Received: by 10.223.185.116 with SMTP id b49csp424593wrg; Wed, 14 Feb 2018 00:58:54 -0800 (PST) X-Google-Smtp-Source: AH8x226L3Pkir65Tga4hTBsitP9oYDKzZDcmhgBkd6y3q/1fbvNa53eurt3D5JLElxSralW63XMj X-Received: by 2002:a17:902:aa8e:: with SMTP id d14-v6mr3701311plr.94.1518598734457; Wed, 14 Feb 2018 00:58:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518598734; cv=none; d=google.com; s=arc-20160816; b=dRuk0+vlPtSI1ML3eoPq8hJ+xNCiowLaSro+syN6XW+qmRZVqwy4OHHbSBwb8qx8ch VyayrcGvtTLVI1rYohC3p9bplLsz06L6fvsiGEiF40KZMGesTgYqM0aIjgqe26UrZLbc NmsOOATH80sUCuMN+UH1EhVaU4oaOhZB64khT38MFgR+zFWYPa1lmDAD7mw/zL7sLM1w fsnaTev8sD+62AYCYvMeI08sn1k2LAr/90sYtdVTJvV6VPwjbQvqrpo/oRDjRvtxsEiJ WXKawq/+CX3psTht9WB9+ig1Fd8Xtup2KNOwlxNislIQ9KKUKa3FRz9TM/nlMwekzEEm ugCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=FzAgDo+LtWREiSB3C3ulwz/WClC6hvYTIxCftUYTQ7I=; b=imRDR3j0qNk1/26oNXpJWfa656ieT1uxbhsWqq6auVsylpykAorHPD4O3pRB4KPf/u hbFS2tlwmLuWqeNx+ww6fp5XoIuhWaW9bFJQG2NnbQtDZdBc8v05wa6hiFiTwgg97n6b yr1rQ8oHs7F/ZJySX5emilUVo+GOVPMwIxLoXta73jqc2xAnLP2OhrvaSWNifU6gjEFT 30dIo3FOFhKr9hZpCcYcLDfVhL0LtYH9lgUjRfPBz9ePHvKRHtXZcW3lwwGb5SOPWqkN n4y6nlTOlEgY0rkylhOmMN7e+g1Flhjqm2qpwWsIUQSchJjIJG6xmH0j+X7s5JErjx/N 8zeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=NPx8O8IF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f5si943035pgo.320.2018.02.14.00.58.40; Wed, 14 Feb 2018 00:58:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=NPx8O8IF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754693AbeBNI5t (ORCPT + 99 others); Wed, 14 Feb 2018 03:57:49 -0500 Received: from merlin.infradead.org ([205.233.59.134]:38712 "EHLO merlin.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754400AbeBNI5r (ORCPT ); Wed, 14 Feb 2018 03:57:47 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=merlin.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=FzAgDo+LtWREiSB3C3ulwz/WClC6hvYTIxCftUYTQ7I=; b=NPx8O8IFE6gXM2pVWwXAMAqgg p2WlRMHjLObw9jKKeD9AlI8T3OE48qokpztg+4kHuiArvMa/rrx+KR21PPSjdovizthLt+zruU52c /v+SBug/a/Yrxsk1HGvpQdpN76ojsjfbNTxRxNyneeLjcr/PLgRC0dz+aVykV1suYtlg4H8ZhTGz7 7TC54lPTnvPUaok3dex0IjBeUom5nHOKIMJpZVVjekDVaGfgA3skqqIKuz87EAf/6nxjf6XFqUj+3 169q1N7GvKyj1TU09qjZy2ilE9MdZ6Z/VH5eSDK+aiRYmiI/3iEmGIF/AbeZ3Iqd0UuizI+1fNQbe GmqTNxq9w==; Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=hirez.programming.kicks-ass.net) by merlin.infradead.org with esmtpsa (Exim 4.89 #1 (Red Hat Linux)) id 1elssg-00013v-D4; Wed, 14 Feb 2018 08:57:34 +0000 Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 23079201FB4F4; Wed, 14 Feb 2018 09:57:32 +0100 (CET) Date: Wed, 14 Feb 2018 09:57:32 +0100 From: Peter Zijlstra To: Tim Chen Cc: Ingo Molnar , Dave Hansen , hpa@zytor.com, tglx@linutronix.de, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, dwmw@amazon.co.uk, linux-tip-commits@vger.kernel.org, Borislav Petkov , Arjan van de Ven Subject: Re: [tip:x86/pti] x86/speculation: Use IBRS if available before calling into firmware Message-ID: <20180214085732.GJ25235@hirez.programming.kicks-ass.net> References: <1518362359-1005-1-git-send-email-dwmw@amazon.co.uk> <20180212102211.cdrrqqd4hdw7xu5y@gmail.com> <20180212165835.GO25181@hirez.programming.kicks-ass.net> <20180213075540.3lkikkpgjoe6ocjk@gmail.com> <5c3ba123-abbe-f153-7b75-a89d31d25c72@linux.intel.com> <20180214085614.GT25181@hirez.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180214085614.GT25181@hirez.programming.kicks-ass.net> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 14, 2018 at 09:56:14AM +0100, Peter Zijlstra wrote: > On Tue, Feb 13, 2018 at 05:49:47PM -0800, Tim Chen wrote: > > > static inline void firmware_restrict_branch_speculation_start(void) > > { > > + if (this_cpu_inc_return(spec_ctrl_ibrs_fw_depth) == 1) > > + alternative_msr_write(MSR_IA32_SPEC_CTRL, SPEC_CTRL_IBRS, > > X86_FEATURE_USE_IBRS_FW); > > } > > > > static inline void firmware_restrict_branch_speculation_end(void) > > { > > + if (this_cpu_dec_return(spec_ctrl_ibrs_fw_depth) == 0) > > + alternative_msr_write(MSR_IA32_SPEC_CTRL, 0, > > + X86_FEATURE_USE_IBRS_FW); > > } > > > At the very least this must disable and re-enable preemption, such that > we guarantee we inc/dec the same counter. ISTR some firmware calls (EFI) > actually are preemptible so that wouldn't work. > > Further, consider: > > this_cpu_inc_return() // 0->1 > > this_cpu_inc_return() // 1->2 > call_broken_arse_firmware() > this_cpu_dec_return() // 2->1 > > wrmsr(SPEC_CTRL, IBRS); > > /* from dodgy firmware crap */ s/from/more/ typing hard. > this_cpu_dec_return() // 1->0 > wrmsr(SPEC_CTRL, 0);