Re: [Xen-devel] [PATCH v8 15/17] x86/ctxt: Issue a speculation barrier between vcpu contexts

[Andrew Cooper <andrew.cooper3@xxxxxxxxxx>]

On 15/01/18 12:54, David Woodhouse wrote:
> On Fri, 2018-01-12 at 18:01 +0000, Andrew Cooper wrote:
>> @@ -1736,6 +1736,9 @@ void context_switch(struct vcpu *prev, struct
>> vcpu *next)
>>          }
>>  
>>          ctxt_switch_levelling(next);
>> +
>> +        if ( opt_ibpb )
>> +            wrmsrl(MSR_PRED_CMD, PRED_CMD_IBPB);
>>      }
>>
> If you're doing that without an 'else lfence' don't you need to include
> a comment with your proof that it's safe to do so, and the CPU can't
> speculate a taken conditional branch and all the way to a problematic
> instruction?

What would that gain?  A malicious guest could speculate around it, but
speculation will catch up (at the very latest) when we return to guest,
which is a serialising event.

There is nothing a guest can usefully achieve by attacking this branch,
because it can't prevent the WRMSR from happening before we leave
hypervisor context.

> Also... if you're doing that in context_switch() does it do the right
> thing with idle? If a CPU switches to the idle domain and then back
> again to the same vCPU, does that do the IBPB twice?

Context switches to idle will skip the IBPB because it isn't needed, but
any switch to non-idle need it.  In your example, we should execute just
a single IBPB.

> For vmx we only really need IBPB when we do VMPTRLD, right?

That is part of IBRS_ATT is it not?

At which point it pertains to reuse of a VMCS for a new security
context, but that should be covered by the context switch IBPB.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel