Re: [PATCH 1/1] kvm/speculation: Allow KVM guests to use SSBD even if host does not

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 25 Jun 2019, Paolo Bonzini wrote:
> On 10/06/19 19:20, Alejandro Jimenez wrote:

Btw, the proper prefix is: x86/speculation: Allow guests ....

> > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> > index 03b4cc0..66ca906 100644
> > --- a/arch/x86/kernel/cpu/bugs.c
> > +++ b/arch/x86/kernel/cpu/bugs.c
> > @@ -836,6 +836,16 @@ static enum ssb_mitigation __init __ssb_select_mitigation(void)
> >  	}
> >  
> >  	/*
> > +	 * If SSBD is controlled by the SPEC_CTRL MSR, then set the proper
> > +	 * bit in the mask to allow guests to use the mitigation even in the
> > +	 * case where the host does not enable it.
> > +	 */
> > +	if (static_cpu_has(X86_FEATURE_SPEC_CTRL_SSBD) ||
> > +	    static_cpu_has(X86_FEATURE_AMD_SSBD)) {
> > +		x86_spec_ctrl_mask |= SPEC_CTRL_SSBD;

Well, yes. But that also allows the guest to turn off SSBD if the host has
it disabled globally. So this needs to be conditional depending on the host
mode. It affects two places:

  1) If the host has it globally disabled then the mask needs to be clear.

  2) If the host has it specifically disabled for the VCPU thread, then it
     shouldn't be allowed to be cleared by the guest either.

Thanks,

	tglx






[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux