From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: =?utf-8?q?=3CBATV+bf513442a924d3f3946d+5357+infradead=2Eorg+d?= =?utf-8?q?wmw2=40twosheds=2Esrs=2Einfradead=2Eorg=3E?= Received: from twosheds.infradead.org ([2001:8b0:10b:1:21d:7dff:fe04:dbe2]) by Galois.linutronix.de with esmtps (TLS1.2:RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from =?utf-8?q?=3CBATV+bf513442a924d3f3946d+5357+infradea?= =?utf-8?q?d=2Eorg+dwmw2=40twosheds=2Esrs=2Einfradead=2Eorg=3E=29?= id 1fAvvh-0004UP-CD for speck@linutronix.de; Tue, 24 Apr 2018 13:16:13 +0200 Received: from [2001:8b0:10b:1::b8f] by twosheds.infradead.org with esmtpsa (Exim 4.90_1 #2 (Red Hat Linux)) id 1fAvvf-000760-NR for speck@linutronix.de; Tue, 24 Apr 2018 11:16:11 +0000 Message-ID: <1524568571.8691.45.camel@infradead.org> Subject: [MODERATED] Re: L1D-Fault KVM mitigation From: David Woodhouse In-Reply-To: <20180424110445.GU4043@hirez.programming.kicks-ass.net> References: <20180424090630.wlghmrpasn7v7wbn@suse.de> <20180424093537.GC4064@hirez.programming.kicks-ass.net> <1524563292.8691.38.camel@infradead.org> <20180424110445.GU4043@hirez.programming.kicks-ass.net> Date: Tue, 24 Apr 2018 12:16:11 +0100 Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Tue, 2018-04-24 at 13:04 +0200, speck for Peter Zijlstra wrote: > Not sure I'm following. The above assumes a sibling is running a VCPU of > another VM, right? But it could equally well run any regular old task > (including idle). > > So only pausing siblings in VMX mode wouldn't help anything. The !VMX > tasks could still be loading stuff into L1. Er, yeah... I may have briefly forgotten that some people sometimes run actual userspace, not just VM guests. It's ring 3 *and* VMX non-root which would need to be paused on HT siblings. And it would need to be triggered on any transition back into the kernel from userspace too, not just vmexit. Which makes it a little bit harder.