amd/virt_ssbd: add to max HVM policy when SSB_NO is available

Hardware that exposes SSB_NO can implement the setting of SSBD as a
no-op because it's not affected by SSB.

Take advantage of that and allow exposing VIRT_SPEC_CTRL.SSBD to guest
running on hadrware that has SSB_NO.  Only set VIRT_SSBD on the max
policy though, as the feature is only intended to be used for
migration compatibility.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
---
As there's no hardware with SSB_NO so far the patch is untested.  Post
it for reference if there's hardware with the bit set.

diff --git a/xen/arch/x86/cpu/amd.c b/xen/arch/x86/cpu/amd.c
index cfeb8d1daf10cc564f20f756bcb8054ae4ca2544..74cfeffc298a26b792da1cc8b07c11e677714ead 100644 (file)
--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
@@ -814,7 +814,9 @@ void amd_set_ssbd(bool enable)
                wrmsr(MSR_VIRT_SPEC_CTRL, enable ? SPEC_CTRL_SSBD : 0, 0);
        else if ( amd_legacy_ssbd )
                core_set_legacy_ssbd(enable);
-       else
+       else if ( cpu_has_ssb_no ) {
+               /* Nothing to do. */
+       } else
                ASSERT_UNREACHABLE();
 }
 

diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index acc2f606cea8eac7317f6d732a491cce8ee57663..e394dbe669a817a49ab0714327244e67bac28aaf 100644 (file)
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -558,11 +558,16 @@ static void __init calculate_hvm_max_policy(void)
         __clear_bit(X86_FEATURE_IBRSB, hvm_featureset);
         __clear_bit(X86_FEATURE_IBRS, hvm_featureset);
     }
-    else if ( boot_cpu_has(X86_FEATURE_AMD_SSBD) )
+    else if ( boot_cpu_has(X86_FEATURE_AMD_SSBD) ||
+              boot_cpu_has(X86_FEATURE_SSB_NO) )
         /*
          * If SPEC_CTRL.SSBD is available VIRT_SPEC_CTRL.SSBD can be exposed
          * and implemented using the former. Expose in the max policy only as
          * the preference is for guests to use SPEC_CTRL.SSBD if available.
+         *
+         * Allow VIRT_SSBD in the max policy if SSB_NO is exposed for migration
+         * compatibility reasons.  If SSB_NO is present setting
+         * VIRT_SPEC_CTRL.SSBD is a no-op.
          */
         __set_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);