Re: [patch V2 27/28] x86/speculation: Add seccomp Spectre v2 user space protection mode

[Thomas Gleixner]

On Sun, 25 Nov 2018, Linus Torvalds wrote:

> [ You forgot to fix your quilt setup.. ]

Duh. Should have pinned that package.

> On Sun, 25 Nov 2018, Thomas Gleixner wrote:
> >
> > The mitigation guide documents how STIPB works:
> >
> >    Setting bit 1 (STIBP) of the IA32_SPEC_CTRL MSR on a logical processor
> >    prevents the predicted targets of indirect branches on any logical
> >    processor of that core from being controlled by software that executes
> >    (or executed previously) on another logical processor of the same core.
> 
> Can we please just fix this stupid lie?

Well, it's not a lie. The above is correct, it just does not tell WHY this
works.

> Yes, Intel calls it "STIBP" and tries to make it out to be about the
> indirect branch predictor being per-SMT thread.
> 
> But the reason it is unacceptable is apparently because in reality it just
> disables indirect branch prediction entirely. So yes, *technically* it's
> true that that limits indirect branch prediction to just a single SMT
> core, but in reality it is just a "go really slow" mode.

Indeed. Just checked the documentation again, it's also not clear whether
IBPB is required if STIPB is in use.

Thanks,

	tglx