From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tglx@linutronix.de>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 26 Feb
  2019 19:29:39 -0000
Received: from p5492e0d8.dip0.t-ipconnect.de ([84.146.224.216] helo=nanos)
	by Galois.linutronix.de with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <tglx@linutronix.de>)
	id 1gyiQ6-0000Zm-9V
	for speck@linutronix.de; Tue, 26 Feb 2019 20:29:38 +0100
Date: Tue, 26 Feb 2019 20:29:32 +0100 (CET)
From: Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [patch V4 09/11] x86/speculation/mds: Add mitigation mode
 VMWERV
In-Reply-To: <20190225203101.GB6558@mgross-MOBL.amr.corp.intel.com>
Message-ID: <alpine.DEB.2.21.1902262016140.1638@nanos.tec.linutronix.de>
References: <20190222222418.405369026@linutronix.de>
 <20190222224149.881444221@linutronix.de>
 <20190225203101.GB6558@mgross-MOBL.amr.corp.intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

On Mon, 25 Feb 2019, speck for mark gross wrote:
> On Fri, Feb 22, 2019 at 11:24:27PM +0100, speck for Thomas Gleixner wrote:
> > From: Thomas Gleixner <tglx@linutronix.de>
> > 
> > In virtualized environments it can happen that the host has the microcode
> > update which utilizes the VERW instruction to clear CPU buffers, but the
> > hypervisor is not yet updated to expose the X86_FEATURE_MD_CLEAR CPUID bit
> > to guests.
> > 
> > Introduce an internal mitigation mode VWWERV which enables the invocation
> > of the CPU buffer clearing even if X86_FEATURE_MD_CLEAR is not set. If the
> > system has no updated microcode this results in a pointless execution of
> > the VERW instruction wasting a few CPU cycles. If the microcode is updated,
> > but not exposed to a guest then the CPU buffers will be cleared.
> > 
> > That said: Virtual Machines Will Eventually Receive Vaccine

> > + vmwerv	 Mitigation is enabled. CPU is affected and MD_CLEAR is not
>     vmverw  <-- type oh?

Actually it's intentional. I was looking for something which is a subtle
hint for why this thing exists in the first place and is a proper
acronym. See above.

I probably could come up with something for what vmverw states, but the
subtle hint is then even more subtle. Not that I care much.

Thanks,

	tglx