Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp8039196imu;
        Tue, 4 Dec 2018 01:44:16 -0800 (PST)
X-Google-Smtp-Source: AFSGD/XrBKDV8bIRoYbZ4U/v9r4SLF5XS/JBBP5BjSorZY9f0aqtzPtnrZXpRcEIsp2rN1TlHm5d
X-Received: by 2002:a62:11c7:: with SMTP id 68mr19291140pfr.21.1543916656106;
        Tue, 04 Dec 2018 01:44:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1543916656; cv=none;
        d=google.com; s=arc-20160816;
        b=hPnMl+1G4kK/3+nOH27eoHt70It4PcM6n4h0WYewQDheRIBgTndMCx7IQgAI5l9FQb
         PUvEQBo2cEikcOeaJ7/2vzLax59xmhYN1ggxLhIVXFqI/9c+DDstmOf89PmjT+D/+2jd
         1Hgv1kPFL0/7gqje7aCLkivm9fIKDmHLuAGyl3hpig9WabqE0L6XH+aLwJnrSepkV7WL
         uaCB0AuUhFVqoey2Bt3ueX/ZeGVosWDe4zazERXR0++NO5bUVN9ja6Nc9f9IfK8oC/fa
         /SNqeWrIBiofUbmkWrRvtm2+y6uLfdUnJN0pNyiYvQGPQwe8XYvkV62Rpvmw3gJ9kkRB
         wl4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject;
        bh=TTJppStyCPDNRb5TqFhfCULFEnYWoCVfFCvHvby4r3c=;
        b=iGUug7mFhqFoj+0AzK5sXTpN/l80WL7CX+ei9YpwBYEsQu6GFvgT/HxOl5Q8QBFNMW
         wHIRWccyn7Cq5KyjtCvDcFW2giRudKN6rgUOzZt4+ypxuSrkjNtqrdWus0PWLDdrkT9p
         jLvxzeiACmJ5bXjUbSRMqQR7FRLxcTowM3vrsu/TxjJ4xC6SSQXWYmNW5ErQ4IioFEJB
         XQl+Beswk6aIQPXHwNq803lXW7fvWJjDFbuPPgmuE1zsD9qp5QkocuEtFxJKqqXmfNik
         YcktAYsEgg1Ez7L47ctYQoNGvgukWtwqqbnxIl8eLulE9JeaZ3agtNeozhp19BKjxT32
         +1cA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k62si17282688pfc.208.2018.12.04.01.44.00;
        Tue, 04 Dec 2018 01:44:16 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1725855AbeLDJn0 (ORCPT <rfc822;zzmahb@gmail.com> + 99 others);
        Tue, 4 Dec 2018 04:43:26 -0500
Received: from mga12.intel.com ([192.55.52.136]:6663 "EHLO mga12.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725764AbeLDJnZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 Dec 2018 04:43:25 -0500
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga001.jf.intel.com ([10.7.209.18])
  by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Dec 2018 01:43:24 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.56,313,1539673200"; 
   d="scan'208";a="115807853"
Received: from avandeve-mobl.amr.corp.intel.com (HELO [10.251.82.99]) ([10.251.82.99])
  by orsmga001.jf.intel.com with ESMTP; 04 Dec 2018 01:43:18 -0800
Subject: Re: [patch V2 27/28] x86/speculation: Add seccomp Spectre v2 user
 space protection mode
To:     Jiri Kosina <jikos@kernel.org>,
        Tim Chen <tim.c.chen@linux.intel.com>
Cc:     Linus Torvalds <torvalds@linux-foundation.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Linux List Kernel Mailing <linux-kernel@vger.kernel.org>,
        the arch/x86 maintainers <x86@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Andrew Lutomirski <luto@kernel.org>, thomas.lendacky@amd.com,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Andi Kleen <ak@linux.intel.com>, dave.hansen@intel.com,
        Casey Schaufler <casey.schaufler@intel.com>,
        "Mallick, Asit K" <asit.k.mallick@intel.com>, jcm@redhat.com,
        longman9394@gmail.com, Greg KH <gregkh@linuxfoundation.org>,
        david.c.stewart@intel.com, Kees Cook <keescook@chromium.org>,
        Jason Brandt <jason.w.brandt@intel.com>
References: <20181125183328.318175777@linutronix.de>
 <20181125185006.051663132@linutronix.de>
 <CAHk-=whtiX45YPjFPMFuktZ3WB23zqBZR-rL6RewrTyvrFj2Fw@mail.gmail.com>
 <f4b903ef-828c-0b05-29c6-6f71677d120d@linux.intel.com>
 <nycvar.YFH.7.76.1812040937440.17216@cbobk.fhfr.pm>
From:   Arjan van de Ven <arjan@linux.intel.com>
Message-ID: <d5a6f813-d5d1-ae79-fc73-9f8fafccf407@linux.intel.com>
Date:   Tue, 4 Dec 2018 10:43:17 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <nycvar.YFH.7.76.1812040937440.17216@cbobk.fhfr.pm>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

>> On processors with enhanced IBRS support, we recommend setting IBRS to 1
>> and left set.
> 
> Then why doesn't CPU with EIBRS support acutally *default* to '1', with
> opt-out possibility for OS?

the BIOSes could indeed get this set up this way.

do you want to trust the bios to get it right?