From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from aserp2120.oracle.com ([141.146.126.78]) by Galois.linutronix.de with esmtps (TLS1.2:RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fEGy5-0005h8-UB for speck@linutronix.de; Thu, 03 May 2018 18:20:31 +0200 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w43GBWUn006798 for ; Thu, 3 May 2018 16:20:23 GMT Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2120.oracle.com with ESMTP id 2hmgxg2kes-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 03 May 2018 16:20:22 +0000 Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w43GKLk1028948 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 3 May 2018 16:20:22 GMT Received: from abhmp0018.oracle.com (abhmp0018.oracle.com [141.146.116.24]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w43GKLbC024336 for ; Thu, 3 May 2018 16:20:21 GMT Date: Thu, 3 May 2018 12:20:20 -0400 From: Konrad Rzeszutek Wilk Subject: [MODERATED] Re: L1D-Fault KVM mitigation Message-ID: <20180503162020.GA4889@char.us.oracle.com> References: <20180424090630.wlghmrpasn7v7wbn@suse.de> <20180424093537.GC4064@hirez.programming.kicks-ass.net> <8cbc35b2-f75a-6357-014d-e20ff7284ac0@redhat.com> MIME-Version: 1.0 In-Reply-To: <8cbc35b2-f75a-6357-014d-e20ff7284ac0@redhat.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Tue, Apr 24, 2018 at 02:53:15PM +0200, speck for Paolo Bonzini wrote: > On 24/04/2018 11:35, speck for Peter Zijlstra wrote: > > I know that I worked a little with Tim on this, and I know Google did > > their own thing (but have not seen patches from them -- is pjt on this > > list?). I've also heard Amazon was also working on things (are they > > here?). And I think RHT was also looking into something (mingo, bonzini > > -- are you guys reading?) > > Yes, I am. First of all: the cost of doing an L1D flush on every ..snip.. > Ingo suggested, for ease of testing and also for ease of deployment, a > knob to easily online/offline all siblings but the first on each core. > There's still the chance that some userspace daemon is started before > hyperthreading is software-disabled that way, and is confused by the > number of CPUs suddenly halving, so it would have to be both on the > kernel command line and in debugfs. Are there any patches that you would be willing to share so folks can review/test/etc? I was going to start doing this next but I suspect you have already most of this ?