From mboxrd@z Thu Jan  1 00:00:00 1970
From: "David Woodhouse" <dwmw2@infradead.org>
Subject: Re: [RFC 05/10] x86/speculation: Add basic IBRS support
 infrastructure
Date: Sun, 21 Jan 2018 15:25:38 -0000
Message-ID: <37cf9ba3941a51e8db27f9f4c21b5b7e.squirrel@twosheds.infradead.org>
References: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
    <1516476182-5153-6-git-send-email-karahmed@amazon.de>
    <alpine.DEB.2.20.1801211524160.1998@nanos>
Mime-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
Cc: "KarimAllah Ahmed" <karahmed@amazon.de>,
        linux-kernel@vger.kernel.org, "Andi Kleen" <ak@linux.intel.com>,
        "Andrea Arcangeli" <aarcange@redhat.com>,
        "Andy Lutomirski" <luto@kernel.org>,
        "Arjan van de Ven" <arjan@linux.intel.com>,
        "Ashok Raj" <ashok.raj@intel.com>,
        "Asit Mallick" <asit.k.mallick@intel.com>,
        "Borislav Petkov" <bp@suse.de>,
        "Dan Williams" <dan.j.williams@intel.com>,
        "Dave Hansen" <dave.hansen@intel.com>,
        "David Woodhouse" <dwmw@amazon.co.uk>,
        "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>,
        "Ingo Molnar" <mingo@redhat.com>,
        "Janakarajan Natarajan" <janakarajan.natarajan@amd.com>,
        "Joerg Roedel" <joro@8bytes.org>,
        "Jun Nakajima" <jun.nakajima@intel.com>,
        "Laura Abbott" <labbott@redhat.com>,
        "Li
To: "Thomas Gleixner" <tglx@linutronix.de>
Return-path: <linux-kernel-owner@vger.kernel.org>
In-Reply-To: <alpine.DEB.2.20.1801211524160.1998@nanos>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: kvm.vger.kernel.org


> On Sat, 20 Jan 2018, KarimAllah Ahmed wrote:
>> From: David Woodhouse <dwmw@amazon.co.uk>
>>
>> Not functional yet; just add the handling for it in the Spectre v2
>> mitigation selection, and the X86_FEATURE_IBRS flag which will control
>> the code to be added in later patches.
>>
>> Also take the #ifdef CONFIG_RETPOLINE from around the RSB-stuffing; IBRS
>> mode will want that too.
>>
>> For now we are auto-selecting IBRS on Skylake. We will probably end up
>> changing that but for now let's default to the safest option.
>>
>> XX: Do we want a microcode blacklist?
>
> Oh yes, we want a microcode blacklist. Ideally we refuse to load the
> affected microcode in the first place and if its already loaded then at
> least avoid to use the borked features.
>
> PR texts promising that Intel is committed to transparency in this matter
> are not sufficient. Intel, please provide the facts, i.e. a proper list of
> micro codes and affected SKUs, ASAP.

Perhaps we could start with the list already published by VMware at
https://kb.vmware.com/s/article/52345


-- 
dwmw2