From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ak@linux.intel.com>
X-Google-Smtp-Source: AH8x224MxH386fPdTGiiGAiBqPnFXaU8crzJsKJJV6RaSXXexSinKGvTKTn5B4/yqtp3zfzplOUK
ARC-Seal: i=1; a=rsa-sha256; t=1517264722; cv=none;
        d=google.com; s=arc-20160816;
        b=eoCp9ijqJ8A/CND1tdiB4JOkhkgPtgjWrUIpcmUSmV/9qJTVvGoAMmZZK4jpBHNJRZ
         /DTzaPI6bVWXT/f8j54nHTxi9R6wnyxuyZjyc01qJGCQNWGvHwDuFZpoQKEd3t26YSsd
         39MLNfuYb5reCBACG7rdM8uBAbpPVT6cAYBJkoh3hyeJJHz9jXwkvNBLJ26PzEjfuHzJ
         hnYiVXr5T7+eNOhWwFzH6XijjuTrVdDIOpUZ1W7TZdKfrXzfgUril0/xhX8rjeNWpSVE
         ZC364xDb++aaSpFdkpCrfx4UTUN7Spb5djLaQ3Mk8rJl6aWxvHC7szmJz/mtwggev7hm
         QnMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=user-agent:in-reply-to:content-disposition:mime-version:references
         :message-id:subject:cc:to:from:date:arc-authentication-results;
        bh=IGwE+63RGW5QADyq5ChPUnreXOXBk3bjqoL4jh5APp4=;
        b=mP6efCkZ5GZ0aWwCg+RL+hi+dNKcJJnWV9S4W9d+dXeW70yJDO42NAIib4jY7Fd5oj
         VPKgNf1pf+yjM77qXmUmX9KG4TG0ffzYBVH7PY5S1Lh+Z1WySHcYhm3y2XE/Zc/TsVKa
         OljMPUvZmRZvDGThQxMK3Ws4QofJTryPcPyNrZHKe8VaLlzH0dOy7b/j0MDnV1Y6Fspk
         kGeK/K9gze2aUNwXVtxbO7MxV1g/jIVXHUKEj3KUe5BC/CupWWjoCcP0dXrbvCYigoad
         Bw5iKQsTB0IFINM9Q46DpgMLKaXo5SRAkNuicISHRk17BQ5IaQ97AA6tUnjQgJM4xaKC
         J5jQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of ak@linux.intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=ak@linux.intel.com
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of ak@linux.intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=ak@linux.intel.com
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,432,1511856000";
   d="scan'208";a="14024316"
Date: Mon, 29 Jan 2018 14:25:12 -0800
From: Andi Kleen <ak@linux.intel.com>
To: Eduardo Habkost <ehabkost@redhat.com>
Cc: Jim Mattson <jmattson@google.com>,
	David Woodhouse <dwmw2@infradead.org>,
	Arjan van de Ven <arjan@linux.intel.com>,
	KarimAllah Ahmed <karahmed@amazon.de>,
	LKML <linux-kernel@vger.kernel.org>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Andy Lutomirski <luto@kernel.org>, Ashok Raj <ashok.raj@intel.com>,
	Asit Mallick <asit.k.mallick@intel.com>,
	Borislav Petkov <bp@suse.de>,
	Dan Williams <dan.j.williams@intel.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	"H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
	Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
	Joerg Roedel <joro@8bytes.org>,
	Jun Nakajima <jun.nakajima@intel.com>,
	Laura Abbott <labbott@redhat.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Tim Chen <tim.c.chen@linux.intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	kvm list <kvm@vger.kernel.org>,
	the arch/x86 maintainers <x86@kernel.org>,
	"Dr. David Alan Gilbert" <dgilbert@redhat.com>
Subject: Re: [RFC,05/10] x86/speculation: Add basic IBRS support
 infrastructure
Message-ID: <20180129222512.GT26209@tassilo.jf.intel.com>
References: <1516476182-5153-6-git-send-email-karahmed@amazon.de>
 <20180129201404.GA1588@localhost.localdomain>
 <1517257022.18619.30.camel@infradead.org>
 <20180129204256.GV25150@localhost.localdomain>
 <31415b7f-9c76-c102-86cd-6bf4e23e3aee@linux.intel.com>
 <1517259759.18619.38.camel@infradead.org>
 <CALMp9eQ9o81TAsb9sBmD5F7EXMsi5WGKO7Q3Yce2xfqRirbUTA@mail.gmail.com>
 <20180129215025.GX25150@localhost.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180129215025.GX25150@localhost.localdomain>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1590140581449802182?=
X-GMAIL-MSGID: =?utf-8?q?1590967373962276440?=
X-Mailing-List: linux-kernel@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>


I agree with your point that the common hypervisor practice to fake
old model numbers will break some of the workarounds. Hypervisors
may need to revisit their practice.

> > In general, making these kinds of decisions based on F/M/S is probably
> > unwise when running in a VM.
> 
> Certainly.  That's why I suggest not trusting f/m/s unless the
> hypervisor is explicitly saying it's accurate.

This would be only useful if there's an useful result of this
non trust.

But there isn't. Except for panic there's nothing you could do.
And I don't think panic would be reasonable.

The "Skylake bit " or "not skylake bit" doesn't make any sense
to me. If a hypervisor wants to enable Skylake workarounds
they need to provide the Skylake model number. If they don't
think they need them because the VM can never be migrated
to Skylake, then they don't need to set that model
number. 

So there isn't any need for inventing any new bits, it's
all already possible.

-Andi