[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 3/3] x86/cpu-policy: Derive RSBA/RRSBA for guest policies


  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 5 Jun 2023 10:04:09 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qCUgs5LvrhINOsk70XDEqLSdFRZiH9too8S7O00vAgo=; b=YUe8gI175fsb2WLUknJ/hpWesME19uBxXxHnCTvQP3ML7PMfSNKG+5OR+xMS/w10raBd5H1V1hhiZFWs48xBjfDARAkIVNf/QgibuSL863Pim2qV0WHQ7TEdAk4B/VEc+vC1zW4sSegNvgTuvhlUeUzMhUwfeA83yJVwWs9/ENXUCIytCpKvbEkwgsD0+ViEfrHDFP+SyODaVxTRRPUZCTca10GCrl83+klvdkz5jGWFUVje88n3O75PfsrulSJC3ow1+Cp3j9rZreVUyD+DqRL78LIoeVBxoUM3ncDFvx3XIMO23kL/00eFZye7Wfg5iUDmxvV3vnO/7k8iy5vqaw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Co9QDEmkzhGvdWJZVZpMyR4awR7KofDQCxkGh2fWhzTar1XSxRawlSEIyObg+L2LpzYcHv9Pqp5QuD3on7eBQaiXchZhSVCiIFKbiV/Ko6urROEnlgPkWemAI48y6fZjddpB3FQzc4KfyrThmIAtfO/2EisKNlC6KRkA0800Of0tGE29CHlIYsu+duQlbhIeKHvY24Lh8M0UdmXJ4wzul+Hb50tLHcK1brqoGpOkiod4BnWcG68CVdbdq/u2ylWURlL3oiC6KDsgK/NOvW/C0vAUcB2PKh6+YeEBYptCXUS8rzcVk1rBU2RMUmwBZ/pRvEWSeEwFulTDBm2ncmQ6Uw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 05 Jun 2023 08:04:28 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 02.06.2023 17:38, Andrew Cooper wrote:
> On 02/06/2023 4:29 pm, Andrew Cooper wrote:
>> On 02/06/2023 11:20 am, Jan Beulich wrote:
>>> On 01.06.2023 16:48, Andrew Cooper wrote:
>>> What about a tool stack request leading to us setting the 2nd of the two
>>> bits here, while the other was already set? IOW wouldn't we better clear
>>> the other bit explicitly? (Due to the EIBRS dependency or RRSBA I think
>>> this can really only happen when the tool stack requests RSBA+EIBRS, as
>>> the deep deps clearing doesn't know the concept of "negative"
>>> dependencies.)
>> Hmm - I think there is a bug here, but it's not this simple.  I think
>> the only reasonable thing we can do is start rejecting bad input because
>> I don't think Xen can fix up safely.
>>
>> Xen must not ever clear RSBA, or we've potentially made the VM unsafe
>> behind the toolstack's back.
>>
>> If EIBRS != RRSBA, the toolstack has made a mistake.  Equally too for
>> RSBA && EIBRS.
>>
>> I think this is going to take more coffee to solve...
> 
> Actually, no.
> 
> I'm going to delete the hunk modifying recalculate_cpuid(), and move
> this patch back to the meaning it had in v1 which is just "get the
> policies looking correct".

Hmm, and how are you intending to achieve that goal without adjusting
behind the tool stack's back, and without it being an option (yet) to
reject the input? Iirc you agreed with my v1 remark that some fixing
that some fixing up is going to be necessary.

Since as you say (and as I should have realized when writing the earlier
reply) we may never clear RSBA, wouldn't it be an option to clear EIBRS
instead?

> It's still not supported for the toolstack to request ARCH_CAPS (the "a"
> marking), and the safely logic for that can come in a subsequent series
> along with the unit(ish) testing I was already planning to do.

Yet it not being supported doesn't mean we should leave a broken
result when we can fix things up (for the time being, i.e. until we
can report back that we don't like this feature combination).

Jan



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.