[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 2/3] x86: Expose Automatic IBRS to guests

On Tue, May 30, 2023 at 06:31:03PM +0100, Andrew Cooper wrote:
> I've committed this, but made two tweaks to the commit message.  First,
> "x86/hvm" in the subject because it's important context at a glance.
Sure, that makes sense.

> Second, I've adjusted the bit about PV guests.  The reason why we can't
> expose it yet is because Xen doesn't currently context switch EFER
> between PV guests.
> 
> ~Andrew
We could of course context switch EFER sensibly, but what would that mean
for Automatic IBRS? It can't be trivially used for domain-to-domain
isolation because every domain is in a co-equal protection level. Is there
a non-obvious edge that exposing some interface to it gives for PV? The
only useful case I can think of is PVH, and that seems to be subsumed by
HVM.

Alejandro

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.