Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp2626817imw;
        Sun, 17 Jul 2022 13:08:32 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1sW2Dmui4j9Qv1SzW+51mZtaW0CmwHS3gGAKk7ASGUpC2RCtD86WuGj8/H75UkebnXiyS5B
X-Received: by 2002:a17:90a:8044:b0:1ef:7a95:9910 with SMTP id e4-20020a17090a804400b001ef7a959910mr28914198pjw.165.1658088512704;
        Sun, 17 Jul 2022 13:08:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1658088512; cv=none;
        d=google.com; s=arc-20160816;
        b=QQMI705ZzRkaQMtwGbhf6RgTtol0CGvl0/qtptgUexI1RC8Exe72W73R3RyU6MIRCl
         kgwE76dEqtIC8XU8x2OKWC6YkiUXrLS/xXk1FP6FuuOWlTRENF8223qQffYgIVjf0Tmj
         hb4foxbyzTJ/xQulTYiM7ryesKuqRIT6I1UuS9PsRemDncT2hFCDPukuMuqMBdqhLvjJ
         sHTIe6ZfrEU+1FfFAgNK4Ez4sTsa5Hcd9dpbNtN2BxwXhvIFKa4w0ls09UEyU4U9quzR
         x5vxfuxZeobMAanBQIwVtFA7YqnRgd+ttg5TrhKIQPnv3ZXRl7M2T91tMl2of5hlOfoE
         Axlw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:message-id:date:references
         :in-reply-to:subject:cc:to:dkim-signature:dkim-signature:from;
        bh=FFwnWRc7IGxS0ZRT94RlPjA97CP88nVxc93qcbHA/Ow=;
        b=I9WN/1LN/sFYl6u6mc6RHbHUX6srRezoJsglaIdrVfZCCypYTrRbrOGRVs8bH1HTWU
         QAADpERdL5fnfPBnK+pcpVdD14IMGW7ZXc848R/IT7kKQjTGPZnfChMqwJXM666CviPC
         agzIYmLcS2R3nRHb80N4uzX2OL4aIveRGGhT4iG2eYamkRmU0X04nPH+RmMKKILyHEYN
         o4bP12vCMUiUk3XkSzoX7faEYNj+Ymt61d9g9KkDFitt9kvxLHC7UF7pgL0TeeeObIc1
         fTyAmtvQkmP9XtJHUM+jLl1ZwWIe+xD+eZ4gC38K2D1r5vYJkCb74tCzum6n82dJU/fj
         /76w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=sln340O3;
       dkim=neutral (no key) header.i=@linutronix.de;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id f66-20020a636a45000000b00419d6bff29bsi11173932pgc.526.2022.07.17.13.08.18;
        Sun, 17 Jul 2022 13:08:32 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=sln340O3;
       dkim=neutral (no key) header.i=@linutronix.de;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230469AbiGQTQX (ORCPT <rfc822;algowarbles@gmail.com>
        + 99 others); Sun, 17 Jul 2022 15:16:23 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58382 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229437AbiGQTQW (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 17 Jul 2022 15:16:22 -0400
Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDC1ADF1F
        for <linux-kernel@vger.kernel.org>; Sun, 17 Jul 2022 12:16:21 -0700 (PDT)
From:   Thomas Gleixner <tglx@linutronix.de>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020; t=1658085344;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=FFwnWRc7IGxS0ZRT94RlPjA97CP88nVxc93qcbHA/Ow=;
        b=sln340O3/2iUuiJ06gTUqABPkCRF9ZYktow7T/iiFSb9WRp7ZejtXJzn01nZd340pSnOQL
        3cRX3zg4nh+3p+EwPSRvFqAbffVCZlYaA1JczX9rT+4vBnQmVw1cwwofL6VdBW3bmUSK1n
        wE9HdUioMM2slNwBFKLtFlcfTmcBx4fqEfTRSftJdANvgNMzU+M1QYRGbXsMTp19qTUiSX
        zbyXfwhJKIUtA2aKjxhBZ61CL/asudLLJYjSYxKtEoQKhgYe+7udfWTdCATfK0tErYsFZ2
        WnmSKraztplHhYGAqtTzVQtQoH4yC9gVmrZB2XlrjZCJPgacOBwz5uvXeE+vZQ==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020e; t=1658085344;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=FFwnWRc7IGxS0ZRT94RlPjA97CP88nVxc93qcbHA/Ow=;
        b=TVt5jDIyiH0B9YjBQPkEOtWDJoP5moTUaOhdy7Yk9aVVtGCZeiUcUtqvpZi1dqX/3Bc0ix
        pgxRh6E5l+27GbBg==
To:     David Laight <David.Laight@ACULAB.COM>,
        LKML <linux-kernel@vger.kernel.org>
Cc:     "x86@kernel.org" <x86@kernel.org>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Josh Poimboeuf <jpoimboe@kernel.org>,
        Andrew Cooper <Andrew.Cooper3@citrix.com>,
        Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
        Johannes Wikner <kwikner@ethz.ch>,
        Alyssa Milburn <alyssa.milburn@linux.intel.com>,
        Jann Horn <jannh@google.com>, "H.J. Lu" <hjl.tools@gmail.com>,
        Joao Moreira <joao.moreira@intel.com>,
        Joseph Nuzman <joseph.nuzman@intel.com>,
        Steven Rostedt <rostedt@goodmis.org>,
        Juergen Gross <jgross@suse.com>,
        "Peter Zijlstra (Intel)" <peterz@infradead.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>
Subject: RE: [patch 00/38] x86/retbleed: Call depth tracking mitigation
In-Reply-To: <24673619e9e2411bb1d5f287aab2aa87@AcuMS.aculab.com>
References: <20220716230344.239749011@linutronix.de>
 <f9fd86acac4f49bc8f90b403978e9df3@AcuMS.aculab.com> <8735ezye00.ffs@tglx>
 <24673619e9e2411bb1d5f287aab2aa87@AcuMS.aculab.com>
Date:   Sun, 17 Jul 2022 21:15:44 +0200
Message-ID: <87wncbwnxb.ffs@tglx>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
        SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Jul 17 2022 at 17:56, David Laight wrote:
> From: Thomas Gleixner
>> On Sun, Jul 17 2022 at 09:45, David Laight wrote:
> I was thinking about what happens after the RSB has underflowed.
> Which is when (I presume) the BTB based speculation happens.
>
>> The intra function call in the retpoline is of course adding a RSB entry
>> which points to the speculation trap, but that gets popped immediately
>> after that by the return which goes to the called function.
>
> I'm remembering the 'active' instructions in a retpoline being 'push; ret'.
> Which is an RSB imbalance.

Looking at the code might help to remember correctly:

        call   1f
        speculation trap
1:      mov     %reg, %rsp
        ret

Thanks,

        tglx