Re: [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest

[Jim Mattson]

Right. For future CPUs with a well-engineered fix, no extra work
should be necessary on VM-entry. However, for current CPUs, we have to
ensure that host kernel addresses can't be deduced from by the guest.
IBPB may be sufficient, but Intel's slide deck doesn't make that
clear.

On Wed, Jan 10, 2018 at 9:23 AM, Nadav Amit <nadav.amit@xxxxxxxxx> wrote:
> Paolo Bonzini <pbonzini@xxxxxxxxxx> wrote:
>
>> On 10/01/2018 18:14, Jim Mattson wrote:
>>>>> If (a) is true, does "IBRS ALL THE TIME" usage is basically a CPU
>>>>> change to just create all BTB/BHB entries to be tagged with
>>>>> prediction-mode at creation-time and that tag to be compared to current
>>>>> prediction-mode when CPU attempts to use BTB/BHB?
>>>>
>>>> I hope so, and I hope said prediction mode includes PCID/VPID too.
>>>
>>> Branch prediction entries should probably be tagged with PCID, VPID,
>>> EP4TA, and thread ID...the same things used to tag TLB contexts.
>>
>> But if so, I don't see the need for IBPB.
>
> It is highly improbable that a microcode patch can change how prediction
> entries are tagged. IIRC, microcode may change the behavior of instructions
> and âassists" (e.g., TLB miss). Not much more than that.
>