Received: by 10.223.185.116 with SMTP id b49csp3599786wrg;
        Mon, 19 Feb 2018 02:52:12 -0800 (PST)
X-Google-Smtp-Source: AH8x2247OpXKw2UFjGC9ngk9B2SihsixAMPNz4+9wCDhpkn17mP88ejimE1xlZUhzXbXtQRONSdw
X-Received: by 10.101.70.203 with SMTP id n11mr11566584pgr.377.1519037531907;
        Mon, 19 Feb 2018 02:52:11 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519037531; cv=none;
        d=google.com; s=arc-20160816;
        b=Apuatlzto2G4UXP7846dXjlCgF/glvzt5Eft81e1U5DlZ1yHAhoXUFz8yZ6+f1eXb5
         9DkHufKF5L8WeyW2sfSDDQOa6NX/qvBnVFy6p7ZgTeEeYaJPatY+BpC7V6bugA2mnGCu
         goRZL9Q+I4UNBrbutJgTBVGEwD9nSDqa4DfGoGovfxzroHwxztQa+aiW+sp/sxQUSsDQ
         1j04tkI+979dn6O0QDi/SYKZKr7Ny4dddeLW6vrkMMQt6MJwekXr5WeTi42i+rthkpYV
         RvSbZX9y2BJda9xulxQgS2Xz7ZPVspmArUdKfZDyNyaPhZxKDstsFyKLv7DDhNNkjIEe
         iXwg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:to:from
         :dkim-signature:arc-authentication-results;
        bh=iAlFvGr5bkXvEBrVA63dHoMbOy8Vo3t+Fj6nLvGyfvI=;
        b=aWwO12mboQ3mEYouEjPrYdhwqjIi6tLnWbRmDAOfo3J3aT1XqjLaLmYx/dOm2ygwQr
         AGNaW/lNPSdij4jPwC0lnsWRuwsFp506HrZAbphIk21NQOQ471ZN/6QvwGLyorW/lJBG
         lLm/E+3UpqzOtyceQZ+5dBBsiLU/x0217Xza1yOSyx7/eTcxNPtSs4OepK0p20igYJ33
         Bbnk/Oj8y7lDYkJlPY2kPXGEa4n/Qb+qwnrsQ5VR7+HJdN+76BiXdnHF9tD1Qh0+mCgL
         VzfPFBlzvTpCFN4P+X7ebaZfivumhD6OrDbUzyjYt7lHlWjG68NKvkFfN6Ei4GVMX764
         T9gQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=rvbXrgGA;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z61-v6si2911055plb.716.2018.02.19.02.51.57;
        Mon, 19 Feb 2018 02:52:11 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.co.uk header.s=amazon201209 header.b=rvbXrgGA;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.co.uk
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752611AbeBSKvQ (ORCPT <rfc822;uzarths@gmail.com> + 99 others);
        Mon, 19 Feb 2018 05:51:16 -0500
Received: from smtp-fw-4101.amazon.com ([72.21.198.25]:12272 "EHLO
        smtp-fw-4101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752392AbeBSKvO (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 19 Feb 2018 05:51:14 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt;
  s=amazon201209; t=1519037474; x=1550573474;
  h=from:to:subject:date:message-id;
  bh=iAlFvGr5bkXvEBrVA63dHoMbOy8Vo3t+Fj6nLvGyfvI=;
  b=rvbXrgGAXDK0HhP8aF3b6iXb6MieDyEuvnQ9w9X0HH0xebCA1b5dE7Hv
   ThMrEtagOY8RPEg8ikgtOJwIzcuoZxjREhvTwgJk7pkNvH5HXHpUpSvqg
   BuRWi1DHpBa2HWqtXmTIsTb6mNCo+kbw1NIk0TCVHWk5ZPHiLizfuXVA/
   Q=;
X-IronPort-AV: E=Sophos;i="5.46,534,1511827200"; 
   d="scan'208";a="708596422"
Received: from iad6-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-2b-5bdc5131.us-west-2.amazon.com) ([10.124.125.6])
  by smtp-border-fw-out-4101.iad4.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 19 Feb 2018 10:51:11 +0000
Received: from uc8d3ff76b9bc5848a9cc.ant.amazon.com (pdx2-ws-svc-lb17-vlan2.amazon.com [10.247.140.66])
        by email-inbound-relay-2b-5bdc5131.us-west-2.amazon.com (8.14.7/8.14.7) with ESMTP id w1JAp48b105912
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
        Mon, 19 Feb 2018 10:51:06 GMT
Received: from uc8d3ff76b9bc5848a9cc.ant.amazon.com (localhost [127.0.0.1])
        by uc8d3ff76b9bc5848a9cc.ant.amazon.com (8.15.2/8.15.2/Debian-3) with ESMTP id w1JAp35D007952;
        Mon, 19 Feb 2018 10:51:03 GMT
Received: (from dwmw@localhost)
        by uc8d3ff76b9bc5848a9cc.ant.amazon.com (8.15.2/8.15.2/Submit) id w1JAp2bY007949;
        Mon, 19 Feb 2018 10:51:02 GMT
From:   David Woodhouse <dwmw@amazon.co.uk>
To:     tglx@linutronix.de, karahmed@amazon.de, x86@kernel.org,
        kvm@vger.kernel.org, torvalds@linux-foundation.org,
        pbonzini@redhat.com, linux-kernel@vger.kernel.org, bp@alien8.de,
        peterz@infradead.org, jmattson@google.com, rkrcmar@redhat.com,
        arjan.van.de.ven@intel.com, dave.hansen@intel.com, mingo@kernel.org
Subject: [PATCH v3 0/4] Speculation control improvements
Date:   Mon, 19 Feb 2018 10:50:53 +0000
Message-Id: <1519037457-7643-1-git-send-email-dwmw@amazon.co.uk>
X-Mailer: git-send-email 2.7.4
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On CPUs which advertise IBRS_ALL, enable it and disable the retpoline
as IBRS_ALL will be faster. Guests which still frob IBRS on every kernel
entry/exit will trap and the MSR access will be emulated, but this should
not be any slower than what they *thought* they were doing anyway. If
Paolo genuinely cares about such guests, a later patch can attempt to
optimise this somehow. As long as it doesn't penalise the host and the
other guests while it's at it.

