Re: [PATCH v4 6/7] x86/cpufeature: Blacklist SPEC_CTRL on early Spectre v2 microcodes
From: Thomas Gleixner
Date: Thu Jan 25 2018 - 05:54:35 EST
On Thu, 25 Jan 2018, David Woodhouse wrote:
> On Thu, 2018-01-25 at 09:23 +0000, David Woodhouse wrote:
> >
> > +/*
> > + * Early microcode releases for the Spectre v2 mitigation were broken.
> > + * Information taken from;
> > + * â https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/microcode-update-guidance.pdf
>
> Oh look, Intel have released a *third* version of that document
> already, and they've bumped the bad Kabylake versions to 0x84, although
> they're *still* missing out the KBL 906EA SKU which was updated to 0x80
> in the public 20180108 microcode release. I'll bump them all in my tree
> to 0x84.
>
> Thomas, want another copy in email now, or were we waiting for another
> round of these before you merge them anyway?
Looking at this mess makes me even less convinced that a blacklist is a
good idea. We have already at least 3 different variants of blacklists.
So I rather see a whitelist approach which says:
if (ucode_version < known_good(family, model))
return;
I know it would require that Intel releases a set of known good ucodes at
some point in the future, but that's a reasonable request.
I rather take a few patches which add the cutoff for family/model (and NO,
I don't want to add stepping into the mix at all) than having this
blacklist mess which keeps changing every other day.
Thanks,
tglx