From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Jan Beulich" <JBeulich@suse.com>
Subject: Re: [PATCH] VMX: XSA-60 workaround
Date: Wed, 14 Aug 2013 10:02:31 +0100
Message-ID: <520B63C702000078000EBC78@nat28.tlf.novell.com>
References: <520A7CA202000078000EB9DB@nat28.tlf.novell.com>
	<520A636C.9030903@citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta14.messagelabs.com ([193.109.254.103])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <JBeulich@suse.com>) id 1V9WyV-00053D-UR
	for xen-devel@lists.xenproject.org; Wed, 14 Aug 2013 09:02:40 +0000
In-Reply-To: <520A636C.9030903@citrix.com>
Content-Disposition: inline
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: xen-devel <xen-devel@lists.xenproject.org>, Keir Fraser <keir@xen.org>, Eddie Dong <eddie.dong@intel.com>, Jun Nakajima <jun.nakajima@intel.com>
List-Id: xen-devel@lists.xenproject.org

>>> On 13.08.13 at 18:48, Andrew Cooper <andrew.cooper3@citrix.com> wrote:
> On 13/08/13 17:36, Jan Beulich wrote:
>> Considering that there's still no real progress towards a resolution
>> for XSA-60, I'd like to propose turning off the probelamtic code by
>> default, allowing it to be turned back on via command line option.
>>
>> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> 
> In principle, ok, but can I suggest that this initially goes in with a
> per domain warn once, (and perhaps gdprintk afterwards), so guests which
> actually try to use this can at least be identified if they suddenly
> start behaving weirdly?

No, that's pointless: Various (if not all) Linux versions set CR0.CD
in the course of fiddling with th MTRRs, i.e. we'd issue this warning
for most if not all HVM Linux guests that also have some PCI device
assigned, even though in the vast majority of cases this would be
benign to them. The one case where I'm told that broken code is
needed for guest stability is when a graphics device gets assigned
to it (proof of that is yet to be seen though), yet at the point
where the warning would need to get issued we shouldn't go as
far as looking for specific device types (even more so when there
might be other device classes where the cache disabling would
also be needed).

Jan