From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: =?utf-8?q?=3CBATV+97d4cf42843d34639730+5387+infradead=2Eorg+d?= =?utf-8?q?wmw2=40twosheds=2Esrs=2Einfradead=2Eorg=3E?= Received: from twosheds.infradead.org ([2001:8b0:10b:1:21d:7dff:fe04:dbe2]) by Galois.linutronix.de with esmtps (TLS1.2:RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from =?utf-8?q?=3CBATV+97d4cf42843d34639730+5387+infradea?= =?utf-8?q?d=2Eorg+dwmw2=40twosheds=2Esrs=2Einfradead=2Eorg=3E=29?= id 1fLseq-0002Wk-0w for speck@linutronix.de; Thu, 24 May 2018 18:00:05 +0200 Received: from [2001:8b0:10b:1::b8f] by twosheds.infradead.org with esmtpsa (Exim 4.90_1 #2 (Red Hat Linux)) id 1fLsem-0002zO-Pu for speck@linutronix.de; Thu, 24 May 2018 16:00:00 +0000 Message-ID: <1527177599.8186.147.camel@infradead.org> Subject: [MODERATED] Re: L1D-Fault KVM mitigation From: David Woodhouse In-Reply-To: References: <20180424090630.wlghmrpasn7v7wbn@suse.de> <20180424093537.GC4064@hirez.programming.kicks-ass.net> <1524563292.8691.38.camel@infradead.org> <20180424110445.GU4043@hirez.programming.kicks-ass.net> <1527068745.8186.89.camel@infradead.org> <20180524094526.GE12198@hirez.programming.kicks-ass.net> Date: Thu, 24 May 2018 16:59:59 +0100 Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit To: speck@linutronix.de List-ID: On Thu, 2018-05-24 at 08:38 -0700, speck for Linus Torvalds wrote: > > On Thu, 24 May 2018, speck for Peter Zijlstra wrote: > > > > > > > > > > It does still depend on gang scheduling (or at least forced sibling > > > idle which is a subset of that), or a singleton vCPU might *never* get > > > run. But we were going to have to do something along those lines > > > anyway. > >  > > Linus has opinions on that..  > > Let's call them "beliefs". > > I don't believe for a moment that anybody can come up with anything  > remotely reasonable for gang scheduling. > > I'm willing to entertain the possibility that some really smart person can  > solve the problem cleanly and without messing up anything else. > > I don't think it's remotely _likely_ to happen, but I'm willing to  > consider it within the realm of possibilities. > > So right now, I consider the gang scheduling a pipe dream by people who  > underestimate how hard and ugly it would be, and often have political  > reasons why they are pushing the idea (ie they want to claim it's not a  > hardware deficiency, but just a small software problem). Gang scheduling for the general case is probably a pipe dream. But there are use cases where we were actually pinning sibling vCPUs to the sibling pCPUs anyway because HT was *already* a nightmare for information leakage paranoia. In those cases, "pause the vCPU when the sibling pCPU vmexits to anything other than idle" is the necessary and mostly sufficient missing piece. Because we effectively already *have* gang scheduling to the extent that it matters.