On Tue 2018-02-13 09:02:25, Paolo Bonzini wrote: > On 12/02/2018 16:27, David Woodhouse wrote: > > The original IBRS hack in microcode is horribly slow. For the next > > generation of CPUs, as a stopgap until we get a proper fix, Intel > > promise an "Enhanced IBRS" which will be fast. > > > > The assumption is that predictions in the BTB/RSB will be tagged with > > the VMX mode and ring that they were learned in, and thus the CPU will > > avoid consuming unsafe predictions without a performance penalty. > > > > Intel's documentation says that it is still required to set the IBRS bit > > in the SPEC_CTRL MSR and ensure that it remains set. > > > > Cope with this by trapping and emulating *all* access to SPEC_CTRL from > > KVM guests when the IBRS_ALL feature is present, so it can never be > > turned off. Guests who see IBRS_ALL should never do anything except > > turn it on at boot anyway. And if they didn't know about IBRS_ALL and > > they keep frobbing IBRS on every kernel entry/exit... well the vmexit > > for a no-op is probably going to be faster than they were expecting > > anyway, so they'll live. > > > > Signed-off-by: David Woodhouse > > Acked-by: Arjan van de Ven > > --- > > arch/x86/include/asm/nospec-branch.h | 9 ++++++++- > > arch/x86/kernel/cpu/bugs.c | 16 ++++++++++++++-- > > arch/x86/kvm/vmx.c | 17 ++++++++++------- > > 3 files changed, 32 insertions(+), 10 deletions(-) > > > > diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h > > index 788c4da..524bb86 100644 > > --- a/arch/x86/include/asm/nospec-branch.h > > +++ b/arch/x86/include/asm/nospec-branch.h > > @@ -140,9 +140,16 @@ enum spectre_v2_mitigation { > > SPECTRE_V2_RETPOLINE_MINIMAL_AMD, > > SPECTRE_V2_RETPOLINE_GENERIC, > > SPECTRE_V2_RETPOLINE_AMD, > > - SPECTRE_V2_IBRS, > > + SPECTRE_V2_IBRS_ALL, > > }; > > > > +extern enum spectre_v2_mitigation spectre_v2_enabled; > > + > > +static inline bool spectre_v2_ibrs_all(void) > > +{ > > + return spectre_v2_enabled == SPECTRE_V2_IBRS_ALL; > > +} > > + > > extern char __indirect_thunk_start[]; > > extern char __indirect_thunk_end[]; > > > > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > > index debcdda..047538a 100644 > > --- a/arch/x86/kernel/cpu/bugs.c > > +++ b/arch/x86/kernel/cpu/bugs.c > > @@ -88,12 +88,13 @@ static const char *spectre_v2_strings[] = { > > [SPECTRE_V2_RETPOLINE_MINIMAL_AMD] = "Vulnerable: Minimal AMD ASM retpoline", > > [SPECTRE_V2_RETPOLINE_GENERIC] = "Mitigation: Full generic retpoline", > > [SPECTRE_V2_RETPOLINE_AMD] = "Mitigation: Full AMD retpoline", > > + [SPECTRE_V2_IBRS_ALL] = "Mitigation: Enhanced IBRS", > > }; Hmm. Probably not just your problem but these should really get documentation somewhere -- and adding another one should be treated like changing the ABI. How is poor userland expected to do anything inteligent with that file? Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html