Received: by 2002:a05:6358:53a8:b0:117:f937:c515 with SMTP id z40csp1142170rwe; Fri, 14 Apr 2023 15:12:54 -0700 (PDT) X-Google-Smtp-Source: AKy350aOxiB2C2TFWfDcCjTluJY5MpTgF2xkCK4L38fVWl+RnlQjV+iGv8qEonpMkCVFadUZYGmI X-Received: by 2002:a05:6a00:189f:b0:628:1852:8431 with SMTP id x31-20020a056a00189f00b0062818528431mr10954648pfh.30.1681510373912; Fri, 14 Apr 2023 15:12:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681510373; cv=none; d=google.com; s=arc-20160816; b=y0zfe2i697aQVrNnEjfO/Nm1+3fkbS4sq1sXkIjYgkH+TrGQ8IjG7DOYxBOCjJsDmL FPTVHYhW5ORuyS+xc4a3R/TQ3P5A6jYkyAyfA/DUPOvzQi3Q65xedJ2klwUMGtLoqrza wh0I/9qbCHn229EQy0t7+rSX5i2b1OTSLffZGgMAvVEzKPFQwou5dy1KXIwZizw4QCUc Jl+tpOjBFntoBcHkNrIidHxLq3V8/VbY/jv05nOBTFyfOyWV2ar5gymAVnSW/7ugRXcn Cdw5X1l5u5wn1BJASQZbaC4T3EMg94PyDdHxVl7nI1kw28e5GKB7gE4/s5wDU6dJkxiR BBvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=glcKM8ebebkg41OP5lKR0Z82fMwWUyAYq4z6YsgToGI=; b=T094GFgTr2lLorisgZYUVWZVTQ53PcJttAe9/1stmVdQYAGIXZ4q/UEyGlOA3wLXIH Q5s0JkT8B1s1gUXf90+1rQ3G4iH2qdIjsOjKXhmP3aUX66YqteQ31TvWnf+97A3/6Epw /y429Y+fQcfVTdKMOFa5p4paImAiUNzLBpfLfaROYg70/IH1QzplNsFMWwOOqDDq6q8r dEjN4KRvtRkz8MRWdLt7HRhdwkCHoztyiz4QLXRKjpBxDt/Q1BNpK734cu5RQI0vTOYI 4+VCwO4E1/Prv/j2TOMd5qPreJLY5T5gt2JtUAyWEkMIxHH0GK8UaxXVQUf2jnNq/DDB n2fQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=J7UCc0ky; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b25-20020aa79519000000b0062b24b48726si5392911pfp.123.2023.04.14.15.12.40; Fri, 14 Apr 2023 15:12:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=J7UCc0ky; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229913AbjDNWME (ORCPT + 99 others); Fri, 14 Apr 2023 18:12:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229721AbjDNWMD (ORCPT ); Fri, 14 Apr 2023 18:12:03 -0400 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A5F84227; Fri, 14 Apr 2023 15:11:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1681510317; x=1713046317; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=WiWXTGVCF+qXlWmQRnmUTBXheyJciBXVKqlJT/z2Yn0=; b=J7UCc0kyPb1fgtVfbS224vXnc9LjO70546hvZabMLsen1iUXOsLTtTDe O37QLlk8XuoRX8wsPdwmEKuG41o5aKdMgznhfAL1zex7xrjer5h62dTIo v1YwOGIOE6YZ4KkjJUHWfa9lNYx7QtfN9FvuDpz/TNWNTU+9RMFKlZ6Dx bgwEVoK5dsAJthPAKapICFkDSkO+IuKGZXyDK2UIrPV5XzqFZ3Ti0ypUe lCHA0uZeZRfrRShNLkQ+NCS1wIxsJ/G4Xku60UdF6zbiDUnf1/q787+TE LSDsD/2XAnP6yHdyFyb8HRPgkmhza6WzJRubc+4GtTvsfvDYcOeRy0vip g==; X-IronPort-AV: E=McAfee;i="6600,9927,10680"; a="372450078" X-IronPort-AV: E=Sophos;i="5.99,198,1677571200"; d="scan'208";a="372450078" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Apr 2023 15:10:30 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10680"; a="833708633" X-IronPort-AV: E=Sophos;i="5.99,198,1677571200"; d="scan'208";a="833708633" Received: from ibaremetalpc.amr.corp.intel.com (HELO desk) ([10.209.10.51]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Apr 2023 15:10:23 -0700 Date: Fri, 14 Apr 2023 15:10:17 -0700 From: Pawan Gupta To: Binbin Wu Cc: Chao Gao , kvm@vger.kernel.org, Jiaan Lu , Alexandre Chartre , Arnaldo Carvalho de Melo , Babu Moger , Borislav Petkov , Borislav Petkov , Daniel Sneddon , Dave Hansen , David Matlack , "H. Peter Anvin" , Ingo Molnar , Josh Poimboeuf , Kim Phillips , Len Brown , linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Nikunj A Dadhania , Paolo Bonzini , Peter Zijlstra , Sandipan Das , Sean Christopherson , Shuah Khan , Thomas Gleixner , Vitaly Kuznetsov , x86@kernel.org, Zhang Chen Subject: Re: [RFC PATCH v2 00/11] Intel IA32_SPEC_CTRL Virtualization Message-ID: <20230414221017.i4nfrcxrbxlznrxk@desk> References: <20230414062545.270178-1-chao.gao@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Apr 14, 2023 at 05:51:43PM +0800, Binbin Wu wrote: > > On 4/14/2023 2:25 PM, Chao Gao wrote: > > Changes since RFC v1: > > * add two kselftests (patch 10-11) > > * set virtual MSRs also on APs [Pawan] > > * enable "virtualize IA32_SPEC_CTRL" for L2 to prevent L2 from changing > > some bits of IA32_SPEC_CTRL (patch 4) > > * other misc cleanup and cosmetic changes > > > > RFC v1: https://lore.kernel.org/lkml/20221210160046.2608762-1-chen.zhang@intel.com/ > > > > > > This series introduces "virtualize IA32_SPEC_CTRL" support. Here are > > introduction and use cases of this new feature. > > > > ### Virtualize IA32_SPEC_CTRL > > > > "Virtualize IA32_SPEC_CTRL" [1] is a new VMX feature on Intel CPUs. This feature > > allows VMM to lock some bits of IA32_SPEC_CTRL MSR even when the MSR is > > pass-thru'd to a guest. > > > > > > ### Use cases of "virtualize IA32_SPEC_CTRL" [2] > > > > Software mitigations like Retpoline and software BHB-clearing sequence depend on > > CPU microarchitectures. And guest cannot know exactly the underlying > > microarchitecture. When a guest is migrated between processors of different > > microarchitectures, software mitigations which work perfectly on previous > > microachitecture may be not effective on the new one. To fix the problem, some > > hardware mitigations should be used in conjunction with software mitigations. > > So even the hardware mitigations are enabled, the software mitigations are > still needed, right? Retpoline mitigation is not fully effective when RET can take prediction from an alternate predictor. Newer hardware provides a way to disable this behavior (using RRSBA_DIS_S bit in MSR SPEC_CTRL). eIBRS is the preferred way to mitigate BTI, but for some reason when a guest has deployed retpoline, VMM can make it more effective by deploying the relevant hardware control. That is why the above text says: "... hardware mitigations should be used in conjunction with software mitigations."