On 16/02/2018 11:21, David Woodhouse wrote: > Why? With IBRS_ALL the guest *never* gets to affect the actual hardware > MSR, which is always on. The MSR is purely an emulated no-op. Why does > that affect migration? Because even if the host has IBRS_ALL, as long as you want to migrate to a system without IBRS_ALL the guest will likely not have it. You can fake IBRS_ALL on the older system after migration, and forcing the guest to always run with IBRS=1 even when in user mode; that is slow. Or... > Even if the guest doesn't have/support IBRS_ALL, and is frobbing the > (now emulated) MSR on every kernel entry/exit, that's *still* going to > be a metric shitload faster than what it *thought* it was doing. ... you are making every kernel entry/exit 3 times slower by adding two KVM exits (both hypervisor traps and syscalls are in the 1000-1500 clock cycles ballpark). That cannot be fast at all. Paolo
