From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 12 Jul 2018 17:09:24 -0000 Received: from mail.linuxfoundation.org ([140.211.169.12]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fdf5k-00022x-99 for speck@linutronix.de; Thu, 12 Jul 2018 19:09:20 +0200 Date: Thu, 12 Jul 2018 19:09:11 +0200 From: Greg KH Subject: [MODERATED] Re: [patch V10 02/10] Control knobs and Documentation 2 Message-ID: <20180712170911.GC23030@kroah.com> References: <20180712141902.576562442@linutronix.de> <20180712142957.114708196@linutronix.de> MIME-Version: 1.0 In-Reply-To: <20180712142957.114708196@linutronix.de> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: speck@linutronix.de List-ID: On Thu, Jul 12, 2018 at 04:19:04PM +0200, speck for Thomas Gleixner wrote: > Subject: [patch V10 02/10] x86/kvm: Drop L1TF MSR list approach > From: Thomas Gleixner > > The VMX module parameter to control the L1D flush should become > writeable. > > The MSR list is set up at VM init per guest VCPU, but the run time > switching is based on a static key which is global. Toggling the MSR list > at run time might be feasible, but for now drop this optimization and use > the regular MSR write to make run-time switching possible. > > The default mitigation is the conditional flush anyway, so for extra > paranoid setups this will add some small overhead, but the extra code > executed is in the noise compared to the flush itself. > > Aside of that the EPT disabled case is not handled correctly at the moment > and the MSR list magic is in the way for fixing that as well. > > If it's really providing a significant advantage, then this needs to be > revisited after the code is correct and the control is writable. > > Signed-off-by: Thomas Gleixner Reviewed-by: Greg Kroah-Hartman