Received: by 10.223.176.5 with SMTP id f5csp2384793wra; Mon, 5 Feb 2018 03:13:25 -0800 (PST) X-Google-Smtp-Source: AH8x227W06lnmsUaKSBWi3qdAVT2oazd418nMvMRb9tjJaoXkrdzeyL3AyqPgseXTFRltE8pU3WB X-Received: by 10.99.169.26 with SMTP id u26mr37520591pge.270.1517829205692; Mon, 05 Feb 2018 03:13:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517829205; cv=none; d=google.com; s=arc-20160816; b=JA/y66jLA3a3UPhtLQxWWH0A0a0X+eamH88F8OpuoHJIYCo/iBEsx79IjSOloZHGVO LBj120pwO+ibDowPLtq+A9g7RLQMY1nndYRN7xZqQrRMeRbwzUsYg6dFwtDppBVnznlG IPQZF6cz5o48XOG5lQhm2u0RoHz2bGsjESBlKBWoOJfz6k2iYp/C7h/2d6JQCJU9ZDi1 NACLu/PIB6ug462WqtNfrJv67PuC37ckGd2f4bZX59UbaKeKrl+x3qx/OsQJBPH7n47k IeOb+Q0cP9BsNPKwaAucnQq9O1KI8rR9QEMFAdC5VFNqkDTIxHMxZ4hIh49Wnva9puYu TaPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=k1VEdoPrYk/JPblrlXJE/mxmWyVEYOUaWz5Aoki7wjQ=; b=AgL3vvbIrQt0w4EhXO3s2tX8oo0GAEh2GpbLfK9w4mtGxWM4Zu+TXIR3LfMQuS5Etg dC4Wb+QGCctvCOvmfqCcdkFaCQ1lqyaWwpCaCYFC6pKEvdiBzQz11ZmQGAwW77/ehNxa y+cKuJR9Gm4gqSvzCfB0xCzPU76FhOuHmkh6EibcsOf41+yfiFYdIzRGsJjhw+R7o5ZR MZ94KQmL1aNlFxUmjab81uo2ZsKlqITcmq2iNDCAJpkLQL31dO6u7QGcnBmt92pEqKK1 UlraYMu1qkHdzQUyjOjXyenDQgJU77Eq4nQ/gMksPfRQkdj3EJ5/lpzRNAPmgaVEbujn E3Hw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=WQR6v9JP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u198si3544478pgc.784.2018.02.05.03.13.11; Mon, 05 Feb 2018 03:13:25 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=WQR6v9JP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752873AbeBELKt (ORCPT + 99 others); Mon, 5 Feb 2018 06:10:49 -0500 Received: from mail-wm0-f65.google.com ([74.125.82.65]:35835 "EHLO mail-wm0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752498AbeBELKj (ORCPT ); Mon, 5 Feb 2018 06:10:39 -0500 Received: by mail-wm0-f65.google.com with SMTP id r78so25116188wme.0; Mon, 05 Feb 2018 03:10:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=k1VEdoPrYk/JPblrlXJE/mxmWyVEYOUaWz5Aoki7wjQ=; b=WQR6v9JPiq4ZHznfJ5w5eG4BCDItb+tZ2JmRYuCmjtnmlQwuEy8flU1uqnvVJHNtFV WhXA+CP25+/Q7L+Kjw+U8RC+gNqo1DPS5pHuX3STJEbM7l2XUCf/wbAObkV1bb5COCy5 p8YcM14wameS4ihLrzf0bsoapIhbDLAsGZfP5uegwGyi76ISeTJ3MBTKcSJUw3TXZ6uU aPRv3QBoDWKicoPhl/wmghaGCK02AXw3RMCHNjUyUgWf0/JBjweh8/l//qDRURCt1JnA YGd7M0McSVispbEO9MxD2X47X3yB/lKEZUyO/+xxB2reIW9sIvbEBx2YQP+S1kHzcIjC YO6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition :content-transfer-encoding:in-reply-to:user-agent; bh=k1VEdoPrYk/JPblrlXJE/mxmWyVEYOUaWz5Aoki7wjQ=; b=V7EUVC3Sg210l0J2DIOxCpC7z3rx9QcuUZskRwOdzGInSDHT8bUxNm3kD9YD6GHLLa ulAIjtTecG3KNs2M22gaJpjXFNNOwthUpuPVt68Dy3KWIABVCMjMV6ReWJUrRjmQKw7+ Gqu24YNJVJ9HcRCagTN+jrXkLVkjdcU6K4imVKE6bbFG5fbkCoHGShJZ17o/Q9KiGOn5 FbOTbrXl46a0xRDC//grdTb9TJY8IRni/iSOeclDuRcw1BLVFUFi/JwwfOblke7Mkf8d /+3UT7l19ciciAu9xZhAS7HEKXXjDudp1beJKaxSnI87AKBqBGz2aM4FCtiDU8VVBV7+ jYNQ== X-Gm-Message-State: AKwxytdlCLsLCgB8x82ztnTL21BObgLjSpIG+uNzyN14YlHV1roLuMFg FWxsCYPLkL9Jf2jrjbnkfqs= X-Received: by 10.28.148.214 with SMTP id w205mr35675902wmd.67.1517829037726; Mon, 05 Feb 2018 03:10:37 -0800 (PST) Received: from gmail.com (2E8B0CD5.catv.pool.telekom.hu. [46.139.12.213]) by smtp.gmail.com with ESMTPSA id m6sm7664549wmb.6.2018.02.05.03.10.36 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 05 Feb 2018 03:10:36 -0800 (PST) Date: Mon, 5 Feb 2018 12:10:34 +0100 From: Ingo Molnar To: Paolo Bonzini Cc: Thomas Gleixner , David Woodhouse , Jim Mattson , Mihai Carabas , LKML , kvm list , Radim =?utf-8?B?S3LEjW3DocWZ?