From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pbonzini@redhat.com>
Received: from mail.linutronix.de (146.0.238.70:993) by
  crypto-ml.lab.linutronix.de with IMAP4-SSL for <speck@linutronix.de>; 31 Jul
  2018 08:22:17 -0000
Received: from mx3-rdu2.redhat.com ([66.187.233.73] helo=mx1.redhat.com)
	by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256)
	(Exim 4.80)
	(envelope-from <pbonzini@redhat.com>)
	id 1fkPv3-0007al-Cr
	for speck@linutronix.de; Tue, 31 Jul 2018 10:22:13 +0200
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
 [10.11.54.6])	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))	(No
 client certificate requested)	by mx1.redhat.com (Postfix) with ESMTPS id
 5C3F940241C9	for <speck@linutronix.de>; Tue, 31 Jul 2018 08:22:07 +0000 (UTC)
Received: from [10.36.117.153] (ovpn-117-153.ams2.redhat.com [10.36.117.153])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 8BB9E215670D
	for <speck@linutronix.de>; Tue, 31 Jul 2018 08:22:06 +0000 (UTC)
Subject: [MODERATED] Re: [PATCH v2 2/4] L1TF KVM ARCH_CAPABILITIES #2
References: <20180725143100.16309-1-pbonzini@redhat.com>
 <20180725143100.16309-3-pbonzini@redhat.com>
 <alpine.DEB.2.21.1807302321240.1725@nanos.tec.linutronix.de>
From: Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <0483e08d-519b-ab68-11b6-c324ba88e8c0@redhat.com>
Date: Tue, 31 Jul 2018 10:22:04 +0200
MIME-Version: 1.0
In-Reply-To: <alpine.DEB.2.21.1807302321240.1725@nanos.tec.linutronix.de>
Content-Type: multipart/mixed; boundary="gxwwAPedUHf3tOxfBEtec7KB256vw8oKV"; protected-headers="v1"
To: speck@linutronix.de
List-ID: <speck.linutronix.de>

This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156)
--gxwwAPedUHf3tOxfBEtec7KB256vw8oKV
Content-Type: text/plain; charset=windows-1252
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

On 30/07/2018 23:27, speck for Thomas Gleixner wrote:
> On Wed, 25 Jul 2018, speck for Paolo Bonzini wrote:
>=20
>> From: Paolo Bonzini <pbonzini@redhat.com>
>> Subject: [PATCH v2 2/4] x86: SMT doesn't matter for VMX L1TF if EPT di=
sabled or
>>  mitigation disabled
>>
>> If EPT is disabled, L1TF cannot be exploited even across threads on th=
e
>> same core, and SMT is irrelevant.
>=20
> Ack.
>=20
>> If mitigation is completely disabled, L1TF can be exploited even withi=
n a
>> single thread, so SMT is again irrelevant.
>=20
> I'm not sure about this one. You might decide that the risk of not flus=
hing
> is acceptable if SMT is off, but then if SMT is enabled the whole thing=

> might be less acceptable. So keeping that information in the sysfs file=

> makes some sense. No strong opionion though.

Fair enough, I'll change it to still do "VMX: SMT disabled, L1D
vulnerable".  What do you think actually about switching the order to
"VMX: xxx, SMT yyy"?

Paolo


--gxwwAPedUHf3tOxfBEtec7KB256vw8oKV--