Re: [Xen-devel] [PATCH v8 11/17] x86: Protect unaware domains from meddling hyperthreads

2018-01-17 Thread Andrew Cooper
On 17/01/2018 08:40, Jan Beulich wrote: On 16.01.18 at 22:11, wrote: >> An alternative to the current levelling logic would be to treat STIBP as >> a Special Bit (in CPUID terms, like OSXSAVE/etc) and unconditionally set >> it equal to IBRS, irrespective of the

Re: [Xen-devel] [PATCH v8 11/17] x86: Protect unaware domains from meddling hyperthreads

2018-01-17 Thread Jan Beulich
>>> On 16.01.18 at 22:11, wrote: > An alternative to the current levelling logic would be to treat STIBP as > a Special Bit (in CPUID terms, like OSXSAVE/etc) and unconditionally set > it equal to IBRS, irrespective of the toolstack setting. That way, > migration

Re: [Xen-devel] [PATCH v8 11/17] x86: Protect unaware domains from meddling hyperthreads

2018-01-16 Thread Andrew Cooper
On 15/01/18 11:26, Jan Beulich wrote: On 12.01.18 at 19:01, wrote: >> --- a/xen/include/asm-x86/spec_ctrl.h >> +++ b/xen/include/asm-x86/spec_ctrl.h >> @@ -20,8 +20,29 @@ >> #ifndef __X86_SPEC_CTRL_H__ >> #define __X86_SPEC_CTRL_H__ >> >> +#include >> + >>

Re: [Xen-devel] [PATCH v8 11/17] x86: Protect unaware domains from meddling hyperthreads

2018-01-15 Thread Jan Beulich
>>> On 12.01.18 at 19:01, wrote: > --- a/xen/include/asm-x86/spec_ctrl.h > +++ b/xen/include/asm-x86/spec_ctrl.h > @@ -20,8 +20,29 @@ > #ifndef __X86_SPEC_CTRL_H__ > #define __X86_SPEC_CTRL_H__ > > +#include > + > void init_speculation_mitigations(void); > > +/*

[Xen-devel] [PATCH v8 11/17] x86: Protect unaware domains from meddling hyperthreads

2018-01-12 Thread Andrew Cooper
Set STIBP behind the guests back if it knows about IBRS but not STIBP, and no MSR_SPEC_CTRL protection active. Signed-off-by: Andrew Cooper --- v7: * Move logic into a static inline helper. --- xen/arch/x86/domain.c| 8 xen/arch/x86/msr.c