Re: [PATCH v9 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs

Next message: Rob Herring: "Re: [PATCH] dt-bindings: i2c: cnxt,cx92755-i2c: Convert to DT schema"
Previous message: Mark Brown: "Re: [PATCH V2] spi: zynq-qspi: Simplify clock handling with devm_clk_get_enabled()"
In reply to: Jim Mattson: "Re: [PATCH v9 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs"
Next in thread: Jim Mattson: "Re: [PATCH v9 02/10] x86/bhi: Make clear_bhb_loop() effective on newer CPUs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Pawan Gupta

Date: Tue Apr 07 2026 - 12:46:08 EST

On Mon, Apr 06, 2026 at 07:23:25AM -0700, Jim Mattson wrote:
> Yes, but the guest needs a way to determine whether the hypervisor
> will do what's necessary to make the short sequence effective. And, in
> particular, no KVM hypervisor today is prepared to do that.
>
> When running under a hypervisor, without BHI_CTRL and without any
> evidence to the contrary, the guest must assume that the longer
> sequence is necessary. At the very least, we need a CPUID or MSR bit
> that says, "the short BHB clearing sequence is adequate for this
> vCPU."

After discussing this internally, the consensus is that the best path
forward is to add virtual SPEC_CTRL support to KVM, which also aligns with
Intel's guidance. In the long term, virtual SPEC_CTRL can benefit future
mitigations as well. As with many other mitigations (e.g. microcode), the
guest would rely on the host to enforce the appropriate protections.