Received: by 10.223.185.116 with SMTP id b49csp3276196wrg;
        Mon, 12 Feb 2018 23:56:48 -0800 (PST)
X-Google-Smtp-Source: AH8x224Y6hl4CQ0uaqIzPUotMSM397YJ/rtYsUrpKGAMu0B/FnUym62blJytmC2ix6frsH97NJ+u
X-Received: by 10.101.73.72 with SMTP id q8mr326400pgs.66.1518508608350;
        Mon, 12 Feb 2018 23:56:48 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1518508608; cv=none;
        d=google.com; s=arc-20160816;
        b=dmAxLcNT+PsAKK5Y4jZlHPcDNjxm5IOnfiln82vB5hUgtd7mqJwRWpqaLcjXehq8cM
         48652ofOdPuxWFEEogPRsmAUGujIHO8oOlWJFKi3fGaPK/RhAOvatmYzgYAKYtChbBsB
         LtDf23ZUWSu0gdcjndS/ztM7+s+ofhDqwxF1hPMPh1ktIquq9lfaxEJr0RO6pmGJvjPy
         hmMwbwRdMVxcpLoOOaFtJ5SWa7l4UiLIbIGpY4eGR9Bj/KuvLH4+ytZSU8RwzEUnZ9ha
         wzlvCuZJ0Sz9k7LpKoKLmVsbslI1K14TgwSa+ffZfNTNKGBTjWDrE+fOlE6pz3ETWg/M
         kgrQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=st0PwtnfIH4oJzlFSrRcNYEUOi8YGiIRb8s/eUa2TPA=;
        b=nHqsSg2zFxnP1gpXkt7LVmICRe/ZhGRD13T+Jcs6Upnjcx7VLp6EdpQ5CDxh+6+u17
         86/eKiu0411UiVf1WJTlQfsJvVQkQp5e7xjdNE8wOO9/A7WJKXGmiw+w1sJXx1W/kmHV
         rhqgtdjW2aFOVNV5S882tnDfg9d8UdW1GzrC2gLuSR3cDRdtnj++JNhlGS7vAYTyLMAL
         JMWVeq3axYyBZcy26ZRGCZd2zSwTb/H/K2JllhdpFsqwnHUY4CZgaoR+C21VjmWmKLry
         bYmw9qul0nsgR+QDF3NKVRZ3z8i9HTozNICFc0WLboFhKdCwyjphgtIfvYQfgiccWhRq
         oEFA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=MvyDayNY;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y21-v6si696871pll.534.2018.02.12.23.56.32;
        Mon, 12 Feb 2018 23:56:48 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=MvyDayNY;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S933632AbeBMHzq (ORCPT <rfc822;gklkml16@gmail.com> + 99 others);
        Tue, 13 Feb 2018 02:55:46 -0500
Received: from mail-wm0-f66.google.com ([74.125.82.66]:55857 "EHLO
        mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S933550AbeBMHzp (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 13 Feb 2018 02:55:45 -0500
Received: by mail-wm0-f66.google.com with SMTP id a84so2817272wmi.5;
        Mon, 12 Feb 2018 23:55:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=st0PwtnfIH4oJzlFSrRcNYEUOi8YGiIRb8s/eUa2TPA=;
        b=MvyDayNYaKCFB24m4OLZ6QKml/2ijP78X0Qlg4F3gv/K7bk+mOX8KVwer8neYQi+8c
         hD3Pc8ZqXGPijmus7PyV6UvE+QsIanidcLWE1WC2v2JmYYYUyZuF6R9EEn4U2ar647/u
         UklT2OP2C9jQeXiF0iLOfvuLCNKDs9BRDX8ZY9IRHf9m8gTmIUFG3ZF3jJzq/4Txyu9T
         1U+qfE1BcghOXf2Y1A+jGCGLKo86vRgjBSgpq6RDONr/EvUgDH9R5ECSgs/fWQ13E9sn
         +z0Ak0W946n4kTz5jgJkycdBep7spAUTtlJYmLOwnXMtOmlriqMa4A4MlRFnfNiTgEM+
         +UGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:date:from:to:cc:subject:message-id
         :references:mime-version:content-disposition:in-reply-to:user-agent;
        bh=st0PwtnfIH4oJzlFSrRcNYEUOi8YGiIRb8s/eUa2TPA=;
        b=By0TwCYX0QuVNC+v1C0fAvTJItx9OeoGN31dAwnFixaGdwgRLIO6e+o+xItM9nY/kL
         J0d3IX8BTXML45cpFF7f9MUIWRP2d3OrD9EuEfBlOZUBLNlbBWCgm+UL0xHCiPfoLCPd
         a3xH+6vzy3aUfi+CZVDMajnhm5porLcDkdA+iAgqTaIoEwZtlKmDcg+Y3rcvwQMstDPL
         HbEIOVpyco8pvSTlKouiJtWdv4NXsa/+MWoOWcAoAhaw70l9APFgwKY0yhTCKqLNjPVT
         EV4G6yShPDQlACBGIQHAJnOVWAoC/8H10XyqF+IPscGGS6eFipL7BPvfDoN77mJv02Qt
         uFsg==
X-Gm-Message-State: APf1xPAWN58CQQzl5Ki3WiS8r507OIlk6LnmHW2mO0mRCXtV4TgyzmXz
        IfKyKb9B/aVGeoJ3dNrj28c=
X-Received: by 10.28.111.132 with SMTP id c4mr482668wmi.54.1518508543797;
        Mon, 12 Feb 2018 23:55:43 -0800 (PST)
Received: from gmail.com (2E8B0CD5.catv.pool.telekom.hu. [46.139.12.213])
        by smtp.gmail.com with ESMTPSA id s18sm5258156wrg.49.2018.02.12.23.55.42
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Mon, 12 Feb 2018 23:55:42 -0800 (PST)
Date:   Tue, 13 Feb 2018 08:55:40 +0100
From:   Ingo Molnar <mingo@kernel.org>
To:     Peter Zijlstra <peterz@infradead.org>
Cc:     Dave Hansen <dave@sr71.net>, hpa@zytor.com, tglx@linutronix.de,
        torvalds@linux-foundation.org, linux-kernel@vger.kernel.org,
        dwmw@amazon.co.uk, linux-tip-commits@vger.kernel.org,
        Borislav Petkov <bp@alien8.de>,
        Arjan van de Ven <arjan@infradead.org>
Subject: Re: [tip:x86/pti] x86/speculation: Use IBRS if available before
 calling into firmware
Message-ID: <20180213075540.3lkikkpgjoe6ocjk@gmail.com>
References: <1518362359-1005-1-git-send-email-dwmw@amazon.co.uk>
 <tip-670c3e8da87fa4046a55077b1409cf250865a203@git.kernel.org>
 <20180212102211.cdrrqqd4hdw7xu5y@gmail.com>
 <a85c28b8-1255-3264-bb4a-89e85e3c6009@sr71.net>
 <20180212165835.GO25181@hirez.programming.kicks-ass.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180212165835.GO25181@hirez.programming.kicks-ass.net>
User-Agent: NeoMutt/20170609 (1.8.3)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


