Re: [Patch v5 12/16] x86/speculation: Create PRCTL interface to restrict indirect branch speculation

[Jiri Kosina]

On Fri, 16 Nov 2018, Tim Chen wrote:

> Create PRCTL interface to restrict an application's indirect branch
> speculation.  This will protect the application against spectre v2 attack
> from another application.
> 
> Invocations:
> Check indirect branch speculation status with
> - prctl(PR_GET_SPECULATION_CTRL, PR_SPEC_INDIR_BRANCH, 0, 0, 0);
> 
> Enable indirect branch speculation with
> - prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIR_BRANCH, PR_SPEC_ENABLE, 0, 0);
> 
> Disable indirect branch speculation with
> - prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIR_BRANCH, PR_SPEC_DISABLE, 0, 0);
> 
> Force disable indirect branch speculation with
> - prctl(PR_SET_SPECULATION_CTRL, PR_SPEC_INDIR_BRANCH, PR_SPEC_FORCE_DISABLE, 0, 0);
> 
> See Documentation/userspace-api/spec_ctrl.rst.

I think that the fact that this talks about "indirect branch predictions" 
in general terms, but really controls only the SMT aspect of it (STIBP), 
as quite confusing.

So I believe it should either be renamed, or actually control semantics of 
IBPB as well, no?

Thanks,

-- 
Jiri Kosina
SUSE Labs