Received: by 10.223.176.5 with SMTP id f5csp3498282wra;
        Mon, 29 Jan 2018 14:11:39 -0800 (PST)
X-Google-Smtp-Source: AH8x225tgwtOOKeG69kUY+poK00LyRnoHhXYhfMcKRK5X2EAa4nMbQ01j5mvwxSmLApaR8EaH3h+
X-Received: by 2002:a17:902:9a9:: with SMTP id 38-v6mr22816147pln.202.1517263899216;
        Mon, 29 Jan 2018 14:11:39 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517263899; cv=none;
        d=google.com; s=arc-20160816;
        b=TTTqiPcVpCMWFP6gbeePiQvKcqu5o0aWfFeR97DRzBDWAxpe13u4D4C8V1StUiYfue
         cYRR7TJ04uKLUvKUx1FKgWnL+jHoUGA0UETLgK71m5cs3+lyZKfJMGlllDOvB+GXiFbA
         dhaXUve6qk/+MtEFDsjwSKqX17rPYgRm7OwK2ArImzfMAvDE17/iIVHmsO+mXSiKdKyY
         5ifrXePRvBMV4Yc3Ni7Ar5ynoNMBgnZ1Mbyr50hW8Xup0eYLc1Q/sPQ57504w3BUUn5e
         rqxsuE9qMhVDB41kfQHURyXlRswWCoRWP1TMMvQK3oNFqDal8ycL7LAh9pEyDVxiFM6Z
         xBwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:user-agent
         :in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:dkim-signature:arc-authentication-results;
        bh=Sun6m4jzn5lNQgpq8bLkbYBHzHrH2U5zhFTHVpYXdvk=;
        b=OkEY6T4ffH1ryWJrohRlVhQm44UfcSYmu8gyqZZF+aJceNlOTviBKWvvi7apfHBlDF
         KAjmmoQdB42605EpfGffrNrfiBcrvjyqV+9WCQOTTe1ri1aUaGC+eZoXkqZdG4Ba+vJe
         V2k8tr96AApFg9z8HahKGmC+2bIdAfkfGEkz2oV4wWU0KopBthzbbmlTlsZsm8rg4+4e
         TBO5LUW5CVIRYDyH06ImH5mA6wdaDIQg/6HuxqXNZRowKXktSbuV784bQ39NTffSfqe5
         RAB7lUxOA7NiC/7SwkM8JMtgqZoP0CH4Wwiqyr0lwSi8i1JHtqo3eBK5ekdLoFRT8FkI
         +Bzw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=eK+J3p3X;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m63-v6si303192pld.753.2018.01.29.14.11.23;
        Mon, 29 Jan 2018 14:11:39 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=eK+J3p3X;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752051AbeA2WK6 (ORCPT <rfc822;vladislav.valtchev@gmail.com>
        + 99 others); Mon, 29 Jan 2018 17:10:58 -0500
Received: from aserp2120.oracle.com ([141.146.126.78]:53052 "EHLO
        aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751547AbeA2WK4 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 Jan 2018 17:10:56 -0500
Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1])
        by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w0TM6f5R183840;
        Mon, 29 Jan 2018 22:10:16 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc
 : subject : message-id : references : mime-version : content-type :
 in-reply-to : content-transfer-encoding; s=corp-2017-10-26;
 bh=Sun6m4jzn5lNQgpq8bLkbYBHzHrH2U5zhFTHVpYXdvk=;
 b=eK+J3p3XRlK/k28IxMqR8JG8YX9srUPq2Yo1kFLML5gGpf5Q9fO4H71njj6smW8TNmRd
 PbkNXRelSIw7xXxhgFPZ4vMdyeXU67MTCx7LKz0iEvB+7dgUrMYJN5IaR/05fxbITHX6
 wpr31wlLSf/949wqX7QEFWvTodTcCVMwwWaq6tnJ4syiWc6REI/ndbK3Yq+9NoOZZGWu
 Wxwv9zXw70zdLttB/pHOes2wC9G2Ba0iKGwR6+3gk4FeWpTc/LQDhlOpa5sYOPDafNzv
 9Wz2fcGXrZAkP9XysdW86QA0rH84Yc20DoLfJqUuu/jWExCGfCGl7biKUduNSdft9Ycr xg== 
Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74])
        by aserp2120.oracle.com with ESMTP id 2ftc3g80k7-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Mon, 29 Jan 2018 22:10:16 +0000
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72])
        by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w0TMAF26002251
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL);
        Mon, 29 Jan 2018 22:10:15 GMT
Received: from abhmp0004.oracle.com (abhmp0004.oracle.com [141.146.116.10])
        by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w0TMAExL031410;
        Mon, 29 Jan 2018 22:10:14 GMT
Received: from char.us.oracle.com (/10.137.176.158)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Mon, 29 Jan 2018 14:10:13 -0800
Received: by char.us.oracle.com (Postfix, from userid 1000)
        id 752A56A09DE; Mon, 29 Jan 2018 17:10:11 -0500 (EST)
Date:   Mon, 29 Jan 2018 17:10:11 -0500
From:   Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To:     Eduardo Habkost <ehabkost@redhat.com>
