From: Vitaly Kuznetsov <vkuznets@redhat.com>
To: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-hyperv@vger.kernel.org,
x86@kernel.org, "Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Jim Mattson" <jmattson@google.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ingo Molnar" <mingo@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
"Peter Zijlstra (Intel)" <peterz@infradead.org>,
"Michael Kelley" <mikelley@microsoft.com>,
"Roman Kagan" <rkagan@virtuozzo.com>
Subject: [PATCH 0/3] KVM: x86: hyper-v: make L2 Hyper-V 2019 on KVM guests see MD_CLEAR
Date: Mon, 16 Sep 2019 18:22:55 +0200 [thread overview]
Message-ID: <20190916162258.6528-1-vkuznets@redhat.com> (raw)
[The series is KVM specific but the first patch of the series likely requires
someone else's ACK. hyperv-tlfs.h gets a small addition too.]
It was discovered that L2 guests on Hyper-V 2019 on KVM don't see MD_CLEAR
bit (and thus think they're MDS vulnerable) even when it is present on the
host. Turns out, Hyper-V is filtering it out because it is not sure the
topology L0 is exposing is trustworthy and generally it is not. In some
specific cases (e.g. when SMT is unsupported or forcesully disabled) it is
and we can tell this to userspace hoping that it'll pass this info to L1.
See PATCH2 of the series for additional details.
The series can be tested with QEMU-4.1+ and 'hv-passthrough' CPU flag.
Vitaly Kuznetsov (3):
cpu/SMT: create and export cpu_smt_possible()
KVM: x86: hyper-v: set NoNonArchitecturalCoreSharing CPUID bit when
SMT is impossible
KVM: selftests: hyperv_cpuid: add check for
NoNonArchitecturalCoreSharing bit
arch/x86/include/asm/hyperv-tlfs.h | 7 +++++
arch/x86/kvm/hyperv.c | 4 ++-
include/linux/cpu.h | 2 ++
kernel/cpu.c | 11 ++++++--
.../selftests/kvm/x86_64/hyperv_cpuid.c | 27 +++++++++++++++++++
5 files changed, 48 insertions(+), 3 deletions(-)
--
2.20.1
next reply other threads:[~2019-09-16 16:23 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-16 16:22 Vitaly Kuznetsov [this message]
2019-09-16 16:22 ` [PATCH 1/3] cpu/SMT: create and export cpu_smt_possible() Vitaly Kuznetsov
2019-09-16 17:16 ` Jim Mattson
2019-09-17 14:07 ` Paolo Bonzini
2019-09-17 15:11 ` Vitaly Kuznetsov
2019-09-16 16:22 ` [PATCH 2/3] KVM: x86: hyper-v: set NoNonArchitecturalCoreSharing CPUID bit when SMT is impossible Vitaly Kuznetsov
2019-09-16 16:34 ` Jim Mattson
2019-09-17 9:33 ` Vitaly Kuznetsov
2019-09-17 14:08 ` Paolo Bonzini
2019-09-23 15:37 ` Peter Zijlstra
2019-09-23 16:48 ` Paolo Bonzini
2019-09-16 16:22 ` [PATCH 3/3] KVM: selftests: hyperv_cpuid: add check for NoNonArchitecturalCoreSharing bit Vitaly Kuznetsov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190916162258.6528-1-vkuznets@redhat.com \
--to=vkuznets@redhat.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mikelley@microsoft.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rkagan@virtuozzo.com \
--cc=rkrcmar@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox