Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S964931AbeALRDE (ORCPT + 1 other); Fri, 12 Jan 2018 12:03:04 -0500 Received: from mail-it0-f53.google.com ([209.85.214.53]:45668 "EHLO mail-it0-f53.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S964844AbeALRDC (ORCPT ); Fri, 12 Jan 2018 12:03:02 -0500 X-Google-Smtp-Source: ACJfBouPW6n+F9jUf4wfjPupnJPc/BtKluPVy0Sx3GjDWn3R5M7UflVq+E5vYGRGELAuo85/OQ6+OBWEN6CXqmSm9LU= MIME-Version: 1.0 In-Reply-To: References: <20180109120311.27565-1-pbonzini@redhat.com> <20180109120311.27565-5-pbonzini@redhat.com> From: Jim Mattson Date: Fri, 12 Jan 2018 09:03:01 -0800 Message-ID: Subject: Re: [PATCH 4/8] kvm: vmx: Set IBPB when running a different VCPU To: Wanpeng Li Cc: Paolo Bonzini , LKML , kvm , Radim Krcmar , Liran Alon , Anthony Liguori , Tom Lendacky , dwmw@amazon.co.uk, Borislav Petkov , "the arch/x86 maintainers" , Tim Chen Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: The point behind the IPBP in vmx_vcpu_load is to prevent one VCPU from steering the speculative execution of the next. If the VMCS address is recycled, vmx_vcpu_load doesn't realize that the VCPUs are different, and so it won't issue the IPBP. On Thu, Jan 11, 2018 at 5:49 PM, Wanpeng Li wrote: > 2018-01-09 20:03 GMT+08:00 Paolo Bonzini : >> >> if (!already_loaded) { >> @@ -4029,6 +4031,13 @@ static void free_loaded_vmcs(struct loaded_vmcs *loaded_vmcs) >> free_vmcs(loaded_vmcs->vmcs); >> loaded_vmcs->vmcs = NULL; >> WARN_ON(loaded_vmcs->shadow_vmcs != NULL); >> + >> + /* >> + * The VMCS could be recycled, causing a false negative in >> + * vmx_vcpu_load; block speculative execution. >> + */ >> + if (have_spec_ctrl) >> + wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); >> } > > Intel guys told us the recycle is about the address of vmcs, not the > content. Could you explain more why it matters? > > Regards, > Wanpeng Li