Re: [tip:x86/pti] x86/speculation: Use IBRS if available before calling into firmware

From: Tim Chen
Date: Wed Feb 14 2018 - 21:01:52 EST


On 02/14/2018 03:19 PM, Ingo Molnar wrote:
>
> * Tim Chen <tim.c.chen@xxxxxxxxxxxxxxx> wrote:
>
>> On 02/14/2018 12:56 AM, Peter Zijlstra wrote:
>>
>>>
>>> At the very least this must disable and re-enable preemption, such that
>>> we guarantee we inc/dec the same counter. ISTR some firmware calls (EFI)
>>> actually are preemptible so that wouldn't work.
>>>
>>> Further, consider:
>>>
>>> this_cpu_inc_return() // 0->1
>>> <NMI>
>>> this_cpu_inc_return() // 1->2
>>> call_broken_arse_firmware()
>>> this_cpu_dec_return() // 2->1
>>> </NMI>
>>> wrmsr(SPEC_CTRL, IBRS);
>>>
>>> /* from dodgy firmware crap */
>>>
>>> this_cpu_dec_return() // 1->0
>>> wrmsr(SPEC_CTRL, 0);
>>>
>>
>> How about the following patch.
>
> These fragile complications of the interface should now be unnecessary, as the
> only driver that called firmware from NMI callbacks (hpwdt.c) is going to remove
> those firmware callbacks in the near future - solving the problem at the source.
>
> Thanks,
>
> Ingo
>

Sounds good. I sent this out before seeing the other mails on removing NMI callbacks
from hpwdt.c

Tim