From: Paolo Bonzini <pbonzini@redhat.com>
To: speck@linutronix.de
Subject: [MODERATED] Re: [PATCH] SPTE masking
Date: Thu, 9 Aug 2018 12:01:32 +0200 [thread overview]
Message-ID: <5d154d5b-182e-c1db-8c18-64b140dce133@redhat.com> (raw)
In-Reply-To: <b6b405c4-05cf-a827-1028-47586796d96a@citrix.com>
[-- Attachment #1: Type: text/plain, Size: 1179 bytes --]
On 09/08/2018 11:33, speck for Andrew Cooper wrote:
>>
>> in kvm_set_mmio_spte_mask should do, or alternatively the nicer patch after
>> my signature (untested and unthought).
> Setting bit 51 doesn't mitigate L1TF on any current processor.
>
> You need to set an address bit inside L1D-maxphysaddr, and isn't
> cacheable on the current system.
KVM currently sets all reserved bits, so it's safe as long as
l1d-maxphyaddr > cpuid-maxphyaddr.
What remains is pre-Nehalem or high-end servers where L1D-maxphyaddr =
cpuid-maxphyaddr. So we could split the guest gfn in two so that
bit 47-51 = bits MPA-5..MPA-1 of guest physical address
bit maxphyaddr-5..46 = all ones, or look it up using e820
bit 12..maxphyaddr-6 = bits 12..MPA-6 of guest physical address.
assuming all processors with maxphyaddr > 46 are safe.
> and the CPUID maxphysaddr hasn't been
> levelled for heterogeneous migration safety
I don't know about Xen PV, but when using EPT you cannot do that, the
maxphyaddr is not virtualizable (obviously not to guest-maxphyaddr >
host-maxphyaddr, but guest-maxphyaddr < host-maxphyaddr cannot be
emulated either).
Paolo
next prev parent reply other threads:[~2018-08-09 10:01 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-08 23:21 [MODERATED] [PATCH] SPTE masking Jim Mattson
2018-08-09 2:57 ` [MODERATED] " Andi Kleen
2018-08-09 9:24 ` Paolo Bonzini
2018-08-09 17:43 ` Andi Kleen
2018-08-10 7:55 ` Paolo Bonzini
2018-08-10 15:59 ` Jim Mattson
2018-08-10 17:23 ` Andi Kleen
2018-08-10 17:32 ` Linus Torvalds
2018-08-10 17:45 ` Andi Kleen
2018-08-10 18:37 ` Paolo Bonzini
2018-08-10 19:17 ` Andi Kleen
2018-08-12 10:57 ` Paolo Bonzini
2018-08-09 9:25 ` Paolo Bonzini
2018-08-09 9:33 ` Andrew Cooper
2018-08-09 10:01 ` Paolo Bonzini [this message]
2018-08-09 10:47 ` Andrew Cooper
2018-08-09 11:13 ` Paolo Bonzini
2018-08-09 11:46 ` Andrew Cooper
2018-08-09 11:54 ` Paolo Bonzini
2018-08-09 14:01 ` Andrew Cooper
2018-08-09 15:00 ` Paolo Bonzini
2018-08-09 20:14 ` Jim Mattson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5d154d5b-182e-c1db-8c18-64b140dce133@redhat.com \
--to=pbonzini@redhat.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.