lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 10 Jan 2018 17:27:47 +0100
From:   Paolo Bonzini <pbonzini@...hat.com>
To:     Liran Alon <liran.alon@...cle.com>, dwmw@...zon.co.uk
Cc:     konrad.wilk@...cle.com, jmattson@...gle.com, x86@...nel.org,
        bp@...en8.de, nadav.amit@...il.com, thomas.lendacky@....com,
        aliguori@...zon.com, arjan@...ux.intel.com, rkrcmar@...hat.com,
        linux-kernel@...r.kernel.org, kvm@...r.kernel.org
Subject: Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and
 MSR_IA32_PRED_CMD down to the guest

I can answer (2) only.

On 10/01/2018 17:19, Liran Alon wrote:
> (2) On VMExit, Intel recommends to always save guest SPEC_CTRL value,
> set IBRS to 1 (even if it is already set by guest) and stuff RSB. What
> exactly does this write of 1 to IBRS do?
> * a) Does it keep all currently existing BTB/BHB entries created by
> less-privileged prediction-mode and marks them as were created in
> less-privileged prediction-mode such that they won't be used in current
> prediction-mode?
> * b) Or does it, as Paolo has mentioned multiple times, disables the
> branch predictor to never consult the BTB/BHB at all as long as IBRS=1?
> If (b) is true, why is setting IBRS=1 better than just issue an IBPB that clears all entries? At least in that case the > host kernel could still benefict branch prediction performance boost.

Arjan said (b) is not true on all processor generations.  But even if it
were true, setting IBRS=1 is much, much faster than IBPB.

> If (a) is true, does "IBRS ALL THE TIME" usage is basically a CPU
> change to just create all BTB/BHB entries to be tagged with
> prediction-mode at creation-time and that tag to be compared to current
> prediction-mode when CPU attempts to use BTB/BHB?

I hope so, and I hope said prediction mode includes PCID/VPID too.
While I agree with David that "we have other things to work on for now
before we support hypothetical future hardware", I'd like to make sure
that Intel gets it right...

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