Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp7043792imm;
        Tue, 28 Aug 2018 05:36:49 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdZWiRP/dZ+tiCN0I+cCSXarB8MwEacT7ZRuPSS6tUN2RNpkM7fqMDw53ibQ4heE00KRPbVS
X-Received: by 2002:a63:8b44:: with SMTP id j65-v6mr1383292pge.325.1535459809288;
        Tue, 28 Aug 2018 05:36:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1535459809; cv=none;
        d=google.com; s=arc-20160816;
        b=dp2SGt6GMp+7paazfv272nF7EF09Z4FAYwT2vt2WfWyhAs9rrrlaypFVH05ONUYTfe
         N6RSGJOvEeCkIxgXAD2yZf1ZnAZI3cFlFEYEY5jnFLcN6K7cPyweYdiO/u47ZDa40QIL
         scE4DOktyhxsR1e+w6XknnIEjR46DoPTe5kGFQlnnqQb1dOe01sy/DrwvvhCOTeUVMid
         ZM3RIgb3dtjUMNVju29O2YShlQlzzQ5Al5yLqMYmUsHm/NHCj3GtxQDX/g5HwKTY/b4Y
         3RkaCeX1yGyHlqFJLK3Rwb9nvvrCF0tXBpWnSArHrz7HrUpfzzoCnfOFaNSjrJcMGxFb
         EHBA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date
         :arc-authentication-results;
        bh=K73By4osrUT/n+18yykFnyFlVa8foRZ3wcdPHsjSWUE=;
        b=K+CY0jVzU57xu3Fpb3ncT9nd2kqsLlM4lzfU2mFe/xAsnpw0KwDVSw3sKm7/hkGnVb
         p5qqL6at5yCXhNVgoRfFHaCki/O/N6v/OosM5R61Rz34JvoCj1J4y2ufsg/1Fr5z5u7d
         mFY7Y6apx9m9bmBRYiDuDQXVa5Q5UF5+iQGLgxVr0TOIVemTuSVCOR7uCrg24UMziILS
         XCzoaK05luWJkS4e2demIRvqfwh2YbcnJOwujomMQOk0UKLqsWd3nPshwlH30Mb5R/wL
         sDYGcbRbQnyzLB4z80+iUbjC1PQ0WoQit4Ec23dcviiE9yQbtksNV6XgquLXcTng31od
         j53Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e10-v6si1058267pln.161.2018.08.28.05.36.32;
        Tue, 28 Aug 2018 05:36:49 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727412AbeH1Q0u (ORCPT <rfc822;lans.zhang2008@gmail.com>
        + 99 others); Tue, 28 Aug 2018 12:26:50 -0400
Received: from er-systems.de ([148.251.68.21]:32992 "EHLO er-systems.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726120AbeH1Q0u (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 28 Aug 2018 12:26:50 -0400
Received: from localhost.localdomain (localhost [127.0.0.1])
        by er-systems.de (Postfix) with ESMTP id 2F738D60115;
        Tue, 28 Aug 2018 14:35:19 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on er-systems.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00
        autolearn=ham autolearn_force=no version=3.4.1
Received: from localhost (localhost [127.0.0.1])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by er-systems.de (Postfix) with ESMTPS id E9836D60106;
        Tue, 28 Aug 2018 14:35:18 +0200 (CEST)
Date:   Tue, 28 Aug 2018 14:35:18 +0200 (CEST)
From:   Thomas Voegtle <tv@lio96.de>
X-X-Sender: thomas@er-systems.de
To:     Thomas Gleixner <tglx@linutronix.de>
cc:     x86@kernel.org, LKML <linux-kernel@vger.kernel.org>,
        Ingo Molnar <mingo@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Dave Hansen <dave.hansen@intel.com>
Subject: Re: Apollo Lake with newer microcode: not affected by meltdown
 anymore?
In-Reply-To: <alpine.DEB.2.21.1808281234260.2816@nanos.tec.linutronix.de>
Message-ID: <alpine.LSU.2.21.1808281435050.31480@er-systems.de>
References: <alpine.LSU.2.21.1808281225550.27853@er-systems.de> <alpine.DEB.2.21.1808281234260.2816@nanos.tec.linutronix.de>
User-Agent: Alpine 2.21 (LSU 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
X-Virus-Status: No
X-Virus-Checker-Version: clamassassin 1.2.4 with clamdscan / ClamAV 0.100.1/24880/Tue Aug 28 06:46:22 2018 signatures 58.
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 28 Aug 2018, Thomas Gleixner wrote:

> On Tue, 28 Aug 2018, Thomas Voegtle wrote:
>> Kernel 4.18.5 with old microcode:
>>
>> [    0.000000] microcode: microcode updated early to revision 0x2c, date =
>> 2017-03-25
>> cat /sys/devices/system/cpu/vulnerabilities/meltdown
>> Mitigation: PTI
>>
>>
>> Kernel 4.18.5 with new microcode (microcode-20180807.tgz), same config:
>>
>> [    0.000000] microcode: microcode updated early to revision 0x32, date =
>> 2018-05-11
>> cat /sys/devices/system/cpu/vulnerabilities/meltdown
>> Not affected
>>
>>
>> This happens with 4.14.y and 4.9.y as well.
>>
>> The same with ssb:
>> old microcode: spec_store_bypass:Vulnerable
>> new microcode: spec_store_bypass:Not affected
>>
>> Is this intentional behavior? I have never seen this on other CPUs, such
>> as Gemini Lake or Baytrail, Haswell etc.
>
> Looks like the micro code update has the relevant bits set in the
> IA32_ARCH_CAPABILITIES MSR, which tell the kernel that the CPU is not
> vulnerable. So it seems Intel was able to mitigate the mess in micro code
> for this particular CPU model.

Ah, ok.
Didn't think of the most obvious.
But yes RDCL_NO is set to 1 with the new microcode. Wow.

Thanks and sorry for the noise,

   Thomas