From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 47F7E1A2392 for ; Fri, 7 Feb 2025 18:17:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738952261; cv=none; b=iAjDdVfk/krt5NeEueBH8Md5k1hVEzTlkTezX9iO0bjTJaJwQmGz3uPVVK+CJ11fqZgTK+TfuTQKCY57bewKEKg57Ti59OagGw94V85pgWZAaBjO65rJjr4HClGNOSzrZjmLtDap+7+zZy96xpR5FGe3pmpqyrWZpKBeFfTiHQU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738952261; c=relaxed/simple; bh=YhvnDYR7qidyZ65s/d8Jwkc5DnwWWVwS1PPCZ3EY69U=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=Sw5gpfvgH9nD5AwRo8i/z3A8TXwr/Hxv/pDMQiHso20RbWiYiHBm5AbgRWgXuxr9rPjgFf5HFpoLKELIdSda97fOs+tXOFc/XqsgAG32aIa4Cea6V8VbZ35MMKHrzUatIqjB/yk5UMizRpqrGLDPxbzUVtm+nXSm2OUGCk8U8lE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=gPucrDyP; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="gPucrDyP" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A7976C4CED1; Fri, 7 Feb 2025 18:17:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1738952260; bh=YhvnDYR7qidyZ65s/d8Jwkc5DnwWWVwS1PPCZ3EY69U=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=gPucrDyPZcN1CcF3AWhw3RFQsw3W6CRfcAOtMI9uFEr6/gMSUskb716fPRXw8IqmN xdbRWcc6XnqfL7bWDxuwKFcRgeCJzzteLaFJXDUnvBVZWEFF8FJuuZBPR5BvgjfvIB Ago7lvhT6ih9dmT23lszgNvVtxlPfeXuijqiXXh+h7N1gw9KWL5/MWvPLB5EGxFXsa 2pkn1TElv4It7Bf0RsFaMyYm4GnKh5Dc3pXXtDAU++Z9FeajLRgJjIdbk8U8dB6KA1 PUu5rxJLuCW+SztMbze8rV93IPchSH4YCf2vB4Qe8TRo2KrecFDf/d+k3IdtT7aS8A KdhRtUBbNo2rg== Received: from sofa.misterjones.org ([185.219.108.64] helo=goblin-girl.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tgSv4-001jsU-9V; Fri, 07 Feb 2025 18:17:38 +0000 Date: Fri, 07 Feb 2025 18:17:37 +0000 Message-ID: <86cyftty9q.wl-maz@kernel.org> From: Marc Zyngier To: Catalin Marinas Cc: Shameer Kolothum , kvmarm@lists.linux.dev, oliver.upton@linux.dev, will@kernel.org, mark.rutland@arm.com, cohuck@redhat.com, eric.auger@redhat.com, sebott@redhat.com, yuzenghui@huawei.com, wangzhou1@hisilicon.com, jiangkunkun@huawei.com, jonathan.cameron@huawei.com, anthony.jebson@huawei.com, linux-arm-kernel@lists.infradead.org, linuxarm@huawei.com Subject: Re: [PATCH v6 4/4] arm64: paravirt: Enable errata based on implementation CPUs In-Reply-To: References: <20250205132222.55816-1-shameerali.kolothum.thodi@huawei.com> <20250205132222.55816-5-shameerali.kolothum.thodi@huawei.com> <86h655u8r3.wl-maz@kernel.org> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/29.4 (aarch64-unknown-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: kvmarm@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: catalin.marinas@arm.com, shameerali.kolothum.thodi@huawei.com, kvmarm@lists.linux.dev, oliver.upton@linux.dev, will@kernel.org, mark.rutland@arm.com, cohuck@redhat.com, eric.auger@redhat.com, sebott@redhat.com, yuzenghui@huawei.com, wangzhou1@hisilicon.com, jiangkunkun@huawei.com, jonathan.cameron@huawei.com, anthony.jebson@huawei.com, linux-arm-kernel@lists.infradead.org, linuxarm@huawei.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Fri, 07 Feb 2025 18:10:08 +0000, Catalin Marinas wrote: >=20 > On Fri, Feb 07, 2025 at 02:31:12PM +0000, Marc Zyngier wrote: > > On Fri, 07 Feb 2025 14:08:44 +0000, > > Catalin Marinas wrote: > > > On Wed, Feb 05, 2025 at 01:22:22PM +0000, Shameer Kolothum wrote: > > > > static inline bool is_midr_in_range(struct midr_range const *range) > > > > { > > > > - return midr_is_cpu_model_range(read_cpuid_id(), range->model, > > > > - range->rv_min, range->rv_max); > > > > + int i; > > > > + > > > > + if (!target_impl_cpu_num) > > > > + return midr_is_cpu_model_range(read_cpuid_id(), range->model, > > > > + range->rv_min, range->rv_max); > > > > + > > > > + for (i =3D 0; i < target_impl_cpu_num; i++) { > > > > + if (midr_is_cpu_model_range(target_impl_cpus[i].midr, > > > > + range->model, > > > > + range->rv_min, range->rv_max)) > > > > + return true; > > > > + } > > > > + return false; > > > > } > > >=20 > > > It's a interesting approach but how does this work in practice if an > > > erratum requires a firmware counterpart? Do we expect firmwares on all > > > machines involved to have workarounds for the other machines? Or is K= VM > > > going to intercept those SMCs and pretend the EL3 counterpart is ther= e? > >=20 > > KVM already traps SMCs, and could do something on behalf of the guest > > (such as pretending that the mitigation has happened if not on the > > correct host) *IF* the mitigation is architected (=C3=A0 la WA{1,2,3}). >=20 > That's the main thing I had in mind. I don't think we have any other > errata that requires firmware run-time discovery and interaction, though > you never know when we'll add new one. >=20 > > If it is implementation specific, then we can immediately stop > > pretending that a guest running on those systems can be migrated. >=20 > Makes sense. >=20 > > The only thing it helps a bit is big-little. >=20 > It does help a bit or, at least, we have some code for handling these > variations that cab be extended. However, with this patchset, the host > only probes the availability of the workarounds on the SoC it booted. It > has no idea about the extra MIDRs the VMM picks and what the other > machines in the clouds support. But that's the contract. The VMM has to be omniscient and know exactly what it can safely migrate to. It literally says "trust me, I know what I'm doing". > Anyway, let's hope the VMs only migrate between platforms that are > equally broken. No shortage of that, I'm afraid! :) M. --=20 Without deviation from the norm, progress is not possible.