Received: by 10.223.185.116 with SMTP id b49csp1855636wrg; Sun, 11 Feb 2018 23:14:39 -0800 (PST) X-Google-Smtp-Source: AH8x226dWB5IQHkw8iynxX2UCgpyDOAbCGV7Yxw4+0y4d5lpIv5yuorkKX80WKA1ihMPrJJ7cX/f X-Received: by 10.99.182.76 with SMTP id v12mr3099455pgt.158.1518419679858; Sun, 11 Feb 2018 23:14:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518419679; cv=none; d=google.com; s=arc-20160816; b=Q9QSh8ncuj5YihvMd17JCHc4m6TF1z7cR6eDkUqf9v7n93r3Gdyrkr9g7v1o9CuL1L qDPwkl6mq2ZgWyNcTS/khcB+V8IAotAoyiKVrQgGLXIpsa3q+mYYLbnD6FiAi83ZVyBG Og5XiuHt6JSlVfv0yS6OoeBk6lb/CkU7XIltLzlc//OVD4Rib3szcxxnIfEN27yGAoBe 2MYm5QbZw+5lFA7Z20/6EGMZvrvaEuCHmfoJbOPHKEjKQmTyOssUtHh11XqvPYyM4Dp+ Bz224hO61KdHTMDlT40FHJXFJZtDg2IecagSJGyjHebHEHnMyo4VPQvAkPqvOMdRHm+K pJIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=rwJxSt55KbNSxZ7arTgtDu77ojAdzWejw601U+UW/Ro=; b=VQ2wAO6sQAvb43q8wOEi2VQNpRAIhgfugG/Pp6ueaYhQxgRmzzzOlZg9uSbLWzCM3F 2/+BSWxT2W4eYddscI+c/5jxbubkvor+vM3az1LPJl9+Zwl9kZdtzaQUnpjobAp1DfmR hFC4lW/1iZTvzve0cqInaRSDPumwkoKMmQ7qdx1yjYTsslpQt/6vnCAODvidDrI+q9Y7 E+QSjHG4+8wraddtTP2yp6s0KjEhh0Vr02XEgWt6Xw3SpwSepIR0Ss9DFP4h7/IcbXzB 9IxdPVLWIuXCuGgP6fD/W5wts+xyM4qfxGrX4jLPfjds/4MZ2QxHgtB1LGPuhB2vWbJ3 3+0A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=HnAT7iNG; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id bh11-v6si5476103plb.62.2018.02.11.23.14.26; Sun, 11 Feb 2018 23:14:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=HnAT7iNG; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932723AbeBLGAC (ORCPT + 99 others); Mon, 12 Feb 2018 01:00:02 -0500 Received: from mail-it0-f68.google.com ([209.85.214.68]:50415 "EHLO mail-it0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932416AbeBLGAA (ORCPT ); Mon, 12 Feb 2018 01:00:00 -0500 Received: by mail-it0-f68.google.com with SMTP id x128so5403876ite.0; Sun, 11 Feb 2018 21:59:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=rwJxSt55KbNSxZ7arTgtDu77ojAdzWejw601U+UW/Ro=; b=HnAT7iNG7W5KtgJHtdrQx+pSl07il0PfmzigLiMxnWWstTbcbaZHNy98TV3MmWSS1a PdX99rrNKtB71W9d/OH/Zt5Me7i7cmjwgsd1sRt4ecscFHJGZOqPxaxBlakrrGf4x9qC l9uXYXtwQfWHjPQkpWd3lPk7dMbpr0E94GQlU9N6ti6ohDxU5L45qW/GnY0dij/ALIeq SBAynoLyxXUIteR4FZiZ64bS7/nDpMWUNulV+9lI/66OtL76WuhWACbp5fzLOlan/YMN VzNXglSl+ceKXpCkDGG/yTkkOq3a3Y9Cni5kwbhqZ3SDQMiGHQCa3MEMusw6I8zBQyK0 cwbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=rwJxSt55KbNSxZ7arTgtDu77ojAdzWejw601U+UW/Ro=; b=mTOZ28lxqphOARdcUuGzjsraCfIiU7G9MFx06H7IRtQ+Sb0Wj/Hb4eHEhYC6YlVqJ3 qEkiLsJdTwDhSzKtXdC9rKOgm8HiXiG2id9G0rdBHUDCf/L2HeTkxsNdtdHpA9h6GHFY PaTLqf8NMKEMCbj4rFL5fFzYx8lSkZphn5EWTM6bv+VhSlK/Rw7fsjHgsZMss95knojD FG9+6ie4Zvahi8HFTsQXl4V6pPjVLEPmNKsucPfCCki7tW8vZXagxoukcx1zhgPnvP9N gyxrsgNyokNJEyz8geMNdaeCKZSDjKIofyfmrjcGFWQ+PP5rpfnGQ8Gnh7IQeu5VYTsY xH2A== X-Gm-Message-State: APf1xPDHa+9y3fL17k/bLN+hpQOB+zpqjEKpUepCym1Wn6PW8NQZov0v ORN4pg68+RdsiOkM85glj90= X-Received: by 10.36.146.196 with SMTP id l187mr4325861itd.115.1518415199419; Sun, 11 Feb 2018 21:59:59 -0800 (PST) Received: from localhost ([223.227.43.50]) by smtp.gmail.com with ESMTPSA id x28sm8547369ioi.83.2018.02.11.21.59.57 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 11 Feb 2018 21:59:59 -0800 (PST) Date: Mon, 12 Feb 2018 11:29:48 +0530 From: afzal mohammed To: mingo@kernel.org, hpa@zytor.com, tglx@linutronix.de, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, dwmw@amazon.co.uk, peterz@infradead.org Cc: linux-tip-commits@vger.kernel.org Subject: Re: [tip:x86/pti] x86/speculation: Use IBRS if available before calling into firmware Message-ID: <20180212055948.GA3281@afzalpc> References: <1518362359-1005-1-git-send-email-dwmw@amazon.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Sun, Feb 11, 2018 at 11:19:10AM -0800, tip-bot for David Woodhouse wrote: > x86/speculation: Use IBRS if available before calling into firmware > > Retpoline means the kernel is safe because it has no indirect branches. > But firmware isn't, so use IBRS for firmware calls if it's available. afaui, so only retpoline means still mitigation not enough. Also David W has mentioned [1] that even with retpoline, IBPB is also required (except Sky Lake). If IBPB & IBRS is not supported by ucode, shouldn't the below indicate some thing on the lines of Mitigation not enough ? > - return sprintf(buf, "%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], > + return sprintf(buf, "%s%s%s%s\n", spectre_v2_strings[spectre_v2_enabled], > boot_cpu_has(X86_FEATURE_USE_IBPB) ? ", IBPB" : "", > + boot_cpu_has(X86_FEATURE_USE_IBRS_FW) ? ", IBRS_FW" : "", > spectre_v2_module_string()); On 4.16-rc1, w/ GCC 7.3.0, /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline Here for the user (at least for me), it is not clear whether the mitigation is enough. In the present system (Ivy Bridge), as ucode update is not available, IBPB is not printed along with "spectre_v2:Mitigation", so unless i am missing something, till then this system should be considered vulnerable, but for a user not familiar with details of the issue, it cannot be deduced. Perhaps an additional status field [OKAY,PARTIAL] to Mitigation in sysfs might be helpful. All these changes are in the air for me, this is from a user perspective, sorry if my feedback seems idiotic. afzal [1] lkml.kernel.org/r/1516638426.9521.20.camel@infradead.org