[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 3/3] x86/cpu-policy: Derive RSBA/RRSBA for guest policies

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Fri, 2 Jun 2023 16:38:47 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qYxJroBmejkzKcho2q8kWhMQ6CfhU3M6FV6ElBdG6xI=; b=DY19MnxORgU6LhvhRqnthDuCR/v8zQ6wsJXGCxYXiAOLsyUix2gBuGMqblF87dPtKkwFcTBvjmjr/nulBw4KVgXBkQCA70wu2dnVXG07lZeKPJL+pgzYaVlO0EGD0074gCiU68eBS878w3eXdCxee99sxbBwDhZedNs4kE7Etmjmi2TeREY3UttgLledNvfqCAPwc+FNJ7Uq+tjXkNOuxOw4D7l3yqVcwGvqaUKh2ARa3pNAIyMmFO6W7CyFqu3lYf5gHwhxLl2U7DawZqP6h0qkThCgGRp75fzLaxyfY3bGeqNdasjyOTXP+QP8xM6Xl52GbfhWAIL/abRABCk1fA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZjFs5kAtTIcQ+4hJfMQ5fnfh+NE258mi2vDOeB7IEx2X40bzfA2ylBjhUhHhpmdwkG/1+XpmmjmvnIMCIhipMNeo0YxTcoLQcUXm9gPHj5l8uoKNIdV+3tzb7khtoC9YVcQ80bzk9NvmBEx58WaKsPmgYJCpTQpteOF8QfATBv8FgwT4sN/m+eQDU4bp4efPD6FY8/5uN7twCztLGW9RavMpHejNumxPuWLTmPzpbwtLuuzYY840UOd6nSfClipwWs7LAUO4MCOhF9DhJK0Bpenyb19pY2NUCnjsddEYWw2/VSnCM+vUZnuX9v/gqRjB2exJAEva1557xy+FIxi+sg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 02 Jun 2023 15:39:17 +0000
  • Ironport-data: A9a23://T80KNTFRkT2rjvrR2HlsFynXyQoLVcMsEvi/4bfWQNrUokhDUHn TcbCG2OafmOYDPzLdoiYN61o09S6pGHxtFgTQto+SlhQUwRpJueD7x1DKtS0wC6dZSfER09v 63yTvGacajYm1eF/k/F3oDJ9CU6jufQAOKnUoYoAwgpLSd8UiAtlBl/rOAwh49skLCRDhiE/ Nj/uKUzAnf8s9JPGjxSs/rrRC9H5qyo42tG5gZmPpingXeF/5UrJMNHTU2OByOQrrl8RoaSW +vFxbelyWLVlz9F5gSNy+uTnuUiG9Y+DCDW4pZkc/HKbitq/0Te5p0TJvsEAXq7vh3S9zxHJ HehgrTrIeshFvWkdO3wyHC0GQkmVUFN0OevzXRSLaV/ZqAJGpfh66wGMa04AWEX0uFYCz9i+ /AeFDAmUw+Otdy/y+mLacA506zPLOGzVG8ekldJ6GmFSNoDH9XESaiM4sJE1jAtgMwIBezZe 8cSdTtoalLHfgFLPVAUTpk5mY9EhFGmK2Ee9A3T+vFxvza7IA9ZidABNPL8fNCQSNoTtUGfv m/cpEzyAw0ANczZwj2Amp6prraWxXqnAtJIRNVU8NZosUSY1jI5AiZVblW7i+eai2yufNB2f hl8Fi0G6PJaGFaQZtv3UgC8oXWElgUBQNcWGOo/gCmSzoLE7gDfAXILJhZRZdpjuMIoSDgC0 l6Sg8ivFTFpqKeSS3+W6vGTtzzaBMQOBWoLZCtBQQ5b5dDm+N03lkiXEoglF7OphNroHz222 yqNsCU1m7QUi4gMyrm/+lfExTmro/AlUzII2+keZUr9hisRWWJvT9XABYTzhRqYELukcw==
  • Ironport-hdrordr: A9a23:GCh4pq0y3RCMnV56vpG9swqjBJkkLtp133Aq2lEZdPU1SL38qy nKpp536faaslossR0b9uxoQZPwOE80lqQFg7X5X43DYOCOggLBEGgF1+XfKlbbak7DH4BmtJ uIRJIObOEYXWIQsS8j2njCLz/7+qjgzEl0v5a4856wd3ATV0i/1XYCNjqm
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 02/06/2023 4:29 pm, Andrew Cooper wrote:
> On 02/06/2023 11:20 am, Jan Beulich wrote:
>> On 01.06.2023 16:48, Andrew Cooper wrote:
>> What about a tool stack request leading to us setting the 2nd of the two
>> bits here, while the other was already set? IOW wouldn't we better clear
>> the other bit explicitly? (Due to the EIBRS dependency or RRSBA I think
>> this can really only happen when the tool stack requests RSBA+EIBRS, as
>> the deep deps clearing doesn't know the concept of "negative"
>> dependencies.)
> Hmm - I think there is a bug here, but it's not this simple.  I think
> the only reasonable thing we can do is start rejecting bad input because
> I don't think Xen can fix up safely.
>
> Xen must not ever clear RSBA, or we've potentially made the VM unsafe
> behind the toolstack's back.
>
> If EIBRS != RRSBA, the toolstack has made a mistake.  Equally too for
> RSBA && EIBRS.
>
> I think this is going to take more coffee to solve...

Actually, no.

I'm going to delete the hunk modifying recalculate_cpuid(), and move
this patch back to the meaning it had in v1 which is just "get the
policies looking correct".


It's still not supported for the toolstack to request ARCH_CAPS (the "a"
marking), and the safely logic for that can come in a subsequent series
along with the unit(ish) testing I was already planning to do.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.