Received: by 10.223.185.116 with SMTP id b49csp1020996wrg; Fri, 16 Feb 2018 10:58:20 -0800 (PST) X-Google-Smtp-Source: AH8x227YsYaPEqofpJiSvUfRC2Oil5zU8MHKyu1AMxnln1+Kvhud6J10NA9HbuYwq/PWnyJfH9cV X-Received: by 2002:a17:902:5609:: with SMTP id h9-v6mr6683076pli.302.1518807500875; Fri, 16 Feb 2018 10:58:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518807500; cv=none; d=google.com; s=arc-20160816; b=Z5oMZG6QPZuq99Lqszxaahs3wqeZR7f8eOfHmTevZf9ECZ89IUEzsCQtxq/KJI3yI6 tsLXH9Wa/v5ukTNpRITrjC3njBdygi3mofpqrdSxB85TDZ8LDcGtwSSLJJNYtmVkFZv5 BlSp/kSwPtAL6PB6YiGxEQEG4W8uo4zcMYNJzipGDToWBqr8TK2iPM1dNxr4ORVS3NA3 XxINBc2cMe0W0IV1bRO+9wFuwrrjGVWEhGn14WO/ManIymvnBB33O0Yd98ygM5Zx7uIX n3Q+t6+yAh4vIPUjfEl4dlaYhCoAw7fvoqu+ttt7pJXeHkxlsAN/qe62miwb+MOmGWz7 DJaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=aYaajsg9NNgt0NUS6HSfc2OjreskpRl5VFR2SExLFL0=; b=xGwKQAVTAwE5QkfYEL0yLV0y5ux1IP1u2k8Gnrp2nPQfTy7fJiwy4V3q+IKmhF9YAB V2mrgrur0rSFKJ9PX6reiV810YRVQYZAJLkV69743rTkU2jZyeMgwXSkUBjFdXmOcE34 ReVYk8NPe/YoCgeuIrHl6eIhEsguVqMjyX54Yti9eCXI2dwa7oXPuxqb6aqtkOAe6slu 5N0mT+1WfHrjiWDqp8l4HarPpf3zqeOKct7bEZsFB0XFnLbm0/Lm27JFYvRfiWKlqyxy 7iZhGx26e8PcAPXCMdGEIvuzOpfVWbGvCqrbEFvIMWto4jqOXqcrjb9L0sOatCJMz9AD NaVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=NBLqVUc7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m4si6132764pgd.450.2018.02.16.10.58.06; Fri, 16 Feb 2018 10:58:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=NBLqVUc7; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933273AbeBPKIz (ORCPT + 99 others); Fri, 16 Feb 2018 05:08:55 -0500 Received: from mail-wm0-f44.google.com ([74.125.82.44]:55298 "EHLO mail-wm0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933129AbeBPKIw (ORCPT ); Fri, 16 Feb 2018 05:08:52 -0500 Received: by mail-wm0-f44.google.com with SMTP id h74so2176708wme.5; Fri, 16 Feb 2018 02:08:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=aYaajsg9NNgt0NUS6HSfc2OjreskpRl5VFR2SExLFL0=; b=NBLqVUc76SVu/VKDgOKY5A3o3KAYDmQVnR8sewomRaRgGpPjYvs2KliijdjAjh56e5 jh537QbBGzvpUvKx8/1VBF7Hcrp1AF6M7mdoqKulVDz7Kelow4e17WJsSQ2ymbRF8/uv eZ7Cp040MWe9C48bhXXRQySf6jxtfPkSksgqg833jhtY3Gs6zk+j9kfdm07Dw5UON2EG UZyy5v0Uho4cDyDJmgSsA7gcTcJNUUN+0baVHdHrVTpIR1MkBKdpfbcGiP+pTAOOrsim VkF4bodbU3zRFX4YtKPSxaRL4X9MdcfueUqSemgECv0kNkmaAvglLKMWUNObBDxULK7s fJPQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:to:cc:references:from:message-id :date:user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=aYaajsg9NNgt0NUS6HSfc2OjreskpRl5VFR2SExLFL0=; b=KtNvbLDlgK7OnYgrDYYHOdx46GdpTofN+6AjkFeK/vlMUBa9uTO/lT4xZ9t337YwiZ PpyA8FQbdjZV0hleL2qGW6T+xp/1s45r2XvPJ4QXzToop/zsaG86iY/W123BUJJ/8B3g BktN7m9Zh6fsySk7UVwwIPl4GnH6wisKFMsSWk/kq3wQf1DIWfrrhKbvAtT9zu3U7mv4 5Ep/Nd7ymPDqn9Wtyjq5R8cmV9/KC+VQav1OIMpBSgPQclvZzvbaa9wLqZ1gjrvgNyw9 3ydvkaoE6Gk35e0TVdsSc0aodhlOT+UPolvXaiOuHeWo9uJaksP+N7c06Z1cGnyzHnZZ jZUA== X-Gm-Message-State: APf1xPDBsk6/v0feZ3t9Cz4MCAxTxUh2uleJ3Nni0sGJ/Y9pLh2MbNcv SswgLJuSeAglfEW2OYY1ojQ= X-Received: by 10.28.23.14 with SMTP id 14mr4677638wmx.5.1518775731352; Fri, 16 Feb 2018 02:08:51 -0800 (PST) Received: from [192.168.10.150] ([82.84.102.245]) by smtp.googlemail.com with ESMTPSA id p5sm18509908wmf.13.2018.02.16.02.08.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 16 Feb 2018 02:08:50 -0800 (PST) Subject: Re: [PATCH 2/2] x86/speculation: Support "Enhanced IBRS" on future CPUs To: David Woodhouse , tglx@linutronix.de, x86@kernel.org, kvm@vger.kernel.org, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, arjan.van.de.ven@intel.com, dave.hansen@intel.com Cc: Ingo Molnar References: <1518449255-2182-1-git-send-email-dwmw@amazon.co.uk> <1518449255-2182-2-git-send-email-dwmw@amazon.co.uk> <7e2e5ad1-49b6-1fdb-4a62-8ad6aefc30a0@redhat.com> <1518509708.12890.33.camel@infradead.org> <27c85759-e662-d281-f8a0-0a80ca8ee18f@redhat.com> <1518517262.12890.43.camel@infradead.org> <1518518198.12890.48.camel@infradead.org> <02bd3fdd-1b73-6cab-fb09-38ba933396bd@redhat.com> <1518775136.7876.13.camel@infradead.org> From: Paolo Bonzini Message-ID: <75287047-77a0-e0ff-c2e8-61c81641251e@redhat.com> Date: Fri, 16 Feb 2018 11:08:49 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <1518775136.7876.13.camel@infradead.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 16/02/2018 10:58, David Woodhouse wrote: > On Tue, 2018-02-13 at 11:41 +0100, Paolo Bonzini wrote: > >> On 13/02/2018 11:36, David Woodhouse wrote: >>>>> - if the VM has IBRS_ALL, pass through the MSR when it is zero and >>>>> intercept writes when it is one (no writes should happen) >>>>>   >>>>> - if the VM doesn't have IBRS_ALL, do as we are doing now, independent >>>>> of what the host spectre_v2_ibrs_all() setting is. >>>> >>>> We end up having to turn IBRS on again on vmexit then, taking care that >>>> no conditional branch can go round it. So that becomes an >>>> *unconditional* wrmsr or lfence in the vmexit path. We really don't >>>> want that. >>>> >>> Note that being able to keep it simple in KVM was basically what made >>> the difference between me tolerating IBRS_ALL as Intel currently define >>> it, and throwing my toys out of the pram (as I had done in the first >>> iterations of this patch). >>   >> You have my vote. :)  > > I was taking that as assent to the patch... could I trouble you for an > explicit ack, please? No, it's a vote for throwing the toys out of the pram (or running away with the ball, if you prefer). Unfortunately, if you want to have a higher-performance mode for IBRS_ALL that avoids rdmsr on vmexit, you have to do it as sketched above. Alternatively, if IBRS_ALL is 1, and you don't care about migration between machines that have IBRS_ALL and those that don't, the host can simply not enable the SPEC_CTRL CPUID bit in the guest, and instead use the AMD IBPB flag only. Need to check if Windows obeys the AMD flag on Intel machines (or in general) though. Paolo