Received: by 10.223.176.5 with SMTP id f5csp3370762wra;
        Mon, 29 Jan 2018 12:16:03 -0800 (PST)
X-Google-Smtp-Source: AH8x227CnCZK8QJJ7hG11Q5Nb1D8dzLor6Am2RM7mE2OyPx2XA5N3zBwkb/dOJ0ig29ybzb+sWzM
X-Received: by 10.101.77.208 with SMTP id q16mr21631632pgt.395.1517256962938;
        Mon, 29 Jan 2018 12:16:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517256962; cv=none;
        d=google.com; s=arc-20160816;
        b=wtU7HhQrS6St220E3IjhrUIQh+7L3G/2rzzhIcmipHL1+DcwzhlAw+an8smpjfNEAe
         yxY7uIdwTgpF0/LRpeJ0Ky0R1IHQmqXW8wWWOMWJq4t4Qrocx4N9rhukohcXlwXgMVJ/
         5att1F0pNC1WM+jVaspmWUVh3u8ob7SqGGHDCw3iysDkIJaSdLN3UvbuEEe/TdvkfdQW
         2NVwn0B23wet9weegBPDGyUimGrgJ9cBmso+5d9Bl63sEXK9cSdZ5CBRlN8N8WT07oD2
         NCdIGDEy16o0QDW5IeZRfz6xcUkfTKAP1HiWnKWN7TnWsGUiJ1g7pYAtgYXCkGuLm7yR
         GSSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=pzKjgOHr6ONEpDsORrf6/GFBiiRmHPn52Yom0V+t9Rw=;
        b=zDzpw/gzYWa94ldr60ktOz1+Q3kk+r6ruEZCvFWlYaAmB2/M9NlbIBNz5PC4XDPVWd
         d9ZgWQkc/SoET9f/8iZzvvKwIBR4yUp04ODxLVdJhaVRSJRkaqDt72URmmh0Pr1XO55+
         uiI+tPjjzWS6KqO7Z0L6p7tZOoCwVJIo0PSw2of0GGJ7uPd+TuZLy9NdNTjNy5GWK5Ps
         vx5XdiNNjyl4eysU++XYNI6qYnDxuRvkqdGxTNo1rwHw8t34rTVcHUgBn85EHsnVNkWi
         a5m9Y0MZtGDINcZLZMt6LBASOLMMiT6gGbzlNRD16FD3TnrbMU6FlgU4zWSH0qY4y+cl
         hv/Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w8-v6si10187935plk.597.2018.01.29.12.15.48;
        Mon, 29 Jan 2018 12:16:02 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932215AbeA2UOQ (ORCPT <rfc822;vladislav.valtchev@gmail.com>
        + 99 others); Mon, 29 Jan 2018 15:14:16 -0500
Received: from mx1.redhat.com ([209.132.183.28]:59090 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1754220AbeA2UOL (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 Jan 2018 15:14:11 -0500
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id 7AB24461C8;
        Mon, 29 Jan 2018 20:14:10 +0000 (UTC)
Received: from localhost (ovpn-116-57.gru2.redhat.com [10.97.116.57])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 395815C264;
        Mon, 29 Jan 2018 20:14:05 +0000 (UTC)
Date:   Mon, 29 Jan 2018 18:14:04 -0200
From:   Eduardo Habkost <ehabkost@redhat.com>
To:     KarimAllah Ahmed <karahmed@amazon.de>
Cc:     linux-kernel@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>, kvm@vger.kernel.org,
        x86@kernel.org
Subject: Re: [RFC,05/10] x86/speculation: Add basic IBRS support
 infrastructure
Message-ID: <20180129201404.GA1588@localhost.localdomain>
References: <1516476182-5153-6-git-send-email-karahmed@amazon.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1516476182-5153-6-git-send-email-karahmed@amazon.de>
X-Fnord: you can see the fnord
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Mon, 29 Jan 2018 20:14:11 +0000 (UTC)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Jan 20, 2018 at 08:22:56PM +0100, KarimAllah Ahmed wrote:
> From: David Woodhouse <dwmw@amazon.co.uk>
> 
> Not functional yet; just add the handling for it in the Spectre v2
> mitigation selection, and the X86_FEATURE_IBRS flag which will control
> the code to be added in later patches.
> 
> Also take the #ifdef CONFIG_RETPOLINE from around the RSB-stuffing; IBRS
> mode will want that too.
> 
> For now we are auto-selecting IBRS on Skylake. We will probably end up
> changing that but for now let's default to the safest option.
> 
> XX: Do we want a microcode blacklist?
> 
> [karahmed: simplify the switch block and get rid of all the magic]
> 
> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> Signed-off-by: KarimAllah Ahmed <karahmed@amazon.de>
[...]
> +	case SPECTRE_V2_CMD_FORCE:
> +		/*
> +		 * If we have IBRS support, and either Skylake or !RETPOLINE,
> +		 * then that's what we do.
> +		 */
> +		if (boot_cpu_has(X86_FEATURE_SPEC_CTRL) &&
> +		    (is_skylake_era() || !retp_compiler())) {


Sorry for being confused here, as probably the answer is buried
on a LKML thread somewhere.  The comment explains what the code
does, but not why.  Why exactly IBRS is preferred on Skylake?

I'm asking this because I would like to understand the risks
involved when running under a hypervisor exposing CPUID data that
don't match the host CPU.  e.g.: what happens if a VM is migrated
from a Broadwell host to a Skylake host?



> +			mode = SPECTRE_V2_IBRS;
> +			setup_force_cpu_cap(X86_FEATURE_IBRS);
> +			break;
> +		}
> +		/* Fall through */
>  	case SPECTRE_V2_CMD_RETPOLINE:
[...]

-- 
Eduardo