From patchwork Thu Aug 3 04:27:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Yang, Weijiang" X-Patchwork-Id: 130412 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9f41:0:b0:3e4:2afc:c1 with SMTP id v1csp998804vqx; Thu, 3 Aug 2023 01:35:53 -0700 (PDT) X-Google-Smtp-Source: APBJJlFDDbMdNL9dK0ssZGf277cZZui2Ets0RYim6RDBOz2XDFK0oSlYFsw19FIT9mcTXfwzqD9Z X-Received: by 2002:a05:6a21:78a4:b0:126:8b2d:4462 with SMTP id bf36-20020a056a2178a400b001268b2d4462mr20609660pzc.24.1691051753294; Thu, 03 Aug 2023 01:35:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691051753; cv=none; d=google.com; s=arc-20160816; b=Itn54DXUBHTTjywD3n1s8qk7qN1VF/9Sl2GgDto5SHQA6llmUoQCz2FS1N423+fOzq jjDzjVNh09AgLHSgKWRISEuqqR7eTyh3CswmEOPI6Ptk7m2C6RpOf9VnjgPiQsdajJ04 IV7idHqRyO942BtqvoFeFFPvibsfxpyFVr4YjIWySgoM+4lmxcNc6blvPHLxw6THy8gn gZqLijxwSWqH2YTXoacfOQF/+6gcvY55fLkfy0jsn5FWCA1zU2tMI1PHkeoeZaO+tZow nKrFfrvlGiqBMecMR0+KSy3QB44kra5K8TmGBjiMO72baZ3aBV9HiJbcFXzkXEsj6yjv L+7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=OEMBJX6s/UVga1SOQo5lqalgR+m/OlKgkyq5cdUxiSM=; fh=Opje+PjCQx5n1tZXLBqSYGCQ4Th9+H4dl5HcyP+qSnE=; b=Hjceaoy+nVif3EX26/ygM0mClb/tofnyIOzWojIVbV9HiYSV5+dqDHQfaNtIqt9A8C oVwGzKRQxXK5touP/yfFgS0KRP2JHQgRkKEegekwg9uMCdHIIhJmRvuzMjxiyQsQ3KuR L94TxZ7dL6FXyV1gbfsFCAZO0dD2e0hY+j1OjGvpyDOTK0KpZ16PhPzTn0GNMKmMLCcd VvB5wKIUggY7EfIa/6pHp/qths/mu/6ObNXSPC8n0IbiTAHeoIr9yGfVgfVSAmz9H8dX ZcYEE+DAN57OmKfNgDU1ehIjlgE/Js/SYAkosflPKr/IbGCDz7nHu36R1yF8SXSzRwwj Rwmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=mm1VdVyE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e129-20020a636987000000b0054fdcafcc67si11973811pgc.604.2023.08.03.01.35.38; Thu, 03 Aug 2023 01:35:53 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=mm1VdVyE; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234083AbjHCHhW (ORCPT + 99 others); Thu, 3 Aug 2023 03:37:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47062 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231922AbjHCHgH (ORCPT ); Thu, 3 Aug 2023 03:36:07 -0400 Received: from mgamail.intel.com (unknown [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 45F2F35BB; Thu, 3 Aug 2023 00:32:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1691047938; x=1722583938; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=IPCrPajh7UzLAqJcOYg8gmyGcQfu+kJKJlt1LMvrhdM=; b=mm1VdVyEN0XUqDPhu/MCEgd0WnOklWAozPKebEWI8r7DI9pcs0t5Idjv ALOHnrB4U3OF6gmWYtwFopkVfeR7AXTt80dQjvmvHVutloE4uo3m68Byr se7WK3fWYEkvvqGZSUEnKkVNXGu0WyNwbssH953LUpYXuZ9uQg+IaA7EI opz+++sIT5Etc8zK7njZzTrqgYAmm3I9fLgENWWA507ErUqAeZJpXqnCs NYgs5hYO5Lm9SPsnKKwudeod5rQeC12YatQCqvp24EMupZbcl27QvHOyi oShrl2aTvFmpP+9btxP14EKfc/ey2hz7mGPY7ej96mor3Wkn67/Gqyeba A==; X-IronPort-AV: E=McAfee;i="6600,9927,10790"; a="354708109" X-IronPort-AV: E=Sophos;i="6.01,251,1684825200"; d="scan'208";a="354708109" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Aug 2023 00:32:16 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10790"; a="794888483" X-IronPort-AV: E=Sophos;i="6.01,251,1684825200"; d="scan'208";a="794888483" Received: from embargo.jf.intel.com ([10.165.9.183]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Aug 2023 00:32:15 -0700 From: Yang Weijiang To: seanjc@google.com, pbonzini@redhat.com, peterz@infradead.org, john.allen@amd.