----- dwmw2@xxxxxxxxxxxxx wrote: > On Sun, 2018-01-28 at 15:21 -0500, Konrad Rzeszutek Wilk wrote: > > >To avoid the overhead of atomically saving and restoring the > MSR_IA32_SPEC_CTRL > > >for guests that do not actually use the MSR, only > add_atomic_switch_msr when a > > >non-zero is written to it. > > > > > > We tried this and found that it was about 3% slower that doing the > > old way of rdmsr and wrmsr. > > > > But that was also with the host doing IBRS as well. > > The common case will be that neither host nor guest are doing IBRS. > Until the guest touches the MSR we do absolutely *nothing* with it, > which is definitely the fastest option. Windows use IBRS and Microsoft don't have any plans to switch to retpoline. Running a Windows guest should be a pretty common use-case no? In addition, your handle of the first WRMSR intercept could be different. It could signal you to start doing the following: 1. Disable intercept on SPEC_CTRL MSR. 2. On VMEntry, Write vCPU SPEC_CTRL value into physical MSR. 3. On VMExit, read physical MSR into vCPU SPEC_CTRL value. (And if IBRS is used at host, also set physical SPEC_CTRL MSR here to 1) That way, you will both have fastest option as long as guest don't use IBRS and also won't have the 3% performance hit compared to Konrad's proposal. Am I missing something? -Liran
