Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755567AbeAIMEB (ORCPT + 1 other); Tue, 9 Jan 2018 07:04:01 -0500 Received: from Galois.linutronix.de ([146.0.238.70]:52289 "EHLO Galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751295AbeAIMD6 (ORCPT ); Tue, 9 Jan 2018 07:03:58 -0500 Date: Tue, 9 Jan 2018 13:03:55 +0100 (CET) From: Thomas Gleixner To: Paolo Bonzini cc: LKML , kvm@vger.kernel.org, jmattson@google.com, aliguori@amazon.com, thomas.lendacky@amd.com, dwmw@amazon.co.uk, Borislav Petkov , Peter Zijlstra Subject: Re: [PATCH 0/7] KVM: x86: expose CVE-2017-5715 ("Spectre variant 2") mitigations to guest In-Reply-To: Message-ID: References: <1515434925-10250-1-git-send-email-pbonzini@redhat.com> User-Agent: Alpine 2.20 (DEB 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Tue, 9 Jan 2018, Paolo Bonzini wrote: > On 09/01/2018 11:15, Thomas Gleixner wrote: > > On Mon, 8 Jan 2018, Paolo Bonzini wrote: > > > >> This series allows guests to use the MSR_IA32_SPEC_CTRL and > >> MSR_IA32_PRED_CMD model specific registers that were added as mitigations > >> for CVE-2017-5715. > >> > >> These are only the KVM specific parts of the fix. It does *not* yet > >> include any protection for reading host memory from the guest, because > >> that would be done in the same way as the rest of Linux. So there is no > >> IBRS *usage* here, no retpolines, no stuffing of the return stack buffer. > >> (KVM already includes a fix to clear all registers on vmexit, which is > >> enough to block Google Project Zero's PoC exploit). > >> > >> However, I am including the changes to use IBPB (indirect branch > >> predictor barrier) if available. That occurs only when there is a VCPU > >> switch on a physical CPU, thus it has a small impact on performance. > >> > >> The patches are a bit hackish because the relevant cpufeatures have > >> not been included yet, and because I wanted to make the patches easier > >> to backport to distro kernels if desired, but I would still like to > >> have them in 4.16. We really want to coordinate that proper with the ongoing integration of the IB** for bare metal. And that stuff really does not need to be hackish at all. We've spent a lot of effort keeping all of it clean _AND_ available for 4.14 stable consumption. Everything before 4.9 is a big fricking and incompatible mess anyway. > >> Please review. > > > > CC'ing x86@kernel.org on this would have been asked too much, right? > > Sorry, my mistake. I'll CC you on v2. All good ... Please add the crowd which has been involved in the bare metal IBRS stuff as well. Thanks, tglx