[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v10 09/11] x86/ctxt: Issue a speculation barrier between vcpu contexts

To: "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
From: "Woodhouse, David" <dwmw@xxxxxxxxxxxx>
Date: Wed, 24 Jan 2018 13:34:29 +0000
Accept-language: en-GB, en-US
Cc: "JBeulich@xxxxxxxx" <JBeulich@xxxxxxxx>
Delivery-date: Wed, 24 Jan 2018 13:35:31 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Thread-index: AQHTlRT5ORC4+GlSFke6rY9Vf4YiEaODBfSA
Thread-topic: [PATCH v10 09/11] x86/ctxt: Issue a speculation barrier between vcpu contexts

On Wed, 2018-01-24 at 13:12 +0000, Andrew Cooper wrote:
> +             * Squash the domid and vcpu id together for comparason

*comparison

> +             * efficiency.  We could in principle stash and compare the 
> struct
> +             * vcpu pointer, but this risks a false alias if a domain has 
> died
> +             * and the same 4k page gets reused for a new vcpu.
> +             */

Isn't that also true if the domain has died and its domain-id gets re-
used? 

> +            unsigned int next_id = (((unsigned int)nextd->domain_id << 16) |
> +                                    (uint16_t)next->vcpu_id);

I am loath to suggest *more* tweakables, but given the IBPB cost is
there any merit in having a mode which does it only if the *domain* is
different, regardless of vcpu_id?

If a given domain is running on HT siblings, it ought to be doing its
own mitigation — setting STIBP for userspace if it wants, ensuring its
own kernel is safe by having IBRS set or using retpoline, etc.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Amazon Web Services UK Limited. Registered in England and Wales with registration number 08650665 and which has its registered office at 60 Holborn Viaduct, London EC1A 2FD, United Kingdom.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v10 09/11] x86/ctxt: Issue a speculation barrier between vcpu contexts
  - From: Andrew Cooper

References:
- [Xen-devel] [PATCH v10 00/11] x86: Mitigations for SP2/CVE-2017-5715/Branch Target Injection
  - From: Andrew Cooper
- [Xen-devel] [PATCH v10 09/11] x86/ctxt: Issue a speculation barrier between vcpu contexts
  - From: Andrew Cooper

Prev by Date: [Xen-devel] [PATCH v10 11/11] x86/idle: Clear SPEC_CTRL while idle
Next by Date: Re: [Xen-devel] [PATCH v10 09/11] x86/ctxt: Issue a speculation barrier between vcpu contexts
Previous by thread: [Xen-devel] [PATCH v10 09/11] x86/ctxt: Issue a speculation barrier between vcpu contexts
Next by thread: Re: [Xen-devel] [PATCH v10 09/11] x86/ctxt: Issue a speculation barrier between vcpu contexts
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.