From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: ARC-Seal: i=1; a=rsa-sha256; t=1516959640; cv=none; d=google.com; s=arc-20160816; b=TeEGU2yW8kw6lc3Bqs1c3JCr0DluTiUr7sn6YJZdUVv5nwLHR48EBewwNo2pnF5/n0 EU4e2vxV/TiuyIZY6yaAAzhfB1Z9jk5Y+/Q8rX+YSPrbfAKM/lhRXMJlYfJtdXl3may6 piCmTof34kTmtIXkEgRaCe7hXnfHJlo0GkKQnkFDa5h62lpVJ4RkZqEZDwj8gls8YFm2 iWoS6IrNJXH3ndkud6c7Eunpx4d0oC30nkRGJXJqWyCO60e/ysjs4yX5onlYR+P1BlGC i/FQMGdmY96VaooeI5pNRLmuIJtoQcJYw00QPYfVnu7LImwBbnKUcQORazORcjw8IiBu 3UJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=user-agent:in-reply-to:content-disposition:mime-version:references :message-id:subject:cc:to:from:date:sender:dkim-signature :arc-authentication-results; bh=ZYkE8slF9ZA3M1aGiKqvNquU78O6Rudt/egnMJwFl1c=; b=H+uh/RG+pVrGjNGQknl5BP9AA0TKZLr3YCCGT0mMT4SODtOb6RIMJgubKaer5cO2qZ tZg/7V59z+cW52YkyTRNuQI5JvfyJQ1zvi/1yInvFEzO5IcdoHARI0edZGmQSm4P2U2y 1ZmgsvomXL4L7KsYmOlCLFwwAfxsaXo9ZfqMoLbNGbyCdZ9GIewLH/F92BNoFqTk5Q9b YWmsWgRaLMfmrQXRrtGQbpl0wdztPfstN7Y65kJsXijzB+ohQ3nWgDguEC5Vbr3I/N6O CifdBvoJ/tadqgtIPbyiIn05JSqe4uk85eC50C1usBkdL0YN3C4gjw9C/6YR+rSPsQ4A Xw8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=H8aixAaS; spf=pass (google.com: domain of mingo.kernel.org@gmail.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=mingo.kernel.org@gmail.com Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=H8aixAaS; spf=pass (google.com: domain of mingo.kernel.org@gmail.com designates 209.85.220.65 as permitted sender) smtp.mailfrom=mingo.kernel.org@gmail.com X-Google-Smtp-Source: AH8x224ovEGtQDUL+bK4IQdglbUR34dS2Gpw/Jf5Io/A1GeQUoou2sIxnMZl3iU5OD8NG29dTjTUCA== Sender: Ingo Molnar Date: Fri, 26 Jan 2018 10:40:37 +0100 From: Ingo Molnar To: David Woodhouse Cc: Thomas Gleixner , arjan@linux.intel.com, karahmed@amazon.de, x86@kernel.org, linux-kernel@vger.kernel.org, tim.c.chen@linux.intel.com, bp@alien8.de, peterz@infradead.org, pbonzini@redhat.com, ak@linux.intel.com, torvalds@linux-foundation.org, gregkh@linux-foundation.org, dave.hansen@intel.com, gnomes@lxorguk.ukuu.org.uk, ashok.raj@intel.com Subject: Re: [PATCH v4 6/7] x86/cpufeature: Blacklist SPEC_CTRL on early Spectre v2 microcodes Message-ID: <20180126094036.uqi5w4qfvbuic37t@gmail.com> References: <1516872189-16577-1-git-send-email-dwmw@amazon.co.uk> <1516872189-16577-7-git-send-email-dwmw@amazon.co.uk> <1516876994.30244.51.camel@infradead.org> <1516879213.30244.74.camel@infradead.org> <1516887714.30244.121.camel@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1516887714.30244.121.camel@infradead.org> User-Agent: NeoMutt/20170609 (1.8.3) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1590555855308082400?= X-GMAIL-MSGID: =?utf-8?q?1590647471682438787?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: * David Woodhouse wrote: > On Thu, 2018-01-25 at 12:34 +0100, Thomas Gleixner wrote: > > > > This stuff is really a master piece of trainwreck engineering. > > > > So yeah, whatever we do we end up with a proper mess. Lets go for a > > blacklist and hope that we'll have something which holds at some > > foreseeable day in the future. > > > > The other concern I have is IBRS vs. IBPB. Are we sufficiently sure that > > IBPB is working on those IBRS blacklisted ucode revisions? Or should we > > just play safe and not touch any of this at all when we detect a > > blacklisted one? > > That isn't sufficiently clear to me. I've changed it back to blacklist > *everything* for now, to be safe. If at any point Intel want to get > their act together and give us coherent information to the contrary, we > can change to separate IBPB/IBRS blacklists. Yes. I also agree that blacklists are the fundamentally correct approach here: a bit-rotting blacklist is far better to users than a bit-rotting whitelist, assuming that the number of CPU and microcode bugs goes down with time. Thanks, Ingo