Re: [RFC,05/10] x86/speculation: Add basic IBRS support infrastructure
From: Eduardo Habkost
Date: Mon Jan 29 2018 - 20:11:09 EST
On Mon, Jan 29, 2018 at 02:49:51PM -0800, Jim Mattson wrote:
> And if we expect to introduce Cascade Lake into the pool in the
> future, we use a Cascade Lake model number?
>
> It sounds like you are suggesting that we set the model number to the
> highest model number that will ever be introduced into the pool, at
> any time in the future. That approach would also fail the
> 'is_skylake_era()' test. (Not to mention that we have no idea what
> Intel's highest compatible model number will be.)
Exactly, that's why virtualization and live-migration break the
model of just checking f/m/s/microcode: the guest doesn't need to
work around bugs that are present in the current host, but the
set of bugs that could appear on any future host it can run on.
>
> On Mon, Jan 29, 2018 at 2:41 PM, Andi Kleen <ak@xxxxxxxxxxxxxxx> wrote:
> >> Even if we expose bit to indicate that FMS matches the underlying host, when does the guest know to query that? The VM can be moved at any point in time, including after the guest asks if FMS matches host.
> >
> > There's no way to enable these mitigations later, so if you always
> > have to enable the super set of all the mitigations for all the hosts you
> > might be migrating too.
> >
> > As of currently that means if you want to ever migrate to Skylake you should
> > set the Skylake model number and you're good.
> >
> > -Andi
--
Eduardo