Also use IBRS whenever it's available before calling into firmware at
runtime.

Revert another bikeshedding patch that was broken, and add support for
retpoline builds with clang.

---
v2: Remember to export spectre_v2_enabled
v3: No changes; just rebase to current tip/x86/pti and clarify the state
    of the discussion about SPEC_CTRL trapping for IBRS_ALL.

David Woodhouse (4):
  x86/speculation: Use IBRS if available before calling into firmware
  x86/speculation: Support "Enhanced IBRS" on future CPUs
  Revert "x86/retpoline: Simplify vmexit_fill_RSB()"
  x86/retpoline: Support retpoline build with Clang

 arch/x86/Makefile                     |   5 +-
 arch/x86/entry/entry_32.S             |   3 +-
 arch/x86/entry/entry_64.S             |   3 +-
 arch/x86/include/asm/apm.h            |   6 ++
 arch/x86/include/asm/asm-prototypes.h |   3 -
 arch/x86/include/asm/cpufeatures.h    |   1 +
 arch/x86/include/asm/efi.h            |  17 ++++-
 arch/x86/include/asm/nospec-branch.h  | 118 +++++++++++++++++++++++++++++-----
 arch/x86/kernel/cpu/bugs.c            |  27 +++++++-
 arch/x86/kvm/vmx.c                    |  31 +++++----
 arch/x86/lib/Makefile                 |   1 -
 arch/x86/lib/retpoline.S              |  56 ----------------
 include/linux/compiler-clang.h        |   5 ++
 include/linux/compiler-gcc.h          |   4 ++
 include/linux/init.h                  |   8 +--
 15 files changed, 186 insertions(+), 102 deletions(-)

-- 
2.7.4