Hello,
The following series aims to remove running C code with GIF=0 on the AMD
vm{entry,exit} paths. As a result, the context switching of SSBD is
done when context switching vCPUs, and hence Xen code is run with the
guest selection of SSBD.
First patch is the one strictly needed, but patches 2 and 3 are also
desirable as cleanups and fixes to the documentation.
Patch 4 is untested, as there's no hardware with SSB_NO.
I tested on Naples and Milan CPUs (and migrating from Naples to Milan
correctly carrying the VIRT_SSBD bit), but I haven't tested on a
platform that exposes VIRT_SSBD itself. I think the path is
sufficiently similar to the legacy one.
Currently running a gitlab CI loop in order to check everything is OK.
Roger Pau Monne (4):
amd/virt_ssbd: set SSBD at vCPU context switch
amd: remove VIRT_SC_MSR_HVM synthetic feature
amd/ssbd: remove hypervisor SSBD selection
amd/virt_ssbd: add to max HVM policy when SSB_NO is available
docs/misc/xen-command-line.pandoc | 8 +---
xen/arch/x86/cpu/amd.c | 54 +++++++++++++-------------
xen/arch/x86/cpuid.c | 16 +++++---
xen/arch/x86/hvm/svm/entry.S | 6 +--
xen/arch/x86/hvm/svm/svm.c | 45 ++++++++-------------
xen/arch/x86/include/asm/amd.h | 3 +-
xen/arch/x86/include/asm/cpufeatures.h | 2 +-
xen/arch/x86/include/asm/spec_ctrl.h | 1 -
xen/arch/x86/msr.c | 7 ++++
xen/arch/x86/spec_ctrl.c | 27 +++----------
10 files changed, 73 insertions(+), 96 deletions(-)
--
2.37.3
