On 21/06/18 01:20, Brian Woods wrote: > On Wed, Jun 20, 2018 at 08:34:13AM +0200, Juergen Gross wrote: >> Brian, would you please give the attached patch a try? >> >> >> Juergen > Juergen, > > It works for Dom0. You see a lot of messages that are like: > (XEN) emul-priv-op.c:1166:d0v1 Domain attempted WRMSR c0011020 from > 0x0206800000000000 to 0x0206800000000400 > (XEN) emul-priv-op.c:1166:d0v0 Domain attempted WRMSR c0011020 from > 0x0206800000000000 to 0x0206800000000400
That is Linux trying to enable the SSBD via the native mechanism (on Fam17h hardware I'm guessing, give the bit position). Like many of the other mitigations, a PV guest knows it is virtualised and shouldn’t be playing with this MSR. OTOH, Xen should be implementing the AMD SSBD spec and allowing for virtualised control of SSBD. Sadly, I was only show the whitepaper with insufficient time before the SSBD embargo to implement it in XSA-263, and haven't had time since. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
