From: Sean Christopherson <seanjc@google.com>
To: David Kaplan <David.Kaplan@amd.com>
Cc: Amit Shah <amit@kernel.org>, Jim Mattson <jmattson@google.com>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"x86@kernel.org" <x86@kernel.org>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"mingo@redhat.com" <mingo@redhat.com>,
"bp@alien8.de" <bp@alien8.de>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"hpa@zytor.com" <hpa@zytor.com>,
Kim Phillips <kim.phillips@amd.com>
Subject: Re: [PATCH v2] KVM: SVM: let alternatives handle the cases when RSB filling is required
Date: Mon, 8 Jul 2024 11:59:45 -0700 [thread overview]
Message-ID: <Zow3IddrQoCTgzVS@google.com> (raw)
In-Reply-To: <DS7PR12MB57665C3E8A7F0AF59E034B3C94D32@DS7PR12MB5766.namprd12.prod.outlook.com>
On Mon, Jul 01, 2024, David Kaplan wrote:
> > > > /*
> > > > * AMD's AutoIBRS is equivalent to Intel's eIBRS - use the
> > > > Intel feature
> > > > * flag and protect from vendor-specific bugs via the
> > > > whitelist.
> > > > *
> > > > * Don't use AutoIBRS when SNP is enabled because it degrades
> > > > host
> > > > * userspace indirect branch performance.
> > > > */
> > > > if ((x86_arch_cap_msr & ARCH_CAP_IBRS_ALL) ||
> > > > (cpu_has(c, X86_FEATURE_AUTOIBRS) &&
> > > > !cpu_feature_enabled(X86_FEATURE_SEV_SNP))) {
> > > > setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED);
> > > > if (!cpu_matches(cpu_vuln_whitelist, NO_EIBRS_PBRSB)
> > > > &&
> > > > !(x86_arch_cap_msr & ARCH_CAP_PBRSB_NO))
> > > > setup_force_cpu_bug(X86_BUG_EIBRS_PBRSB);
> > > > }
> > >
> > > Families 0FH through 12H don't have EIBRS or AutoIBRS, so there's no
> > > cpu_vuln_whitelist[] lookup. Hence, no need to set the NO_EIBRS_PBRSB
> > > bit, even if it is accurate.
> >
> > The commit that adds the RSB_VMEXIT_LITE feature flag does describe the
> > bug in a good amount of detail:
> >
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i
> > d=2b1299322016731d56807aa49254a5ea3080b6b3
> >
> > I've not seen any indication this is required for AMD CPUs.
> >
> > David, do you agree we don't need this?
> >
>
> It's not required, as AMD CPUs don't have the PBRSB issue with AutoIBRS.
> Although I think Sean was talking about being extra paranoid
Ya. I'm asking if there's a reason not to tack on X86_FEATURE_RSB_VMEXIT_LITE,
beyond it effectively being dead code. There's no runtime cost, and so assuming
it doesn't get spuriously enabled, I don't see a downside.
On the upside, if some SVM-capable CPU comes along that needs the lite version,
then fixing things for that CPU won't need a corresponding KVM change, just a
bugs/caps update.
next prev parent reply other threads:[~2024-07-08 18:59 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-26 7:37 [PATCH v2] KVM: SVM: let alternatives handle the cases when RSB filling is required Amit Shah
2024-06-28 16:09 ` Sean Christopherson
2024-06-28 18:48 ` Jim Mattson
2024-07-01 12:52 ` Amit Shah
2024-07-01 13:40 ` Kaplan, David
2024-07-08 18:59 ` Sean Christopherson [this message]
2024-07-15 8:35 ` Amit Shah
2024-07-16 19:10 ` Sean Christopherson
2024-07-22 11:55 ` Amit Shah
2024-09-10 17:06 ` Sean Christopherson
2024-06-29 10:28 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zow3IddrQoCTgzVS@google.com \
--to=seanjc@google.com \
--cc=David.Kaplan@amd.com \
--cc=amit@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=kim.phillips@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.