On Wed, 2018-01-24 at 13:12 +0000, Andrew Cooper wrote: > + * Squash the domid and vcpu id together for comparason
*comparison > + * efficiency. We could in principle stash and compare the > struct > + * vcpu pointer, but this risks a false alias if a domain has > died > + * and the same 4k page gets reused for a new vcpu. > + */ Isn't that also true if the domain has died and its domain-id gets re- used? > + unsigned int next_id = (((unsigned int)nextd->domain_id << 16) | > + (uint16_t)next->vcpu_id); I am loath to suggest *more* tweakables, but given the IBPB cost is there any merit in having a mode which does it only if the *domain* is different, regardless of vcpu_id? If a given domain is running on HT siblings, it ought to be doing its own mitigation — setting STIBP for userspace if it wants, ensuring its own kernel is safe by having IBRS set or using retpoline, etc.
smime.p7s
Description: S/MIME cryptographic signature
Amazon Web Services UK Limited. Registered in England and Wales with registration number 08650665 and which has its registered office at 60 Holborn Viaduct, London EC1A 2FD, United Kingdom.
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
