Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code

From: Tim Chen
Date: Wed Jan 10 2018 - 16:35:56 EST

Next message: kbuild test robot: "Re: [PATCH V2 1/2] nvme: split resetting state into reset_prepate and resetting"
Previous message: Arnaldo Carvalho de Melo: "[PATCH 02/27] perf test bpf: Use designated struct field initializers"
In reply to: Van De Ven, Arjan: "RE: [patch RFC 5/5] x86/speculation: Add basic speculation control code"
Next in thread: Andrea Arcangeli: "Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 01/10/2018 05:53 AM, Van De Ven, Arjan wrote:
>> ibrs_enabled 2:
>>
>> sets IBRS always in host
>
> this is not secure
>
>> This matches the semantics described here by Tim patchset on lkml:
>>
>> https://marc.info/?l=linux-kernel&m=151520606320646
>
> I will talk to Tim, it's not right.
>
>

Yes, there's a misunderstanding on my part. Leaving IBRS=1 all the
time may not provide full protection on all cpu models.

Tim

Next message: kbuild test robot: "Re: [PATCH V2 1/2] nvme: split resetting state into reset_prepate and resetting"
Previous message: Arnaldo Carvalho de Melo: "[PATCH 02/27] perf test bpf: Use designated struct field initializers"
In reply to: Van De Ven, Arjan: "RE: [patch RFC 5/5] x86/speculation: Add basic speculation control code"
Next in thread: Andrea Arcangeli: "Re: [patch RFC 5/5] x86/speculation: Add basic speculation control code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]