Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp3870823ybl; Mon, 9 Dec 2019 01:17:04 -0800 (PST) X-Google-Smtp-Source: APXvYqxizD5og673ZcmN7mGvmfb2S2Uo7ROvqR4xXBdTMiCcgcNc54gYbNsCTYWAVRd+B/i3+kYA X-Received: by 2002:a05:6808:296:: with SMTP id z22mr6738931oic.153.1575883024378; Mon, 09 Dec 2019 01:17:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575883024; cv=none; d=google.com; s=arc-20160816; b=X9hCjzYbatSSz7twfxiWjFd6xLieJeFwTYhl+rTyQWCYrg/tFwFGKw03S7IwNoEKC4 ACCM45sHdD9bvjjZ+teehkrbrSMAOu1IBNVG2kdG6rQN3FCKULQCHv6mvK+LarnH7Isy rxvQyy2r/srphkPidDI2BkwM+cNwoUBNWHVQ6xkVxnLHD0cKbuafNGDxWs73nZY2EvOA V7hjHgmOFpvPv+3yzXaW5ONv6u9hCWsIdWV9lzXV8M+PO8ZxwdrVHYYHTkXgKanADjlq Y26jQp6exnqndDYeHkThwb6koBVvZHqWDXney76dFavJ44AIgENb//Ts1vaZSXcImGY8 lAaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=YfELO45T0KxxEI+GHyVFfpIjRmClA+hBogWql5/W6SQ=; b=X82RAJEyIlHEOQcxquIOH3xqYpOCDNXivbom0oI+1dn2oUpTqa19c/f69Sf309A5+B kN0Krmih/9DxoXgqeA7zISwYMU1PfxZVELheKii4ej5bCOlNOthXn90sbJUe/TqDt3V5 xlTwDK2qMDIVrWAOZl4NQIkS+UtPWqvkTcAYFZhoDhUy2+u/aGwDp/GRE5rNGVLdmeDD P+ptRBhHlxYtE8/vmsC+i0cNvaMpkeiI7Mn0GjCvOaDucaCSme374UKTBokuitidOZs6 aXpbpnylSAIKdIAWqQOotqbIZh3yesRguqGB3H9fn3ZH9YQrsWWGq0/KsWFJCAB97EZW KSyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ExJDK+V5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m19si4410707otk.84.2019.12.09.01.16.52; Mon, 09 Dec 2019 01:17:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ExJDK+V5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727483AbfLIJPM (ORCPT + 99 others); Mon, 9 Dec 2019 04:15:12 -0500 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:22637 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726377AbfLIJPM (ORCPT ); Mon, 9 Dec 2019 04:15:12 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1575882910; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YfELO45T0KxxEI+GHyVFfpIjRmClA+hBogWql5/W6SQ=; b=ExJDK+V5n1so0L7bLDJGhk1EQYKtBcYFy3CoOOhBRRi+2k8Gcx4m18YW24jjz36kcjPT3R aVC9xcjNmSFPAoBv4nTu+tbtf0sMFacn2c7AhFdUCu4Oz5PzJ/VecuCL2CV1G7o9DDU89T 9CEuF2pRwK6xteu3sNQoNkFHv18KZCA= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-278-WrN5INItPUa1VT1J9QIr-A-1; Mon, 09 Dec 2019 04:15:09 -0500 Received: by mail-wr1-f70.google.com with SMTP id f17so7247207wrt.19 for ; Mon, 09 Dec 2019 01:15:09 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=YfELO45T0KxxEI+GHyVFfpIjRmClA+hBogWql5/W6SQ=; b=SS6BC0iFIbYh7OhhZVW8NZpFy3d3U9EJ4eQPygnWB6I2V5gVKyBK4xFTpR7a26tohL jArWipDluTL+RovlakRNnJweWS+Of2UWkUoa9DNDe5kXJUP1Hj5Ws/kjdDI/SOPJiHyw f+dp/kS8clvlwkcRvQdOarcIUUSyHCQe91nrPa1+GPAmO363a7dGmT+XU/Evt02cz0RV GkBeOmZqsdHkBqq5y3NW4XWaAibSp5oaTMizg0USMueFGxXZjrFNzTJ5/emneX6ckNgi gE5nSGxLpWnqkIix6QYCmCEPrUZH4fEJVPuAex1mdw1dXfJhhKv0jVhRIed3N9GfHVgG 7xlw== X-Gm-Message-State: APjAAAUm/rhQcYRIMADCff9VveHF2d64+VmMQqgLzknoJbJ/AM+Q6Wlg xZdCeeDPRvQVEDVgWwSrKuo/bWO8MgwvhKYltYTl0B8u8R19Hx8IQwP+waqwSjavsNAynm9KGPp M2vOWNzWUL5P797/mcMpRpUhM X-Received: by 2002:adf:df8e:: with SMTP id z14mr906550wrl.190.1575882908454; Mon, 09 Dec 2019 01:15:08 -0800 (PST) X-Received: by 2002:adf:df8e:: with SMTP id z14mr906513wrl.190.1575882908118; Mon, 09 Dec 2019 01:15:08 -0800 (PST) Received: from ?IPv6:2001:b07:6468:f312:e9bb:92e9:fcc3:7ba9? ([2001:b07:6468:f312:e9bb:92e9:fcc3:7ba9]) by smtp.gmail.com with ESMTPSA id t81sm13500137wmg.6.2019.12.09.01.15.07 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 09 Dec 2019 01:15:07 -0800 (PST) Subject: Re: [PATCH RFC] KVM: x86: tell guests if the exposed SMT topology is trustworthy To: Ankur Arora , Vitaly Kuznetsov Cc: x86@kernel.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , Sean Christopherson , Jim Mattson , Liran Alon , linux-kernel@vger.kernel.org, "H. Peter Anvin" , "Peter Zijlstra (Intel)" , kvm@vger.kernel.org References: <20191105161737.21395-1-vkuznets@redhat.com> <4f835a11-1528-a04e-9e06-1b8cdb97a04d@oracle.com> <87wob9d0t3.fsf@vitty.brq.redhat.com> <2e16b707-f020-22a3-a618-4960db917dfa@oracle.com> From: Paolo Bonzini Message-ID: Date: Mon, 9 Dec 2019 10:15:12 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.1 MIME-Version: 1.0 In-Reply-To: <2e16b707-f020-22a3-a618-4960db917dfa@oracle.com> Content-Language: en-US X-MC-Unique: WrN5INItPUa1VT1J9QIr-A-1 X-Mimecast-Spam-Score: 0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06/12/19 21:31, Ankur Arora wrote: >> If we, however, discuss other hints such 'pre-ACK' mechanism may make >> sense, however, I'd make it an option to a 'challenge/response' >> protocol: if host wants to change a hint it notifies the guest and waits >> for an ACK from it (e.g. a pair of MSRs + an interrupt). I, however, > > My main reason for this 'pre-ACK' approach is some discomfort with > changing the CPUID edx from under the guest. Changing the CPUID is fine, if we document which CPUID can change. There are CPUID leaves that change at runtime, for example in leaf 0Dh (though in that case it's based on XCR0 and not on external circumstances). > As we've discussed offlist, the particular hint I'm interested in is > KVM_HINT_REALTIME. That's not a particularly good candidate though > because there's no correctness problem if the host does switch it > off suddenly. Or perhaps it's a good candidate, exactly because there's no correctness problem. For SMT topology, there are security issues if the host doesn't respect it anymore, so making it changeable is of limited utility. Paolo