From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <prvs=678dd82be=Andrew.Cooper3@citrix.com>
Received: from smtp.ctxuk.citrix.com ([185.25.65.24] helo=SMTP.EU.CITRIX.COM)
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <prvs=678dd82be=Andrew.Cooper3@citrix.com>)
	id 1fN47G-00064k-Vj
	for speck@linutronix.de; Mon, 28 May 2018 00:26:19 +0200
Subject: [MODERATED] Re: L1D-Fault KVM mitigation
References: <1524563292.8691.38.camel@infradead.org>
 <20180424110445.GU4043@hirez.programming.kicks-ass.net>
 <1527068745.8186.89.camel@infradead.org>
 <20180524094526.GE12198@hirez.programming.kicks-ass.net>
 <alpine.DEB.2.21.1805241201510.1577@nanos.tec.linutronix.de>
 <alpine.DEB.2.21.1805241729520.1577@nanos.tec.linutronix.de>
 <d2029ba2-bdad-5bb9-596d-f22a9bfa5b9a@linux.intel.com>
 <alpine.DEB.2.21.1805251152400.1581@nanos.tec.linutronix.de>
 <20180526204319.GB4486@tassilo.jf.intel.com>
 <alpine.LFD.2.21.999.1805261345410.7864@i7.lan>
 <20180527182550.GC4486@tassilo.jf.intel.com>
 <alpine.LFD.2.21.999.1805271131170.18753@i7.lan>
 <a42a4c62-9d2f-b9a2-a58c-0e1aed3d5fe1@citrix.com>
 <alpine.LFD.2.21.999.1805271218550.18753@i7.lan>
 <alpine.DEB.2.21.1805272141000.1585@nanos.tec.linutronix.de>
From: Andrew Cooper <andrew.cooper3@citrix.com>
Message-ID: <3e721f93-bf15-43c4-20e5-de70153287c8@citrix.com>
Date: Sun, 27 May 2018 23:26:07 +0100
MIME-Version: 1.0
In-Reply-To: <alpine.DEB.2.21.1805272141000.1585@nanos.tec.linutronix.de>
Content-Type: multipart/mixed; boundary="1fikL7ARgFmfEXOCBSkSx3opC5kgwezJ0"; protected-headers="v1"
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

--1fikL7ARgFmfEXOCBSkSx3opC5kgwezJ0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-GB

On 27/05/2018 20:41, speck for Thomas Gleixner wrote:
> On Sun, 27 May 2018, speck for Linus Torvalds wrote:
>> On Sun, 27 May 2018, speck for Andrew Cooper wrote:
>>> Xen doesn't ever vcpus enter idle themselves.=C2=A0 We trap HLT/etc a=
nd will
>>> either schedule another VM, or choose to idle the host if there reall=
y
>>> is nothing else to do.
>> Right. But then there is never any such thing as "guest idle". There i=
s=20
>> only "host idle" or "host is doing something else entirely".
>>
>> You _could_ have a "idle polling" mode which is separate from the regu=
lar=20
>> host idle loop, I guess.
>>
>>> I've never come across a plausible usecase for letting non-root mode
>>> idle the cores into a low power state.=C2=A0 They simply aren't in a =
position
>>> to know whether other work needs doing or not.
>> Afaik, it mainly makes sense when there is no actual host OS at all, j=
ust=20
>> the bare-metal hypervisor used for partitioning resources, not schedul=
ing=20
>> them.
> Right. That's what the Jailhouse hypervisor does. It's a zero vmexit se=
tup.

Jailhouse also has static assignment of resources, which means they can
arrange never to have two different VMs on the same sibling hyperthreads.=


They still need to disable hyperthreads or find a working
synchronisation algorithm for entry/exit, but they don't have the added
gang scheduling problem of ensuring that two hyperthreads are always
occupied by vcpus of the same VM.

FWIW, my gut feeling at the moment is that the overhead of
synchronisation will outweigh disabling hyperthreading, but I'd like to
be proved wrong.=C2=A0 Others in the Xen community are looking to extend
shadow paging to be as performant as EPT is currently (because at that
point, the hypervisor control every PTE accessible to the pagewalk), and
again, I'd like to see this succeed, but my gut feeling is that it wont.

~Andrew


--1fikL7ARgFmfEXOCBSkSx3opC5kgwezJ0--