Received: by 10.223.185.116 with SMTP id b49csp3278485wrg; Mon, 12 Feb 2018 23:59:37 -0800 (PST) X-Google-Smtp-Source: AH8x227uFXDkvtib+QNz4RLD6FSV/Xtsy2G1KNdb3O5bAwObbBGnloAgUL2J0JgJCvp3JXV0cucu X-Received: by 2002:a17:902:8307:: with SMTP id bd7-v6mr315263plb.369.1518508776936; Mon, 12 Feb 2018 23:59:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518508776; cv=none; d=google.com; s=arc-20160816; b=atD/kwvsJTBL/rSBCfBTj0ICorYHL+R1yr7KBk/AdngbJOsJR1F9Wi8HWbENdr1+B0 ketJuXBCZ7MSVUGsR9oZdDPdeL4i7eWOLyKZf4TJg7qWZPfbj3XpdYcP4OtPDJqW3/JM i5pGfIjHBQFXe1+VKvZxgKM1KM9Y6B7VqyciPeJ+USkBCjnWa7L9Som7n2IoIM4wzZul z2slJW3esiZqcCw6tqGweulRZwG8tO6K5rTWjHbRw0ZeN0Cgl6ikpU5K9bpQ/DDszmLC /vpu0+rN+dZYFuiDFZ2ut3bQSTcomGOxb62/0W3GeNfmLgqE5ExJzdWHjxq9ZRbzCHKI ZUSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=z/Ps6YRO6GY8xkScn9X2uKkwN/pqLhk/+wMag84zY2Y=; b=oWNziOGBpDDDY/S/wswwBXSQCY3b2gspyAjbK7vYo0WPQP/SC6alxmurR4D2h5yYqz LM4sRk9qGWWqiT/VmXTlRtjvPAXdmB5bT2m+rYBaTY40kpBoCulHDd7nVKxo9Jehnywa njLO5HeYSuDnshgiRAgo65BMUF9MEKDuDGS+ZKsmh5eTw66dAmRyIHjFpkO/JxPROrW2 Dc0hDPmX/RIS41iOkr5KuDXe/W5rWZMWJbBT7GeU5xmbjO8YGh/byFIdZaHQSBZR6QHN v7P0Dde+ghJRW1IAHCZBLan0DHicN0Oc4Rl1uMkY5NjS+7rTVfXKXe/+blK+YFwrlfWg G8+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=j9KPSt20; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f7si849424pgt.231.2018.02.12.23.59.22; Mon, 12 Feb 2018 23:59:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=j9KPSt20; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933690AbeBMH6a (ORCPT + 99 others); Tue, 13 Feb 2018 02:58:30 -0500 Received: from mail-wm0-f68.google.com ([74.125.82.68]:35023 "EHLO mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933656AbeBMH62 (ORCPT ); Tue, 13 Feb 2018 02:58:28 -0500 Received: by mail-wm0-f68.google.com with SMTP id r78so14347707wme.0; Mon, 12 Feb 2018 23:58:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=z/Ps6YRO6GY8xkScn9X2uKkwN/pqLhk/+wMag84zY2Y=; b=j9KPSt20E0GCMETxRiOu7S85OgAsyabOulauEvGUFCJNj+0C0oaH9HHeB29qCE/Oaf x4DiZE1K+PehlsrRes+NiS8sFwVxsxg325aX6GOAE3C9wMgIBA3bD0CFPCrUuljiXHsH 87G41R6cl/ZAizmNb3eJvcG3OPCe8e9sdoswoq2MrwU922ddD4yaf2/JJFujtPQXaDNa smrWoDuYRnOqAezN3/n0JhVX16xdePW7+JjcatQ7aMymh1gdv/OodzLd0hAQ9ne59Pf6 C1siOvJp4GDzCo47WTW6AODJp//uEaPoHfJhROnY4sQw5z3aiF/ugiLlh4j089xR9ljQ r02Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition :content-transfer-encoding:in-reply-to:user-agent; bh=z/Ps6YRO6GY8xkScn9X2uKkwN/pqLhk/+wMag84zY2Y=; b=pqgg7IIi6jV8H1Wzxt2R7A3UEZxWAp4Xvd4jzGq+6JOy+j/FQ2lnd2PhNrPyTwFYM0 VXJc9/uwAsgRATK7un0rpGy06um+32+tfLU8T6NZ5BefM5P6nFGcK0FrRcMPddCf9R6Q RBUHLJkym73ybmBTUPksjU5D+s1qTf09DsdmljPPaz5H1xSa+bi9opMtDfVJbjiyye2G kJq2bX8q8GC2FoRDNBtI469f4nmViz1cXBrBQk5aDPCIc91IvYE/4Jk9ZkUhLr1wYT1t e2WtofZ9CMJ9DgnMI6O15RjQ+jK/UQ83gEqGJW1DzL7CPutAzH5LcpAaEZ1V+MsV1vJb nmqg== X-Gm-Message-State: APf1xPAbltcxQc+88UVCOcYHbmMkffdSarGyZFzWGU66ZewmHWtkfnUB z7TnWiOkdxL5JnLj5eWQCF8= X-Received: by 10.28.236.24 with SMTP id k24mr483204wmh.8.1518508707533; Mon, 12 Feb 2018 23:58:27 -0800 (PST) Received: from gmail.com (2E8B0CD5.catv.pool.telekom.hu. [46.139.12.213]) by smtp.gmail.com with ESMTPSA id m86sm8677996wmi.40.2018.02.12.23.58.26 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 12 Feb 2018 23:58:26 -0800 (PST) Date: Tue, 13 Feb 2018 08:58:24 +0100 From: Ingo Molnar To: David Woodhouse Cc: Peter Zijlstra , Thomas Mingarelli , hpa@zytor.com, tglx@linutronix.de, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, linux-tip-commits@vger.kernel.org, Dave Hansen , Borislav Petkov , Arjan van de Ven Subject: Re: [tip:x86/pti] x86/speculation: Use IBRS if available before calling into firmware Message-ID: <20180213075824.ucnn3aef76jbfu4m@gmail.com> References: <1518362359-1005-1-git-send-email-dwmw@amazon.co.uk> <20180212102211.cdrrqqd4hdw7xu5y@gmail.com> <20180212115002.GI25181@hirez.programming.kicks-ass.net> <1518438439.6606.36.camel@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1518438439.6606.36.camel@infradead.org> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * David Woodhouse wrote: > On Mon, 2018-02-12 at 12:50 +0100, Peter Zijlstra wrote: > > On Mon, Feb 12, 2018 at 11:22:11AM +0100, Ingo Molnar wrote: > > > > +static inline void firmware_restrict_branch_speculation_start(void) > > > > +{ > > > > +???alternative_msr_write(MSR_IA32_SPEC_CTRL, SPEC_CTRL_IBRS, > > > > +???????????????????????? X86_FEATURE_USE_IBRS_FW); > > > > +} > > > > + > > > > +static inline void firmware_restrict_branch_speculation_end(void) > > > > +{ > > > > +???alternative_msr_write(MSR_IA32_SPEC_CTRL, 0, > > > > +???????????????????????? X86_FEATURE_USE_IBRS_FW); > > >? > > > BTW., there's a detail that only occurred to me today, this enabling/disabling? > > > sequence is not NMI safe, and it might be called from NMI context: > > > > Wait, we're doing firmware from NMI? That sounds like a _REALLY_ bad > > idea. > > And spin_lock_irqsave() too. Which is probably why I missed the fact > that this was being called in NMI context. > > Yay for HP and their persistent attempts to "value subtract" in their > firmware offerings. > > I'm tempted to drop that part of the patch and declare that if you're > using this driver, the potential for stray branch prediction when you > call into the firmware from the NMI handler is the *least* of your > problems. > > I *will* go back over the other parts of the patch and audit them for > preempt safety though; there could potentially be a similar issue > there. I think I put them close enough to the actual firmware calls > that if we aren't already preempt-safe then we were screwed anyway, but > *maybe* there's merit in making the macros explicitly bump the preempt > count anyway. Ok, meanwhile I'm removing this patch from the x86/pti branch, and since the branch has to be rebased anyway, I'll merge these into a single patch: 85d8426e0720: x86/speculation: Correct Speculation Control microcode blacklist again 1751342095f0: x86/speculation: Update Speculation Control microcode blacklist Thanks, Ingo