Received: by 10.223.185.116 with SMTP id b49csp3276196wrg; Mon, 12 Feb 2018 23:56:48 -0800 (PST) X-Google-Smtp-Source: AH8x224Y6hl4CQ0uaqIzPUotMSM397YJ/rtYsUrpKGAMu0B/FnUym62blJytmC2ix6frsH97NJ+u X-Received: by 10.101.73.72 with SMTP id q8mr326400pgs.66.1518508608350; Mon, 12 Feb 2018 23:56:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518508608; cv=none; d=google.com; s=arc-20160816; b=dmAxLcNT+PsAKK5Y4jZlHPcDNjxm5IOnfiln82vB5hUgtd7mqJwRWpqaLcjXehq8cM 48652ofOdPuxWFEEogPRsmAUGujIHO8oOlWJFKi3fGaPK/RhAOvatmYzgYAKYtChbBsB LtDf23ZUWSu0gdcjndS/ztM7+s+ofhDqwxF1hPMPh1ktIquq9lfaxEJr0RO6pmGJvjPy hmMwbwRdMVxcpLoOOaFtJ5SWa7l4UiLIbIGpY4eGR9Bj/KuvLH4+ytZSU8RwzEUnZ9ha wzlvCuZJ0Sz9k7LpKoKLmVsbslI1K14TgwSa+ffZfNTNKGBTjWDrE+fOlE6pz3ETWg/M kgrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=st0PwtnfIH4oJzlFSrRcNYEUOi8YGiIRb8s/eUa2TPA=; b=nHqsSg2zFxnP1gpXkt7LVmICRe/ZhGRD13T+Jcs6Upnjcx7VLp6EdpQ5CDxh+6+u17 86/eKiu0411UiVf1WJTlQfsJvVQkQp5e7xjdNE8wOO9/A7WJKXGmiw+w1sJXx1W/kmHV rhqgtdjW2aFOVNV5S882tnDfg9d8UdW1GzrC2gLuSR3cDRdtnj++JNhlGS7vAYTyLMAL JMWVeq3axYyBZcy26ZRGCZd2zSwTb/H/K2JllhdpFsqwnHUY4CZgaoR+C21VjmWmKLry bYmw9qul0nsgR+QDF3NKVRZ3z8i9HTozNICFc0WLboFhKdCwyjphgtIfvYQfgiccWhRq oEFA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=MvyDayNY; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y21-v6si696871pll.534.2018.02.12.23.56.32; Mon, 12 Feb 2018 23:56:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=MvyDayNY; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933632AbeBMHzq (ORCPT + 99 others); Tue, 13 Feb 2018 02:55:46 -0500 Received: from mail-wm0-f66.google.com ([74.125.82.66]:55857 "EHLO mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933550AbeBMHzp (ORCPT ); Tue, 13 Feb 2018 02:55:45 -0500 Received: by mail-wm0-f66.google.com with SMTP id a84so2817272wmi.5; Mon, 12 Feb 2018 23:55:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=st0PwtnfIH4oJzlFSrRcNYEUOi8YGiIRb8s/eUa2TPA=; b=MvyDayNYaKCFB24m4OLZ6QKml/2ijP78X0Qlg4F3gv/K7bk+mOX8KVwer8neYQi+8c hD3Pc8ZqXGPijmus7PyV6UvE+QsIanidcLWE1WC2v2JmYYYUyZuF6R9EEn4U2ar647/u UklT2OP2C9jQeXiF0iLOfvuLCNKDs9BRDX8ZY9IRHf9m8gTmIUFG3ZF3jJzq/4Txyu9T 1U+qfE1BcghOXf2Y1A+jGCGLKo86vRgjBSgpq6RDONr/EvUgDH9R5ECSgs/fWQ13E9sn +z0Ak0W946n4kTz5jgJkycdBep7spAUTtlJYmLOwnXMtOmlriqMa4A4MlRFnfNiTgEM+ +UGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to:user-agent; bh=st0PwtnfIH4oJzlFSrRcNYEUOi8YGiIRb8s/eUa2TPA=; b=By0TwCYX0QuVNC+v1C0fAvTJItx9OeoGN31dAwnFixaGdwgRLIO6e+o+xItM9nY/kL J0d3IX8BTXML45cpFF7f9MUIWRP2d3OrD9EuEfBlOZUBLNlbBWCgm+UL0xHCiPfoLCPd a3xH+6vzy3aUfi+CZVDMajnhm5porLcDkdA+iAgqTaIoEwZtlKmDcg+Y3rcvwQMstDPL HbEIOVpyco8pvSTlKouiJtWdv4NXsa/+MWoOWcAoAhaw70l9APFgwKY0yhTCKqLNjPVT EV4G6yShPDQlACBGIQHAJnOVWAoC/8H10XyqF+IPscGGS6eFipL7BPvfDoN77mJv02Qt uFsg== X-Gm-Message-State: APf1xPAWN58CQQzl5Ki3WiS8r507OIlk6LnmHW2mO0mRCXtV4TgyzmXz IfKyKb9B/aVGeoJ3dNrj28c= X-Received: by 10.28.111.132 with SMTP id c4mr482668wmi.54.1518508543797; Mon, 12 Feb 2018 23:55:43 -0800 (PST) Received: from gmail.com (2E8B0CD5.catv.pool.telekom.hu. [46.139.12.213]) by smtp.gmail.com with ESMTPSA id s18sm5258156wrg.49.2018.02.12.23.55.42 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 12 Feb 2018 23:55:42 -0800 (PST) Date: Tue, 13 Feb 2018 08:55:40 +0100 From: Ingo Molnar To: Peter Zijlstra Cc: Dave Hansen , hpa@zytor.com, tglx@linutronix.de, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, dwmw@amazon.co.uk, linux-tip-commits@vger.kernel.org, Borislav Petkov , Arjan van de Ven Subject: Re: [tip:x86/pti] x86/speculation: Use IBRS if available before calling into firmware Message-ID: <20180213075540.3lkikkpgjoe6ocjk@gmail.com> References: <1518362359-1005-1-git-send-email-dwmw@amazon.co.uk> <20180212102211.cdrrqqd4hdw7xu5y@gmail.com> <20180212165835.GO25181@hirez.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180212165835.GO25181@hirez.programming.kicks-ass.net> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Peter Zijlstra wrote: > On Mon, Feb 12, 2018 at 08:13:31AM -0800, Dave Hansen wrote: > > On 02/12/2018 02:22 AM, Ingo Molnar wrote: > > >> +static inline void firmware_restrict_branch_speculation_end(void) > > >> +{ > > >> + alternative_msr_write(MSR_IA32_SPEC_CTRL, 0, > > >> + X86_FEATURE_USE_IBRS_FW); > > > BTW., there's a detail that only occurred to me today, this enabling/disabling > > > sequence is not NMI safe, and it might be called from NMI context: > > > > FWIW, Tim Chen and I talked about this a bunch. We ended up just > > saving/restoring the MSR verbatim in the NMI handler the same way we do > > CR3, stashing it in a high general-purpose-register (r%12?). That costs > > a RDMSR (at least) and an WRMSR (which you can optimize out). We have a > > patch for that somewhere if anybody wants it. > > I would really rather not do that on the NMI path.. And if we _have_ to, > please keep a software shadow of that MSR state, such that we can avoid > touching that MSR 99% of the time. Yeah, I'd rather avoid doing firmware calls from NMI context altogether. Thanks, Ingo