On Sun, 2018-01-21 at 09:02 -0500, Konrad Rzeszutek Wilk wrote:
> 
> 
> Depend on what we expose to the guest. That is if the guest is not suppose to have this exposed
> (say cpuid 27 bit is not exposed) then trap on the MSR (and give an #GP)?

I think for SPEC_CTRL we want to trap on the MSR anyway. Saving and
restoring is is *bizarrely* slow, apparently, even when it's zero.

I think we want to trap on the first access, and only then disable the
intercept and enable the save/restore. That way, sane guests that only
ever use retpoline and IBPB (which is write-only and doesn't need
saving) won't ever take the performance hit.

It's going to want this: https://patchwork.kernel.org/patch/10167667/

> Mihai (CC-ed) is working on this, when ready he can post an patch against this tree?

That'd be useful; thanks. The latest (including the bits on top that we
probably aren't going to submit, with saner bits near the beginning)
should always be at
http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb