From mboxrd@z Thu Jan  1 00:00:00 1970
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Subject: Re: [RFC 00/10] Speculation Control feature support
Date: Sun, 21 Jan 2018 09:02:05 -0500
Message-ID: <20180121140205.GB21306@char.us.oracle.com>
References: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Cc: linux-kernel@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.or
To: KarimAllah Ahmed <karahmed@amazon.de>,
        Mihai Carabas <mihai.carabas@oracle.com>
Return-path: <linux-kernel-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: kvm.vger.kernel.org

On Sat, Jan 20, 2018 at 08:22:51PM +0100, KarimAllah Ahmed wrote:
> Start using the newly-added microcode features for speculation control =
on both
> Intel and AMD CPUs to protect against Spectre v2.

Thank you posting these.
>=20
> This patch series covers interrupts, system calls, context switching be=
tween
> processes, and context switching between VMs. It also exposes Indirect =
Branch
> Prediction Barrier MSR, aka IBPB MSR, to KVM guests.
>=20
> TODO:
>=20
> - Introduce a microcode blacklist to disable the feature for broken mic=
rocodes.
> - Restrict/Unrestrict the speculation (by toggling IBRS) around VMExit =
and
>   VMEnter for KVM and expose IBRS to guests.
>=20

Depend on what we expose to the guest. That is if the guest is not suppos=
e to have this exposed
(say cpuid 27 bit is not exposed) then trap on the MSR (and give an #GP)?

Mihai (CC-ed) is working on this, when ready he can post an patch against=
 this tree?

> Ashok Raj (1):
>   x86/kvm: Add IBPB support
>=20
> David Woodhouse (1):
>   x86/speculation: Add basic IBRS support infrastructure
>=20
> KarimAllah Ahmed (1):
>   x86: Simplify spectre_v2 command line parsing
>=20
> Thomas Gleixner (4):
>   x86/speculation: Add basic support for IBPB
>   x86/speculation: Use Indirect Branch Prediction Barrier in context
>     switch
>   x86/speculation: Add inlines to control Indirect Branch Speculation
>   x86/idle: Control Indirect Branch Speculation in idle
>=20
> Tim Chen (3):
>   x86/mm: Only flush indirect branches when switching into non dumpable
>     process
>   x86/enter: Create macros to restrict/unrestrict Indirect Branch
>     Speculation
>   x86/enter: Use IBRS on syscall and interrupts
>=20
>  Documentation/admin-guide/kernel-parameters.txt |   1 +
>  arch/x86/entry/calling.h                        |  73 ++++++++++
>  arch/x86/entry/entry_64.S                       |  35 ++++-
>  arch/x86/entry/entry_64_compat.S                |  21 ++-
>  arch/x86/include/asm/cpufeatures.h              |   2 +
>  arch/x86/include/asm/mwait.h                    |  14 ++
>  arch/x86/include/asm/nospec-branch.h            |  54 ++++++-
>  arch/x86/kernel/cpu/bugs.c                      | 183 +++++++++++++++-=
--------
>  arch/x86/kernel/process.c                       |  14 ++
>  arch/x86/kvm/svm.c                              |  14 ++
>  arch/x86/kvm/vmx.c                              |   4 +
>  arch/x86/mm/tlb.c                               |  21 ++-
>  12 files changed, 359 insertions(+), 77 deletions(-)
>=20
>=20
> Cc: Andi Kleen <ak@linux.intel.com>
> Cc: Andrea Arcangeli <aarcange@redhat.com>
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Arjan van de Ven <arjan@linux.intel.com>
> Cc: Ashok Raj <ashok.raj@intel.com>
> Cc: Asit Mallick <asit.k.mallick@intel.com>
> Cc: Borislav Petkov <bp@suse.de>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: Dave Hansen <dave.hansen@intel.com>
> Cc: David Woodhouse <dwmw@amazon.co.uk>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: H. Peter Anvin <hpa@zytor.com>
> Cc: Ingo Molnar <mingo@redhat.com>
> Cc: Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>
> Cc: Joerg Roedel <joro@8bytes.org>
> Cc: Jun Nakajima <jun.nakajima@intel.com>
> Cc: Laura Abbott <labbott@redhat.com>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Masami Hiramatsu <mhiramat@kernel.org>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Peter Zijlstra <peterz@infradead.org>
> Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Tim Chen <tim.c.chen@linux.intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: kvm@vger.kernel.org
> Cc: linux-kernel@vger.kernel.org
> Cc: x86@kernel.org
>=20
> --=20
> 2.7.4
>=20