From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: AH8x226ruLZ3pvVNf0GV+zSoWDb3WnMgaDajgTHLfSK6d/0do9UeSNTO6xbS6TOA2rB4/gmF/e9V ARC-Seal: i=1; a=rsa-sha256; t=1516985303; cv=none; d=google.com; s=arc-20160816; b=HY0JxZWiqKn611eiC8eVTRhKwgE8tihIeqHsyQFvFL6q8oeIfCFPLqWmCwdn65xPRM ASAZrN4xjbS1vd+PLeXdjm7YeIzXlfKlGcx6VCstBhknvlyv3sHZYppC/C3XhA0CpF8+ DznafvE1lcyKSX4Ud9IHNz3aaA0mYHX8/vhcFitWy7bpFsADohlZAaPGIqNPn49eSQAf ue8CVXkXgKUT5lqv+M/oZey7eXFJ+qru97FDay/bkmTL1f21eAbYKIjTpPjTggfLM4H2 7ohRtDuFzqBxKt8eggjlMb7O9+vyekbf2B9mlzGHTIpiJ55lngycJxrPL4U2rbXy+8WQ px/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:organization:references :in-reply-to:message-id:subject:cc:to:from:date :arc-authentication-results; bh=sbpcASHxiWgEbkJopvQVssdAIRyRkbV/2nEsFHIVO9A=; b=A/pPtAV3/d/2LvnRcei+X0pa4YK1P0MYihV6YJH32tfBrMWmLTw+9SHXgMeNr2Gj1k Cr6RA15Z9yjf9hqkQFPDTnltdLazBvvdahP1DJ+KhGuxv8IEgd9DGxdBkZM3wbjNMai2 Eta2+/T26sZZ8r8E38ehPKhC4p/QarY/mnymZYwR9+csndO8rIbaOzujV2UJiWK1mYX+ 8k4CfXUZ9fLp/24Q6IFpbwUb7039dAs3TKKrWvgXAKbBwkzhmX4MCBbvoEu97Y/LlbO8 E9ry65S0KKRQkyIRZL1Bx+3b7ZIwqTeyYL0DOTn9R3i8wYKaI7i4Z1SzOS7sPtafycgy qHgQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of gnomes@lxorguk.ukuu.org.uk designates 82.70.14.225 as permitted sender) smtp.mailfrom=gnomes@lxorguk.ukuu.org.uk Authentication-Results: mx.google.com; spf=pass (google.com: domain of gnomes@lxorguk.ukuu.org.uk designates 82.70.14.225 as permitted sender) smtp.mailfrom=gnomes@lxorguk.ukuu.org.uk Date: Fri, 26 Jan 2018 16:47:47 +0000 From: Alan Cox To: Yves-Alexis Perez Cc: David Woodhouse , arjan@linux.intel.com, tglx@linutronix.de, karahmed@amazon.de, x86@kernel.org, linux-kernel@vger.kernel.org, tim.c.chen@linux.intel.com, bp@alien8.de, peterz@infradead.org, pbonzini@redhat.com, ak@linux.intel.com, torvalds@linux-foundation.org, gregkh@linux-foundation.org, dave.hansen@intel.com Subject: Re: [PATCH v3 5/6] x86/pti: Do not enable PTI on processors which are not vulnerable to Meltdown Message-ID: <20180126164747.795831ab@alans-desktop> In-Reply-To: <1516968886.19619.7.camel@debian.org> References: <1516813025-10794-1-git-send-email-dwmw@amazon.co.uk> <1516813025-10794-6-git-send-email-dwmw@amazon.co.uk> <1516968886.19619.7.camel@debian.org> Organization: Intel Corporation X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1590493766352787258?= X-GMAIL-MSGID: =?utf-8?q?1590674381133868452?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: On Fri, 26 Jan 2018 13:14:46 +0100 Yves-Alexis Perez wrote: > On Wed, 2018-01-24 at 16:57 +0000, David Woodhouse wrote: > > Some old Atoms, anything in family 5 or 4, and newer CPUs when they adv= ertise > > the IA32_ARCH_CAPABILITIES MSR and it has the RDCL_NO bit set, are not = vulnerable. > >=20 > > Roll the AMD exemption into the x86_match_cpu() table too. > >=20 > > Based on suggestions from Dave Hansen and Alan Cox. =20 >=20 > Hi David, >=20 > I know we'll still be able to manually enable PTI with a command line opt= ion, > but it's also a hardening feature which has the nice side effect of emula= ting > SMEP on CPU which don't support it (e.g the Atom boxes above). >=20 > Couldn't we keep the =E2=80=9Cdefault on=E2=80=9D? Or maybe on boxes whic= h also have CPID (in > order to limit the performance cost)? For the old atom processors you really don't want the extra cost as a default. These are older much slower devices and don't have PCID. Alan