Re: [PATCH v3 01/13] x86/retpoline: Add initial retpoline support
From: Thomas Gleixner
Date: Fri Jan 05 2018 - 07:54:55 EST
On Thu, 4 Jan 2018, David Woodhouse wrote:
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index 07cdd1715705..900fa7016d3f 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -342,5 +342,6 @@
> #define X86_BUG_MONITOR X86_BUG(12) /* IPI required to wake up remote CPU */
> #define X86_BUG_AMD_E400 X86_BUG(13) /* CPU is among the affected by Erratum 400 */
> #define X86_BUG_CPU_INSECURE X86_BUG(14) /* CPU is insecure and needs kernel page table isolation */
> +#define X86_BUG_NO_RETPOLINE X86_BUG(15) /* Placeholder: disable retpoline branch thunks */
I think this is the wrong approach. We have X86_BUG_CPU_INSECURE, which now
should be renamed to X86_BUG_CPU_MELTDOWN_V3 or something like that. It
tells the kernel, that the CPU is affected by variant 3.
If the kernel detects that and has PTI support then it sets the 'pti'
feature bit which tells that the mitigation is in place.
So what we really want is
X86_BUG_MELTDOWN_V1/2/3
which get set when the CPU is affected by a particular variant and then
have feature flags
X86_FEATURE_RETPOLINE
X86_FEATURE_IBRS
X86_FEATURE_NOSPEC
or whatever it takes to signal that a mitigation is in place. Then we
depend all actions on those feature flags very much in the way we do for
FEATURE_PTI.
If CPUs come along which are not affected by a particular variant the BUG
flag does not get set.
Thanks,
tglx