On Sat, Jan 20, 2018 at 08:22:56PM +0100, KarimAllah Ahmed wrote:
> From: David Woodhouse <dwmw@xxxxxxxxxxxx>
>
> Not functional yet; just add the handling for it in the Spectre v2
> mitigation selection, and the X86_FEATURE_IBRS flag which will control
> the code to be added in later patches.
>
> Also take the #ifdef CONFIG_RETPOLINE from around the RSB-stuffing; IBRS
> mode will want that too.
>
> For now we are auto-selecting IBRS on Skylake. We will probably end up
> changing that but for now let's default to the safest option.
>
> XX: Do we want a microcode blacklist?
>
> [karahmed: simplify the switch block and get rid of all the magic]
>
> Signed-off-by: David Woodhouse <dwmw@xxxxxxxxxxxx>
> Signed-off-by: KarimAllah Ahmed <karahmed@xxxxxxxxx>
[...]
> + case SPECTRE_V2_CMD_FORCE:
> + /*
> + * If we have IBRS support, and either Skylake or !RETPOLINE,
> + * then that's what we do.
> + */
> + if (boot_cpu_has(X86_FEATURE_SPEC_CTRL) &&
> + (is_skylake_era() || !retp_compiler())) {
Sorry for being confused here, as probably the answer is buried
on a LKML thread somewhere. The comment explains what the code
does, but not why. Why exactly IBRS is preferred on Skylake?
I'm asking this because I would like to understand the risks
involved when running under a hypervisor exposing CPUID data that
don't match the host CPU. e.g.: what happens if a VM is migrated
from a Broadwell host to a Skylake host?
> + mode = SPECTRE_V2_IBRS;
> + setup_force_cpu_cap(X86_FEATURE_IBRS);
> + break;
> + }
> + /* Fall through */
> case SPECTRE_V2_CMD_RETPOLINE:
[...]
--
Eduardo
