From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Van De Ven, Arjan" <arjan.van.de.ven@intel.com>,
"valdis.kletnieks@vt.edu" <valdis.kletnieks@vt.edu>,
Jon Masters <jcm@jonmasters.org>,
David Woodhouse <dwmw2@infradead.org>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"x86@kernel.org" <x86@kernel.org>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"torvalds@linux-foundation.org" <torvalds@linux-foundation.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Hansen, Dave" <dave.hansen@intel.com>,
Ingo Molnar <mingo@kernel.org>
Subject: Is: RSB Alternative bit in IA32_ARCH_CAPABILITIES Was:Re: [PATCH 2/2] x86/speculation: Support "Enhanced IBRS" on future CPUs
Date: Fri, 23 Feb 2018 13:12:37 -0500 [thread overview]
Message-ID: <20180223181237.GA19321@char.us.oracle.com> (raw)
In-Reply-To: <2159cdc0-c30d-3bf8-1c25-74bff46a1e91@redhat.com>
On Tue, Feb 20, 2018 at 03:46:57PM +0100, Paolo Bonzini wrote:
> On 20/02/2018 15:08, Van De Ven, Arjan wrote:
> >>>> For bonus points: What should happen to a VM that is live migrated
> >>>> from one hypervisor to another, and the hypervisors have different
> >>>> IBRS support?
> >>>
> >>> Doctor Doctor it hurts when I do this....
> >>>
> >>> Migration tends to only work between HV's that are relatively
> >>> homogeneous, that's nothing new...
> >>
> >> No Arjan, this is just wrong. Well, I suppose it's right in the present
> >> tense with the IBRS mess on Skylake, but it's _not_ been true until last
> >> year.
> >
> > I meant software wise. You're not going to live migrate from xen to
> > kvm or backwards. or between very radically different versions of the
> > kvm stack.
>
> Forwards migration to a radically newer version certainly happens. So
> when the source hypervisor was too old to tell the VM about IBRS_ALL,
> for example, migration should work properly and the VM should perform
> well on the destination hypervisor.
To add a bit more to this, Intel just updated their IA32_ARCH_CAPABILITIES_MSR
to have a new bit to sample to figure out whether you need IBRS or not
during runtime.
See https://software.intel.com/sites/default/files/managed/1d/46/Retpoline-A-Branch-Target-Injection-Mitigation.pdf
in 5.3
Virtual Machine CPU Identification:
"To remedy this situation, an operating system running as a VM can query bit 2 of the IA32_ARCH_CAPABILITIES MSR, known as “RSB Alternate” (RSBA). When RSBA is set, it indicates that the VM may run on a processor vulnerable to exploits of Empty RSB conditions regardless of the processor’s DisplayFamily/DisplayModel signature, and that the operating system should deploy appropriate mitigations. Virtual machine managers (VMM) may set RSBA via MSR interception to indicate that a virtual machine might run at some time in the future on a vulnerable processor."
New bit.. but not mentioned in the:
336996-Speculative-Execution-Side-Channel-Mitigations.pdf
Paolo, is there some form of callback inside of the guest when KVM guests are migrated?
(It exists under Xen, but I don't see it under KVM?)
>
> Backwards migration to older hypervisors also happens sometimes, but in
> general it creates more userspace than kernel issues.
>
> Paolo
next prev parent reply other threads:[~2018-02-23 18:13 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-12 15:27 [PATCH 1/2] x86/speculation: Correct Speculation Control microcode blacklist again David Woodhouse
2018-02-12 15:27 ` [PATCH 2/2] x86/speculation: Support "Enhanced IBRS" on future CPUs David Woodhouse
2018-02-13 7:47 ` Ingo Molnar
2018-02-13 8:12 ` David Woodhouse
2018-02-13 8:02 ` Paolo Bonzini
2018-02-13 8:15 ` David Woodhouse
2018-02-13 9:58 ` Paolo Bonzini
2018-02-13 10:21 ` David Woodhouse
2018-02-13 10:36 ` David Woodhouse
2018-02-13 10:41 ` Paolo Bonzini
2018-02-13 10:53 ` David Woodhouse
2018-02-13 10:55 ` Paolo Bonzini
2018-02-16 9:58 ` David Woodhouse
2018-02-16 10:08 ` Paolo Bonzini
2018-02-16 10:21 ` David Woodhouse
2018-02-16 11:04 ` Paolo Bonzini
2018-02-16 12:10 ` David Woodhouse
2018-02-19 23:37 ` Jon Masters
2018-02-19 23:42 ` Van De Ven, Arjan
2018-02-19 23:53 ` valdis.kletnieks
2018-02-20 0:00 ` Van De Ven, Arjan
2018-02-20 0:13 ` Alan Cox
2018-02-20 0:43 ` Linus Torvalds
2018-02-20 1:03 ` Alan Cox
2018-02-20 1:08 ` Van De Ven, Arjan
2018-02-20 8:52 ` Thomas Gleixner
2018-02-20 11:43 ` Paolo Bonzini
2018-02-20 14:08 ` Van De Ven, Arjan
2018-02-20 14:46 ` Paolo Bonzini
2018-02-20 14:59 ` Van De Ven, Arjan
2018-02-20 15:09 ` Paolo Bonzini
2018-02-23 18:12 ` Konrad Rzeszutek Wilk [this message]
2018-02-23 18:18 ` RSB Alternative bit in IA32_ARCH_CAPABILITIES Was:Re: " Van De Ven, Arjan
2018-02-15 15:21 ` Pavel Machek
2018-02-13 8:57 ` [tip:x86/pti] x86/speculation: Correct Speculation Control microcode blacklist again tip-bot for David Woodhouse
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180223181237.GA19321@char.us.oracle.com \
--to=konrad.wilk@oracle.com \
--cc=arjan.van.de.ven@intel.com \
--cc=dave.hansen@intel.com \
--cc=dwmw2@infradead.org \
--cc=jcm@jonmasters.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=pbonzini@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=valdis.kletnieks@vt.edu \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox