From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <konrad.wilk@oracle.com>
X-Google-Smtp-Source: AH8x224hIPgj1VAn+FeeouU4sfsJPFvPnFF4kpN9qvcf20uEGaeV8cxbCHoTvvznBVyROmH+70Nw
ARC-Seal: i=1; a=rsa-sha256; t=1516543364; cv=none;
        d=google.com; s=arc-20160816;
        b=gJRezSkBso4DVW/Ql8i+W3C6n8VG7y2yQ+ENT7rTPOCt1JUAjXA+KsaF+hsgzHJCRs
         VcyDADwbuOh2mERnDLWQFDloX9A7mS0B52bw1i7JVmUzO+9rfwgGUrGlhuIi4NH50NpM
         ZShVti9S2QKEYDh8QktLix+ab9hBp9+MOnoajjjAkDzqc0u8I34mwhwffjgW7z3pt32b
         Qooe1+/UI0qWaWey8ONZs94392sN0/mBjs/lIw/c8ehjyN40sP53pV0NfWFLwuyekokJ
         niehx29pDspbUx5JBkEjqSXBUKjpBYEHMb/9LgrXqWRy84o5+4IoEsnQ3hwTEDZeZn26
         Nvyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=6DAX46yD4rbJpXXRmXjyuVVwxY8g7EJ8lneTN2PG+Yc=;
        b=yDf7y0NFQOdbxrO8SPg5H0dF5KkcTl9ikVHGI/vHp38JNuEiRCjWCwAaExSy8FOtPo
         kWH9+QzS0ijCkTmhvA1pHhPGNMI1/C9DemFj7uM85jMtuvRiCY5q5cDVxCehRY36c9eR
         0bFwoiLJM6esll957VhBdpTyynl/cnjcit2IR4gO0cf2lVXb02YYKwhigQv7FpItezlh
         7kU+g0kiTfTRz4CIHq8CdSN06WN2dyOh3X5Ns7qMrBzQmzwghCoeQMc9/lS2DwZVsGlu
         fv1HbKX+5MTIg0l/0mLVdxQZGifaB1KQWPFEBVWASngYuFW68rARAz0OShtyKKD65N9o
         /EDQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=HZT+pnH8;
       spf=pass (google.com: domain of konrad.wilk@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=konrad.wilk@oracle.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=HZT+pnH8;
       spf=pass (google.com: domain of konrad.wilk@oracle.com designates 141.146.126.79 as permitted sender) smtp.mailfrom=konrad.wilk@oracle.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Date: Sun, 21 Jan 2018 09:02:05 -0500
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: KarimAllah Ahmed <karahmed@amazon.de>,
        Mihai Carabas <mihai.carabas@oracle.com>
Cc: linux-kernel@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>, Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>, Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>, kvm@vger.kernel.org,
        x86@kernel.org
Subject: Re: [RFC 00/10] Speculation Control feature support
Message-ID: <20180121140205.GB21306@char.us.oracle.com>
References: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <1516476182-5153-1-git-send-email-karahmed@amazon.de>
User-Agent: Mutt/1.8.3 (2017-05-23)
Content-Transfer-Encoding: quoted-printable
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8780 signatures=668655
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1801210206
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1590140566798781821?=
X-GMAIL-MSGID: =?utf-8?q?1590210974712026879?=
X-Mailing-List: linux-kernel@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>

On Sat, Jan 20, 2018 at 08:22:51PM +0100, KarimAllah Ahmed wrote:
> Start using the newly-added microcode features for speculation control =
on both
> Intel and AMD CPUs to protect against Spectre v2.

Thank you posting these.
>=20
> This patch series covers interrupts, system calls, context switching be=
tween
> processes, and context switching between VMs. It also exposes Indirect =
Branch
> Prediction Barrier MSR, aka IBPB MSR, to KVM guests.
>=20
> TODO:
>=20
> - Introduce a microcode blacklist to disable the feature for broken mic=
rocodes.
> - Restrict/Unrestrict the speculation (by toggling IBRS) around VMExit =
and
>   VMEnter for KVM and expose IBRS to guests.
>=20

Depend on what we expose to the guest. That is if the guest is not suppos=
e to have this exposed
(say cpuid 27 bit is not exposed) then trap on the MSR (and give an #GP)?

Mihai (CC-ed) is working on this, when ready he can post an patch against=
 this tree?

> Ashok Raj (1):
>   x86/kvm: Add IBPB support
>=20
> David Woodhouse (1):
>   x86/speculation: Add basic IBRS support infrastructure
>=20
> KarimAllah Ahmed (1):
>   x86: Simplify spectre_v2 command line parsing
>=20
> Thomas Gleixner (4):
>   x86/speculation: Add basic support for IBPB
>   x86/speculation: Use Indirect Branch Prediction Barrier in context
>     switch
>   x86/speculation: Add inlines to control Indirect Branch Speculation
>   x86/idle: Control Indirect Branch Speculation in idle
>=20
> Tim Chen (3):
>   x86/mm: Only flush indirect branches when switching into non dumpable
>     process
>   x86/enter: Create macros to restrict/unrestrict Indirect Branch
>     Speculation
>   x86/enter: Use IBRS on syscall and interrupts
>=20
>  Documentation/admin-guide/kernel-parameters.txt |   1 +
>  arch/x86/entry/calling.h                        |  73 ++++++++++
>  arch/x86/entry/entry_64.S                       |  35 ++++-
>  arch/x86/entry/entry_64_compat.S                |  21 ++-
>  arch/x86/include/asm/cpufeatures.h              |   2 +
>  arch/x86/include/asm/mwait.h                    |  14 ++
>  arch/x86/include/asm/nospec-branch.h            |  54 ++++++-
>  arch/x86/kernel/cpu/bugs.c                      | 183 +++++++++++++++-=
--------
>  arch/x86/kernel/process.c                       |  14 ++
>  arch/x86/kvm/svm.c                              |  14 ++
>  arch/x86/kvm/vmx.c                              |   4 +
>  arch/x86/mm/tlb.c                               |  21 ++-
>  12 files changed, 359 insertions(+), 77 deletions(-)
>=20
>=20
> Cc: Andi Kleen <ak@linux.intel.com>
> Cc: Andrea Arcangeli <aarcange@redhat.com>
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Arjan van de Ven <arjan@linux.intel.com>
> Cc: Ashok Raj <ashok.raj@intel.com>
> Cc: Asit Mallick <asit.k.mallick@intel.com>
> Cc: Borislav Petkov <bp@suse.de>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: Dave Hansen <dave.hansen@intel.com>
> Cc: David Woodhouse <dwmw@amazon.co.uk>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: H. Peter Anvin <hpa@zytor.com>
> Cc: Ingo Molnar <mingo@redhat.com>
> Cc: Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>
> Cc: Joerg Roedel <joro@8bytes.org>
> Cc: Jun Nakajima <jun.nakajima@intel.com>
> Cc: Laura Abbott <labbott@redhat.com>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Masami Hiramatsu <mhiramat@kernel.org>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Peter Zijlstra <peterz@infradead.org>
> Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Tim Chen <tim.c.chen@linux.intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: kvm@vger.kernel.org
> Cc: linux-kernel@vger.kernel.org
> Cc: x86@kernel.org
>=20
> --=20
> 2.7.4
>=20