* Peter Zijlstra <peterz@infradead.org> wrote:

> On Mon, Feb 12, 2018 at 08:13:31AM -0800, Dave Hansen wrote:
> > On 02/12/2018 02:22 AM, Ingo Molnar wrote:
> > >> +static inline void firmware_restrict_branch_speculation_end(void)
> > >> +{
> > >> +	alternative_msr_write(MSR_IA32_SPEC_CTRL, 0,
> > >> +			      X86_FEATURE_USE_IBRS_FW);
> > > BTW., there's a detail that only occurred to me today, this enabling/disabling 
> > > sequence is not NMI safe, and it might be called from NMI context:
> > 
> > FWIW, Tim Chen and I talked about this a bunch.  We ended up just
> > saving/restoring the MSR verbatim in the NMI handler the same way we do
> > CR3, stashing it in a high general-purpose-register (r%12?).  That costs
> > a RDMSR (at least) and an WRMSR (which you can optimize out).  We have a
> > patch for that somewhere if anybody wants it.
> 
> I would really rather not do that on the NMI path.. And if we _have_ to,
> please keep a software shadow of that MSR state, such that we can avoid
> touching that MSR 99% of the time.

Yeah, I'd rather avoid doing firmware calls from NMI context altogether.

Thanks,

	Ingo