From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ak@linux.intel.com>
X-Google-Smtp-Source: AH8x225OO1msehJdDVMHgyJB+mLjlV3PQ5OcYmBjDNrOTpIgL7Mh3Nv9VgT7UlbJXSEzFtL/yVw0
ARC-Seal: i=1; a=rsa-sha256; t=1516989551; cv=none;
        d=google.com; s=arc-20160816;
        b=oKsbstCZ2MmUv6vKoSDgwHwVxp16Iipd1XE3erCYnB+S5edIPR6PZhxHqoCR+/LNPZ
         6oRipH92Hhsyd7zXZq7Z9bdRiSjJo8kwj9fylgY9qRzzHyRv3edptU7VJr7j0Iwp+THT
         bW+dVC8+p1+Ux9Hf699gN9uTTYIpxFKn/A/uEn5heMZps4hHLRPJZ0RC386wbBiu++D2
         vGXGkQGtqHNWWpm0bXcvvVQMWDoUjG32l636kb4EiWufajiRL+lYsVgacX+qgBETrNJB
         w/XLKCIm7yvMPpqDHexzL9CiEMS6B7zBvkK7vzct220zrroPjoA/cJUUPfTZo7Yeb4Wr
         wvaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=user-agent:in-reply-to:content-disposition:mime-version:references
         :message-id:subject:cc:to:from:date:arc-authentication-results;
        bh=7hXr9Y62FdgpuznM55OkLVWUmDsLki4A9crw6G/cQJY=;
        b=F8o7UOvTtu8niDtewnMA+U59I9uwQKR0Q3xtoBl1rmp56J5LvUXehj75XQQmjTomQ2
         H/HFoJYYn9fWHXZF4BOMZabRWujuqfnNd+YgS8BWSv18bE1d+sJBGW/1pOxD0SXTJW/7
         vo6KN0SoEc5JVfCVX1Ux7XGWCebGBNIXzeqL4abXbxpRA6g2bJw8qWZHhF7n2ImgW7rm
         lENdOc7Z36H7GivfHq29hmdfSu4F7BrCyW+adyV7YhIA75Dc4thoEL0ZQX/2OitfLGYP
         mwW14qn4M0BbrvjNEbvt+2pevX01Jfk935UWf9VYU4fqucx8jVZGMC2GbmPH0WQjqHav
         QpYg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of ak@linux.intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=ak@linux.intel.com
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of ak@linux.intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=ak@linux.intel.com
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,417,1511856000";
   d="scan'208";a="13388641"
Date: Fri, 26 Jan 2018 09:59:01 -0800
From: Andi Kleen <ak@linux.intel.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Woodhouse <dwmw2@infradead.org>,
	Dave Hansen <dave.hansen@intel.com>,
	Liran Alon <liran.alon@oracle.com>,
	Laura Abbott <labbott@redhat.com>,
	Andrew Lutomirski <luto@kernel.org>,
	Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
	Borislav Petkov <bp@suse.de>,
	"Mallick, Asit K" <asit.k.mallick@intel.com>,
	Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
	KarimAllah Ahmed <karahmed@amazon.de>, Peter Anvin <hpa@zytor.com>,
	Jun Nakajima <jun.nakajima@intel.com>,
	Ingo Molnar <mingo@redhat.com>,
	the arch/x86 maintainers <x86@kernel.org>,
	Ashok Raj <ashok.raj@intel.com>,
	"Van De Ven, Arjan" <arjan.van.de.ven@intel.com>,
	Tim Chen <tim.c.chen@linux.intel.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Peter Zijlstra <peterz@infradead.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Masami Hiramatsu <mhiramat@kernel.org>,
	Arjan van de Ven <arjan@linux.intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Dan Williams <dan.j.williams@intel.com>,
	Joerg Roedel <joro@8bytes.org>,
	Andrea Arcangeli <aarcange@redhat.com>,
	KVM list <kvm@vger.kernel.org>
Subject: Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict
 Indirect Branch Speculation
Message-ID: <20180126175901.GL26209@tassilo.jf.intel.com>
References: <7c0b0879-3448-43e4-8380-4708fc787113@default>
 <50c5d627-8975-184b-b50f-4cc02c5816c5@intel.com>
 <1516957886.30244.161.camel@infradead.org>
 <CA+55aFxRsAh_dv6aoDNj+yqzcgzctda0ETZ_2DbjMwSZDwPLDA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CA+55aFxRsAh_dv6aoDNj+yqzcgzctda0ETZ_2DbjMwSZDwPLDA@mail.gmail.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1590140582166248265?=
X-GMAIL-MSGID: =?utf-8?q?1590678835925901472?=
X-Mailing-List: linux-kernel@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>

On Fri, Jan 26, 2018 at 09:19:09AM -0800, Linus Torvalds wrote:
> On Fri, Jan 26, 2018 at 1:11 AM, David Woodhouse <dwmw2@infradead.org> wrote:
> >
> > Do we need to look again at the fact that we've disabled the RSB-
> > stuffing for SMEP?
> 
> Absolutely. SMEP helps make people a lot less worried about things,
> but it doesn't fix the "BTB only contains partial addresses" case.
> 
> But did we do that "disable stuffing with SMEP"? I'm not seeing it. In
> my tree, it's only conditional on X86_FEATURE_RETPOLINE.

For Skylake we need RSB stuffing even with SMEP to avoid falling back to the
BTB on underflow.

It's also always needed with virtualization.

-Andi

From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andi Kleen <ak@linux.intel.com>
Subject: Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict
 Indirect Branch Speculation
Date: Fri, 26 Jan 2018 09:59:01 -0800
Message-ID: <20180126175901.GL26209@tassilo.jf.intel.com>
References: <7c0b0879-3448-43e4-8380-4708fc787113@default>
 <50c5d627-8975-184b-b50f-4cc02c5816c5@intel.com>
 <1516957886.30244.161.camel@infradead.org>
 <CA+55aFxRsAh_dv6aoDNj+yqzcgzctda0ETZ_2DbjMwSZDwPLDA@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: David Woodhouse <dwmw2@infradead.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Liran Alon <liran.alon@oracle.com>,
        Laura Abbott <labbott@redhat.com>,
        Andrew Lutomirski <luto@kernel.org>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Borislav Petkov <bp@suse.de>,
        "Mallick, Asit K" <asit.k.mallick@intel.com>,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        KarimAllah Ahmed <karahmed@amazon.de>,
        Peter Anvin <hpa@zytor.com>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Ingo Molnar <mingo@redhat.com>,
        the arch/x86 maintainers <x86@kernel.org>,
        Ashok Raj <ashok.raj@intel.com>,
        "Van De Ven, Arjan" <arjan.van.de.ven@intel.com>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Linux Kernel Mailing List <linux-kernel@vge
To: Linus Torvalds <torvalds@linux-foundation.org>
Return-path: <linux-kernel-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <CA+55aFxRsAh_dv6aoDNj+yqzcgzctda0ETZ_2DbjMwSZDwPLDA@mail.gmail.com>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: kvm.vger.kernel.org

On Fri, Jan 26, 2018 at 09:19:09AM -0800, Linus Torvalds wrote:
> On Fri, Jan 26, 2018 at 1:11 AM, David Woodhouse <dwmw2@infradead.org> wrote:
> >
> > Do we need to look again at the fact that we've disabled the RSB-
> > stuffing for SMEP?
> 
> Absolutely. SMEP helps make people a lot less worried about things,
> but it doesn't fix the "BTB only contains partial addresses" case.
> 
> But did we do that "disable stuffing with SMEP"? I'm not seeing it. In
> my tree, it's only conditional on X86_FEATURE_RETPOLINE.

For Skylake we need RSB stuffing even with SMEP to avoid falling back to the
BTB on underflow.

It's also always needed with virtualization.

-Andi