From: Wei Liu <wei.liu2@citrix.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Juergen Gross <jgross@suse.com>, Wei Liu <wei.liu2@citrix.com>,
Zhenzhong Duan <zhenzhong.duan@oracle.com>,
Xen-devel <xen-devel@lists.xen.org>,
Jan Beulich <JBeulich@suse.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Roger Pau Monne <roger.pau@citrix.com>
Subject: Re: [PATCH 07/10] x86/spec_ctrl: Explicitly set Xen's default MSR_SPEC_CTRL value
Date: Wed, 16 May 2018 12:12:59 +0100 [thread overview]
Message-ID: <20180516111259.imcqqyo36of7o7ry@citrix.com> (raw)
In-Reply-To: <caf7ebaa-91cc-d4f2-9a58-ac707ffc1df4@citrix.com>
On Wed, May 16, 2018 at 12:08:02PM +0100, Andrew Cooper wrote:
> On 14/05/18 16:52, Jan Beulich wrote:
> >>>> On 14.05.18 at 17:39, <wei.liu2@citrix.com> wrote:
> >> On Fri, May 11, 2018 at 11:38:11AM +0100, Andrew Cooper wrote:
> >>> @@ -417,6 +419,32 @@ void __init init_speculation_mitigations(void)
> >>> setup_clear_cpu_cap(X86_FEATURE_NO_XPTI);
> >>>
> >>> print_details(thunk, caps);
> >>> +
> >>> + /*
> >>> + * If MSR_SPEC_CTRL is available, apply Xen's default setting and discard
> >>> + * any firmware settings. For performance reasons on native hardware, we
> >>> + * delay applying non-zero settings until after dom0 has been constructed.
> >>> + */
> >>> + if ( boot_cpu_has(X86_FEATURE_IBRSB) )
> >>> + {
> >>> + bsp_delay_spec_ctrl = !cpu_has_hypervisor && default_xen_spec_ctrl;
> >>> +
> >> Why is cpu_has_hypervisor needed here? This should help nested case as
> >> well. And it wouldn't make the setup less secure, right?
> > Ah, yes, Andrew, this should indeed be explained in at least one of comment
> > or commit message.
>
> I've adjusted this comment to read:
>
> /*
> * If MSR_SPEC_CTRL is available, apply Xen's default setting and discard
> * any firmware settings. For performance reasons, when safe to do so, we
> * delay applying non-zero settings until after dom0 has been constructed.
> *
> * "when safe to do so" is based on whether we are virtualised. A native
> * boot won't have any other code running in a position to mount an
> * attack.
> */
>
> and added the same second paragraph to the commit message.
LGTM. Thanks!
Wei.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2018-05-16 11:12 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-11 10:38 [PATCH for-4.11 00/10] x86: Improvements and fixes to Spectre handling Andrew Cooper
2018-05-11 10:38 ` [PATCH 01/10] x86/spec_ctrl: Read MSR_ARCH_CAPABILITIES only once Andrew Cooper
2018-05-11 14:32 ` Konrad Rzeszutek Wilk
2018-05-14 9:23 ` Wei Liu
2018-05-11 10:38 ` [PATCH 02/10] x86/spec_ctrl: Express Xen's choice of MSR_SPEC_CTRL value as a variable Andrew Cooper
2018-05-14 10:15 ` Wei Liu
2018-05-11 10:38 ` [PATCH 03/10] x86/spec_ctrl: Merge bti_ist_info and use_shadow_spec_ctrl into spec_ctrl_flags Andrew Cooper
2018-05-14 15:13 ` Wei Liu
2018-05-11 10:38 ` [PATCH 04/10] x86/spec_ctrl: Fold the XEN_IBRS_{SET, CLEAR} ALTERNATIVES together Andrew Cooper
2018-05-14 15:20 ` Wei Liu
2018-05-11 10:38 ` [PATCH 05/10] x86/spec_ctrl: Rename bits of infrastructure to avoid NATIVE and VMEXIT Andrew Cooper
2018-05-14 15:21 ` Wei Liu
2018-05-11 10:38 ` [PATCH 06/10] x86/spec_ctrl: Split X86_FEATURE_SC_MSR into PV and HVM variants Andrew Cooper
2018-05-14 15:22 ` Wei Liu
2018-05-14 15:27 ` Jan Beulich
2018-05-15 19:52 ` Andrew Cooper
2018-05-16 6:38 ` Jan Beulich
2018-05-16 10:28 ` Andrew Cooper
2018-05-16 10:49 ` Jan Beulich
2018-05-16 10:56 ` Andrew Cooper
2018-05-11 10:38 ` [PATCH 07/10] x86/spec_ctrl: Explicitly set Xen's default MSR_SPEC_CTRL value Andrew Cooper
2018-05-14 15:39 ` Wei Liu
2018-05-14 15:52 ` Jan Beulich
2018-05-16 11:08 ` Andrew Cooper
2018-05-16 11:12 ` Wei Liu [this message]
2018-05-11 10:38 ` [PATCH 08/10] x86/cpuid: Improvements to guest policies for speculative sidechannel features Andrew Cooper
2018-05-11 10:38 ` [PATCH 09/10] x86/spec_ctrl: Introduce a new `spec-ctrl=` command line argument to replace `bti=` Andrew Cooper
2018-05-11 10:38 ` [PATCH 10/10] x86/spec_ctrl: Elide MSR_SPEC_CTRL handling in idle context when possible Andrew Cooper
2018-05-14 15:48 ` Wei Liu
2018-05-16 11:27 ` Andrew Cooper
2018-05-16 11:28 ` Wei Liu
2018-05-14 9:23 ` [PATCH for-4.11 00/10] x86: Improvements and fixes to Spectre handling Wei Liu
2018-05-14 15:31 ` Jan Beulich
2018-05-15 18:25 ` Juergen Gross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180516111259.imcqqyo36of7o7ry@citrix.com \
--to=wei.liu2@citrix.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=jgross@suse.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xen.org \
--cc=zhenzhong.duan@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.