Xen project Mailing List

Re: [PATCH 2/3] x86/amd: Enumeration for speculative features/hints

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Thu, 19 Aug 2021 16:47:47 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tHlRw4Ape6keRlyNKohKA+gC+7dHjAEEMAUc7hxgDOU=; b=fBMltH+IkkJMJl4MC7DILCCjXEHQhjVmxFyV9TAZ0vjPcdc5SqMPtNVt6ka+l9JyA0Ye3jv6Blhg1pl9LZRWPoAM67QMGZzv/ooHyuSwOIFyk1BP/IAFjcf/v6WDMecs5Dy2lX8EXH3Jaic8vtcVcjdUyMXjd5raYdjQ7TBr9ivZhxmIb3EL88FRN3JaoLBiTP2UDir+aicqWkMb0y0L73DA+ayeAvST4SGOKHFDawqlAfAEKLDihICkhxU7LYmNoKt0a3RSZEx8f5Zp0he1F0fxysdCpAhRnGnuAkxgk/ShI9U4JFuRorNm4UgvTUo52qNu7GT+Ubtp0yOE27HbMg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I9ews5PMLayYyqWg4pITvK5mnWOFlVORRKcG1NtIbhTx3Z+QEfgNxm9SiKjv0rKjcllggmZcBECq21YdQfzsQWz9k4kHO3N6wpFzWtSgS8RT5kLKQ6iPx25H+kAuOhVFMWAvr28GHTEZo7+IT1fj1+PpQiYht123B/pz11rsdpNSkg4HtXGTJfu9d8Y1srT4B5brS98CwTVVadODi22sqT7oGArHugtjnh2drLVkoXyaOMx3Nfu8TrzLyJZfKwRU+JYY6o56wqnXhCGdOb/H6BBviboamByEqMxQ+mqEZvdr4zCEUao0A9fM0ENaI6IBHI0EV1o075kiGDxbtmlrrA==

Authentication-results: lists.xenproject.org; dkim=none (message not signed) header.d=none;lists.xenproject.org; dmarc=none action=none header.from=suse.com;

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 19 Aug 2021 14:48:00 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 17.08.2021 16:30, Andrew Cooper wrote: > There is a step change in speculation protections between the Zen1 and Zen2 > microarchitectures. > > Zen1 and older have no special support. Control bits in non-architectural > MSRs are used to make lfence be dispatch-serialising (Spectre v1), and to > disable Memory Disambiguation (Speculative Store Bypass). IBPB was > retrofitted in a microcode update, and software methods are required for > Spectre v2 protections. > > Because the bit controlling Memory Disambiguation is model specific, > hypervisors are expected to expose a MSR_VIRT_SPEC_CTRL interface which > abstracts the model specific details. > > Zen2 and later implement the MSR_SPEC_CTRL interface in hardware, and > virtualise the interface for HVM guests to use. A number of hint bits are > specified too to help guide OS software to the most efficient mitigation > strategy. > > Zen3 introduced a new feature, Predictive Store Forwarding, along with a > control to disable it in sensitive code. > > Add CPUID and VMCB details for all the new functionality. > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> with one suggestion: > --- a/tools/libs/light/libxl_cpuid.c > +++ b/tools/libs/light/libxl_cpuid.c > @@ -274,8 +274,18 @@ int libxl_cpuid_parse_config(libxl_cpuid_policy_list > *cpuid, const char* str) > {"rstr-fp-err-ptrs", 0x80000008, NA, CPUID_REG_EBX, 2, 1}, > {"wbnoinvd", 0x80000008, NA, CPUID_REG_EBX, 9, 1}, > {"ibpb", 0x80000008, NA, CPUID_REG_EBX, 12, 1}, > + {"ibrs", 0x80000008, NA, CPUID_REG_EBX, 14, 1}, > + {"amd-stibp", 0x80000008, NA, CPUID_REG_EBX, 15, 1}, > + {"ibrs-always", 0x80000008, NA, CPUID_REG_EBX, 16, 1}, > + {"stibp-always", 0x80000008, NA, CPUID_REG_EBX, 17, 1}, > + {"ibrs-fast", 0x80000008, NA, CPUID_REG_EBX, 18, 1}, > + {"ibrs-same-mode", 0x80000008, NA, CPUID_REG_EBX, 19, 1}, Here and below, how about dropping the "mode" part of the name? I can't seem to be able to think of any other "same" that could possibly apply here. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.