From patchwork Fri Feb 17 23:10:10 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 5584
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114817wrn;
        Fri, 17 Feb 2023 15:13:05 -0800 (PST)
X-Google-Smtp-Source: 
 AK7set/ZkULMf3d+wykg3m04Qed9W+6Eex6J7yUBARbTgXG+yLn7riRwWKNM+25eqpxsRFR/QFQY
X-Received: by 2002:a05:6402:210:b0:4ae:eae1:1109 with SMTP id
 t16-20020a056402021000b004aeeae11109mr814397edv.2.1676675585679;
        Fri, 17 Feb 2023 15:13:05 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1676675585; cv=none;
        d=google.com; s=arc-20160816;
        b=uwL/MANnaeP6Rq2zlcAkujbpdQUkiwqPUa5+jpLUYc8canbo5KKXdUJ3DPHQ71/qiX
         obN/Z/vyP9H79k66+TtG8Nbe87Sk1ZxdvTx2MvWJS9NG9lOxnOhM0zSReWOdMBI/zwbQ
         uPOOAo7/NXNxnqlyzublQQNZxW5NkLaLNyqVYv1AmoBJ2Kgdf/eU6CYH3B8096WZ1LUO
         uZcB0qhq99EhJezRgiTCr/5fmPAuQsg8n5FoYJikmIWFxxmH22zWY/aIN+dR13hWuHi9
         tGO37BYVwpy+4j57ZODGx5CK4woH6Gx9o2N77iuU4Io8lpeiSDW21FasZDAHpwb3URkT
         4ziQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date
         :reply-to:dkim-signature;
        bh=CWbAijAwjOs1dOASNMUKGHIOkb526nV9RcP7YkJB9Ns=;
        b=UT8LcUGweZVP7eGl9fmfzZ+EvN9A/NnTMMtzi4rDL3ictdtCnb3P6E7OLRq4w6QFL7
         GBoEQjv7nmvDjFlwivJNbIfMMftpir40i2ioJ4LRt/sszlRlNcGsX1qxTqlkB5OduE9z
         j+YWCTTw7AFPoQE7IkubCbEHNN/fbKHV8H9rByX36c86gwx5Y/di2SunkbKcGfLbmhOh
         UIYnfYqH1fsUlaBiczA/5r+2XOtY0pUVSyRWMDhjr/BNIuqr68LPa7W7Becy9yWErZTG
         3bhZ80X1Qwsqe0/dNQqWCwgf1xdx/KH/2yU/nWS3DJKq6FLtVqgHLUhdwgAZhqJp6fTy
         omow==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=WhHQy36b;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 gi37-20020a1709070ca500b008bc042c16cesi470023ejc.827.2023.02.17.15.12.43;
        Fri, 17 Feb 2023 15:13:05 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=WhHQy36b;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229886AbjBQXKc (ORCPT <rfc822;daweilics@gmail.com> + 99 others);
        Fri, 17 Feb 2023 18:10:32 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56150 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229849AbjBQXK2 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 17 Feb 2023 18:10:28 -0500
Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com
 [IPv6:2607:f8b0:4864:20::449])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F2D463BDBD
        for <linux-kernel@vger.kernel.org>;
 Fri, 17 Feb 2023 15:10:26 -0800 (PST)
Received: by mail-pf1-x449.google.com with SMTP id
 h25-20020a62b419000000b005a8da78efedso1135315pfn.2
        for <linux-kernel@vger.kernel.org>;
 Fri, 17 Feb 2023 15:10:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc
         :subject:date:message-id:reply-to;
        bh=CWbAijAwjOs1dOASNMUKGHIOkb526nV9RcP7YkJB9Ns=;
        b=WhHQy36bpmRvJXBYVOfOAWwdwJHCwlyKTRyy3I0PVfsHbY+/Y+/43gczwooXHaglfE
         RMoe13lzB41Bc29GFrb7l2FyDu8zLjPhmAbrV1jsdRe4x5wJVoEJQOfImGiymH4zeVFw
         jvog5mS4J8+ZQexJmjMtjNI/4IWMz9h9Dpy3EmQUjkpjcYfMm390C3tJJ0dek6hXOiAL
         gtVvtyPMd5RUOZuLtiThHXjzz8GUkL4/LocBJIuta6EmrGw9dqoHbPMmflmVo6/ncGiY
         UfL5HAhZv8VhfBo1iVbbln8INLN2E9WEv+/i85QjfiGY0oVembM/ttVwgr7SjMOpObOf
         /52Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:from:subject:message-id:mime-version:date:reply-to
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=CWbAijAwjOs1dOASNMUKGHIOkb526nV9RcP7YkJB9Ns=;
        b=jX5X2qNh3vO/tu3tXKHvhEayZ3S1StXvMA43RNx5U6RcpTQwh8amavBYIDlTzDngpB
         KeQx9EUmlblcRbqulpMwutxOmPG5rUKb/KNmUBmqteci863twmm6WHy/PFoLNo9duUUn
         jyFD31bvxB2hLeArPpv+YgL0UgiB0EjXMYQ+qUhncct0WccdhkPEe3Gy+JDUhdfyAyHz
         4tkcW5tg1Ud0DxFbMQBLk6XTUx8UA9pN3LoyZXkv4rIQXkDrhZxoLr70OU9+WQ/R4mYF
         FdZTW0JQNpIwL20DphswbLRH1FnmPPRREXzc08S3OGzFctbZQ80j0IS/prHsYrxfRRW7
         wkug==
X-Gm-Message-State: AO0yUKX9seqrz3ce2DLD1IxfgoMXh7sFu6ZsDNXYDZ+GUPPCWWaMHHsq
        PSiHkz7d/qXPQELMaHlkmcORfmYVCOo=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a17:903:130d:b0:199:db3:9bcc with SMTP id
 iy13-20020a170903130d00b001990db39bccmr352181plb.11.1676675426500; Fri, 17
 Feb 2023 15:10:26 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 Feb 2023 15:10:10 -0800
Mime-Version: 1.0
X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog
Message-ID: <20230217231022.816138-1-seanjc@google.com>
Subject: [PATCH 00/12] KVM: x86: Add "governed" X86_FEATURE framework
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1758121778987150797?=
X-GMAIL-MSGID: =?utf-8?q?1758121778987150797?=

Add a framework to manage and cache KVM-governed features, i.e. CPUID
based features that require explicit KVM enabling and/or need to be
queried semi-frequently by KVM.  The idea originally came up in the
context of the architectural LBRs series as a way to avoid querying
guest CPUID in hot paths without needing a dedicated flag, but as
evidenced by the shortlog, the most common usage is to handle the ever-
growing list of SVM features that are exposed to L1.

Note, I don't like the name "governed", but it was the least awful thing I
could come up with.  Suggestions most definitely welcome.

This series is lightly tested.  I am posting somewhat speculatively to get
early feedback on the idea.

Sean Christopherson (12):
  KVM: x86: Add a framework for enabling KVM-governed x86 features
  KVM: x86/mmu: Use KVM-governed feature framework to track "GBPAGES
    enabled"
  KVM: VMX: Recompute "XSAVES enabled" only after CPUID update
  KVM: VMX: Rename XSAVES control to follow KVM's preferred "ENABLE_XYZ"
  KVM: x86: Use KVM-governed feature framework to track "XSAVES enabled"
  KVM: nSVM: Use KVM-governed feature framework to track "NRIPS enabled"
  KVM: nSVM: Use KVM-governed feature framework to track "TSC scaling
    enabled"
  KVM: nSVM: Use KVM-governed feature framework to track "vVM{SAVE,LOAD}
    enabled"
  KVM: nSVM: Use KVM-governed feature framework to track "LBRv enabled"
  KVM: nSVM: Use KVM-governed feature framework to track "Pause Filter
    enabled"
  KVM: nSVM: Use KVM-governed feature framework to track "vGIF enabled"
  KVM: x86: Disallow guest CPUID lookups when IRQs are disabled

 arch/x86/include/asm/kvm_host.h  | 11 ++++++
 arch/x86/include/asm/vmx.h       |  2 +-
 arch/x86/kvm/cpuid.c             | 31 +++++++++++++++++
 arch/x86/kvm/cpuid.h             | 51 ++++++++++++++++++++++++++++
 arch/x86/kvm/governed_features.h | 19 +++++++++++
 arch/x86/kvm/mmu/mmu.c           | 20 ++---------
 arch/x86/kvm/svm/nested.c        | 48 ++++++++++++++++-----------
 arch/x86/kvm/svm/svm.c           | 57 +++++++++++++++++++++-----------
 arch/x86/kvm/svm/svm.h           | 13 ++------
 arch/x86/kvm/vmx/capabilities.h  |  2 +-
 arch/x86/kvm/vmx/hyperv.h        |  2 +-
 arch/x86/kvm/vmx/nested.c        |  6 ++--
 arch/x86/kvm/vmx/nested.h        |  2 +-
 arch/x86/kvm/vmx/vmx.c           | 48 +++++++++++++--------------
 arch/x86/kvm/vmx/vmx.h           |  2 +-
 arch/x86/kvm/x86.c               |  4 +--
 16 files changed, 217 insertions(+), 101 deletions(-)
 create mode 100644 arch/x86/kvm/governed_features.h


base-commit: 62ef199250cd46fb66fe98267137b7f64e0b41b4