On Wed, 2018-01-31 at 14:06 -0800, Jim Mattson wrote: > On Wed, Jan 31, 2018 at 1:59 PM, David Woodhouse <dwmw2@xxxxxxxxxxxxx> wrote: > > I'm actually working on IBRS_ALL at the moment. > > > > I was tempted to *not* let the guests turn it off. Expose SPEC_CTRL but > > just make it a no-op. > > Maybe we could convince Intel to add a LOCK bit to IA32_SPEC_CTRL like > the one in IA32_FEATURE_CONTROL. Given that IBRS_ALL is supposed to be a sanely-performing option, I'd rather convince Intel to just make it unconditional. If they've added the appropriate tagging to the BTB, why even *have* this deliberately insecure mode when IBRS==0? I understand that until/unless they get a *proper* fix, software is still going to have to use IBPB as appropriate. But there's no need for the IBRS bit to do *anything*.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
