Re: [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status

From: Andrew Cooper
Date: Mon Aug 21 2023 - 05:28:17 EST

Next message: Robin Murphy: "Re: [PATCH v5] perf: arm_cspmu: Separate Arm and vendor module"
Previous message: Michal Hocko: "Re: [PATCH] mm: fix draining remote pageset"
In reply to: Nikolay Borisov: "Re: [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status"
Next in thread: Borislav Petkov: "Re: [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 21/08/2023 2:18 am, Josh Poimboeuf wrote:
> diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
> index 7eca6a8abbb1..b08af929135d 100644
> --- a/arch/x86/kernel/cpu/amd.c
> +++ b/arch/x86/kernel/cpu/amd.c
> @@ -766,6 +766,15 @@ static void early_init_amd(struct cpuinfo_x86 *c)
>
> if (cpu_has(c, X86_FEATURE_TOPOEXT))
> smp_num_siblings = ((cpuid_ebx(0x8000001e) >> 8) & 0xff) + 1;
> +
> + if (!cpu_has(c, X86_FEATURE_IBPB_BRTYPE)) {

This patch is necessary but not sufficient to fix the bugs. There needs
to be a !cpu_has_hypervisor in here.

Linux must not probe microcode when virtualised. What it may see
instantaneously on boot (owing to MSR_PRED_CMD being fully passed
through) is not accurate for the lifetime of the VM.

And yes, sucks for you if you're under an unaware hypervisor, but you've
already lost in that case anyway...

~Andrew

Next message: Robin Murphy: "Re: [PATCH v5] perf: arm_cspmu: Separate Arm and vendor module"
Previous message: Michal Hocko: "Re: [PATCH] mm: fix draining remote pageset"
In reply to: Nikolay Borisov: "Re: [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status"
Next in thread: Borislav Petkov: "Re: [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]