[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PATCH 0/3] x86/amd: Hardware speculative controls
This is the very beginning the work to start using AMD hardware speculative controls on Zen2 or later. The extent of the work is very tangled, and breaks down roughly like this: 1) Teach Xen to use AMD's MSR_SPEC_CTRL and context switch per vCPU. It requires editing the common MSR_SPEC_CTRL logic, at which point it would be short sighted not to include Intel's eIBRS at the same time. 2) Expose MSR_SPEC_CTRL to AMD guests, along with all the hint bits. 3) Implement MSR_VIRT_SPEC_CTRL for guests, in terms of MSR_SPEC_CTRL.SSBD. Will be off by default on Zen2 and later, but needs to be usable for migration compatibility. 4) Implement legacy Memory Disambiguation context switching for pre-Zen2 parts, and expose MSR_VIRT_SPEC_CTRL to guests on older parts. In terms of end results, this is what the hardware feature look like on various generations of AMD CPU: Fam15h (Opteron 6212): (XEN) Speculative mitigation facilities: (XEN) Hardware hints: (XEN) Hardware features: IBPB (XEN) Compiled-in support: INDIRECT_THUNK SHADOW_PAGING (XEN) Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN (XEN) Support for HVM VMs: RSB (XEN) Support for PV VMs: RSB (XEN) XPTI (64-bit PV only): Dom0 disabled, DomU disabled (without PCID) (XEN) PV L1TF shadowing: Dom0 disabled, DomU disabled Zen1: (XEN) Speculative mitigation facilities: (XEN) Hardware hints: (XEN) Hardware features: IBPB (XEN) Compiled-in support: INDIRECT_THUNK SHADOW_PAGING (XEN) Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN (XEN) Support for HVM VMs: RSB (XEN) Support for PV VMs: RSB (XEN) XPTI (64-bit PV only): Dom0 disabled, DomU disabled (without PCID) (XEN) PV L1TF shadowing: Dom0 disabled, DomU disabled Zen2: (XEN) Speculative mitigation facilities: (XEN) Hardware hints: IBRS_FAST IBRS_SAME_MODE (XEN) Hardware features: IBPB IBRS STIBP SSBD (XEN) Compiled-in support: INDIRECT_THUNK SHADOW_PAGING (XEN) Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN (XEN) Support for HVM VMs: RSB (XEN) Support for PV VMs: RSB (XEN) XPTI (64-bit PV only): Dom0 disabled, DomU disabled (without PCID) (XEN) PV L1TF shadowing: Dom0 disabled, DomU disabled Zen3: (XEN) Speculative mitigation facilities: (XEN) Hardware hints: STIBP_ALWAYS IBRS_FAST IBRS_SAME_MODE (XEN) Hardware features: IBPB IBRS STIBP SSBD PSFD (XEN) Compiled-in support: INDIRECT_THUNK SHADOW_PAGING (XEN) Xen settings: BTI-Thunk LFENCE, SPEC_CTRL: No, Other: IBPB BRANCH_HARDEN (XEN) Support for HVM VMs: RSB (XEN) Support for PV VMs: RSB (XEN) XPTI (64-bit PV only): Dom0 disabled, DomU disabled (with PCID) (XEN) PV L1TF shadowing: Dom0 disabled, DomU disabled Although full support for all of this is a way off yet. To start with, make the existing `spec-ctrl=no-ssbd` command line option actually work on Zen3. Andrew Cooper (3): x86/spec-ctrl: Split the "Hardware features" diagnostic line x86/amd: Enumeration for speculative features/hints x86/amd: Use newer SSBD mechanisms if they exist tools/libs/light/libxl_cpuid.c | 10 +++++ tools/misc/xen-cpuid.c | 8 +++- xen/arch/x86/cpu/amd.c | 69 +++++++++++++++++++++-------- xen/arch/x86/cpu/cpu.h | 1 + xen/arch/x86/cpu/hygon.c | 10 +---- xen/arch/x86/hvm/svm/svm.c | 1 + xen/arch/x86/hvm/svm/vmcb.c | 1 + xen/arch/x86/spec_ctrl.c | 44 +++++++++++------- xen/include/asm-x86/cpufeature.h | 5 +++ xen/include/asm-x86/hvm/svm/svm.h | 2 + xen/include/asm-x86/hvm/svm/vmcb.h | 4 +- xen/include/asm-x86/msr-index.h | 3 ++ xen/include/public/arch-x86/cpufeatureset.h | 10 +++++ 13 files changed, 122 insertions(+), 46 deletions(-) -- 2.11.0
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |