From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Google-Smtp-Source: ACJfBoteRVdfPI5CtznbFxdbW79hxS/Vvu1xp/fyooktbm3jekNGVbvLOzYJhL1Q2X7tii5v4scE ARC-Seal: i=1; a=rsa-sha256; t=1516295285; cv=none; d=google.com; s=arc-20160816; b=QlG55YQMxs2y3jHwOzjk9AMNqSjqvIEyewv87bnBScCfdfIm8hiWqVsXYPLl/sC4TO mQ5hgnNUrE1zOkSNs+y81kKKIFu/95D6oMUuRb1sn/sbSRlAb7qWbxlIkTswdp4LDJnj 7dDbgI6A1Yj0TlsEajB3NUruNRd/BFuRYnCLMW6ei895ZnDRFYKyzovjQ3qW4ni7G/LI WOfFt6aPkENiR7ZZUsNAgth2N7nCVsPKOSxv7hDEZOxKlbgszw4Gan/hwWfbwsIdp1y2 86Dk/DhnTdaRTgqzAAvr7G5FVFR0hUVMjXrtX/W4jVNw1SpDAO340eoq9tyoo1ONv58w tWrg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :user-agent:date:message-id:from:cc:references:to:subject :arc-authentication-results; bh=0iowQxjUxrO28EezWWNRQZFh6WI7236vpKoSCpcbdIs=; b=g5szxyeAXv2fxTkUSAaffjuVCMK1ftg9WRxsTHHjFqhgh0W22Gog//SHrkutlSx6Qt zxuFdtPS8WhWp4QsTM2zzeDGWF7Boma7ZvUX+xHPf/ANzlk2PM9JpovaPdipdb/dwjqi 6RrDCXCTJC/d2DthgGOQIlAZkBdeKf4wuWHlc3JcreJwgulbvS1lKXwbLWXQg2eeoQ5y sGtRiM4ujxLVoLcp1G0WHKeKnCALyNGeLxiXo28geOWT10KexTFBMa2cxPtehvIr/t9c 0w9JKafRkfdyhTg+StkfyYXCKd0eJOOOgpl4iJVWGva6Pbw6Lr7IW+iuQU2UvYWHWugs Eciw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of dave.hansen@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=dave.hansen@intel.com Authentication-Results: mx.google.com; spf=pass (google.com: domain of dave.hansen@intel.com designates 192.55.52.93 as permitted sender) smtp.mailfrom=dave.hansen@intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,378,1511856000"; d="scan'208";a="196794256" Subject: Re: [PATCH 23/35] x86/speculation: Add basic speculation control code To: Josh Poimboeuf , Peter Zijlstra References: <20180118134800.711245485@infradead.org> <20180118140152.830682032@infradead.org> <20180118163745.t5nmwdr53wjsl7o5@treble> Cc: David Woodhouse , Thomas Gleixner , linux-kernel@vger.kernel.org, Ashok Raj , Tim Chen , Andy Lutomirski , Linus Torvalds , Greg KH , Andrea Arcangeli , Andi Kleen , Arjan Van De Ven , Dan Williams , Paolo Bonzini , Jun Nakajima , Asit Mallick , Jason Baron From: Dave Hansen Message-ID: <73a5735a-6a5b-0e0f-1f0b-e7cd955880d2@intel.com> Date: Thu, 18 Jan 2018 09:08:02 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: <20180118163745.t5nmwdr53wjsl7o5@treble> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-LABELS: =?utf-8?b?IlxcSW1wb3J0YW50Ig==?= X-GMAIL-THRID: =?utf-8?q?1589948948566960870?= X-GMAIL-MSGID: =?utf-8?q?1589950845081878713?= X-Mailing-List: linux-kernel@vger.kernel.org List-ID: On 01/18/2018 08:37 AM, Josh Poimboeuf wrote: >> >> --- a/Documentation/admin-guide/kernel-parameters.txt >> +++ b/Documentation/admin-guide/kernel-parameters.txt >> @@ -3932,6 +3932,7 @@ >> retpoline - replace indirect branches >> retpoline,generic - google's original retpoline >> retpoline,amd - AMD-specific minimal thunk >> + ibrs - Intel: Indirect Branch Restricted Speculation > Are there plans to add spectre_v2=ibrs_always to prevent SMT-based > attacks? What does "ibrs_always" mean to you? There is a second bit in the MSR (STIBP) that is intended to keep hyperthreads from influencing each-other. That is behavior is implicit when IBRS is enabled. I think ibrs_always *should* probably be kept to refer to the future CPUs that can safely leave IBRS enabled all the time.