Re: [PATCH RFC 0/7] CPU feature evaluation after microcode late loading

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Mihai Carabas <mihai.carabas@oracle.com>
Cc: linux-kernel@vger.kernel.org, tglx@linutronix.de,
	mingo@redhat.com, bp@alien8.de, x86@kernel.org,
	boris.ostrovsky@oracle.com, konrad.wilk@oracle.com
Subject: Re: [PATCH RFC 0/7] CPU feature evaluation after microcode late loading
Date: Thu, 2 Jul 2020 11:42:16 -0700	[thread overview]
Message-ID: <20200702184216.GG3575@linux.intel.com> (raw)
In-Reply-To: <1593703107-8852-1-git-send-email-mihai.carabas@oracle.com>

On Thu, Jul 02, 2020 at 06:18:20PM +0300, Mihai Carabas wrote:
> This RFC patch set aims to provide the ability to re-evaluate all CPU
> features and take proper bug mitigation in place after a microcode
> late loading.
> 
> This was debated last year and this patch set implements a subset of
> point #2 from Thomas Gleixner's idea:
> https://lore.kernel.org/lkml/alpine.DEB.2.21.1909062237580.1902@nanos.tec.linutronix.de/
> 
> Point #1 was sent as an RFC some time ago
> (https://lkml.org/lkml/2020/4/27/214), but after a discussion with CPU
> vendors (Intel), the metadata file is not easily buildable at this
> moment so we could not advance with it more. Without #1, I know it is
> unlikely to embrace the feature re-evaluation.
> 
> Patches from 1 to 4 bring in changes for functions/variables in order to be
> able to use them at runtime.
> 
> Patch 5 re-evaluates CPU features, patch 6 is re-probing bugs and patch 7
> deals with speculation blacklist CPUs/microcode versions.

This misses critical functionality in KVM.  KVM snapshots boot_cpu_data at
module load time (and does further modifications) for ongoing reuse in
filtering what features are advertised to the userspace VMM.  See
kvm_set_cpu_caps() for details.

Even if you found a way to reference kvm_cpu_caps, that still leaves the
problem of existing guests having been created with stale data.  Oh, and
KVM also needs to properly handle MSR_IA32_TSX_CTRL.

Rather than forcefully tearing down guests, what about adding a way to block
updates, e.g. KVM would block updates on module load and unblock on module
exit. That puts the onus of coordinating updates on the orchestration layer
where it belongs.

KVM aside, it wouldn't surprise in the least if there is other code in the
kernel that captures bug state locally.  This series feels like it needs a
fair bit of infrastructure to either detect conflicting usage at build time
or actively prevent consuming stale state at runtime.

There's also the problem of the flags being exposed to userspace via
/proc/cpuinfo, though I suppose that's userspace's problem to not shoot
itself in the foot.

next prev parent reply	other threads:[~2020-07-02 18:42 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-02 15:18 [PATCH RFC 0/7] CPU feature evaluation after microcode late loading Mihai Carabas
2020-07-02 15:18 ` [PATCH RFC 1/7] x86: cpu: bugs.c: remove init attribute from functions and variables Mihai Carabas
2020-07-02 15:18 ` [PATCH RFC 2/7] x86: cpu: modify boot_command_line to saved_command_line Mihai Carabas
2020-07-02 15:18 ` [PATCH RFC 3/7] x86: kernel: cpu: bugs.c: modify static_cpu_has to boot_cpu_has Mihai Carabas
2020-07-06 14:46   ` Thomas Gleixner
2020-07-02 15:18 ` [PATCH RFC 4/7] x86: cpu: bugs.c: update cpu_smt_disable to be callable at runtime Mihai Carabas
2020-07-02 15:18 ` [PATCH RFC 5/7] x86: microcode: late loading feature and bug evaluation Mihai Carabas
2020-07-02 15:18 ` [PATCH RFC 6/7] x86: cpu: bugs.c: reprobe bugs at runtime Mihai Carabas
2020-07-02 15:18 ` [PATCH RFC 7/7] x86: cpu: update blacklist spec features for late loading Mihai Carabas
2020-07-02 18:42 ` Sean Christopherson [this message]
2020-07-06 15:15   ` [PATCH RFC 0/7] CPU feature evaluation after microcode " Thomas Gleixner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200702184216.GG3575@linux.intel.com \
    --to=sean.j.christopherson@intel.com \
    --cc=boris.ostrovsky@oracle.com \
    --cc=bp@alien8.de \
    --cc=konrad.wilk@oracle.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mihai.carabas@oracle.com \
    --cc=mingo@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox