On Tue, Feb 20, 2018 at 03:46:57PM +0100, Paolo Bonzini wrote: > On 20/02/2018 15:08, Van De Ven, Arjan wrote: > >>>> For bonus points: What should happen to a VM that is live migrated > >>>> from one hypervisor to another, and the hypervisors have different > >>>> IBRS support? > >>> > >>> Doctor Doctor it hurts when I do this.... > >>> > >>> Migration tends to only work between HV's that are relatively > >>> homogeneous, that's nothing new... > >> > >> No Arjan, this is just wrong. Well, I suppose it's right in the present > >> tense with the IBRS mess on Skylake, but it's _not_ been true until last > >> year. > > > > I meant software wise. You're not going to live migrate from xen to > > kvm or backwards. or between very radically different versions of the > > kvm stack. > > Forwards migration to a radically newer version certainly happens. So > when the source hypervisor was too old to tell the VM about IBRS_ALL, > for example, migration should work properly and the VM should perform > well on the destination hypervisor. To add a bit more to this, Intel just updated their IA32_ARCH_CAPABILITIES_MSR to have a new bit to sample to figure out whether you need IBRS or not during runtime. See https://software.intel.com/sites/default/files/managed/1d/46/Retpoline-A-Branch-Target-Injection-Mitigation.pdf in 5.3 Virtual Machine CPU Identification: "To remedy this situation, an operating system running as a VM can query bit 2 of the IA32_ARCH_CAPABILITIES MSR, known as “RSB Alternate” (RSBA). When RSBA is set, it indicates that the VM may run on a processor vulnerable to exploits of Empty RSB conditions regardless of the processor’s DisplayFamily/DisplayModel signature, and that the operating system should deploy appropriate mitigations. Virtual machine managers (VMM) may set RSBA via MSR interception to indicate that a virtual machine might run at some time in the future on a vulnerable processor." New bit.. but not mentioned in the: 336996-Speculative-Execution-Side-Channel-Mitigations.pdf Paolo, is there some form of callback inside of the guest when KVM guests are migrated? (It exists under Xen, but I don't see it under KVM?) > > Backwards migration to older hypervisors also happens sometimes, but in > general it creates more userspace than kernel issues. > > Paolo
