Message ID | 20230914063325.85503-17-weijiang.yang@intel.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp611606vqi; Thu, 14 Sep 2023 13:36:37 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGmthhvC6qHpTy1PWk85clkWT6TwvGpaC6L/9iXw6+dwXMryS+MDne5qTZiZWvu7OdlLE4q X-Received: by 2002:a17:90a:8c15:b0:274:98aa:72d8 with SMTP id a21-20020a17090a8c1500b0027498aa72d8mr182497pjo.3.1694723797547; Thu, 14 Sep 2023 13:36:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694723797; cv=none; d=google.com; s=arc-20160816; b=ElsSZmEd5fJIn/lczfAeiXfsznsJe+9Y+iXBraB0xqqr2PYL0n5Hahyk8qZWRWcK0X DqPe4GomXdMeVzaZpQXR24zbKmItysCVzFgnPjdl5Vd3OX+WlwZfJ8OmkGNIkc2yT7qy shHGnif0W+VLrQ4glNOhbxt1ZWPYnZdss1SoJi0I1flR9v6FzhkMFVkYSJvMUldnNrsm /s92tO3lcgwwCPuSmk0nUMPN0qHV46mHKp0+vXV6wODHibVbsff7Z6qzjrAMch6jb7tj 4UYfTlojU1gCk885k6HoxW9gQ5ygV9I1TBrrP5UCedf2GJwy/75dBQ17INjoZBGY6EOM TySw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=XWZC4sQK3cwhnJOYHWF05YGKy1to3thL02EyGu2jHxs=; fh=jQqUhNQZPAXcZ44u72Wu3jv2pQizzn2Be2T8mkd1RwU=; b=dn9GqJyzBFAaBAqWnpYBvxu4MVvSWS/fJJPsy0Y2YVbM7s8XDzSiTAnlxQL/FluJjM hijs7HUaYY88H7dIqCtz9JIGp7YlP3FlTCJBe8thCYDdK5NpH6gyDYcQtEJ3EjMn2smo pb+OyNmfUfJMe4LTtkDjWBnnMaifSMOQVml4MeCVrHubmGMq3/agE/llICqQAOFVE14R f6BF42ZhC8azNwjMed+XRmTJBQ+iqxBffIMFuRmsTqlDD6vHiP6TxrM7urzcf+iK3ekH /5V/r0DlYgrBGg1IMMMJ54YRk6c56zw+sGNamouZUDZ/QdNjVa/BihyRuIpnfeF+/Wn0 7xRg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=lGwzX0Qb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id h6-20020a17090ac38600b0026b22aaf29bsi4399493pjt.146.2023.09.14.13.36.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 13:36:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=lGwzX0Qb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 823A08269C78; Thu, 14 Sep 2023 02:40:30 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237747AbjINJjR (ORCPT <rfc822;chrisfriedt@gmail.com> + 35 others); Thu, 14 Sep 2023 05:39:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49848 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237398AbjINJi2 (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Thu, 14 Sep 2023 05:38:28 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C14EE1FCA; Thu, 14 Sep 2023 02:38:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1694684301; x=1726220301; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=VPJQf4U39E7DZwum/HGUJ0vCeET4v76K5tsmsMkVRMg=; b=lGwzX0Qb5ZuZQ70Fj6+m3l6vg6oZMquG+OQbxq5MMbRRGUzekiD1FVOU OGrUVh4BflXRTYbhMmYw/dNZQVf2VjBboDzpJoAPxrKXBqTSyxK/o1wIU FCd1J+wNKsxPxSRqmewM+Bykz/66eXoTjZk/sluMQyWbCVI0JzAdsyWnB ZLDy5SJa2MShWJii4+u+DbhT+C6RR9JxnnYzyceaigz1jPH81Qnk5o5w5 LiJ5/sauFu7PspVGFFlyh4KP4mM6G87N8j5nao87OfonYy1GfpJDfRo4q HC4TiHs1cfaEUlbVXmiBR8I6pYuL0uFgrQEAUNiNnnIUuXKYPWRqVfQ7Y w==; X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="409857396" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="409857396" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="747656270" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="747656270" Received: from embargo.jf.intel.com ([10.165.9.183]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:21 -0700 From: Yang Weijiang <weijiang.yang@intel.com> To: seanjc@google.com, pbonzini@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: dave.hansen@intel.com, peterz@infradead.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, weijiang.yang@intel.com, john.allen@amd.com Subject: [PATCH v6 16/25] KVM: x86: Report KVM supported CET MSRs as to-be-saved Date: Thu, 14 Sep 2023 02:33:16 -0400 Message-Id: <20230914063325.85503-17-weijiang.yang@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20230914063325.85503-1-weijiang.yang@intel.com> References: <20230914063325.85503-1-weijiang.yang@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Thu, 14 Sep 2023 02:40:30 -0700 (PDT) X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06, DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1777046700776948609 X-GMAIL-MSGID: 1777046700776948609 |
Series |
Enable CET Virtualization
|
|
Commit Message
Yang, Weijiang
Sept. 14, 2023, 6:33 a.m. UTC
Add CET MSRs to the list of MSRs reported to userspace if the feature,
i.e. IBT or SHSTK, associated with the MSRs is supported by KVM.
