On 17/01/2018 15:27, Radim Krčmář wrote:
> 2018-01-17 08:51+1100, Paul Mackerras:
>> On Tue, Jan 16, 2018 at 03:45:11PM +0100, Paolo Bonzini wrote:
>>> On 16/01/2018 01:59, Paul Mackerras wrote:
>>>> This adds a new ioctl, KVM_PPC_GET_CPU_CHAR, that gives userspace
>>>> information about the underlying machine's level of vulnerability
>>>> to the recently announced vulnerabilities CVE-2017-5715,
>>>> CVE-2017-5753 and CVE-2017-5754, and whether the machine provides
>>>> instructions to assist software to work around the vulnerabilities.
>>>>
>>>> The ioctl returns two u64 words describing characteristics of the
>>>> CPU and required software behaviour respectively, plus two mask
>>>> words which indicate which bits have been filled in by the kernel,
>>>> for extensibility. The bit definitions are the same as for the
>>>> new H_GET_CPU_CHARACTERISTICS hypercall.
>>>>
>>>> There is also a new capability, KVM_CAP_PPC_GET_CPU_CHAR, which
>>>> indicates whether the new ioctl is available.
>>>>
>>>> Signed-off-by: Paul Mackerras <paulus@xxxxxxxxxx>
>>>> ---
>>>
>>> Thanks, looks good. Would you like this in 4.15?
>>
>> Yes please. Will you just apply the patch, or do you want me to put
>> it in a branch for you to pull?
>
> I can apply it directly.
>
> Do I understand correctly that the interface is a KVM hypercall because
^^^^^^^^^
ioctl?
> we need to forward this information into guests and other userspace can
> do nothing with the information?
There will probably be someone else that can consume it sooner or later.
sysfs or /proc/cpuinfo probably would be a better interface. But I
guess KVM is the prime consumer...
Paolo
