Received: by 10.223.185.116 with SMTP id b49csp1007578wrg;
        Fri, 23 Feb 2018 10:14:16 -0800 (PST)
X-Google-Smtp-Source: AH8x226R1I7hPdq4635CFAaV7w4kOK01zEs5tqfAyXOQULrgNTBWhsgdby9LgXmkEZgd9nMUDOTe
X-Received: by 2002:a17:902:6ecf:: with SMTP id l15-v6mr2496258pln.443.1519409656636;
        Fri, 23 Feb 2018 10:14:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519409656; cv=none;
        d=google.com; s=arc-20160816;
        b=p1EEVJXkYuHq48gJLO5tb3GLuquCWZCLjM44McqtPLa9c2ZTNbdKn0KwXaDUqnS5Ru
         5Zq0WPugIW4dOOS5j+cz0P/sqejrlmLkUzfJ1+L+iKCEldsDciI/KpTGb+Q5EQP96eSr
         pAFu1+RXrIeSpi344Wn+yfxl890NaXgBfQzfRah6EJoHA/GFuidFJpacOHzFgRxQiFS6
         88aqP5LoB9I/LsE5yYJME5tmTc/tm3PwbvFQrUfc94XfADtpejffpSqUu/B4SkLBesix
         JSZLrYGBO8KSMEJB+7WFmujP4dka4vs1Wwip2sXmqEFpvsDet8rrqTL3LOwktOkhBhPS
         vh9A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:user-agent
         :in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:dkim-signature:arc-authentication-results;
        bh=0TnhSYIhQNcyHFh2PqBJf6WnNBqrFsn8hw6DxbHMVXo=;
        b=X/vtmBfOW3XUGqmRiLBpQGLc1g3xX7nyLAYglj6/qcH3E1ZhYRjmYUL0aCHkMt9DuH
         CaS7nbDqeSjFvZX6LiTwXCplnxtMpE5N/sTtzHioVkrfzo9JWsxpKoak402sLCm4/Cwh
         vffhkYfE4vwKopXY0u3jfjz6r8xcU+zZiyabtUr0XJzSpCmPEEGeNy02vdCo9A3S8IF/
         /Ibgmb5mZR8tvvhrwLuxvN6vcCHMdfofOIP2oeneNhsJ+RxqVFXwN5iPCAQOx/bswO3U
         t67tvaCkkL+QTGWcZuJl58sFYJwwEGBuC3wHRJioo4zkOoPfzPNsN/5XHtFps8+tLUdt
         Q2LQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=jiJvAjgK;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 13-v6si2110303plb.515.2018.02.23.10.14.00;
        Fri, 23 Feb 2018 10:14:16 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=jiJvAjgK;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751856AbeBWSNW (ORCPT <rfc822;c14006078@gmail.com> + 99 others);
        Fri, 23 Feb 2018 13:13:22 -0500
Received: from aserp2120.oracle.com ([141.146.126.78]:49276 "EHLO
        aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751527AbeBWSNU (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 23 Feb 2018 13:13:20 -0500
Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1])
        by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w1NICSeH060455;
        Fri, 23 Feb 2018 18:12:41 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc
 : subject : message-id : references : mime-version : content-type :
 in-reply-to : content-transfer-encoding; s=corp-2017-10-26;
 bh=0TnhSYIhQNcyHFh2PqBJf6WnNBqrFsn8hw6DxbHMVXo=;
 b=jiJvAjgKU8Sk8s2iapkPVP9kU+6EDcn2RAnAqNvJ4FWhMEk//CidhsYWkgj3SM1+M5iZ
 4tMuTR+xv3PgpnUnwjcB8pEd7KXFjsHLoT48puT91FMOotjfA/LUcbmlIRxOTe2yXYJL
 KkK8gJ0tZgjK3D7tVoA8HFNI6/kqpG8dUhFyLOZcQunUCbcHSJYzaa7qb8nVE6qmGDME
 OoRk7JgdWCPB4w/lykGjgTEMSz1RaEdPnSir6oTBjU+XEUuhP+tDEdggsWjkvjwZO7Km
 AZ3YmTUSyZHZpryBhNncuX2/jcB0Zk1ABkzABzh94TZvD2GdURSMzeWyuGUY9PQCwiAb 5Q== 
Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234])
        by aserp2120.oracle.com with ESMTP id 2gaqq302pr-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Fri, 23 Feb 2018 18:12:41 +0000
Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72])
        by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w1NICeG9007761
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL);
        Fri, 23 Feb 2018 18:12:40 GMT
Received: from abhmp0003.oracle.com (abhmp0003.oracle.com [141.146.116.9])
        by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w1NICdsv005042;
        Fri, 23 Feb 2018 18:12:39 GMT
Received: from char.us.oracle.com (/10.137.176.158)
        by default (Oracle Beehive Gateway v4.0)
        with ESMTP ; Fri, 23 Feb 2018 10:12:38 -0800
Received: by char.us.oracle.com (Postfix, from userid 1000)
        id 89BDF6A00FB; Fri, 23 Feb 2018 13:12:37 -0500 (EST)
Date:   Fri, 23 Feb 2018 13:12:37 -0500
From:   Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To:     Paolo Bonzini <pbonzini@redhat.com>
Cc:     "Van De Ven, Arjan" <arjan.van.de.ven@intel.com>,
        "valdis.kletnieks@vt.edu" <valdis.kletnieks@vt.edu>,
        Jon Masters <jcm@jonmasters.org>,
        David Woodhouse <dwmw2@infradead.org>,
        "tglx@linutronix.de" <tglx@linutronix.de>,
        "x86@kernel.org" <x86@kernel.org>,
        "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
        "torvalds@linux-foundation.org" <torvalds@linux-foundation.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "Hansen, Dave" <dave.hansen@intel.com>,
        Ingo Molnar <mingo@kernel.org>
Subject: Is: RSB Alternative bit in IA32_ARCH_CAPABILITIES Was:Re: [PATCH
 2/2] x86/speculation: Support "Enhanced IBRS" on future CPUs
Message-ID: <20180223181237.GA19321@char.us.oracle.com>
References: <1518776517.7876.21.camel@infradead.org>
 <d61edc94-8a51-62bd-65ed-8068451ca5b5@redhat.com>
 <1518783021.7876.34.camel@infradead.org>
 <4882860e-23c5-75b3-ac02-c700f615156e@jonmasters.org>
 <0575AF4FD06DD142AD198903C74E1CC87A61923C@ORSMSX103.amr.corp.intel.com>
 <10373.1519084385@turing-police.cc.vt.edu>
 <0575AF4FD06DD142AD198903C74E1CC87A619255@ORSMSX103.amr.corp.intel.com>
 <aa3fbaf1-0efc-64b1-4f7b-3d00b0493d48@redhat.com>
 <0575AF4FD06DD142AD198903C74E1CC87A619465@ORSMSX103.amr.corp.intel.com>
 <2159cdc0-c30d-3bf8-1c25-74bff46a1e91@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <2159cdc0-c30d-3bf8-1c25-74bff46a1e91@redhat.com>
User-Agent: Mutt/1.8.3 (2017-05-23)
Content-Transfer-Encoding: quoted-printable
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8813 signatures=668678
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1802230223
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Feb 20, 2018 at 03:46:57PM +0100, Paolo Bonzini wrote:
> On 20/02/2018 15:08, Van De Ven, Arjan wrote:
> >>>> For bonus points:  What should happen to a VM that is live migrate=
d
> >>>> from one hypervisor to another, and the hypervisors have different
> >>>> IBRS support?
> >>>
> >>> Doctor Doctor it hurts when I do this....
> >>>
> >>> Migration tends to only work between HV's that are relatively
> >>> homogeneous, that's nothing new...
> >>
> >> No Arjan, this is just wrong.  Well, I suppose it's right in the pre=
sent
> >> tense with the IBRS mess on Skylake, but it's _not_ been true until =
last
> >> year.
> >=20
> > I meant software wise. You're not going to live migrate from xen to
> > kvm or backwards. or between very radically different versions of the
> > kvm stack.
>=20
> Forwards migration to a radically newer version certainly happens.  So
> when the source hypervisor was too old to tell the VM about IBRS_ALL,
> for example, migration should work properly and the VM should perform
> well on the destination hypervisor.

To add a bit more to this, Intel just updated their IA32_ARCH_CAPABILITIE=
S_MSR
to have a new bit to sample to figure out whether you need IBRS or not
during runtime.

See https://software.intel.com/sites/default/files/managed/1d/46/Retpolin=
e-A-Branch-Target-Injection-Mitigation.pdf
in 5.3
Virtual Machine CPU Identification:

"To remedy this situation, an operating system running as a VM can query =
bit 2 of the IA32_ARCH_CAPABILITIES MSR, known as =E2=80=9CRSB Alternate=E2=
=80=9D (RSBA). When RSBA is set, it indicates that the VM may run on a pr=
ocessor vulnerable to exploits of Empty RSB conditions regardless of the =
processor=E2=80=99s DisplayFamily/DisplayModel signature, and that the op=
erating system should deploy appropriate mitigations. Virtual machine man=
agers (VMM) may set RSBA via MSR interception to indicate that a virtual =
machine might run at some time in the future on a vulnerable processor."

New bit.. but not mentioned in the:

336996-Speculative-Execution-Side-Channel-Mitigations.pdf

Paolo, is there some form of callback inside of the guest when KVM guests=
 are migrated?
(It exists under Xen, but I don't see it under KVM?)
>=20
> Backwards migration to older hypervisors also happens sometimes, but in
> general it creates more userspace than kernel issues.
>=20
> Paolo