On Sun, 2018-01-21 at 09:02 -0500, Konrad Rzeszutek Wilk wrote: > > > Depend on what we expose to the guest. That is if the guest is not suppose to > have this exposed > (say cpuid 27 bit is not exposed) then trap on the MSR (and give an #GP)?
I think for SPEC_CTRL we want to trap on the MSR anyway. Saving and restoring is is *bizarrely* slow, apparently, even when it's zero. I think we want to trap on the first access, and only then disable the intercept and enable the save/restore. That way, sane guests that only ever use retpoline and IBPB (which is write-only and doesn't need saving) won't ever take the performance hit. It's going to want this: https://patchwork.kernel.org/patch/10167667/ > Mihai (CC-ed) is working on this, when ready he can post an patch against > this tree? That'd be useful; thanks. The latest (including the bits on top that we probably aren't going to submit, with saner bits near the beginning) should always be at http://git.infradead.org/linux-retpoline.git/shortlog/refs/heads/ibpb
smime.p7s
Description: S/MIME cryptographic signature