xenbits.xensource.com Git - xen.git/commit

author	Andrew Cooper <andrew.cooper3@citrix.com>
	Tue, 16 Jan 2018 15:45:51 +0000 (15:45 +0000)
committer	Andrew Cooper <andrew.cooper3@citrix.com>
	Fri, 26 Jan 2018 14:10:21 +0000 (14:10 +0000)
commit	d297b56682e730d598e2529cc6998151d3b6f6f8
tree	4cea50ef0f5375be46e35404c4fc97ad2b054ad0	tree
parent	376a1c3476e145a0494a49882557952529348313	commit \| diff

x86/cpuid: Handling of IBRS/IBPB, STIBP and IBRS for guests

Intel specifies IBRS/IBPB (combined, in a single bit) and STIBP as a separate
bit.  AMD specifies IBPB alone in a 3rd bit.

AMD's IBPB is a subset of Intel's combined IBRS/IBPB.  For performance
reasons, administrators might wish to express "IBPB only" even on Intel
hardware, so we allow the AMD bit to be used for this purpose.

The behaviour of STIBP is more complicated.

It is our current understanding that STIBP will be advertised on HT-capable
hardware irrespective of whether HT is enabled, but not advertised on
HT-incapable hardware.  However, for ease of virtualisation, STIBP's
functionality is ignored rather than reserved by microcode/hardware on
HT-incapable hardware.

For guest safety, we treat STIBP as special, always override the toolstack
choice, and always advertise STIBP if IBRS is available.  This removes the
corner case where STIBP is not advertised, but the guest is running on
HT-capable hardware where it does matter.

Finally as a bugfix, update the libxc CPUID logic to understand the e8b
feature leaf, which has the side effect of also offering CLZERO to guests on
applicable hardware.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

tools/libxc/xc_cpuid_x86.c		diff \| blob \| blame \| history
xen/arch/x86/cpuid.c		diff \| blob \| blame \| history
xen/include/public/arch-x86/cpufeatureset.h		diff \| blob \| blame \| history