[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 2/3] amd/msr: allow passthrough of VIRT_SPEC_CTRL for HVM guests


  • To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 17 May 2022 14:10:29 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wdqr8pGuGQEeW07KJbDB3s74JnBbr6SzGo6vipH58jk=; b=iqrjb3Op8nmYcnvo3PpSmSzqln71yXirANA6us/U/WevC3par85vYbZMeBTtZYgJIjNNYfM5PI6s+EgsQn7KCUhjzKz+YQf61hHcK6EZs9JVmz6oLSxtyIfGb3mF2umAjIaBRKVxZ4kh/JwMpOYL0emf5JT4VWD9SYvakUa1hGiZjA+rj+vGOYIsqsDyE2qmUkhyky7m6U9T61sXaBE/Hm6iT0Xke/DHYw3tAxdJiGPAboBrzAeiO3vDysMW4aArTX5wD7+oaO/aiwzeXq/cqsNjAVpaOG4i6SL7PS4HswCoF5jGR9dy95Seg937PtBLKzwkKPjNRJD9uX2cFUyzmg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QZMnvXYm8nt92Uo8CprFw4LTmGvBc1A8i6IZ8LYMkoiEB2eHoBmt4pBAUAIjKA0lvU3jpiUzMBNQ/8VVpf2ympDTnFcnWqRS2eWG+vg8TUDM1DcY5dJ/d05nt5xodg/ml+nYhCA9qRVYYVTo1z008orn1hKibhYrtjt+R0QUSiXOECwvHp2TSTqpgSUF+VwLnufI85wgmJSDpYKBQESFjJPl36CLsA+cwRJ3eD6aypSqLBe8UJYk16XryzNwZC4nfclStVlFjUns7OFIL40onLMYNd6vd7nr2BawORRUKl5bF3EC+Tfzj0oCvz9EHOEhoI+z6V/yOOY9RwpjeeCEAQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 17 May 2022 12:10:50 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 09.05.2022 12:23, Roger Pau Monné wrote:
> On Fri, May 06, 2022 at 02:15:47PM +0200, Jan Beulich wrote:
>> On 03.05.2022 10:26, Roger Pau Monne wrote:
>>> --- a/xen/arch/x86/cpuid.c
>>> +++ b/xen/arch/x86/cpuid.c
>>> @@ -541,6 +541,9 @@ static void __init calculate_hvm_max_policy(void)
>>>           raw_cpuid_policy.basic.sep )
>>>          __set_bit(X86_FEATURE_SEP, hvm_featureset);
>>>  
>>> +    if ( boot_cpu_has(X86_FEATURE_VIRT_SC_MSR_HVM) )
>>> +        __set_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);
>>> +
>>>      /*
>>>       * If Xen isn't virtualising MSR_SPEC_CTRL for HVM guests (functional
>>>       * availability, or admin choice), hide the feature.
>>
>> Especially with the setting of VIRT_SSBD below here (from patch 1) I
>> don't think this can go without comment. The more that the other
>> instance ...
>>
>>> @@ -597,6 +600,13 @@ static void __init calculate_hvm_def_policy(void)
>>>      guest_common_feature_adjustments(hvm_featureset);
>>>      guest_common_default_feature_adjustments(hvm_featureset);
>>>  
>>> +    /*
>>> +     * Only expose VIRT_SSBD if AMD_SSBD is not available, and thus
>>> +     * VIRT_SC_MSR_HVM is set.
>>> +     */
>>> +    if ( boot_cpu_has(X86_FEATURE_VIRT_SC_MSR_HVM) )
>>> +        __set_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);
>>> +
>>>      sanitise_featureset(hvm_featureset);
>>>      cpuid_featureset_to_policy(hvm_featureset, p);
>>>      recalculate_xstate(p);
>>
>> ... here is about default exposure, so cannot really be extended to
>> the condition under which this is put in "max" (except that of course
>> "max" needs to include everything "def" has).
> 
> Would you be OK with adding:
> 
>     /*
>      * VIRT_SC_MSR_HVM ensures the selection of SSBD is context
>      * switched between the hypervisor and guest selected values for
>      * HVM when the platform doesn't expose AMD_SSBD support.
>      */

I'm afraid this doesn't explain what I'm after. In
calculate_hvm_def_policy() the comment explains why / when the feature
is exposed by _default_. Taking into account patch 1 (where another
maximum exposure of the feature was introduced), I'd like the
comment in calculate_hvm_max_policy() to focus on the difference
between default and maximum exposure (which could be as simple as "if
exposed by default, also needs exposing in max, irrespective of the
further max exposure below(?)").

Jan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.