Received: by 10.223.185.116 with SMTP id b49csp1855636wrg;
        Sun, 11 Feb 2018 23:14:39 -0800 (PST)
X-Google-Smtp-Source: AH8x226dWB5IQHkw8iynxX2UCgpyDOAbCGV7Yxw4+0y4d5lpIv5yuorkKX80WKA1ihMPrJJ7cX/f
X-Received: by 10.99.182.76 with SMTP id v12mr3099455pgt.158.1518419679858;
        Sun, 11 Feb 2018 23:14:39 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1518419679; cv=none;
        d=google.com; s=arc-20160816;
        b=Q9QSh8ncuj5YihvMd17JCHc4m6TF1z7cR6eDkUqf9v7n93r3Gdyrkr9g7v1o9CuL1L
         qDPwkl6mq2ZgWyNcTS/khcB+V8IAotAoyiKVrQgGLXIpsa3q+mYYLbnD6FiAi83ZVyBG
         Og5XiuHt6JSlVfv0yS6OoeBk6lb/CkU7XIltLzlc//OVD4Rib3szcxxnIfEN27yGAoBe
         2MYm5QbZw+5lFA7Z20/6EGMZvrvaEuCHmfoJbOPHKEjKQmTyOssUtHh11XqvPYyM4Dp+
         Bz224hO61KdHTMDlT40FHJXFJZtDg2IecagSJGyjHebHEHnMyo4VPQvAkPqvOMdRHm+K
         pJIw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=rwJxSt55KbNSxZ7arTgtDu77ojAdzWejw601U+UW/Ro=;
        b=VQ2wAO6sQAvb43q8wOEi2VQNpRAIhgfugG/Pp6ueaYhQxgRmzzzOlZg9uSbLWzCM3F
         2/+BSWxT2W4eYddscI+c/5jxbubkvor+vM3az1LPJl9+Zwl9kZdtzaQUnpjobAp1DfmR
         hFC4lW/1iZTvzve0cqInaRSDPumwkoKMmQ7qdx1yjYTsslpQt/6vnCAODvidDrI+q9Y7
         E+QSjHG4+8wraddtTP2yp6s0KjEhh0Vr02XEgWt6Xw3SpwSepIR0Ss9DFP4h7/IcbXzB
         9IxdPVLWIuXCuGgP6fD/W5wts+xyM4qfxGrX4jLPfjds/4MZ2QxHgtB1LGPuhB2vWbJ3
         3+0A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=HnAT7iNG;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id bh11-v6si5476103plb.62.2018.02.11.23.14.26;
        Sun, 11 Feb 2018 23:14:39 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=HnAT7iNG;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932723AbeBLGAC (ORCPT <rfc822;brice.berna@gmail.com>
        + 99 others); Mon, 12 Feb 2018 01:00:02 -0500
Received: from mail-it0-f68.google.com ([209.85.214.68]:50415 "EHLO
        mail-it0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932416AbeBLGAA (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 12 Feb 2018 01:00:00 -0500
Received: by mail-it0-f68.google.com with SMTP id x128so5403876ite.0;
        Sun, 11 Feb 2018 21:59:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=rwJxSt55KbNSxZ7arTgtDu77ojAdzWejw601U+UW/Ro=;
        b=HnAT7iNG7W5KtgJHtdrQx+pSl07il0PfmzigLiMxnWWstTbcbaZHNy98TV3MmWSS1a
         PdX99rrNKtB71W9d/OH/Zt5Me7i7cmjwgsd1sRt4ecscFHJGZOqPxaxBlakrrGf4x9qC
         l9uXYXtwQfWHjPQkpWd3lPk7dMbpr0E94GQlU9N6ti6ohDxU5L45qW/GnY0dij/ALIeq
         SBAynoLyxXUIteR4FZiZ64bS7/nDpMWUNulV+9lI/66OtL76WuhWACbp5fzLOlan/YMN
         VzNXglSl+ceKXpCkDGG/yTkkOq3a3Y9Cni5kwbhqZ3SDQMiGHQCa3MEMusw6I8zBQyK0
         cwbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=rwJxSt55KbNSxZ7arTgtDu77ojAdzWejw601U+UW/Ro=;
        b=mTOZ28lxqphOARdcUuGzjsraCfIiU7G9MFx06H7IRtQ+Sb0Wj/Hb4eHEhYC6YlVqJ3
         qEkiLsJdTwDhSzKtXdC9rKOgm8HiXiG2id9G0rdBHUDCf/L2HeTkxsNdtdHpA9h6GHFY
         PaTLqf8NMKEMCbj4rFL5fFzYx8lSkZphn5EWTM6bv+VhSlK/Rw7fsjHgsZMss95knojD
         FG9+6ie4Zvahi8HFTsQXl4V6pPjVLEPmNKsucPfCCki7tW8vZXagxoukcx1zhgPnvP9N
         gyxrsgNyokNJEyz8geMNdaeCKZSDjKIofyfmrjcGFWQ+PP5rpfnGQ8Gnh7IQeu5VYTsY
         xH2A==
X-Gm-Message-State: APf1xPDHa+9y3fL17k/bLN+hpQOB+zpqjEKpUepCym1Wn6PW8NQZov0v
        ORN4pg68+RdsiOkM85glj90=
X-Received: by 10.36.146.196 with SMTP id l187mr4325861itd.115.1518415199419;
        Sun, 11 Feb 2018 21:59:59 -0800 (PST)
Received: from localhost ([223.227.43.50])
        by smtp.gmail.com with ESMTPSA id x28sm8547369ioi.83.2018.02.11.21.59.57
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 11 Feb 2018 21:59:59 -0800 (PST)
Date:   Mon, 12 Feb 2018 11:29:48 +0530
From:   afzal mohammed <afzal.mohd.ma@gmail.com>
To:     mingo@kernel.org, hpa@zytor.com, tglx@linutronix.de,
        torvalds@linux-foundation.org, linux-kernel@vger.kernel.org,
        dwmw@amazon.co.uk, peterz@infradead.org
Cc:     linux-tip-commits@vger.kernel.org
Subject: Re: [tip:x86/pti] x86/speculation: Use IBRS if available before
 calling into firmware
Message-ID: <20180212055948.GA3281@afzalpc>
References: <1518362359-1005-1-git-send-email-dwmw@amazon.co.uk>
 <tip-670c3e8da87fa4046a55077b1409cf250865a203@git.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <tip-670c3e8da87fa4046a55077b1409cf250865a203@git.kernel.org>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi,

