[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH SpectreV1+L1TF v5 4/9] spec: add l1tf-barrier

To: <nmanthey@xxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 06 Feb 2019 06:20:48 -0700
Cc: Juergen Gross <jgross@xxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, Martin Pohlack <mpohlack@xxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, David Woodhouse <dwmw@xxxxxxxxxxxx>, "Martin Mazein\(amazein\)" <amazein@xxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julian Stecklina <jsteckli@xxxxxxxxx>, Bjoern Doebel <doebel@xxxxxxxxx>
Delivery-date: Wed, 06 Feb 2019 13:21:04 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 06.02.19 at 14:02, <nmanthey@xxxxxxxxx> wrote:
> On 2/5/19 15:43, Jan Beulich wrote:
>>>>> On 05.02.19 at 15:23, <nmanthey@xxxxxxxxx> wrote:
>>> On 1/31/19 17:35, Jan Beulich wrote:
>>>>>>> On 29.01.19 at 15:43, <nmanthey@xxxxxxxxx> wrote:
>>>>> +    /*
>>>>>       * We do not disable HT by default on affected hardware.
>>>>>       *
>>>>>       * Firstly, if the user intends to use exclusively PV, or HVM shadow
>>>> Furthermore, as per the comment and logic here and below a
>>>> !HVM configuration ought to be safe too, unless "pv-l1tf=" was
>>>> used (in which case we defer to the admin anyway), so it's
>>>> questionable whether the whole logic should be there in the
>>>> first place in this case. This would then in particular keep all
>>>> of this out for the PV shim.
>>> For the PV shim, I could add pv-shim to my check before enabling the CPU
>>> flag.
>> But the PV shim is just a special case. I'd like this code to be
>> compiled out for all !HVM configurations.
> 
> The that introduces the evaluate_nospec macro does that already. Based
> on defined(CONFIG_HVM) lfence patching is disabled there.

Oh, right.

> Do you want me to wrap this command line option into CONFIG_HVM checks
> as well?

That would be nice; I have a patch for post-4.12 where I do
something similar to opt_xpti_*. Therefore if you didn't do it
here, I'd probably submit a fixup patch down the road.

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- Re: [Xen-devel] [PATCH SpectreV1+L1TF v5 4/9] spec: add l1tf-barrier
  - From: Norbert Manthey
- Re: [Xen-devel] [PATCH SpectreV1+L1TF v5 4/9] spec: add l1tf-barrier
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH SpectreV1+L1TF v5 4/9] spec: add l1tf-barrier
  - From: Norbert Manthey

Prev by Date: Re: [Xen-devel] [PATCH SpectreV1+L1TF v5 4/9] spec: add l1tf-barrier
Next by Date: Re: [Xen-devel] [PATCH v8 for-4.12 00/17] Argo: hypervisor-mediated interdomain communication
Previous by thread: Re: [Xen-devel] [PATCH SpectreV1+L1TF v5 4/9] spec: add l1tf-barrier
Next by thread: Re: [Xen-devel] [PATCH SpectreV1+L1TF v5 5/9] nospec: introduce evaluate_nospec
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.