Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

From: David Woodhouse
Date: Sun Jan 28 2018 - 15:57:04 EST

Next message: Arnd Bergmann: "Re: [PATCH 4/6] MAINTAINERS: Update "ARM/OXNAS platform support" patterns"
Previous message: Andy Lutomirski: "Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL"
In reply to: Andy Lutomirski: "Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL"
Next in thread: Van De Ven, Arjan: "RE: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 2018-01-28 at 12:53 -0800, Andy Lutomirski wrote:
>
> > I believe it does. Guest kernel is protected from any guest userspace
> > predictions learned before IBRS was last set to 1 in *any* mode,
> > including host.
>
> Hmm, you're probably right.
>
> I would love to know what awful hack Intel did that resulted in these semantics.

I am not convinced I ever really want to know. I just want it all to go
away in a future CPU with a SPCTR_NO bit in IA32_ARCH_CAPABILITIES.
(Not the IBRS_ALL interim hack).

I think it's a mixture of ongoing checking, and a barrier. And perhaps
varying proportions of each, in different CPU generations. By defining
it thus, they can actually implement it *either* way.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Arnd Bergmann: "Re: [PATCH 4/6] MAINTAINERS: Update "ARM/OXNAS platform support" patterns"
Previous message: Andy Lutomirski: "Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL"
In reply to: Andy Lutomirski: "Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL"
Next in thread: Van De Ven, Arjan: "RE: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]