On Mon, Feb 04, 2019 at 10:40:45PM +0100, Borislav Petkov wrote: > On Mon, Feb 04, 2019 at 12:46:30PM -0800, Dave Hansen wrote: > > Intel can obviously add or remove enumeration for a feature after > > silicon ships. But, that eats up microcode "patch" space which is an > > even more valuable resource than the microcode "ROM" space. That patch > > space is a very constrained resource when creating things like the > > side-channel mitigations. The way I read this situation is that this > > feature fills a bit small of a niche to justify consuming patch space. > > Yap, makes sense. I've heard that argumentation before, btw. > > > So, the compromise we reached in this case is that Intel will fully > > document the future silicon architecture, and then write the kernel > > implementation to _that_. > > Yap. > > > Then, for the weirdo deployments where this feature is not enumerated, > > we have the setcpuid= to fake the enumeration in software. > > > > The reason I'm pushing for setcpuid= instead of a one-off is that I > > don't expect this to be the last time Intel does this. I'd rather have > > one setcpuid= than a hundred things like "ac_split_lock_disable". > > So my only issue with this is the user having to type this in in order > to get the feature.
With "setcpuid=", there is no additional code to add as long as enumeration code is available. > > VS > > automatically enabling it during boot in early_init_intel() or so. No > need for any user intervention. It'll be just like a forgotten CPUID bit > and we've done those before. Every time a new feature like this case, the early_init_intel() needs to be changed for FMS etc. I guess that's a reason we want to use "setcpuid=" to deal with different cases withou changing code. Thanks. -Fenghua