SSP can only be read via RDSSP. Writing even requires destructive and
potentially faulting operations such as SAVEPREVSSP/RSTORSSP or
SETSSBSY/CLRSSBSY. Let the host use a pseudo-MSR that is just a wrapper
for the GUEST_SSP field of the VMCS.
Suggested-by: Chao Gao <chao.gao@intel.com>
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
arch/x86/include/uapi/asm/kvm_para.h | 1 +
arch/x86/kvm/vmx/vmx.c | 2 ++
arch/x86/kvm/x86.c | 18 ++++++++++++++++++
3 files changed, 21 insertions(+)
Comments
On Thu, Sep 14, 2023 at 02:33:16AM -0400, Yang Weijiang wrote: >Add CET MSRs to the list of MSRs reported to userspace if the feature, >i.e. IBT or SHSTK, associated with the MSRs is supported by KVM. > >SSP can only be read via RDSSP. Writing even requires destructive and >potentially faulting operations such as SAVEPREVSSP/RSTORSSP or >SETSSBSY/CLRSSBSY. Let the host use a pseudo-MSR that is just a wrapper >for the GUEST_SSP field of the VMCS. > >Suggested-by: Chao Gao <chao.gao@intel.com> >Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> >--- > arch/x86/include/uapi/asm/kvm_para.h | 1 + > arch/x86/kvm/vmx/vmx.c | 2 ++ > arch/x86/kvm/x86.c | 18 ++++++++++++++++++ > 3 files changed, 21 insertions(+) > >diff --git a/arch/x86/include/uapi/asm/kvm_para.h b/arch/x86/include/uapi/asm/kvm_para.h >index 6e64b27b2c1e..9864bbcf2470 100644 >--- a/arch/x86/include/uapi/asm/kvm_para.h >+++ b/arch/x86/include/uapi/asm/kvm_para.h >@@ -58,6 +58,7 @@ > #define MSR_KVM_ASYNC_PF_INT 0x4b564d06 > #define MSR_KVM_ASYNC_PF_ACK 0x4b564d07 > #define MSR_KVM_MIGRATION_CONTROL 0x4b564d08 >+#define MSR_KVM_SSP 0x4b564d09 > > struct kvm_steal_time { > __u64 steal; >diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c >index 72e3943f3693..9409753f45b0 100644 >--- a/arch/x86/kvm/vmx/vmx.c >+++ b/arch/x86/kvm/vmx/vmx.c >@@ -7009,6 +7009,8 @@ static bool vmx_has_emulated_msr(struct kvm *kvm, u32 index) > case MSR_AMD64_TSC_RATIO: > /* This is AMD only. */ > return false; >+ case MSR_KVM_SSP: >+ return kvm_cpu_cap_has(X86_FEATURE_SHSTK); For other MSRs in emulated_msrs_all[], KVM doesn't check the associated CPUID feature bits. Why bother doing this for MSR_KVM_SSP?
On 10/8/2023 2:19 PM, Chao Gao wrote: > On Thu, Sep 14, 2023 at 02:33:16AM -0400, Yang Weijiang wrote: >> Add CET MSRs to the list of MSRs reported to userspace if the feature, >> i.e. IBT or SHSTK, associated with the MSRs is supported by KVM. >> >> SSP can only be read via RDSSP. Writing even requires destructive and >> potentially faulting operations such as SAVEPREVSSP/RSTORSSP or >> SETSSBSY/CLRSSBSY. Let the host use a pseudo-MSR that is just a wrapper >> for the GUEST_SSP field of the VMCS. >> >> Suggested-by: Chao Gao <chao.gao@intel.com> >> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> >> --- >> arch/x86/include/uapi/asm/kvm_para.h | 1 + >> arch/x86/kvm/vmx/vmx.c | 2 ++ >> arch/x86/kvm/x86.c | 18 ++++++++++++++++++ >> 3 files changed, 21 insertions(+) >> >> diff --git a/arch/x86/include/uapi/asm/kvm_para.h b/arch/x86/include/uapi/asm/kvm_para.h >> index 6e64b27b2c1e..9864bbcf2470 100644 >> --- a/arch/x86/include/uapi/asm/kvm_para.h >> +++ b/arch/x86/include/uapi/asm/kvm_para.h >> @@ -58,6 +58,7 @@ >> #define MSR_KVM_ASYNC_PF_INT 0x4b564d06 >> #define MSR_KVM_ASYNC_PF_ACK 0x4b564d07 >> #define MSR_KVM_MIGRATION_CONTROL 0x4b564d08 >> +#define MSR_KVM_SSP 0x4b564d09 >> >> struct kvm_steal_time { >> __u64 steal; >> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c >> index 72e3943f3693..9409753f45b0 100644 >> --- a/arch/x86/kvm/vmx/vmx.c >> +++ b/arch/x86/kvm/vmx/vmx.c >> @@ -7009,6 +7009,8 @@ static bool vmx_has_emulated_msr(struct kvm *kvm, u32 index) >> case MSR_AMD64_TSC_RATIO: >> /* This is AMD only. */ >> return false; >> + case MSR_KVM_SSP: >> + return kvm_cpu_cap_has(X86_FEATURE_SHSTK); > For other MSRs in emulated_msrs_all[], KVM doesn't check the associated > CPUID feature bits. Why bother doing this for MSR_KVM_SSP? As you can see MSR_KVM_SSP is not purely emulated MSR, it's linked to VMCS field(GUEST_SSP), IMO, the check is necessary, in other words, no need to expose it when SHSTK is not supported by KVM.
On Thu, 2023-09-14 at 02:33 -0400, Yang Weijiang wrote: > Add CET MSRs to the list of MSRs reported to userspace if the feature, > i.e. IBT or SHSTK, associated with the MSRs is supported by KVM. > > SSP can only be read via RDSSP. Writing even requires destructive and > potentially faulting operations such as SAVEPREVSSP/RSTORSSP or > SETSSBSY/CLRSSBSY. Let the host use a pseudo-MSR that is just a wrapper > for the GUEST_SSP field of the VMCS. Fake MSR just feels wrong for the future generations of readers of this code. This is not a MSR no matter how we look at it, and KVM never supported such fake MSRs - this is the first one. I'll say its better to define a new ioctl for this register, or if you are feeling adventurous, you can try to add support for KVM_GET_ONE_REG/KVM_SET_ONE_REG which is what at least arm uses for this purpose. Also I think it will be better to split this patch into two - first patch that adds new ioctl, and the second patch will add the normal CET msrs to the list of msrs to be saved. > > Suggested-by: Chao Gao <chao.gao@intel.com> > Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> > --- > arch/x86/include/uapi/asm/kvm_para.h | 1 + > arch/x86/kvm/vmx/vmx.c | 2 ++ > arch/x86/kvm/x86.c | 18 ++++++++++++++++++ > 3 files changed, 21 insertions(+) > > diff --git a/arch/x86/include/uapi/asm/kvm_para.h b/arch/x86/include/uapi/asm/kvm_para.h > index 6e64b27b2c1e..9864bbcf2470 100644 > --- a/arch/x86/include/uapi/asm/kvm_para.h > +++ b/arch/x86/include/uapi/asm/kvm_para.h > @@ -58,6 +58,7 @@ > #define MSR_KVM_ASYNC_PF_INT 0x4b564d06 > #define MSR_KVM_ASYNC_PF_ACK 0x4b564d07 > #define MSR_KVM_MIGRATION_CONTROL 0x4b564d08 > +#define MSR_KVM_SSP 0x4b564d09 