On Mon, 2024-12-02 at 09:26 -0800, Dave Hansen wrote: > On 11/28/24 05:28, Amit Shah wrote: > > From: Amit Shah <amit.shah@xxxxxxx> > > > > When Automatic IBRS is disabled, Linux flushed the RSB on every > > context > > switch. This RSB flush is not necessary in software with the ERAPS > > feature on Zen5+ CPUs that flushes the RSB in hardware on a context > > switch (triggered by mov-to-CR3). > > > > Additionally, the ERAPS feature also tags host and guest addresses > > in > > the RSB - eliminating the need for software flushing of the RSB on > > VMEXIT. > > > > Disable all RSB flushing by Linux when the CPU has ERAPS. > > > > Feature mentioned in AMD PPR 57238. Will be resubmitted once APM > > is > > public - which I'm told is imminent. > > There was a _lot_ of discussion about this. But all of that > discussion > seems to have been trimmed out and it seems like we're basically back > to: "this is new hardware supposed to mitigate SpectreRSB, thus it > mitigates SpectreRSB." Absolutely, I don't want that to get lost -- but I think that got captured in Josh's rework patchset. With that rework, I don't even need this patchset for the hardware feature to work, because we now rely on AutoIBRS to do the RSB clearing; and the hardware takes care of AutoIBRS and ERAPS interaction in Zen5. The only thing this patch now does is to handle the AutoIBRS-disabled case -- which happens when SEV-SNP is turned on (i.e. let the hw clear the RSB instead of stuffing it in Linux). I can still include the summary of the discussion in this patch - I just feel it isn't necessary with the rework. Amit
