fCT0vA
         oRyScOdG3Eh10I7T8ppz3lb+NPPwfYqFL3ZRVeq19+axnh6xnswK1WOrNkl99KUiMYs1
         3JasqJNl7kVFRniG4lUGvk59YtJAg8Nhy9YbOdW+vwmC9JfR/jil+CvFWEm/aKN0FOsE
         aj6Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z20-v6si3671389plo.73.2018.01.26.04.15.56;
        Fri, 26 Jan 2018 04:16:10 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751914AbeAZMO4 (ORCPT <rfc822;daisukeokaopensource@gmail.com>
        + 99 others); Fri, 26 Jan 2018 07:14:56 -0500
Received: from pic75-3-78-194-244-226.fbxo.proxad.net ([78.194.244.226]:38716
        "EHLO mail.corsac.net" rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org
        with ESMTP id S1751539AbeAZMOy (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 26 Jan 2018 07:14:54 -0500
Received: from scapa.corsac.net (unknown [IPv6:2a01:e34:ec2f:4e21::1])
        by mail.corsac.net (Postfix) with ESMTPS id C28BB96
        for <linux-kernel@vger.kernel.org>; Fri, 26 Jan 2018 13:14:52 +0100 (CET)
Received: from corsac (uid 1000)
        (envelope-from corsac@debian.org)
        id a024f
        by scapa.corsac.net (DragonFly Mail Agent v0.11);
        Fri, 26 Jan 2018 13:14:50 +0100
Message-ID: <1516968886.19619.7.camel@debian.org>
Subject: Re: [PATCH v3 5/6] x86/pti: Do not enable PTI on processors which
 are not vulnerable to Meltdown
From:   Yves-Alexis Perez <corsac@debian.org>
To:     David Woodhouse <dwmw@amazon.co.uk>, arjan@linux.intel.com,
        tglx@linutronix.de, karahmed@amazon.de, x86@kernel.org,
        linux-kernel@vger.kernel.org, tim.c.chen@linux.intel.com,
        bp@alien8.de, peterz@infradead.org, pbonzini@redhat.com,
        ak@linux.intel.com, torvalds@linux-foundation.org,
        gregkh@linux-foundation.org, dave.hansen@intel.com,
        gnomes@lxorguk.ukuu.org.uk
Date:   Fri, 26 Jan 2018 13:14:46 +0100
In-Reply-To: <1516813025-10794-6-git-send-email-dwmw@amazon.co.uk>
References: <1516813025-10794-1-git-send-email-dwmw@amazon.co.uk>
         <1516813025-10794-6-git-send-email-dwmw@amazon.co.uk>
Content-Type: multipart/signed; micalg="pgp-sha256";
        protocol="application/pgp-signature"; boundary="=-ywoLQ64KJvTvI4veuUYJ"
X-Mailer: Evolution 3.26.3-1 
Mime-Version: 1.0
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


--=-ywoLQ64KJvTvI4veuUYJ
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, 2018-01-24 at 16:57 +0000, David Woodhouse wrote:
> Some old Atoms, anything in family 5 or 4, and newer CPUs when they adver=
tise
> the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO bit set, are not vu=
lnerable.
>=20
> Roll the AMD exemption into the x86_match_cpu() table too.
>=20
> Based on suggestions from Dave Hansen and Alan Cox.

Hi David,

I know we'll still be able to manually enable PTI with a command line optio=
n,
but it's also a hardening feature which has the nice side effect of emulati=
ng
SMEP on CPU which don't support it (e.g the Atom boxes above).

Couldn't we keep the =E2=80=9Cdefault on=E2=80=9D? Or maybe on boxes which =
also have CPID (in
order to limit the performance cost)?

Regards,
--=20
Yves-Alexis
--=-ywoLQ64KJvTvI4veuUYJ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----

iQEzBAABCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlprG7YACgkQ3rYcyPpX
RFufoQf+LE7/jozqn1bGpdAwPCMAYa03Oz4S3+7PEHAP6crkDv2X8MIvXBjqniNI
Kx9cFvw0/gGZ64MuasDuRIQY3bv8uR2r2ojFb2Lw4Q3VSle7b6+rqVhF+m05yTIr
Go9+GL8JnldnR4J0WePlUL2UDuv8oU1A88AMhTx3ROjOS/wABxGdLvLiEBMlzI2/
SdDyF4cX3P0wl9pJ8acSD1CbDSLPs8dguUJW6m5WzBIJXK55wTsZ2Hr7ZGTp2cEE
R4sW3Qq16CtTfJuz1pFdiewX8stAulNd3C2651hKrLCVqtQ7Dh9y+8TPINjC2gwc
rAbjptnRRlQrK+5OEpgpwI7E2uXKVw==
=R0PD
-----END PGP SIGNATURE-----

--=-ywoLQ64KJvTvI4veuUYJ--