Cc:     David Woodhouse <dwmw2@infradead.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        KarimAllah Ahmed <karahmed@amazon.de>,
        linux-kernel@vger.kernel.org, Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>, kvm@vger.kernel.org,
        x86@kernel.org, "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Subject: Re: [RFC,05/10] x86/speculation: Add basic IBRS support
 infrastructure
Message-ID: <20180129221011.GW22045@char.us.oracle.com>
References: <1516476182-5153-6-git-send-email-karahmed@amazon.de>
 <20180129201404.GA1588@localhost.localdomain>
 <1517257022.18619.30.camel@infradead.org>
 <20180129204256.GV25150@localhost.localdomain>
 <31415b7f-9c76-c102-86cd-6bf4e23e3aee@linux.intel.com>
 <1517259759.18619.38.camel@infradead.org>
 <20180129214421.GW25150@localhost.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <20180129214421.GW25150@localhost.localdomain>
User-Agent: Mutt/1.8.3 (2017-05-23)
Content-Transfer-Encoding: quoted-printable
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8789 signatures=668655
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=735
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1801290282
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Jan 29, 2018 at 07:44:21PM -0200, Eduardo Habkost wrote:
> On Mon, Jan 29, 2018 at 09:02:39PM +0000, David Woodhouse wrote:
> >=20
> >=20
> > On Mon, 2018-01-29 at 12:44 -0800, Arjan van de Ven wrote:
> > > On 1/29/2018 12:42 PM, Eduardo Habkost wrote:
> > > >=20
> > > > The question is how the hypervisor could tell that to the guest.
> > > > If Intel doesn't give us a CPUID bit that can be used to tell
> > > > that retpolines are enough, maybe we should use a hypervisor
> > > > CPUID bit for that?
> > >
> > > the objective is to have retpoline be safe everywhere and never use=
 IBRS
> > > (Linus was also pretty clear about that) so I'm confused by your qu=
estion
> >=20
> > The question is about all the additional RSB-frobbing and call depth
> > counting and other bits that don't really even exist for Skylake yet =
in
> > a coherent form.
> >=20
> > If a guest doesn't have those, because it's running some future kerne=
l
> > where they *are* implemented but not enabled because at *boot* time i=
t
> > discovered it wasn't on Skylake, the question is what happens if that
> > guest is subsequently migrated to a Skylake-class machine.
> >=20
> > To which the answer is obviously "oops, sucks to be you". So yes,
> > *maybe* we want a way to advertise "you might be migrated to Skylake"
> > if you're booted on a pre-SKL box in a migration pool where such is
> > possible.=A0
> >=20
> > That question is a reasonable one, and the answer possibly the same,
> > regardless of whether the plan for Skylake is to use IBRS, or all the
> > hypothetical other extra stuff.
>=20
> Maybe a generic "family/model/stepping/microcode really matches
> the CPU you are running on" bit would be useful.  The bit could
> be enabled only on host-passthrough (aka "-cpu host") mode.
>=20
> If we really want to be able to migrate to host with different
> CPU models (except Skylake), we could add a more specific "we
> promise the host CPU is never going to be Skylake" bit.
>=20
> Now, if the hypervisor is not providing any of those bits, I
> would advise against trusting family/model/stepping/microcode
> under a hypervisor.  Using a pre-defined CPU model (that doesn't

The migration code could be 'tickled' (when arrived at the destination)
to recheck the CPUID and do the alternative logic to turn the
proper bits on.

And this tickling could be as simple as an ACPI DSDT/AML code
specific to KVM PnP devices (say the CPUs?) to tell the guest to
resample its environment?

> necessarily match the host) is very common when using KVM VM
> management stacks.
>=20
> --=20
> Eduardo