On Sun, Feb 11, 2018 at 11:19:10AM -0800, tip-bot for David Woodhouse wrote:

> x86/speculation: Use IBRS if available before calling into firmware
> 
> Retpoline means the kernel is safe because it has no indirect branches.
> But firmware isn't, so use IBRS for firmware calls if it's available.

afaui, so only retpoline means still mitigation not enough.

Also David W has mentioned [1] that even with retpoline, IBPB is also
required (except Sky Lake).

If IBPB & IBRS is not supported by ucode, shouldn't the below indicate
some thing on the lines of Mitigation not enough ?

> -	return sprintf(buf, "%s%s%s\n", spectre_v2_strings[spectre_v2_enabled],
> +	return sprintf(buf, "%s%s%s%s\n", spectre_v2_strings[spectre_v2_enabled],
>  		       boot_cpu_has(X86_FEATURE_USE_IBPB) ? ", IBPB" : "",
> +		       boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "",
>  		       spectre_v2_module_string());

On 4.16-rc1, w/ GCC 7.3.0,

/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline

Here for the user (at least for me), it is not clear whether the
mitigation is enough. In the present system (Ivy Bridge), as ucode
update is not available, IBPB is not printed along with
"spectre_v2:Mitigation", so unless i am missing something, till then
this system should be considered vulnerable, but for a user not
familiar with details of the issue, it cannot be deduced.

Perhaps an additional status field [OKAY,PARTIAL] to Mitigation in
sysfs might be helpful. All these changes are in the air for me, this
is from a user perspective, sorry if my feedback seems idiotic.

afzal


[1] lkml.kernel.org/r/1516638426.9521.20.camel@infradead.org