Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp8041883imu;
        Tue, 4 Dec 2018 01:47:40 -0800 (PST)
X-Google-Smtp-Source: AFSGD/XTKTZsPl/TINzsIfHLO/ceUmWV+xkkbyWgfSSUnYqVeLuwpwIwpc/aG0fT0yrbnbcZhqUw
X-Received: by 2002:a63:4d0e:: with SMTP id a14mr16302824pgb.408.1543916860284;
        Tue, 04 Dec 2018 01:47:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1543916860; cv=none;
        d=google.com; s=arc-20160816;
        b=CSRbmyKs1H2MQzaOKLZYeHmWXbTUOZBgxv03Wm6OJQSfVV7FLN/8ayjb+aTa8WznFP
         o0KwH3nJijtPmHv5CD4Gri8ri2Xo7BMj6LyWaFK3JLyn6Wty2rwXlhRQy9OuN86eGUKd
         Rd41gae9t4VV3zRu556X9qrmoS592NfrF+rYZAAaiWXBWNkKGYI3fTJumI/vx6BIe4uQ
         yV8zlJbBJ/mQXfB6CekXOju6WEocJq7YSk0ZqiRFjQgGTO47TFL8CqBDG/4KPEzf971r
         0jCvS9kRoTiOQxI5kwBa3WqTcsSrEWxbMqTMokj0yEny/wYTutg6DkMFHFEmRhLCSllu
         QimA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject;
        bh=8r7AUUKrP9ZFfA17IEEb07TeeVnnotZQzg2xWID8Fbs=;
        b=o7cJIqMbnSPI99X/5G3dhxjnTBWTBn65Tn4cGeei7337yHxFt6PZ2EyqXBGayjPp5G
         H+s3rKrQx68cWJGiAPaEHtLveg6FCFPHfKlg6ZQY3jpjIZJLnvT+7wnhGK4MEBSd1Uot
         sAx8edwPLavyVGDHknhRjfiLQuak1uLUgqrZOWRi16pEUFkh1EBTu2bFCRkuCMtjZHYP
         udMXMyTo551mG8bJVfMcEBz1DHzfjRlNabWX1UEH3ko+Xd8dPKLRLfhdnBoaI/SHc0wR
         0zzxCPGNfO/gaGyp1TEBQ1CUvd8ofQuV1Xsx7XjjYuyaVoZepPxDz9gbS9o568iHZQeX
         nOCA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id v10si17194452plg.82.2018.12.04.01.47.25;
        Tue, 04 Dec 2018 01:47:40 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726039AbeLDJqi (ORCPT <rfc822;zzmahb@gmail.com> + 99 others);
        Tue, 4 Dec 2018 04:46:38 -0500
Received: from mga02.intel.com ([134.134.136.20]:39218 "EHLO mga02.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725613AbeLDJqi (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 Dec 2018 04:46:38 -0500
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga001.jf.intel.com ([10.7.209.18])
  by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Dec 2018 01:46:37 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.56,313,1539673200"; 
   d="scan'208";a="115808453"
Received: from avandeve-mobl.amr.corp.intel.com (HELO [10.251.82.99]) ([10.251.82.99])
  by orsmga001.jf.intel.com with ESMTP; 04 Dec 2018 01:46:32 -0800
Subject: Re: [patch V2 27/28] x86/speculation: Add seccomp Spectre v2 user
 space protection mode
To:     Jiri Kosina <jikos@kernel.org>,
        Tim Chen <tim.c.chen@linux.intel.com>
Cc:     Linus Torvalds <torvalds@linux-foundation.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Linux List Kernel Mailing <linux-kernel@vger.kernel.org>,
        the arch/x86 maintainers <x86@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Andrew Lutomirski <luto@kernel.org>, thomas.lendacky@amd.com,
        Josh Poimboeuf <jpoimboe@redhat.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Andi Kleen <ak@linux.intel.com>, dave.hansen@intel.com,
        Casey Schaufler <casey.schaufler@intel.com>,
        "Mallick, Asit K" <asit.k.mallick@intel.com>, jcm@redhat.com,
        longman9394@gmail.com, Greg KH <gregkh@linuxfoundation.org>,
        david.c.stewart@intel.com, Kees Cook <keescook@chromium.org>,
        Jason Brandt <jason.w.brandt@intel.com>
References: <20181125183328.318175777@linutronix.de>
 <20181125185006.051663132@linutronix.de>
 <CAHk-=whtiX45YPjFPMFuktZ3WB23zqBZR-rL6RewrTyvrFj2Fw@mail.gmail.com>
 <f4b903ef-828c-0b05-29c6-6f71677d120d@linux.intel.com>
 <nycvar.YFH.7.76.1812040937440.17216@cbobk.fhfr.pm>
From:   Arjan van de Ven <arjan@linux.intel.com>
Message-ID: <dfcb5d36-0cd5-6212-fc52-d1d9e33c0cbf@linux.intel.com>
Date:   Tue, 4 Dec 2018 10:46:31 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <nycvar.YFH.7.76.1812040937440.17216@cbobk.fhfr.pm>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

>> On processors with enhanced IBRS support, we recommend setting IBRS to 1
>> and left set.
> 
> Then why doesn't CPU with EIBRS support acutally *default* to '1', with
> opt-out possibility for OS?

(slightly longer answer)

you can pretty much assume that on these CPUs, IBRS doesn't actually do anything
(e.g. just a scratch bit)

we could debate (and did :-)) for some time what the default value should be at boot,
but it kind of is one of those minor issues that should not hold up getting things out.

it could well be that the cpus that do this will ship with 1 as default, but it's hard to
guarantee across many products and different CPU vendors when time was tight.