[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 07/10] x86/spec_ctrl: Explicitly set Xen's default MSR_SPEC_CTRL value

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Mon, 14 May 2018 16:39:21 +0100
Cc: Juergen Gross <jgross@xxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Zhenzhong Duan <zhenzhong.duan@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Mon, 14 May 2018 15:39:34 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, May 11, 2018 at 11:38:11AM +0100, Andrew Cooper wrote:
> @@ -417,6 +419,32 @@ void __init init_speculation_mitigations(void)
>          setup_clear_cpu_cap(X86_FEATURE_NO_XPTI);
>  
>      print_details(thunk, caps);
> +
> +    /*
> +     * If MSR_SPEC_CTRL is available, apply Xen's default setting and discard
> +     * any firmware settings.  For performance reasons on native hardware, we
> +     * delay applying non-zero settings until after dom0 has been 
> constructed.
> +     */
> +    if ( boot_cpu_has(X86_FEATURE_IBRSB) )
> +    {
> +        bsp_delay_spec_ctrl = !cpu_has_hypervisor && default_xen_spec_ctrl;
> +

Why is cpu_has_hypervisor needed here?  This should help nested case as
well. And it wouldn't make the setup less secure, right?

Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 07/10] x86/spec_ctrl: Explicitly set Xen's default MSR_SPEC_CTRL value
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH for-4.11 00/10] x86: Improvements and fixes to Spectre handling
  - From: Andrew Cooper
- [Xen-devel] [PATCH 07/10] x86/spec_ctrl: Explicitly set Xen's default MSR_SPEC_CTRL value
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH for-4.11 00/10] x86: Improvements and fixes to Spectre handling
Next by Date: Re: [Xen-devel] [PATCH 10/10] x86/spec_ctrl: Elide MSR_SPEC_CTRL handling in idle context when possible
Previous by thread: [Xen-devel] [PATCH 07/10] x86/spec_ctrl: Explicitly set Xen's default MSR_SPEC_CTRL value
Next by thread: Re: [Xen-devel] [PATCH 07/10] x86/spec_ctrl: Explicitly set Xen's default MSR_SPEC_CTRL value
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.