Received: by 10.223.176.5 with SMTP id f5csp1157029wra;
        Wed, 31 Jan 2018 02:06:33 -0800 (PST)
X-Google-Smtp-Source: AH8x227wRT3L5AD7V7IgPQNCNrIRAHezbJfbJrknuGgo+zv7Zc3Sj9YeCADWm8qZapVufedIMlL4
X-Received: by 10.98.67.138 with SMTP id l10mr32741731pfi.72.1517393193526;
        Wed, 31 Jan 2018 02:06:33 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517393193; cv=none;
        d=google.com; s=arc-20160816;
        b=wgcsHpjZ1MFgN1NVFMz4VxLurafYGmSOjtIe3+pcpAXdxEqJSGxTUzR01/Oc69faBc
         i4taiZuSLw37Bwbbau2TZGiIsqqjKkM+q6QxUxzG9s/CJogl5SoeDo6iPyemAs8w3JyZ
         hgK6mZbDMVra6Cc/mnJ4DbWvdaXhPP3Ea5YM6/rrDobenF8EJhevA7TLYVoNafI1r34Z
         6cXL0xpUCBxaKtndsIQDzW2EdnjtOO1Tvqvur0891tnpuSoSOcYkESKF0riqxhz1TxAw
         eysOsWrKlUGu637waBfqbZS5RYDgNxNGT2qtUgTkmoBGfZZKpJ8YGNS+9aut00NB5pW/
         TADA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:subject:mime-version
         :from:dkim-signature:arc-authentication-results;
        bh=PPPLKWCAJpeboeM3pEmz1U/vl3vW0koOGqYIRZO1hzw=;
        b=Mi4q0Qt03PTwC65WbYGKqc08e0gaa7rY8a96BuTGoVrYFtskpB71m5+wdRb4t5vQjC
         Vs+MHfyv0zjBPj7SJw9/1ZK4RhxxXTKairi+Ks7iRGiZ5x1l9isQKApj02UB3Lg+wwe7
         rQN1lmg47nUwRW6tojYko7YeWOBpaU4nI6WemL+Y0+8MNj6GP+I0aNW1wCc7CXPf/eMH
         YEFrS+xCUT8y1YT0WrUKX3UQ0RBzd6nx+ctqQunvNxRL2AuVfY9TFq43yJDRWEWGqEzP
         LyGiY+TVNysYUxZfKN/U0RiUXGNtTX1c6MOMoj9ZlJEj1gIHPZAWTGP14tYYpULwLYU4
         lBAw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=PjlBXJeX;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w23si1431643pgc.472.2018.01.31.02.06.18;
        Wed, 31 Jan 2018 02:06:33 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=PjlBXJeX;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932093AbeAaKFX (ORCPT <rfc822;sujaykul91@gmail.com> + 99 others);
        Wed, 31 Jan 2018 05:05:23 -0500
Received: from mail-wm0-f49.google.com ([74.125.82.49]:54450 "EHLO
        mail-wm0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932073AbeAaKFU (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 31 Jan 2018 05:05:20 -0500
Received: by mail-wm0-f49.google.com with SMTP id i186so6860089wmi.4;
        Wed, 31 Jan 2018 02:05:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:mime-version:subject:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=PPPLKWCAJpeboeM3pEmz1U/vl3vW0koOGqYIRZO1hzw=;
        b=PjlBXJeXW7bfJB2KUzA5j21h/qKfcHJTb3E6jZssoqLjJkE9DmGTDS72DJPF3mIxPm
         WrIcjhnUd0TfnDUSL/vhxsTEG66Dy1viyodrJnMGGMI5PWEUOQbDBk9r480zyhJj3lQu
         HTcM8WJTtNlTlvLKujQEU9zVbKZOHvOljuoa4IzJkYF+/tQttixg+EVH6d8kJg9BNKfy
         jwHnWzB520po0vRRDl+qhKrbkO8YuUyuul1InY/2QoJJPnjoLynJG4qbX/aTTRIrf44P
         IvU5TRLljtwA82VwsPSPhP/+PQ57hs3xX637ncgctS69seW5uNIcg1NeNtmBoxEoK81A
         gAwQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:mime-version:subject:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=PPPLKWCAJpeboeM3pEmz1U/vl3vW0koOGqYIRZO1hzw=;
        b=N2IGzXpGXyryEhkcaCNLLnaQwHErc0EbLYCVgddXXAJMLS1VPsDb8KyVt3P9Azjz5h
         3ykVHQTDf59WONVyRsyPSoLq2RxnME1xk46P3Mp2TTE57P77VAHW5V/7awB4rcXdQQ+p
         l2DvqJQNSSIbqeoAMLm5ZSmb08kpfOouUstX2zgUdvWUknNrWWCt4JvIbpL6iJ4KW4CI
         yVo1SdPACN5ob1jC2i53YWVr6pead/hJEPerTX0pe3sKM66FLvj7TBFrnxPYPs+tRJpd
         9ezY3uJBTPhf1K7PGVj7fCvmJfJgyJ5rFnYJsnkkdMQKxa0mwZLzuZlmRqN+VEUG1fVS
