On Mon, Jun 02, 2025 at 01:08:31PM +0100, Will Deacon wrote:
On Thu, May 22, 2025 at 01:41:48PM -0700, Oliver Upton wrote:
- /*
* Prior to commit e8cde32f111f ("arm64/cpufeatures/kvm: Add ARMv8.9* FEAT_ECBHB bits in ID_AA64MMFR1 register"), KVM masked FEAT_ECBHB* on implementations that actually have the feature. That sucks; infer* presence of FEAT_ECBHB based on MIDR.*/- if (is_midr_in_range_list(spectre_ecbhb_list))
return true;I really don't think we want to go down this route.
Like I said, not a fan of doing this but...
If finer grained control of the spectre mitigations is needed, I think extending the existing command-line options is probably the best bet rather then inferring behaviours based on the MIDR.
Looks like all of the Neoverse-V2 based VMs available for rent are unintentionally hiding FEAT_ECBHB despite hardware support. I wouldn't expect CSPs to go and change this field after creating a VM, so that's a lot of hardware we're giving a poor experience on.
I just don't think a command-line switch is going to have any practical impact on the situation.
Thanks, Oliver