|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v9 02/11] x86/cpuid: Handling of IBRS/IBPB, STIBP and IBRS for guests
>>> On 19.01.18 at 11:53, <andrew.cooper3@xxxxxxxxxx> wrote: > On 19/01/18 10:40, Jan Beulich wrote: >>>>> On 18.01.18 at 16:46, <andrew.cooper3@xxxxxxxxxx> wrote: >>> For guest safety, we treat STIBP as special, always override the toolstack >>> choice, and always advertise STIBP if IBRS is available. This removes the >>> corner case where STIBP is not advertised, but the guest is running on >>> HT-capable hardware where it does matter. >> I guess the answer to my question may live somewhere later in the >> series, but since I haven't got there yet: Is this based on the >> assumption that on HT-capable hardware they would always be >> available together? Otherwise, how do you emulate STIBP for the >> guest if all you've got is IBRS/IBPB? > > The safety depends on the guest seeing STIBP and using it if it wants > to. (Not that I've seen any sign of STIBP in the Linux code, or from > observing what Windows appears to do). > > For topology reasons (despite the other cans of worms in this area), we > unilaterally set HT, so all guests should find themselves on HT-capable > systems. But this doesn't answer my question: What do you do if the guest uses STIBP (because you've told it that it can), but the hardware doesn't support it? Aren't you producing a false sense of security to the guest this way? Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |