Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp3586057ybl;
        Tue, 21 Jan 2020 03:34:32 -0800 (PST)
X-Google-Smtp-Source: APXvYqwilgunrF+Zp2uiC3DQSwxuE4TOe5vTxOazaabPXl6044jRXBz0Pd3FzgokN3P+A7F7ATHC
X-Received: by 2002:aca:d6c8:: with SMTP id n191mr2684530oig.103.1579606472134;
        Tue, 21 Jan 2020 03:34:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1579606472; cv=none;
        d=google.com; s=arc-20160816;
        b=StX1dOlCAPVn5+7p05vTJ+ahAV6h0LiuOMQqUb5g9jr627jba0O6P8WB4eT8yVV+eF
         Nb7wOesrxcLT+hzzrry/qLvknlT4jZVvs0rKN1HLh6h5nnaaAoy118TdLY/C+rYIUk1F
         ILBux8MXEor3+z6SNNPHQuXzjInZ0yx+vyOb1+iCcYKzH2mG83/DQD/XCUVmBHox4arz
         R+V4NY//mhe1DecfXYVLrZ+xKoJeD1rIlrOU5+aGPSter3WzBrRVAnLYyMF/kkzA1c9j
         F+HA8GXAxzQhCW7oVpHrcZbJh0Y+0lVi2PK78IY8Yp7e4Uto8ThOOgsKgFnUDc3uooOZ
         FmPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=J6F93+LsImtFtzVA+R6J81QBkEV14BOR4MTybNBm7XQ=;
        b=cUCRVs1bIqK+izPjGgJpWbsTogPAh0xTrF2n2AKoFYKzYqBOVDBnHn43vFkHT2p0Uo
         V5ESv3pdquySbJP01LW5yiAVQg91mSkwHW0eGbS5LOd4RgbjEfT2XnMWNKNzlM9+D6nW
         5D2+CgYYrZzhnSlFM1lT35BnfZogVJPpFkSaSCZUjbaDUqXtLN5pY3HeYf7IjxNB7tud
         b/GuBsw/gvnV5TkxSIXC6ucfWX74t50shxR42faPDz8sQdiw/xhALhcqJfmdt58NvKR+
         ZmxFxuEQEh7bJnmFHS6/3LuXNTEtYwCpPgwJk8EXujTFlLGB/1V21Dj+0D5rn71IezJM
         JomA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b=Z6icbBGV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l204si7485548oif.261.2020.01.21.03.34.19;
        Tue, 21 Jan 2020 03:34:32 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b=Z6icbBGV;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728797AbgAULdZ (ORCPT <rfc822;radocaj.bane@gmail.com>
        + 99 others); Tue, 21 Jan 2020 06:33:25 -0500
Received: from mail.skyhub.de ([5.9.137.197]:57976 "EHLO mail.skyhub.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726052AbgAULdZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 21 Jan 2020 06:33:25 -0500
Received: from zn.tnic (p200300EC2F0B0400D59E977D8F003815.dip0.t-ipconnect.de [IPv6:2003:ec:2f0b:400:d59e:977d:8f00:3815])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 008791EC0CDF;
        Tue, 21 Jan 2020 12:33:23 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim;
        t=1579606404;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:in-reply-to:in-reply-to:  references:references;
        bh=J6F93+LsImtFtzVA+R6J81QBkEV14BOR4MTybNBm7XQ=;
        b=Z6icbBGVtkuf+ecXMCU+0qwQRFabuAUEH8giGTDkFz/48jyTHrvTXJIcUv7z+waDPP6xka
        ZGwSTTQ4yl24R6CvmRO9xKhQ+UdS6JphHhyBXLGbr2gWSSF1FumIBhPczw9xoq7Lcbj5/5
        1lHnrIpj4mMozjcF6y5hSsjf78AU0Jw=
Date:   Tue, 21 Jan 2020 12:33:17 +0100
From:   Borislav Petkov <bp@alien8.de>
To:     Anthony Steinhauser <asteinhauser@google.com>,
        Thomas Gleixner <tglx@linutronix.de>
Cc:     linux-kernel@vger.kernel.org, mingo@redhat.com
Subject: Re: [PATCH] Return ENXIO instead of EPERM when speculation control
 is unimplemented
Message-ID: <20200121113317.GH7808@zn.tnic>
References: <20191229164830.62144-1-asteinhauser@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20191229164830.62144-1-asteinhauser@google.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Dec 29, 2019 at 08:48:30AM -0800, Anthony Steinhauser wrote:
> @@ -602,7 +603,7 @@ spectre_v2_parse_user_cmdline(enum spectre_v2_mitigation_cmd v2_cmd)
>  static void __init
>  spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
>  {
> -	enum spectre_v2_user_mitigation mode = SPECTRE_V2_USER_NONE;
> +	enum spectre_v2_user_mitigation mode = SPECTRE_V2_USER_UNAVAILABLE;
>  	bool smt_possible = IS_ENABLED(CONFIG_SMP);
>  	enum spectre_v2_user_cmd cmd;

So here in the code, right under this line we check IBPB and STIBP and
whether SMT is force_disabled/possible and set smt_possible if not. We
parse cmdline, pick apart selection, etc...

> @@ -616,6 +617,7 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
>  	cmd = spectre_v2_parse_user_cmdline(v2_cmd);
>  	switch (cmd) {
>  	case SPECTRE_V2_USER_CMD_NONE:
> +		mode = SPECTRE_V2_USER_DISABLED;
>  		goto set_mode;
>  	case SPECTRE_V2_USER_CMD_FORCE:
>  		mode = SPECTRE_V2_USER_STRICT;
> @@ -676,7 +678,7 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
>  	 * mode.
>  	 */
>  	if (!smt_possible || !boot_cpu_has(X86_FEATURE_STIBP))
> -		mode = SPECTRE_V2_USER_NONE;
> +		mode = SPECTRE_V2_USER_UNAVAILABLE;

... but here we do that evaluation again. But I think that *if* the
required hw support is not there - either SMT is not possible or STIBP
not present - then there's no real need to parse the cmdline and do all
that.

IOW, the filtering out of the cases where the user can't do any changes
due to not present hw should be concentrated at the function entry and
mode left at SPECTRE_V2_USER_UNAVAILABLE.

IOW 2, unless I'm not missing some of the gazillion use cases with this
;-\ I think that check needs to be moved up and integrated into the
entry checks. I.e., this ontop or a separate patch...:

---
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 2e9299816530..ffe5e4fa4611 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -618,8 +618,10 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
 		return;
 
 	if (cpu_smt_control == CPU_SMT_FORCE_DISABLED ||
-	    cpu_smt_control == CPU_SMT_NOT_SUPPORTED)
+	    cpu_smt_control == CPU_SMT_NOT_SUPPORTED) {
 		smt_possible = false;
+		return;
+	}
 
 	cmd = spectre_v2_parse_user_cmdline(v2_cmd);
 	switch (cmd) {
@@ -679,13 +681,6 @@ spectre_v2_user_select_mitigation(enum spectre_v2_mitigation_cmd v2_cmd)
 	/* If enhanced IBRS is enabled no STIBP required */
 	if (spectre_v2_enabled == SPECTRE_V2_IBRS_ENHANCED)
 		return;
-
-	/*
-	 * If SMT is not possible or STIBP is not available clear the STIBP
-	 * mode.
-	 */
-	if (!smt_possible || !boot_cpu_has(X86_FEATURE_STIBP))
-		mode = SPECTRE_V2_USER_UNAVAILABLE;
 set_mode:
 	spectre_v2_user = mode;
 	/* Only print the STIBP mode when SMT possible */

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette