Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 1:49 PM, Daniel Kiper wrote: > On Mon, Jan 29, 2018 at 12:31:13PM -0500, Konrad Rzeszutek Wilk wrote: >> On Mon, Jan 29, 2018 at 08:46:03AM +, David Woodhouse wrote: >> > On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: >> > > >> > >

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 1:49 PM, Daniel Kiper wrote: > On Mon, Jan 29, 2018 at 12:31:13PM -0500, Konrad Rzeszutek Wilk wrote: >> On Mon, Jan 29, 2018 at 08:46:03AM +, David Woodhouse wrote: >> > On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: >> > > >> > > Windows use IBRS and Microsoft

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 12:31:13PM -0500, Konrad Rzeszutek Wilk wrote: > On Mon, Jan 29, 2018 at 08:46:03AM +, David Woodhouse wrote: > > On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: > > > > > > Windows use IBRS and Microsoft don't have any plans to switch to > > > retpoline. > > >

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 12:31:13PM -0500, Konrad Rzeszutek Wilk wrote: > On Mon, Jan 29, 2018 at 08:46:03AM +, David Woodhouse wrote: > > On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: > > > > > > Windows use IBRS and Microsoft don't have any plans to switch to > > > retpoline. > > >

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 11:16 AM, Konrad Rzeszutek Wilk wrote: > On Mon, Jan 29, 2018 at 10:43:22AM -0800, Jim Mattson wrote: >> On Sun, Jan 28, 2018 at 11:29 AM, KarimAllah Ahmed >> wrote: >> > Add direct access to MSR_IA32_SPEC_CTRL for guests. This

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 11:16 AM, Konrad Rzeszutek Wilk wrote: > On Mon, Jan 29, 2018 at 10:43:22AM -0800, Jim Mattson wrote: >> On Sun, Jan 28, 2018 at 11:29 AM, KarimAllah Ahmed >> wrote: >> > Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for >> > guests >> > that will

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 10:43:22AM -0800, Jim Mattson wrote: > On Sun, Jan 28, 2018 at 11:29 AM, KarimAllah Ahmed wrote: > > Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for > > guests > > that will only mitigate Spectre V2 through IBRS+IBPB and will not

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 10:43:22AM -0800, Jim Mattson wrote: > On Sun, Jan 28, 2018 at 11:29 AM, KarimAllah Ahmed wrote: > > Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for > > guests > > that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a > >

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/29/2018 08:04 PM, Jim Mattson wrote: Can I assume you'll send out a new version with the fixes? Yes, I am currently doing some tests and once I am done I will send a new round. ... and the typo is already fixed in 'ibpb-wip' :) On Mon, Jan 29, 2018 at 11:01 AM, David Woodhouse

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/29/2018 08:04 PM, Jim Mattson wrote: Can I assume you'll send out a new version with the fixes? Yes, I am currently doing some tests and once I am done I will send a new round. ... and the typo is already fixed in 'ibpb-wip' :) On Mon, Jan 29, 2018 at 11:01 AM, David Woodhouse

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

Can I assume you'll send out a new version with the fixes? On Mon, Jan 29, 2018 at 11:01 AM, David Woodhouse wrote: > > (Top-posting; sorry.) > > Much of that is already fixed during our day, in > http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb > > I

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

Can I assume you'll send out a new version with the fixes? On Mon, Jan 29, 2018 at 11:01 AM, David Woodhouse wrote: > > (Top-posting; sorry.) > > Much of that is already fixed during our day, in > http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb > > I forgot to fix up the

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

(Top-posting; sorry.) Much of that is already fixed during our day, in http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb I forgot to fix up the wrong-MSR typo though, and we do still need to address reset. On Mon, 2018-01-29 at 10:43 -0800, Jim Mattson wrote: > On Sun,

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

(Top-posting; sorry.) Much of that is already fixed during our day, in http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb I forgot to fix up the wrong-MSR typo though, and we do still need to address reset. On Mon, 2018-01-29 at 10:43 -0800, Jim Mattson wrote: > On Sun,

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, Jan 28, 2018 at 11:29 AM, KarimAllah Ahmed wrote: > Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests > that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a > retpoline+IBPB based approach. > > To avoid the overhead

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, Jan 28, 2018 at 11:29 AM, KarimAllah Ahmed wrote: > Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests > that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a > retpoline+IBPB based approach. > > To avoid the overhead of atomically saving

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 08:46:03AM +, David Woodhouse wrote: > On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: > > > > Windows use IBRS and Microsoft don't have any plans to switch to retpoline. > > Running a Windows guest should be a pretty common use-case no? > > > > In addition, your

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 08:46:03AM +, David Woodhouse wrote: > On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: > > > > Windows use IBRS and Microsoft don't have any plans to switch to retpoline. > > Running a Windows guest should be a pretty common use-case no? > > > > In addition, your

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 10:37:44AM +, David Woodhouse wrote: > On Mon, 2018-01-29 at 10:43 +0100, KarimAllah Ahmed wrote: > > On 01/29/2018 09:46 AM, David Woodhouse wrote: > > > Reading the code and comparing with the SDM, I can't see where we're > > > ever setting

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, Jan 29, 2018 at 10:37:44AM +, David Woodhouse wrote: > On Mon, 2018-01-29 at 10:43 +0100, KarimAllah Ahmed wrote: > > On 01/29/2018 09:46 AM, David Woodhouse wrote: > > > Reading the code and comparing with the SDM, I can't see where we're > > > ever setting

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 29/01/2018 11:37, David Woodhouse wrote: > On Mon, 2018-01-29 at 10:43 +0100, KarimAllah Ahmed wrote: >> On 01/29/2018 09:46 AM, David Woodhouse wrote: >>> Reading the code and comparing with the SDM, I can't see where we're >>> ever setting VM_EXIT_MSR_STORE_{ADDR,COUNT} except in the nested

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 29/01/2018 11:37, David Woodhouse wrote: > On Mon, 2018-01-29 at 10:43 +0100, KarimAllah Ahmed wrote: >> On 01/29/2018 09:46 AM, David Woodhouse wrote: >>> Reading the code and comparing with the SDM, I can't see where we're >>> ever setting VM_EXIT_MSR_STORE_{ADDR,COUNT} except in the nested

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 29/01/2018 09:46, David Woodhouse wrote: > I'd actually quite like to repeat the benchmark on the new fixed > microcode, if anyone has it yet, to see if that read/swap slowness is > still quite as excessive. I'm certainly not ruling this out, but I'm > just a little wary of premature

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 29/01/2018 09:46, David Woodhouse wrote: > I'd actually quite like to repeat the benchmark on the new fixed > microcode, if anyone has it yet, to see if that read/swap slowness is > still quite as excessive. I'm certainly not ruling this out, but I'm > just a little wary of premature

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, 2018-01-29 at 10:43 +0100, KarimAllah Ahmed wrote: > On 01/29/2018 09:46 AM, David Woodhouse wrote: > > Reading the code and comparing with the SDM, I can't see where we're > > ever setting VM_EXIT_MSR_STORE_{ADDR,COUNT} except in the nested > > case... > Hmmm ... you are probably right! I

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Mon, 2018-01-29 at 10:43 +0100, KarimAllah Ahmed wrote: > On 01/29/2018 09:46 AM, David Woodhouse wrote: > > Reading the code and comparing with the SDM, I can't see where we're > > ever setting VM_EXIT_MSR_STORE_{ADDR,COUNT} except in the nested > > case... > Hmmm ... you are probably right! I

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/29/2018 09:46 AM, David Woodhouse wrote: On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: Windows use IBRS and Microsoft don't have any plans to switch to retpoline. Running a Windows guest should be a pretty common use-case no? In addition, your handle of the first WRMSR intercept

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/29/2018 09:46 AM, David Woodhouse wrote: On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: Windows use IBRS and Microsoft don't have any plans to switch to retpoline. Running a Windows guest should be a pretty common use-case no? In addition, your handle of the first WRMSR intercept

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: > > Windows use IBRS and Microsoft don't have any plans to switch to retpoline. > Running a Windows guest should be a pretty common use-case no? > > In addition, your handle of the first WRMSR intercept could be different. > It could signal

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: > > Windows use IBRS and Microsoft don't have any plans to switch to retpoline. > Running a Windows guest should be a pretty common use-case no? > > In addition, your handle of the first WRMSR intercept could be different. > It could signal

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/28/2018 09:21 PM, Konrad Rzeszutek Wilk wrote: On January 28, 2018 2:29:10 PM EST, KarimAllah Ahmed wrote: Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/28/2018 09:21 PM, Konrad Rzeszutek Wilk wrote: On January 28, 2018 2:29:10 PM EST, KarimAllah Ahmed wrote: Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a retpoline+IBPB based

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

- dw...@infradead.org wrote: > On Sun, 2018-01-28 at 15:21 -0500, Konrad Rzeszutek Wilk wrote: > > >To avoid the overhead of atomically saving and restoring the > MSR_IA32_SPEC_CTRL > > >for guests that do not actually use the MSR, only > add_atomic_switch_msr when a > > >non-zero is written

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

- dw...@infradead.org wrote: > On Sun, 2018-01-28 at 15:21 -0500, Konrad Rzeszutek Wilk wrote: > > >To avoid the overhead of atomically saving and restoring the > MSR_IA32_SPEC_CTRL > > >for guests that do not actually use the MSR, only > add_atomic_switch_msr when a > > >non-zero is written

RE: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

>> >> On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: >> > >> > Do you mean that the host would intercept the guest WRMSR and do >> > WRMSR itself?  I would suggest that doing so is inconsistent with the >> > docs.  As specified, doing WRMSR to write 1 to IBRS does *not* >> > protect

RE: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

>> >> On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: >> > >> > Do you mean that the host would intercept the guest WRMSR and do >> > WRMSR itself?  I would suggest that doing so is inconsistent with the >> > docs.  As specified, doing WRMSR to write 1 to IBRS does *not* >> > protect

RE: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

> > On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: > > > > Do you mean that the host would intercept the guest WRMSR and do > > WRMSR itself?  I would suggest that doing so is inconsistent with the > > docs.  As specified, doing WRMSR to write 1 to IBRS does *not* > > protect the

RE: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

> > On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: > > > > Do you mean that the host would intercept the guest WRMSR and do > > WRMSR itself?  I would suggest that doing so is inconsistent with the > > docs.  As specified, doing WRMSR to write 1 to IBRS does *not* > > protect the

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 12:53 -0800, Andy Lutomirski wrote: > > > I believe it does. Guest kernel is protected from any guest userspace > > predictions learned before IBRS was last set to 1 in *any* mode, > > including host. > > Hmm, you're probably right. > > I would love to know what awful hack

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 12:53 -0800, Andy Lutomirski wrote: > > > I believe it does. Guest kernel is protected from any guest userspace > > predictions learned before IBRS was last set to 1 in *any* mode, > > including host. > > Hmm, you're probably right. > > I would love to know what awful hack

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

> On Jan 28, 2018, at 12:44 PM, David Woodhouse wrote: > >> On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: >> >> Do you mean that the host would intercept the guest WRMSR and do >> WRMSR itself? I would suggest that doing so is inconsistent with the >> docs.

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

> On Jan 28, 2018, at 12:44 PM, David Woodhouse wrote: > >> On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: >> >> Do you mean that the host would intercept the guest WRMSR and do >> WRMSR itself? I would suggest that doing so is inconsistent with the >> docs. As specified, doing

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: > > Do you mean that the host would intercept the guest WRMSR and do > WRMSR itself?  I would suggest that doing so is inconsistent with the > docs.  As specified, doing WRMSR to write 1 to IBRS does *not* > protect the guest. I believe

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 12:40 -0800, Andy Lutomirski wrote: > > Do you mean that the host would intercept the guest WRMSR and do > WRMSR itself?  I would suggest that doing so is inconsistent with the > docs.  As specified, doing WRMSR to write 1 to IBRS does *not* > protect the guest. I believe

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

> On Jan 28, 2018, at 12:21 PM, Konrad Rzeszutek Wilk > wrote: > >> On January 28, 2018 2:29:10 PM EST, KarimAllah Ahmed >> wrote: >> Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for >> guests >> that will only mitigate

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

> On Jan 28, 2018, at 12:21 PM, Konrad Rzeszutek Wilk > wrote: > >> On January 28, 2018 2:29:10 PM EST, KarimAllah Ahmed >> wrote: >> Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for >> guests >> that will only mitigate Spectre V2 through IBRS+IBPB and will not be >>

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 15:21 -0500, Konrad Rzeszutek Wilk wrote: > >To avoid the overhead of atomically saving and restoring the > >MSR_IA32_SPEC_CTRL > >for guests that do not actually use the MSR, only add_atomic_switch_msr when > >a > >non-zero is written to it. > > > We tried this and found

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On Sun, 2018-01-28 at 15:21 -0500, Konrad Rzeszutek Wilk wrote: > >To avoid the overhead of atomically saving and restoring the > >MSR_IA32_SPEC_CTRL > >for guests that do not actually use the MSR, only add_atomic_switch_msr when > >a > >non-zero is written to it. > > > We tried this and found

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On January 28, 2018 2:29:10 PM EST, KarimAllah Ahmed wrote: >Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for >guests >that will only mitigate Spectre V2 through IBRS+IBPB and will not be >using a >retpoline+IBPB based approach. > >To avoid the overhead

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On January 28, 2018 2:29:10 PM EST, KarimAllah Ahmed wrote: >Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for >guests >that will only mitigate Spectre V2 through IBRS+IBPB and will not be >using a >retpoline+IBPB based approach. > >To avoid the overhead of atomically saving

[PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a retpoline+IBPB based approach. To avoid the overhead of atomically saving and restoring the MSR_IA32_SPEC_CTRL for guests that do not actually

[PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a retpoline+IBPB based approach. To avoid the overhead of atomically saving and restoring the MSR_IA32_SPEC_CTRL for guests that do not actually