Received: by 2002:ab2:69cc:0:b0:1f4:be93:e15a with SMTP id n12csp222681lqp; Fri, 12 Apr 2024 15:58:35 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCU8j/6uEglGXIs6DxAIiAOkNifs7aO4/TcbNyFPrwj4ybbwOHC/ZMAPaBsc3pO7O3DNiZ8yl1/hl/su6PTpO4e9Kg8J71zKmKaV9E2Kiw== X-Google-Smtp-Source: AGHT+IFaK8PdaYZ0wc5cfHLPXBS1+nbkiXRjW1yQdz9bSYCB45kkqTZX0r23T8W1R5rMPV4WWe6x X-Received: by 2002:a9d:68d5:0:b0:6ea:103a:c43a with SMTP id i21-20020a9d68d5000000b006ea103ac43amr4549681oto.0.1712962715229; Fri, 12 Apr 2024 15:58:35 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712962715; cv=pass; d=google.com; s=arc-20160816; b=gjjnr6D98n2URLKBeJTM1fIMXBsQK7aL3W4+xn5wQrJMtx7qNegRG7p1/ilewuNjn2 AS6fMIubAhDD12TtHlBKrGUSYkcbXgHuZeewDCViyrz86qQWSfLm5U5XybxBWeNeSIVY 6XXRDkPOUALfNfo2lgfKNfWs6jF2hMSiqad4Vc22GKRfDeF9WjsL8Vv8Sbz/gyttyGy9 C0XAJLVaN527Olf1+X+YR/SM2R3AUfplfgskxF3uoy6UnUnW3mPVEyRY1LONY4VzrWi2 O8DnDE2vcSAXmn0oMUM6eCGoFoxXSBQFR2Um/zRDp2FUeWpUiTSnDbg7PRMRbRa9qE22 WV0A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=5QSCTOUsPwklhx9XWbxmbcTpmPnZ3yDRrfiP4jDgvc4=; fh=IG4HrCc/rbrqWMM8cbZ6OinckM58Utq3Zy+lbcxlIL0=; b=oc2lLxEc3dKN5ynGKXxZGRAublga5QmSBwSq/v1TUVopuLCrkAMhiYbxVFXwvfst/r ihw/lvqqlTagxz2+m/cQPbc6USt0JIv639vlQWjB/agQUqlKNz1CzEBfXFRHn0a8U8q5 7BRhkMpZoC4rvhSYX7DedNMCDv+o4/92VF6f14GBxf7gVnKJOH6NrgCRXMjP25V60z1J 8DtTpGRD+xgSqoPbjB/WLYWhmo2ZvHD8y4cpv9aEc6EMH/7TM9V2GRqmDFvB0Cl1uBZI 9D0fezD+5529GnGLwzRFmP0vsiXbLXT7e6+vS1jk4P6pKwcGFar8YXBpalOmPbfIbhDX 5zXg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GmO4P7Pq; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-143422-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-143422-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id vv16-20020a05620a563000b0078d674cddcasi4827506qkn.693.2024.04.12.15.58.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Apr 2024 15:58:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-143422-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=GmO4P7Pq; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-143422-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-143422-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id E754C1C220BC for ; Fri, 12 Apr 2024 22:58:34 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 96171152180; Fri, 12 Apr 2024 22:58:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="GmO4P7Pq" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC8084C6E for ; Fri, 12 Apr 2024 22:58:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712962708; cv=none; b=F2vBL75Kswqzpgg/wmtUqETvDIr/Qr3ZqnJ5AuAWctWxh2UerwTuypCHdQ9aBuN+YAbL2V7/2JIoXDGk6O1c4wYcSEZqsLONwVFthA/+QWNBFiMF16PBC1N8on9iPvykNAxAoSrrNEhug8YXsacEYxjIzDRt5XmkTwTz46+41c8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712962708; c=relaxed/simple; bh=XtRVdyDfNNTzE6XODtSq713n/AxyzUDycBzMGhRjTE0=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=BL2wy7Z72d1CfElqiyLWR0KBGn2SB9caQwKE0PzccfgxQKisPUyKK+yt8xCN3MwlwOD83E9F8fQhnk7nRigtclYuLqSQBMZL+wPtFVHrZnK6yMattEbRz4vyRFzUA/n4HEtTokTO29ReCjRpStyVljgyeb46HxJyGsr7zCh2VmQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=GmO4P7Pq; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7B603C113CC; Fri, 12 Apr 2024 22:58:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1712962708; bh=XtRVdyDfNNTzE6XODtSq713n/AxyzUDycBzMGhRjTE0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=GmO4P7PqI9w/uAHXW7XSIRYn6UJaXTSS0jz0QUncRoV9gd66N2zt8DGAgpO9d6QnH dGebfHjENBZEMDLcfb20mVWpP7arPGa5xFSOmww9MIDV9C6HvT5HjPxbULZX966YE6 vO1+xWzYYLv+C5uxnsgwUAylpodmRRXMJdEuIam9f25jE1QmX/Q/OxKGJqMhGRXvcF 6AL2zpDY1N0Suv6coCkLnIRsTmedb2Ais0uqEa5oVJ8iR940I+6PnE+HD+qILt9mqK pPAS0E2YG0vvKUo7BxjE+VUihW5I+r5vuQsweC3cFlHit8i72OukGzr0l1NL53uAZR eATiCn3j55C3w== Date: Fri, 12 Apr 2024 15:58:25 -0700 From: Josh Poimboeuf To: Pawan Gupta Cc: x86@kernel.org, linux-kernel@vger.kernel.org, Linus Torvalds , Daniel Sneddon , Thomas Gleixner , Alexandre Chartre , Konrad Rzeszutek Wilk , Peter Zijlstra , Greg Kroah-Hartman , Sean Christopherson , Andrew Cooper , Dave Hansen , Nikolay Borisov , KP Singh , Waiman Long , Borislav Petkov , Ingo Molnar Subject: Re: [PATCH v2 1/3] x86/bugs: Only harden syscalls when needed Message-ID: <20240412225825.3tgtu4opi2e5jucg@treble> References: <079f24edefb5b47e922c2804f199463e04ccf0c8.1712944776.git.jpoimboe@kernel.org> <20240412224232.uiaht6yx2ghtx3gg@desk> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20240412224232.uiaht6yx2ghtx3gg@desk> On Fri, Apr 12, 2024 at 03:42:32PM -0700, Pawan Gupta wrote: > On Fri, Apr 12, 2024 at 11:10:32AM -0700, Josh Poimboeuf wrote: > > diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h > > index 3c7434329661..7c87fe80c696 100644 > > --- a/arch/x86/include/asm/cpufeatures.h > > +++ b/arch/x86/include/asm/cpufeatures.h > > @@ -470,6 +470,7 @@ > > #define X86_FEATURE_BHI_CTRL (21*32+ 2) /* "" BHI_DIS_S HW control available */ > > #define X86_FEATURE_CLEAR_BHB_HW (21*32+ 3) /* "" BHI_DIS_S HW control enabled */ > > #define X86_FEATURE_CLEAR_BHB_LOOP_ON_VMEXIT (21*32+ 4) /* "" Clear branch history at vmexit using SW loop */ > > +#define X86_FEATURE_INDIRECT_SAFE (21*32+ 4) /* "" Indirect branches aren't vulnerable to Spectre v2 */ > > This should be (21*32+ 5). Argh :-/ > Other than that: > > Reviewed-by: Pawan Gupta Thanks! -- Josh