Another reason for not doing this - someone will think that this is a KVM PV msr. > > struct kvm_steal_time { > __u64 steal; > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > index 72e3943f3693..9409753f45b0 100644 > --- a/arch/x86/kvm/vmx/vmx.c > +++ b/arch/x86/kvm/vmx/vmx.c > @@ -7009,6 +7009,8 @@ static bool vmx_has_emulated_msr(struct kvm *kvm, u32 index) > case MSR_AMD64_TSC_RATIO: > /* This is AMD only. */ > return false; > + case MSR_KVM_SSP: > + return kvm_cpu_cap_has(X86_FEATURE_SHSTK); > default: > return true; > } > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index dda9c7141ea1..73b45351c0fc 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -1476,6 +1476,9 @@ static const u32 msrs_to_save_base[] = { > > MSR_IA32_XFD, MSR_IA32_XFD_ERR, > MSR_IA32_XSS, > + MSR_IA32_U_CET, MSR_IA32_S_CET, > + MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, > + MSR_IA32_PL3_SSP, MSR_IA32_INT_SSP_TAB, > }; > > static const u32 msrs_to_save_pmu[] = { > @@ -1576,6 +1579,7 @@ static const u32 emulated_msrs_all[] = { > > MSR_K7_HWCR, > MSR_KVM_POLL_CONTROL, > + MSR_KVM_SSP, > }; > > static u32 emulated_msrs[ARRAY_SIZE(emulated_msrs_all)]; > @@ -7241,6 +7245,20 @@ static void kvm_probe_msr_to_save(u32 msr_index) > if (!kvm_caps.supported_xss) > return; > break; > + case MSR_IA32_U_CET: > + case MSR_IA32_S_CET: > + if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) && > + !kvm_cpu_cap_has(X86_FEATURE_IBT)) > + return; > + break; > + case MSR_IA32_INT_SSP_TAB: > + if (!kvm_cpu_cap_has(X86_FEATURE_LM)) > + return; > + fallthrough; > + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > + if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK)) > + return; > + break; > default: > break; > } Best regards, Maxim Levitsky
diff --git a/arch/x86/include/uapi/asm/kvm_para.h b/arch/x86/include/uapi/asm/kvm_para.h index 6e64b27b2c1e..9864bbcf2470 100644 --- a/arch/x86/include/uapi/asm/kvm_para.h +++ b/arch/x86/include/uapi/asm/kvm_para.h @@ -58,6 +58,7 @@ #define MSR_KVM_ASYNC_PF_INT 0x4b564d06 #define MSR_KVM_ASYNC_PF_ACK 0x4b564d07 #define MSR_KVM_MIGRATION_CONTROL 0x4b564d08 +#define MSR_KVM_SSP 0x4b564d09 struct kvm_steal_time { __u64 steal; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 72e3943f3693..9409753f45b0 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7009,6 +7009,8 @@ static bool vmx_has_emulated_msr(struct kvm *kvm, u32 index) case MSR_AMD64_TSC_RATIO: /* This is AMD only. */ return false; + case MSR_KVM_SSP: + return kvm_cpu_cap_has(X86_FEATURE_SHSTK); default: return true; } diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index dda9c7141ea1..73b45351c0fc 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1476,6 +1476,9 @@ static const u32 msrs_to_save_base[] = { MSR_IA32_XFD, MSR_IA32_XFD_ERR, MSR_IA32_XSS, + MSR_IA32_U_CET, MSR_IA32_S_CET, + MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, + MSR_IA32_PL3_SSP, MSR_IA32_INT_SSP_TAB, }; static const u32 msrs_to_save_pmu[] = { @@ -1576,6 +1579,7 @@ static const u32 emulated_msrs_all[] = { MSR_K7_HWCR, MSR_KVM_POLL_CONTROL, + MSR_KVM_SSP, }; static u32 emulated_msrs[ARRAY_SIZE(emulated_msrs_all)]; @@ -7241,6 +7245,20 @@ static void kvm_probe_msr_to_save(u32 msr_index) if (!kvm_caps.supported_xss) return; break; + case MSR_IA32_U_CET: + case MSR_IA32_S_CET: + if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) && + !kvm_cpu_cap_has(X86_FEATURE_IBT)) + return; + break; + case MSR_IA32_INT_SSP_TAB: + if (!kvm_cpu_cap_has(X86_FEATURE_LM)) + return; + fallthrough; + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: + if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK)) + return; + break; default: break; }