On 04/18/2018 05:12 PM, speck for Konrad Rzeszutek Wilk wrote:
> On Wed, Apr 18, 2018 at 11:02:35AM -0400, speck for Jon Masters wrote:
>> On 04/18/2018 10:52 AM, speck for Konrad Rzeszutek Wilk wrote:
>>> On Wed, Apr 18, 2018 at 10:07:44AM -0400, speck for Jon Masters wrote:
>>>> On 04/18/2018 10:04 AM, speck for Thomas Gleixner wrote:
>>>>> On Wed, 18 Apr 2018, speck for Jon Masters wrote:
>>>>>> On 04/18/2018 04:54 AM, speck for Thomas Gleixner wrote:
>>>>>>> On Tue, 17 Apr 2018, speck for Konrad Rzeszutek Wilk wrote:
>>>>>>>> 2). SBB vs MDD vs SBBD.
>>>>>>>>
>>>>>>>> MDD = Memory Disambiguation Disable
>>>>>>>> SBB = Speculative Store Bypass
>>>>>>>> SBBD = Speculative Store Bypass Disable
>>>>>>>>
>>>>>>>> Thomas likes 'MDD', Jon likes 'SBB', but he is also fine with 'SBBD'.
>>>>>>>
>>>>>>> I'm fine with SBBD as well. It's the same semantics as the other knobs as
>>>>>>> it controls the mitigation.
>>>>>>
>>>>>> Great. Might I recommend keeping what I sent to Konrad (both mdd and
>>>>>> ssbd recognized), but do whichever you like Konrad ;)
>>>>>>
>>>>>>> So can we for now just start with the minimal set of auto, off, on and then
>>>>>>> hash out the prctl or not question. The big hammer is the most important
>>>>>>> piece we need to have ready for merging when the embargo is lifted.
>>>>>>
>>>>>> I've sent the big hammer patches last night. Konrad's original set with
>>>>>> a few fixes, and just does "auto", "off", "on", and tested working ok.
>>>>>
>>>>> Can we please have proper mail submitted patches? These tarballs are a
>>>>> PITA.
>>>>
>>>> Leaving the ball with Konrad to review/post when he's happy.
>>>
>>> Sure thing. Will crank on them tonight/tomorrow morning. And tomorrow
>>> night or Friday folks can rip in them.
>>>
>>> Will post them as v2!
>>
>> Great. Paolo is pondering the KVM side of things some more - we just
>> synced up on a few concerns I've got around exposing SPEC_CTRL. Due to
>> how Intel did this for guests, of course a guest can be started with MD
>> set but then whack it because it's not aware of that bit. From a Linux
> 
> Exactly. One of the patches takes care of that. It worked for me
> correctly, but I always appreciate more folks eye-balling it.
> 
>> PoV this is why I suggested a todo (feel free to incorporate if you
>> like) that x86_spec_ctrl_base be initially set at boot with an rdmsr.
>> Then we'd at least preserve additional new bits that are added later.
> 
> Right. And we can mask it.
>>
>> For other OSes, it might be we end up with a trapping solution for those
>> who want to be able to override a guest's view of MD if Intel can't be
>> persuaded to make MD lockable or something (as Paolo said, shadowing is
>> probably overkill/not possible at this point).
> 
> But having an 'ignore these XYZ guest bitfields' would be good. Thank
> you for poking Intel on this.

You're welcome :)

Btw, do you want me to post my broken out patches from the gzip for
discussion purposes, or wait for you to followup? I'm in NYC tonight
meeting up with Andrea and we'll probably also ponder more on this.

Jon.

-- 
Computer Architect | Sent from my Fedora powered laptop