[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] x86/Xen: make use of IBPB controlling VM assist
- To: Juergen Gross <jgross@xxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Mon, 20 Mar 2023 14:17:14 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KjlVsSppr6HeIkwhJrbLyfv+0fzq8SvYNhBrFRK9OmE=; b=nL2y6hegM8VqFTBr969p/UVtuaa2MMbpzb8F3GsxGyjPv3VnEHVxesj0zskwsok/4NxqPmjTlvhZ9T+sQdcj1JQi8ee2ifmrID3F4a0uM+p8WnYJOLmwQEh/23ZBDmEo0ygKt1Rd7eMS7VA46plMKJ/uW3PPhhAnBbM3PjjQmV/4OZcMM9HXorJwlfTx9KtCPCBzgMcFFc8CGQZKJj8h6rTXXJyTMMjj06rYuFUz19gw77DM0wcV6YR6MA1SKCHWgoNzZbc75H5KZBfdrEmTNUPLP/mYkefaPzpWCvoJ4lvtrf6dUFJArRPVZbRx44eaSy/ar/a7ie9WZORgvjpaGw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jZ9Ia/E0VIM3OlTRGRwEGq+KN4/Oh34rgjez9Lb6Lre08d/av2AJfgUXvoLvcGw3fHlOPoMLhXDEBis1aR7aCP3qZdknYYSlFEwhKuUkghM7ViIGGpCdHSl3Itf/hPZMicXFeWQWmh5UyVLvlwl3c9WYfUfEgct+SW2ikvB3VvNSddWCYUqasUqfN7R7TuZPhoaQ8m3yujY37PsbAzi960NMpUYPqoCPXSIx1k2xUkQGCaes8DFJ6VWnziaqn6i62KVXFO74NcCBccvWQ407+AFAQuc0SqEP8KVWCCDnX3kO2EwzFCEl+8Nv5yT5J6j9lHV/Xm22oWmOas6Af8jlkg==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
- Delivery-date: Mon, 20 Mar 2023 13:17:20 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 20.03.2023 14:02, Juergen Gross wrote:
> On 20.03.23 11:19, Jan Beulich wrote:
>> On 17.03.2023 14:56, Juergen Gross wrote:
>>> +void __init xen_pv_fix_mitigations(void)
>>> +{
>>> + if (!xen_vm_assist_ibpb(true))
>>> + setup_clear_cpu_cap(X86_FEATURE_ENTRY_IBPB);
>>
>> ... using both setup_clear_cpu_cap() (here) and setup_force_cpu_cap()
>> (in retbleed_select_mitigation() won't work: The latter wins, due to
>> how apply_forced_caps() works.
>
> Oh, right.
>
> Just a wild guess of mine: probably the x86 maintainers would still prefer
> a single Xen hook plus something like a setup_unforce_cpu_cap() addition.
If so, I'm not willing to make such a patch. That's clearly more fragile
than the approach chosen. I guess once I've made the one adjustment you
have pointed out, I'll resubmit otherwise unchanged and include x86 folks.
We'll see what the responses are going to be, if any at all.
>> But of course calling both functions for the same feature is bogus
>> anyway. In fact I think it is for a good reason that in Xen we log a
>> message in such an event.
>
> Depends. For Xen we do so in the kernel for multiple features, see
> xen_init_capabilities().
I don't see anything there which looks like it might be both "force"d
and "clear"ed in a single session.
Jan
|