Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp1684608imm;
        Tue, 2 Oct 2018 12:11:15 -0700 (PDT)
X-Google-Smtp-Source: ACcGV60JIX0jG8euxh5cIJ5ko0kSJH0/km2Zovd22FrpDpXR9piAl8wFVcUpWpIlVm71KrL5kDLk
X-Received: by 2002:a62:5c03:: with SMTP id q3-v6mr17966638pfb.182.1538507475345;
        Tue, 02 Oct 2018 12:11:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1538507475; cv=none;
        d=google.com; s=arc-20160816;
        b=pujKClFSiYd10qk7bffUFk0Nvf4WAkmZ7nX8QzuBvJKS3YpzVRRi/Yk9mnXTvjctKf
         RvZ7bMtDrsAlHEm11mD0ev/dRgonUze6NRtz1O2Uw5DWdrHh+YBYzKj7UyrMr78lAH0c
         +Liw2GcdLzbOrjJSNshuA7va08bnpece9NktjWLUYyU0CMz31ZyzdXbHXDTvIUskYzUk
         XJlMT6ltGZLUX8B9P0tnYSLVvxiyc3WSUysDQY148sqHF0Aj7BVFkIb2pmLLRPZyAAW+
         Di+lFDTvI3fWZ9lfGGW+bJKXbkaXFFSqJKcVh7scK8anntHIEyvw0A2H9tM49UXwZ0tO
         3S/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date;
        bh=GJhmI9sfRX3TfAR6C3eijrCb923fvM6vSIlZNOJta7E=;
        b=vnktWA9G3EYckuzdh73pE/T5S0xrabmY1qr6ML4tt7y8b4d4/JbKHY5QZcBhKJ+FUy
         LOfsB9SI3BmjiAnfr6m3Y8RsI/iUoSPJ7Zbz6MiSG4Pd3nkXqkBMmHpi/u5VLqpRk0eO
         05TrirXnhqtvaNgkpgJwI0Xspc1eY/81I0dQc5qcUdOMjOv3IzTmJNWCQVOc/LdMdpF9
         NuVxChcYK2OdUkSAJlTGMJeXEByj1bRp1GAnePTUSP8W5NorDi42JM6kmduhMsPX2d7m
         aNaJNHdWqfS5/7C1ngWHrkWPb56usHz/dc8Pm7SVh1UOP6yHU2fEl+Qi0yPRRf9xyyI0
         NtJg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i23-v6si817470pfj.269.2018.10.02.12.10.59;
        Tue, 02 Oct 2018 12:11:15 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727631AbeJCBzn (ORCPT <rfc822;huangweiredhat@gmail.com>
        + 99 others); Tue, 2 Oct 2018 21:55:43 -0400
Received: from Galois.linutronix.de ([146.0.238.70]:60845 "EHLO
        Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726781AbeJCBzn (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 2 Oct 2018 21:55:43 -0400
Received: from p5492e4c1.dip0.t-ipconnect.de ([84.146.228.193] helo=nanos)
        by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
        (Exim 4.80)
        (envelope-from <tglx@linutronix.de>)
        id 1g7Q45-0001cA-52; Tue, 02 Oct 2018 21:10:37 +0200
Date:   Tue, 2 Oct 2018 21:10:36 +0200 (CEST)
From:   Thomas Gleixner <tglx@linutronix.de>
To:     Tim Chen <tim.c.chen@linux.intel.com>
cc:     Jiri Kosina <jikos@kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Ingo Molnar <mingo@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Andi Kleen <ak@linux.intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        Casey Schaufler <casey.schaufler@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Jon Masters <jcm@redhat.com>, linux-kernel@vger.kernel.org,
        x86@kernel.org
Subject: Re: [Patch v2 2/4] x86/speculation: Provide application property
 based STIBP protection
In-Reply-To: <ce0454aa84320b34de5b00058a56daefdd817e22.1537920575.git.tim.c.chen@linux.intel.com>
Message-ID: <alpine.DEB.2.21.1810022104480.1435@nanos.tec.linutronix.de>
References: <cover.1537920575.git.tim.c.chen@linux.intel.com> <ce0454aa84320b34de5b00058a56daefdd817e22.1537920575.git.tim.c.chen@linux.intel.com>
User-Agent: Alpine 2.21 (DEB 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
X-Linutronix-Spam-Score: -1.0
X-Linutronix-Spam-Level: -
X-Linutronix-Spam-Status: No , -1.0 points, 5.0 required,  ALL_TRUSTED=-1,SHORTCIRCUIT=-0.0001
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 25 Sep 2018, Tim Chen wrote:

> This patch provides an application property based spectre_v2

# git grep 'This patch' Documentation/process/

> protection with STIBP against attack from another app from

s/app/application/ please. This is not android.

> a sibling hyper-thread.  For security sensitive non-dumpable
> app, STIBP will be turned on before switching to it for Intel
> processors vulnerable to spectre_v2.

What has this to do with Intel processors?

> -static __always_inline void intel_set_ssb_state(unsigned long tifn)
> +static __always_inline void set_spec_ctrl_state(unsigned long tifn)
>  {
> -	u64 msr = x86_spec_ctrl_base | ssbd_tif_to_spec_ctrl(tifn);
> +	u64 msr = x86_spec_ctrl_base;
> +
> +	if (static_cpu_has(X86_FEATURE_SSBD))
> +		msr |= ssbd_tif_to_spec_ctrl(tifn);
> +
> +	if (cpu_smt_control == CPU_SMT_ENABLED)
> +		msr |= stibp_tif_to_spec_ctrl(tifn);

Oh no. We are not adding yet another conditional into switch to. Either
that's done unconditionally or this wants to have a static key.

>  	wrmsrl(MSR_IA32_SPEC_CTRL, msr);

Thanks,

	tglx