Re: [PATCH 34/35] x86/kvm: Add IBPB support

From: David Woodhouse
Date: Fri Jan 19 2018 - 11:08:50 EST

Next message: Mario.Limonciello: "RE: [PATCH] Support tablet mode switch for Dell laptops"
Previous message: Ming Lei: "Re: [RFC PATCH] blk-mq: fixup RESTART when queue becomes idle"
In reply to: Paolo Bonzini: "Re: [PATCH 34/35] x86/kvm: Add IBPB support"
Next in thread: Andy Lutomirski: "Re: [PATCH 34/35] x86/kvm: Add IBPB support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2018-01-19 at 16:25 +0100, Paolo Bonzini wrote:
> Without retpolines, KVM userspace is not protected from the guest
> poisoning the BTB, because there is no IBRS-barrier on the vmexit
> path.
> So there are two more IBPBs that are needed if retpolines are
> enabled:
>
> 1) in kvm_sched_out
>
> 2) at the end of vcpu_run

Hm, yes. That does seem reasonable. Can we make it conditional so it
only happens *if* we end up back in userspace, and not for a VM-
>kernel->VM transition?

And can I have a patch against
http://git.infradead.org/users/dwmw2/linux-retpoline.git/shortlog/refs/heads/ibpb-upstream
please (see the XX in that top commit too).

I'm still putting that together, and the IBRS bits on top; getting on
an airplane to spend some more quality time with it now...

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Next message: Mario.Limonciello: "RE: [PATCH] Support tablet mode switch for Dell laptops"
Previous message: Ming Lei: "Re: [RFC PATCH] blk-mq: fixup RESTART when queue becomes idle"
In reply to: Paolo Bonzini: "Re: [PATCH 34/35] x86/kvm: Add IBPB support"
Next in thread: Andy Lutomirski: "Re: [PATCH 34/35] x86/kvm: Add IBPB support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]