         CMxw==
X-Gm-Message-State: AKwxytdS89FL/TsWuzd+hUHkP2WbcjHwbiV9QbsKn3cXOGhGd4DgJUJR
        gQwtDy3/uU5Nvmhm4CaUTIk=
X-Received: by 10.28.108.4 with SMTP id h4mr21599129wmc.161.1517393119341;
        Wed, 31 Jan 2018 02:05:19 -0800 (PST)
Received: from [192.168.77.22] (val06-1-88-182-161-34.fbx.proxad.net. [88.182.161.34])
        by smtp.gmail.com with ESMTPSA id q186sm17718416wmb.33.2018.01.31.02.05.16
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 31 Jan 2018 02:05:18 -0800 (PST)
From:   Christophe de Dinechin <christophe.de.dinechin@gmail.com>
X-Google-Original-From: Christophe de Dinechin <christophe@dinechin.org>
Content-Type: text/plain;
        charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Subject: Re: [RFC,05/10] x86/speculation: Add basic IBRS support
 infrastructure
In-Reply-To: <20180130204623.583b1a7a@alans-desktop>
Date:   Wed, 31 Jan 2018 11:05:15 +0100
Cc:     Linus Torvalds <torvalds@linux-foundation.org>,
        David Woodhouse <dwmw2@infradead.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Eduardo Habkost <ehabkost@redhat.com>,
        KarimAllah Ahmed <karahmed@amazon.de>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        =?utf-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        KVM list <kvm@vger.kernel.org>,
        the arch/x86 maintainers <x86@kernel.org>,
        "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <200C59E8-80F3-4FEC-BA3B-E6A56FA12C74@dinechin.org>
References: <1516476182-5153-6-git-send-email-karahmed@amazon.de>
 <20180129201404.GA1588@localhost.localdomain>
 <1517257022.18619.30.camel@infradead.org>
 <20180129204256.GV25150@localhost.localdomain>
 <31415b7f-9c76-c102-86cd-6bf4e23e3aee@linux.intel.com>
 <1517259759.18619.38.camel@infradead.org>
 <CA+55aFxBh3LvsQq9wy313NQCn3iu+yuAmsi0zNVxWmGDUUds-A@mail.gmail.com>
 <20180130204623.583b1a7a@alans-desktop>
To:     Alan Cox <gnomes@lxorguk.ukuu.org.uk>
X-Mailer: Apple Mail (2.3445.5.20)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



> On 30 Jan 2018, at 21:46, Alan Cox <gnomes@lxorguk.ukuu.org.uk> wrote:
>=20
>> If you are ever going to migrate to Skylake, I think you should just
>> always tell the guests that you're running on Skylake. That way the
>> guests will always assume the worst case situation wrt Specte.
>=20
> Unfortunately if you do that then guest may also decide to use other
> Skylake hardware features and pop its clogs when it finds out its =
actually
> running on Westmere or SandyBridge.
>=20
> So you need to be able to both lie to the OS and user space via cpuid =
and
> also have a second 'but do skylake protections' that only mitigation
> aware software knows about.

Yes. The most desirable lie is different depending on whether you want =
to
allow virtualization features such as migration (where you=E2=80=99d =
gravitate
towards a CPU with less features) or whether you want to allow =
mitigation
(where you=E2=80=99d rather present the most fragile CPUID, probably =
Skylake).

Looking at some recent patches, I=E2=80=99m concerned that the code =
being added
often assumes that the CPUID is the correct way to get that info.
I do not think this is correct. You really want specific information =
about
the host CPUID, not whatever KVM CPUID emulation makes up.