Re: [PATCH 4/6] x86/bugs: Use a static branch to guard IBPB on vCPU load
From: Yosry Ahmed
Date: Tue Feb 25 2025 - 16:27:20 EST
February 25, 2025 at 11:49 AM, "Sean Christopherson" <seanjc@xxxxxxxxxx> wrote:
>
> On Wed, Feb 19, 2025, Yosry Ahmed wrote:
> >
> > Instead of using X86_FEATURE_USE_IBPB to guard the IBPB execution in the
> > vCPU load path, introduce a static branch, similar to switch_mm_*_ibpb.
> >
> > This makes it obvious in spectre_v2_user_select_mitigation() what
> > exactly is being toggled, instead of the unclear X86_FEATURE_USE_IBPB
> > (which will be shortly removed). It also provides more fine-grained
> > control, making it simpler to change/add paths that control the IBPB in
> > the vCPU load path without affecting other IBPBs.
> >
> > Signed-off-by: Yosry Ahmed <yosry.ahmed@xxxxxxxxx>
> >
> > ---
> >
> > arch/x86/include/asm/nospec-branch.h | 2 ++
> > arch/x86/kernel/cpu/bugs.c | 5 +++++
> > arch/x86/kvm/svm/svm.c | 2 +-
> > arch/x86/kvm/vmx/vmx.c | 2 +-
> > 4 files changed, 9 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h
> > index 7cbb76a2434b9..a22836c5fb338 100644
> > --- a/arch/x86/include/asm/nospec-branch.h
> > +++ b/arch/x86/include/asm/nospec-branch.h
> > @@ -552,6 +552,8 @@ DECLARE_STATIC_KEY_FALSE(switch_to_cond_stibp);
> > DECLARE_STATIC_KEY_FALSE(switch_mm_cond_ibpb);
> >
DECLARE_STATIC_KEY_FALSE(switch_mm_always_ibpb);
> >
+DECLARE_STATIC_KEY_FALSE(vcpu_load_ibpb);
> >
>
> How about ibpb_on_vcpu_load? To make it easy for readers to understand exactly
> what the knob controls.
I was trying to remain consistent with the existing static branches' names, but I am fine with ibpb_on_vcpu_load if others don't object.