From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.linutronix.de (146.0.238.70:993) by crypto-ml.lab.linutronix.de with IMAP4-SSL for ; 13 Jul 2018 16:56:17 -0000 Received: from smtp.eu.citrix.com ([185.25.65.24]) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fe1Md-0003Ql-AK for speck@linutronix.de; Fri, 13 Jul 2018 18:56:16 +0200 Subject: [MODERATED] Re: [patch V10 00/10] Control knobs and Documentation 0 References: <20180712141902.576562442@linutronix.de> <6e2b04bb-4786-ae48-1fe8-e1bbdbcd8b92@redhat.com> From: Andrew Cooper Message-ID: <267cd39e-263e-e291-b72f-630ae121eaf4@citrix.com> Date: Fri, 13 Jul 2018 17:56:07 +0100 MIME-Version: 1.0 In-Reply-To: <6e2b04bb-4786-ae48-1fe8-e1bbdbcd8b92@redhat.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Content-Language: en-GB To: speck@linutronix.de List-ID: On 13/07/18 17:22, speck for Paolo Bonzini wrote: > On 12/07/2018 16:19, speck for Thomas Gleixner wrote: >> The following series provides the following changes: >> >> - Fix EPT=off handling so it avoids flushing >> >> - Expose proper VMX mitigation information in sysfs >> >> - Drops the MSR list mechanism for flush 'always' to prepare for runtime >> control. The default flush mechanism is conditional anyway and the MSR >> list is set up at guest init time, which is nasty to run time switch >> especially because the static key is a global control which can be >> flipped by an update. >> >> - Make the flush always/conditional static key based. >> >> - Serialize the kvm parameter setter function >> >> - Enable runtime control for the kvm parameter >> >> - Add the l1tf command line option. It's not run time controllable as it >> does not make sense to have 3 knobs at runtime. For the command line >> the combo knob setting the default is convenient >> >> - Documentation update >> >> This takes the review comments into account as much as still applicable. >> >> Thanks to Jiri for testing the lot and debugging and fixing my brainfarts! >> >> Git bundle follows in separate mail. > Another case on top of this series... > > ---------------------- 8< -------------------- > From a0f605fed99cf1623f8716b22c11113653c258a3 Mon Sep 17 00:00:00 2001 > From: Paolo Bonzini > Date: Fri, 13 Jul 2018 18:15:29 +0200 > Subject: [PATCH] kvm: vmx: disable L1D flush when running as a nested > hypervisor > > VMENTER operations from the nested hypervisor into the nested guest > will always be processed by the bare metal hypervisor. Therefore, > when running as a nested hypervisor, doing L1D cache flushes on vmentry > will result in twice the work and twice the slowdown, for no benefit. Only if your outer hypervisor says so by setting MSR_ARCH_CAPS.VMENTRY_NO In all other circumstances, it is not safe to make this assumption. ~Andrew