= , Liran Alon , Anthony Liguori , Tom Lendacky , Borislav Petkov , the arch/x86 maintainers , Konrad Rzeszutek Wilk Subject: Re: [9/8] KVM: x86: limit MSR_IA32_SPEC_CTRL access based on CPUID availability Message-ID: <20180205111034.ie6vbui62wx2irkl@gmail.com> References: <20180109120311.27565-10-pbonzini@redhat.com> <6dc02278-7004-1794-3705-69c8cad86be4@oracle.com> <1517332457.18619.132.camel@infradead.org> <75049dca-3389-9cc7-44e3-a487a797c605@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <75049dca-3389-9cc7-44e3-a487a797c605@redhat.com> User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Paolo Bonzini wrote: > On 30/01/2018 12:45, Thomas Gleixner wrote: > > On Tue, 30 Jan 2018, David Woodhouse wrote: > > > >> On Tue, 2018-01-30 at 08:57 -0800, Jim Mattson wrote: > >>> It's really hard to tell which patches are being proposed for which > >>> repositories, but assuming that everything else is correct, I don't > >>> think your condition is adequate. What if the physical CPU and the > >>> virtual CPU both have CPUID.(EAX=7H,ECX=0):EDX[26], but only the > >>> physical CPU has CPUID.(EAX=7H,ECX=0):EDX[27]? If the guest has write > >>> access to MSR_IA32_SPEC_CTRL, it can set MSR_IA32_SPEC_CTRL[1] > >>> (STIBP), even though setting that bit in the guest should raise #GP. > >> > >> Everything we're talking about here is for tip/x86/pti. Which I note > >> has just updated to be 4.15-based, although I thought it was going to > >> stay on 4.14 for now. So I've updated my tree at > >> http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb > >> accordingly. > > > > Yes, we tried to stay on 4.14 base but this started to created nasty merge > > conflicts for no value. Merging in v4.15 turned out to resolve those issues > > while still serving as the feed branch for Gregs stable work. For the time > > being we try to make stable backporting at least for 4.14/15 as painless as > > possible. > > Great, then the "per-VCPU MSR bitmaps" branch > (git://git.kernel.org/pub/scm/virt/kvm/kvm.git refs/heads/msr-bitmaps) > that I created last weekend can be pulled directly in tip/x86/pti. Can this branch still be rebased, to fix the SoB chain of: de3a0021a606 ("KVM: nVMX: Eliminate vmcs02 pool") ? I'm not sure what workflow resulted in this commit, but it is missing your SoB: commit de3a0021a60635de96aa92713c1a31a96747d72c Author: Jim Mattson AuthorDate: Mon Nov 27 17:22:25 2017 -0600 Commit: Paolo Bonzini CommitDate: Sat Jan 27 09:43:03 2018 +0100 KVM: nVMX: Eliminate vmcs02 pool The potential performance advantages of a vmcs02 pool have never been realized. To simplify the code, eliminate the pool. Instead, a single vmcs02 is allocated per VCPU when the VCPU enters VMX operation. Cc: stable@vger.kernel.org # prereq for Spectre mitigation Signed-off-by: Jim Mattson Signed-off-by: Mark Kanda Reviewed-by: Ameya More Reviewed-by: David Hildenbrand Reviewed-by: Paolo Bonzini Signed-off-by: Radim Krčmář You probably rebased Radim'm tree? If this tree can still be rebased I'd like to re-pull it into tip:x86/pti, as those bits are not yet upstream. Thanks, Ingo