From owner-freebsd-stable@freebsd.org  Wed Dec 11 16:30:28 2019
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3BF5A1DA32E
 for <freebsd-stable@mailman.nyi.freebsd.org>;
 Wed, 11 Dec 2019 16:30:28 +0000 (UTC)
 (envelope-from carpeddiem@gmail.com)
Received: from mail-il1-f180.google.com (mail-il1-f180.google.com
 [209.85.166.180])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 47Y2Tv1zT6z4JVG
 for <freebsd-stable@freebsd.org>; Wed, 11 Dec 2019 16:30:26 +0000 (UTC)
 (envelope-from carpeddiem@gmail.com)
Received: by mail-il1-f180.google.com with SMTP id t17so19920792ilm.13
 for <freebsd-stable@freebsd.org>; Wed, 11 Dec 2019 08:30:26 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to;
 bh=iW+NhvLEkdBcRxJymjM3txiRIcIdPSJVgMcRBUWH4XU=;
 b=HQngF3SlYmk2DvoqdrKTFG7428BB3Q6BtsQpAhQxXh5CbqedZl00wSOag+kbhEhJEV
 zd4Nypf0oxxWCaDyFSn2B7hl8vK8Ah7Q8nkzhqQIdfd2IlL5jlMWBYpewoi/wNBE38lW
 GvKoOFCCa1v/9xqAdxEWV35rhjRi/OxhsgtODomQ4cPeUM3lTqsvuBsXXoLAEQt1NMqC
 HJswQwXzmE9VPH6ws/d6jQYu8Yig6wpC/3BcjdEY2AoGp84NHsclte/thrjOX69xwjXT
 YTZYWSrHoPc09g1GVHioZL3q3jrb3EONIRRwRWHcPmubmS2s2GX+XtYgxZM8wZyT3SeK
 lNnQ==
X-Gm-Message-State: APjAAAVfHCZ8Rt6ePfRtmEmAwSVzxB2cOEkbQEr0nBeZJE/T4ns8ZU/5
 UXhzXlWuLQvJvqtM4O4TS/mT5PLyrmLeEzWhWPR6kVS0
X-Google-Smtp-Source: APXvYqwAlQuPK3LVRIHXI4xrptKDfcbaqIz1zQsY6LPdrZp25WODJqhfXKgWzHr1OWXLxl/iz/UaJlir5vqsTPZ8CrQ=
X-Received: by 2002:a92:cbd2:: with SMTP id s18mr2352232ilq.98.1576081826083; 
 Wed, 11 Dec 2019 08:30:26 -0800 (PST)
MIME-Version: 1.0
References: <C19DE24E-22CB-4E55-95CE-0A07FC8A23F5@dons.net.au>
 <20191206142221.GL2744@kib.kiev.ua>
 <BA7092AF-29E4-4B7B-B8D6-5CD76D99CD4A@dons.net.au>
In-Reply-To: <BA7092AF-29E4-4B7B-B8D6-5CD76D99CD4A@dons.net.au>
From: Ed Maste <emaste@freebsd.org>
Date: Wed, 11 Dec 2019 07:44:00 -0500
Message-ID: <CAPyFy2ArNTKd6qHOAM-apJ7Hgc5Y=BciTJYbOSyesNfkA=yUpQ@mail.gmail.com>
Subject: Re: Disabling speculative execution mitigations
To: "O'Connor, Daniel" <darius@dons.net.au>,
 freebsd-stable <freebsd-stable@freebsd.org>
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 47Y2Tv1zT6z4JVG
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=pass (mx1.freebsd.org: domain of carpeddiem@gmail.com designates
 209.85.166.180 as permitted sender) smtp.mailfrom=carpeddiem@gmail.com
X-Spamd-Result: default: False [-4.33 / 15.00]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org];
 DMARC_NA(0.00)[freebsd.org]; MIME_TRACE(0.00)[0:+];
 TO_DN_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2];
 RCVD_IN_DNSWL_NONE(0.00)[180.166.85.209.list.dnswl.org : 127.0.5.0];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 IP_SCORE(-2.33)[ip: (-6.54), ipnet: 209.85.128.0/17(-3.14), asn: 15169(-1.92),
 country: US(-0.05)]; 
 FORGED_SENDER(0.30)[emaste@freebsd.org,carpeddiem@gmail.com];
 RWL_MAILSPIKE_POSSIBLE(0.00)[180.166.85.209.rep.mailspike.net : 127.0.0.17];
 R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US];
 FROM_NEQ_ENVFROM(0.00)[emaste@freebsd.org,carpeddiem@gmail.com];
 RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Dec 2019 16:30:28 -0000

On Fri, 6 Dec 2019 at 22:54, O'Connor, Daniel <darius@dons.net.au> wrote:
>
> With respect to the man page, I find it difficult to know what a given value for each sysctl will do, as evidenced by my confusion above about IBRS.

scottl recently moved these sysctls to machdep.mitigations in r355436,
but they've kept the existing names and sense. So, some still have an
enable control while some are disable, some report "state: inactive"
while others report "active: 0".

Work is ongoing now to rationalize these so that the sense is true for
mitigation enabled. Backwards compatibility will be maintained for the
sysctl paths in stable (e.g. hw.ibrs*) but not the interim names
(machdep.mitigations.*)