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: rick.p.edgecombe@intel.com, chao.gao@intel.com, binbin.wu@linux.intel.com, weijiang.yang@intel.com Subject: [PATCH v5 06/19] KVM:x86: Load guest FPU state when access XSAVE-managed MSRs Date: Thu, 3 Aug 2023 00:27:19 -0400 Message-Id: <20230803042732.88515-7-weijiang.yang@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20230803042732.88515-1-weijiang.yang@intel.com> References: <20230803042732.88515-1-weijiang.yang@intel.com> MIME-Version: 1.0 X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_00,DATE_IN_PAST_03_06, DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773196283012098736 X-GMAIL-MSGID: 1773196283012098736 From: Sean Christopherson Load the guest's FPU state if userspace is accessing MSRs whose values are managed by XSAVES. Two MSR access helpers, i.e., kvm_{get,set}_xsave_msr(), are designed by a later patch to facilitate access to such kind of MSRs. If MSRs supported in kvm_caps.supported_xss are passed through to guest, the guest MSRs are swapped with host contents before vCPU exits to userspace and after it enters kernel again. Because the modified code is also used for the KVM_GET_MSRS device ioctl(), explicitly check @vcpu is non-null before attempting to load guest state. The XSS supporting MSRs cannot be retrieved via the device ioctl() without loading guest FPU state (which doesn't exist). Note that guest_cpuid_has() is not queried as host userspace is allowed to access MSRs that have not been exposed to the guest, e.g. it might do KVM_SET_MSRS prior to KVM_SET_CPUID2. Signed-off-by: Sean Christopherson Co-developed-by: Yang Weijiang Signed-off-by: Yang Weijiang --- arch/x86/kvm/x86.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index e9f3627d5fdd..015fb0ef102c 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -132,6 +132,9 @@ static int __set_sregs2(struct kvm_vcpu *vcpu, struct kvm_sregs2 *sregs2); static void __get_sregs2(struct kvm_vcpu *vcpu, struct kvm_sregs2 *sregs2); static DEFINE_MUTEX(vendor_module_lock); +static void kvm_load_guest_fpu(struct kvm_vcpu *vcpu); +static void kvm_put_guest_fpu(struct kvm_vcpu *vcpu); + struct kvm_x86_ops kvm_x86_ops __read_mostly; #define KVM_X86_OP(func) \ @@ -4345,6 +4348,21 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) } EXPORT_SYMBOL_GPL(kvm_get_msr_common); +static const u32 xstate_msrs[] = { + MSR_IA32_U_CET, MSR_IA32_PL3_SSP, +}; + +static bool is_xstate_msr(u32 index) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(xstate_msrs); i++) { + if (index == xstate_msrs[i]) + return true; + } + return false; +} + /* * Read or write a bunch of msrs. All parameters are kernel addresses. * @@ -4355,11 +4373,20 @@ static int __msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs *msrs, int (*do_msr)(struct kvm_vcpu *vcpu, unsigned index, u64 *data)) { + bool fpu_loaded = false; int i; - for (i = 0; i < msrs->nmsrs; ++i) + for (i = 0; i < msrs->nmsrs; ++i) { + if (vcpu && !fpu_loaded && kvm_caps.supported_xss && + is_xstate_msr(entries[i].index)) { + kvm_load_guest_fpu(vcpu); + fpu_loaded = true; + } if (do_msr(vcpu, entries[i].index, &entries[i].data)) break; + } + if (fpu_loaded) + kvm_put_guest_fpu(vcpu); return i; }