Received: by 2002:a05:6359:6284:b0:131:369:b2a3 with SMTP id se4csp5745137rwb; Wed, 9 Aug 2023 08:34:40 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGo3yNZQrI2lc/6DwTUljMpMBB7ducWZ110GzOKWwiqrl4f4ZUsdd9G31eE/OdlzY83nai8 X-Received: by 2002:a05:6870:e248:b0:1bf:26f0:6b5b with SMTP id d8-20020a056870e24800b001bf26f06b5bmr3889006oac.32.1691595279902; Wed, 09 Aug 2023 08:34:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691595279; cv=none; d=google.com; s=arc-20160816; b=FDAjwxO7TIH6OgeOD5mj9R5ClGANtp+2YbfwUl/YbacKVu1ZbgeuMXVFV7t4FX4J19 gJfneZuSOAYMMEjKbyP/+jpSY8E0TXGCPKPutcCm/oalRcn/c5E5409wyho5Mbq99olP +AIsv6PWASn9+w+IsdrnyJS66VWXLbOU9PFL9rJE0SItSWrSxEoXkG884LwTJHm/iRQV P47ABXKsNSO5mO5uEmvtxLjamIKUMf+PQgGmd6DbJ12ofV0YplNmTeW0kIXYi/wBvDiv +/ov1duZPrm/bvz+8vUoRKCIVPdR9I0660JVZrCUBd7Cn8fSdQDEsXVdNn8XRSDwnBAw uVrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=qvJyCH4RyOSoeLiwVOcFHSz0PusREL+nD+CkI4y87o0=; fh=cVXNHTAtFNkvOypJGieMeDOayF1ZyNqzDTD8lrRhgeQ=; b=dMxmB1xulK9Kd7lLLbtfRB91dIrCyvgIH95WZWmCLoMzpnoX8Q+Lo8esKUcojsig7b pgS38DPDsF2KUuTjDxXfidLGGyWoZ+gf0BD8/6t3Pfo3+NoReAjR6d/isRu4Rj/zySHg UfknoclP4qvUH0eilNcQTnYB6vGlapAGPReih857slWSSf5g+ddlGUzxB1+SnsGQPfIi S6kzpQ8EX7Wq+pHYW6KNc9XwGm1UYez9E1ioFGryjI2EGdWccdQuu1cYi9SGXpOALpXB rJ65xC6NGE86slAlEgTxXrRdqHmJND+o7e6kaq2fmNoMH+tu+MWH5ssa+Xy/2HG2Qwg9 D+Pw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=g4f26sN2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u194-20020a6379cb000000b005639a610f7csi8984538pgc.841.2023.08.09.08.34.27; Wed, 09 Aug 2023 08:34:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=g4f26sN2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230445AbjHINgg (ORCPT + 99 others); Wed, 9 Aug 2023 09:36:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46558 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230319AbjHINgg (ORCPT ); Wed, 9 Aug 2023 09:36:36 -0400 Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 527382126 for ; Wed, 9 Aug 2023 06:36:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=qvJyCH4RyOSoeLiwVOcFHSz0PusREL+nD+CkI4y87o0=; b=g4f26sN20pF8NWW2GiDjX1P+tH Z8I0clKJy8ygqtG2dnXvZok8vA8MZKTDv7RasgfJQKl5D57T7E/pC8peqUPnWX+iMW3Zw6d8vG059 VsvSDXuf7UhpsT/4VgP0uXzuD6cMhdRJOOCVHfOcRHQAUQ2EM9tT0NrcZ51NqR0ftUXp1JwpQPRwM CuSLHFfBrIkpLSU+q3mdn72t77M/RZ5euJ9392dF31TPkjmiKOQd7v3xqUU0w5Tg2okzMHGPYMGXm UPZ+Jf6U3/gEvmoAAaKqNnLsjs9QDzyOp2GbXxot1FF6JGIKF0mtOnxzQ8lwR8tREfzmLb3StBJ2N fifHRTug==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by desiato.infradead.org with esmtpsa (Exim 4.96 #2 (Red Hat Linux)) id 1qTjMK-005fPF-27; Wed, 09 Aug 2023 13:36:21 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id CDF9F30003A; Wed, 9 Aug 2023 15:36:19 +0200 (CEST) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id B2ECF20208EAB; Wed, 9 Aug 2023 15:36:19 +0200 (CEST) Date: Wed, 9 Aug 2023 15:36:19 +0200 From: Peter Zijlstra To: Andrew.Cooper3@citrix.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, David.Kaplan@amd.com, jpoimboe@kernel.org, gregkh@linuxfoundation.org, Sean Christopherson , Paolo Bonzini Subject: Re: [RFC][PATCH 11/17] x86/cpu: Remove all SRSO interface nonsense Message-ID: <20230809133619.GL212435@hirez.programming.kicks-ass.net> References: <20230809071218.000335006@infradead.org> <20230809072201.192502969@infradead.org> <64f94037-d370-aa83-f8d8-ae827f606f60@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <64f94037-d370-aa83-f8d8-ae827f606f60@citrix.com> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Aug 09, 2023 at 02:10:42PM +0100, Andrew.Cooper3@citrix.com wrote: > On 09/08/2023 8:12 am, Peter Zijlstra wrote: > > Now that retbleed can do all that the srso knob did, and without the > > dubious interactions with retbleed selections, remove it. > > > > Signed-off-by: Peter Zijlstra (Intel) > > --- > > arch/x86/kernel/cpu/bugs.c | 188 ++------------------------------------------- > > drivers/base/cpu.c | 8 - > > include/linux/cpu.h | 2 > > 3 files changed, 10 insertions(+), 188 deletions(-) > > Not all of this can go, because ... > > > --- a/arch/x86/kernel/cpu/bugs.c > > +++ b/arch/x86/kernel/cpu/bugs.c > > ... > > -static void __init srso_select_mitigation(void) > > -{ > > - bool has_microcode; > > - > > - if (!boot_cpu_has_bug(X86_BUG_SRSO) || cpu_mitigations_off()) > > - goto pred_cmd; > > - > > - /* > > - * The first check is for the kernel running as a guest in order > > - * for guests to verify whether IBPB is a viable mitigation. > > - */ > > - has_microcode = boot_cpu_has(X86_FEATURE_IBPB_BRTYPE) || cpu_has_ibpb_brtype_microcode(); > > - if (!has_microcode) { > > - pr_warn("IBPB-extending microcode not applied!\n"); > > - pr_warn(SRSO_NOTICE); > > - } else { > > - /* > > - * Enable the synthetic (even if in a real CPUID leaf) > > - * flags for guests. > > - */ > > - setup_force_cpu_cap(X86_FEATURE_IBPB_BRTYPE); > > - setup_force_cpu_cap(X86_FEATURE_SBPB); > > ... these (minus the virt bug caused by probing for microcode behaviour > even when virtualised, and the enumeration bug caused by ignoring > synthesis if host mitigations are off) are necessary for KVM. > > https://www.amd.com/content/dam/amd/en/documents/corporate/cr/speculative-return-stack-overflow-whitepaper.pdf > > and here's one I prepared earlier > https://xenbits.xen.org/gitweb/?p=xen.git;a=commitdiff;h=2280b0ee2aed6e0fd4af3fa31bf99bc04d038bfe > > but these bits need to get into guests for the guests to be able to > figure out what to do. Patch 6 adds these feature bits to retbleed_select_mitigation().