On Thu, Jan 04, 2018 at 07:33:45PM +0100, Borislav Petkov wrote: > On Thu, Jan 04, 2018 at 09:56:47AM -0800, Tim Chen wrote: > > There are 2 ways to control IBRS > > > > 1. At boot time > > noibrs kernel boot parameter will disable IBRS usage > > > > Otherwise if the above parameters are not specified, the system > > will enable ibrs and ibpb usage if the cpu supports it. > > > > 2. At run time > > echo 0 > /sys/kernel/debug/ibrs_enabled will turn off IBRS > > echo 1 > /sys/kernel/debug/ibrs_enabled will turn on IBRS in kernel > > echo 2 > /sys/kernel/debug/ibrs_enabled will turn on IBRS in both > > userspace and kernel > > I am not sure that tristate is really needed. What's wrong with on/off > only?
well, tristate is to provide a new feature (which is also incidentally the mode new silicon will prefer to run). > Also, stuff like that: > > +/* mutex to serialize IBRS control changes */ > +DEFINE_MUTEX(spec_ctrl_mutex); > +EXPORT_SYMBOL(spec_ctrl_mutex); > > looks ugly. Consolidating in arch/x86/kernel/spec_ctrl.c would allow removing that export. Here I've got: static DEFINE_MUTEX(spec_ctrl_mutex); > Wrapper functions which everything calls and they hide internals are > much more preferrable. Agreed. > And then, if at all, this needs to be connected to the retpolines fun, > methinks, so that it can be decided at boot what to use. Turning this off at any time is very easy, making reptoline runtime disabled is more difficult. Thanks, Andrea
