On Mon, May 06, 2024, Rick P Edgecombe wrote: > On Mon, 2024-05-06 at 17:19 +0800, Yang, Weijiang wrote: > > On 5/2/2024 7:15 AM, Sean Christopherson wrote: > > > On Sun, Feb 18, 2024, Yang Weijiang wrote: > > > > @@ -696,6 +697,20 @@ void kvm_set_cpu_caps(void) > > > > kvm_cpu_cap_set(X86_FEATURE_INTEL_STIBP); > > > > if (boot_cpu_has(X86_FEATURE_AMD_SSBD)) > > > > kvm_cpu_cap_set(X86_FEATURE_SPEC_CTRL_SSBD); > > > > + /* > > > > + * Don't use boot_cpu_has() to check availability of IBT because > > > > the > > > > + * feature bit is cleared in boot_cpu_data when ibt=off is applied > > > > + * in host cmdline. > > > I'm not convinced this is a good reason to diverge from the host kernel. > > > E.g. PCID and many other features honor the host setup, I don't see what > > > makes IBT special. > > > > This is mostly based on our user experience and the hypothesis for cloud > > computing: When we evolve host kernels, we constantly encounter issues when > > kernel IBT is on, so we have to disable kernel IBT by adding ibt=off. But > > we need to test the CET features in VM, if we just simply refer to host > > boot cpuid data, then IBT cannot be enabled in VM which makes CET features > > incomplete in guest. > > > > I guess in cloud computing, it could run into similar dilemma. In this > > case, the tenant cannot benefit the feature just because of host SW > > problem. I know currently KVM except LA57 always honors host feature > > configurations, but in CET case, there could be divergence wrt honoring > > host configuration as long as there's no quirk for the feature. > > > > But I think the issue is still open for discussion... > > I think the back and forth I remembered was actually around SGX IBT, but I did > find this thread: > https://lore.kernel.org/lkml/20231128085025.GA3818@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/ > > Disabling kernel IBT enforcement without disabling KVM IBT seems worthwhile. But > the solution is to not to not honor host support. It is to have kernel IBT not > clear the feature flag and instead clear something else. This can be done > independently of the KVM series. Hmm, I don't disagree, but I'm not sure it makes sense to wait on that discussion to exempt IBT from the "it must be supported in the host" rule. I suspect that tweaking the handling X86_FEATURE_IBT of will open a much larger can of worms, as overhauling feature flag handling is very much on the x86 maintainers todo list. IMO, the odds of there being a hardware bug that necessitates hard disabling IBT are lower than the odds of KVM support for CET landing well before the feature stuff is sorted out.
