Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp48271rwb; Wed, 14 Dec 2022 13:50:48 -0800 (PST) X-Google-Smtp-Source: AA0mqf7hnGDEQccw/H9PCY+yfWPT486d1JAWtepGVwTaX/N/3gMoO5NhHymtwyLR12Ol99hxnuwb X-Received: by 2002:a17:906:38c8:b0:7ba:5993:90e8 with SMTP id r8-20020a17090638c800b007ba599390e8mr22267497ejd.65.1671054647945; Wed, 14 Dec 2022 13:50:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671054647; cv=none; d=google.com; s=arc-20160816; b=y2NvH9ycrF4jNd7iP4AcTCnCoR3XPHgEMYLHyJ/kxqYQJ/uE9erqRj+mPzqPFJ6wSC wX27kt61EXyrYXDmIey4CpB/my/KpMXLdzp43PKaE9doKrhkqztJWSH7VKCeMO/69Vih wTVhit1NCjHAgHF/Snv6xJH6BHZYmS8eyQu4BDLJWUPt0vL1mi/B9VCY4V5dTb18ol0L b7gloS2hOyfoV2pHQVjnJrccN+XprftcBjBA55crY2obunOhjFsIZDLqqYhfQC+4+CpX wxYtElkoMpxjOktNV7PlrNnutEwWJ1hIKyVfRgMoXFDJYPpObxBeQb2rXyiMmVzQACYo CrGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=XZ1n8+nIX2hZn3XsXYGq2hnC9XLQZy4UoT+8m2Z4kb0=; b=tao3+KnAMKM+h+vRgJAJpftwTWbJvozPYWyfpNrg7rDC4WQkE4G2qqh6a54T9DhLoV NjUanUQyOkSVAW4aS8tCbtbgqdIAGoLP4evjcz677vrc4inn+o+FUQqygBKleZZam8FA Mhts2nqLYfKzQaZxyA8uX8swUspwj+4Lj4ruvp03PbCF+aVK7PQDOJgIrGqEaEBVweE+ UZjy+c4GXqW02SbXY75GVq1noz1NAtK9dSNstOT/EhNxhpJ8PqvWzXopRUFxPQDnQCSl /Zkg+90huUUk4EKDTVmrgUQJUUJqx2UMvYnQfNRrDNcp9VdYkuYfYAmr4quUV3X3zpnp 6pHw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=TGPBdcm9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dn15-20020a17090794cf00b007b6ff799abasi13161937ejc.465.2022.12.14.13.50.31; Wed, 14 Dec 2022 13:50:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=TGPBdcm9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229825AbiLNUa0 (ORCPT + 69 others); Wed, 14 Dec 2022 15:30:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33596 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230188AbiLNUaB (ORCPT ); Wed, 14 Dec 2022 15:30:01 -0500 Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D736031DC5 for ; Wed, 14 Dec 2022 12:18:22 -0800 (PST) Received: by mail-pj1-x1035.google.com with SMTP id fy4so8221124pjb.0 for ; Wed, 14 Dec 2022 12:18:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=XZ1n8+nIX2hZn3XsXYGq2hnC9XLQZy4UoT+8m2Z4kb0=; b=TGPBdcm94aFHv9Hel/S/gt3YaCFowv1ATI2xs9dHbFllFBpJjqpraZHUTu8hakg2EH JH+KQV05qZStUJdzHvvTsWTzsviroFniuzTmlbtHm3BUbeQBvWYKze7+2wZ2REGMDgc4 lXm1dREGmZYvfR0VkhwpFjyeoqV4CszWtUoaRPfyZLEbaDAyECXgcp0Et3te/l/srJj3 tRxE2DOG9g2soP2PJkJ79IJv/BWPQbI7bGMFUv/FfFejb62gtA57kX5m1mH/J/N4C3g4 9vDYgy8/tbZenvvPcUYtWT4DLzoLXDFSTuCzQYs6tqoJXZMJywizr1ooZJE/Yqj0KQwC H4ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=XZ1n8+nIX2hZn3XsXYGq2hnC9XLQZy4UoT+8m2Z4kb0=; b=W2spajl3bATulupmXVx9jrGas6KwNzgmwwLfIVcCw+6hnoKcJceo3HKqXZCFQ7NKRh +91wHEcyFWrLKwa2hJTEr66TAs+URO3Vvwq4h+qJJrV/sgqgr0Gpu2kUuu3kZA8aNbdY aji4JovVbv2UD6AzzC9RIGtB556s6DcSufzs79IuvExXuNvBqXR3zcWpEYrGW0zl4mEy UdKygaexunjnF1jpgaXj7tKcnv/XQdkWViTkQdgXrvw9Z9tof2UrOmCtQUo3O/wdB9ok CFFMvTmMR7Qh99/8OMZJWMy3uFQFCMAE1CNwdEzGqbcyPibobeWq+F0p8ZJ3Y/RUy7eV jUnQ== X-Gm-Message-State: ANoB5pn1YZbz8PE3iJ8uCm65JEILa2BZhRZvF4ZkvmJbAsIV2RLnD/6O Qr5qW5XGkZAchPNTbPY4rJEm8Q== X-Received: by 2002:a17:902:da8d:b0:189:3a04:4466 with SMTP id j13-20020a170902da8d00b001893a044466mr1011167plx.2.1671049102301; Wed, 14 Dec 2022 12:18:22 -0800 (PST) Received: from google.com (7.104.168.34.bc.googleusercontent.com. [34.168.104.7]) by smtp.gmail.com with ESMTPSA id ik13-20020a170902ab0d00b0017d97d13b18sm2290816plb.65.2022.12.14.12.18.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Dec 2022 12:18:21 -0800 (PST) Date: Wed, 14 Dec 2022 20:18:17 +0000 From: Sean Christopherson To: Zhang Chen Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Chao Gao , Pawan Gupta , Paolo Bonzini , "H. Peter Anvin" , Dave Hansen , Borislav Petkov , Ingo Molnar , Thomas Gleixner Subject: Re: [RFC PATCH 5/9] x86/bugs: Use Virtual MSRs to request hardware mitigations Message-ID: References: <20221210160046.2608762-1-chen.zhang@intel.com> <20221210160046.2608762-6-chen.zhang@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20221210160046.2608762-6-chen.zhang@intel.com> X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Dec 11, 2022, Zhang Chen wrote: > From: Pawan Gupta > > Guests that have different family/model than the host may not be aware > of hardware mitigations(such as RRSBA_DIS_S) available on host. This is > particularly true when guests migrate. To solve this problem Intel > processors have added a virtual MSR interface Is there any actual "processor" support here? To me, this looks like Intel is foisting a paravirt interface on KVM and other hypervisors without collaborating with said hypervisors' developers and maintainers. I get that some of the mitigations are vendor specific, but things like RETPOLINE aren't vendor specific. I haven't followed all of the mitigation stuff very closely, but I wouldn't be surprised if there are mitigations now or in the future that are common across architectures, e.g. arm64 and x86-64. Intel doing its own thing means AMD and arm64 will likely follow suit, and suddenly KVM is supporting multiple paravirt interfaces for very similar things, without having any control over the APIs. That's all kinds of backwards. And having to wait for Intel to roll out new documentation when software inevitably comes up with some clever new mitigation doesn't exactly fill my heart with joy.