From patchwork Sat Feb 3 09:11:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhao Liu X-Patchwork-Id: 196323 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:9bc1:b0:106:209c:c626 with SMTP id op1csp1072493dyc; Sat, 3 Feb 2024 07:30:26 -0800 (PST) X-Google-Smtp-Source: AGHT+IEAi/Ra83xfwEnFw+CgDcctUMYNNoCyQyZaUP+s1BSqop3V6fg3T2kl6x1dY3p43/frTx+p X-Received: by 2002:a05:6e02:f52:b0:363:9330:40f2 with SMTP id y18-20020a056e020f5200b00363933040f2mr4517612ilj.25.1706974226165; Sat, 03 Feb 2024 07:30:26 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706974226; cv=pass; d=google.com; s=arc-20160816; b=NXA5u35pqG/tF1vw0u4XjNtr+a7ngrxW1L95rfosejDdq6TdB9U+/bMY+QIWGGT1iv hgBzfMGwlTZ5d3Dnj8DMukbQitT8UvUYtgUkHyqoLgZRO4uIKgnIT9eyPdkJcJAth01S Rf4gJJEBHoOvOcCzlExA6jzqBZjCJfPZuoE0a/svCl2OudapaXSQwBVBfzvr7vCYGrt+ hBEDzHF+e95Zy3XlzT6ze3Sr4Ri1pROghRXCoFM12ah10WEqjZvs4k0UbYsfls8+zAWC 7Vb5kmGnrZA+iRktaIlUFGeVRl+MNc231LODnA9tYK3DubLUWiBewjNqL1T8nlZ623ZJ 6+5w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=Li/0q0VI979equ/qgcDDfuE0vcbFUnJUpiVQgFgU2uY=; fh=+LOOpBQmErm868JNIv1h62LsEFXgEPs0NdY8SQiLb30=; b=Gj+7SW++gq0mR/rSZnAR2M4zrivAtpG2KEK8yYSB+qvui5npovFpXVQKYeF0+hPhk0 F2lL0BJBRyiSvGij6h6ArzBQBxlX8MiPfuQCwidcwETfs9RPKJucNW5cH4z8V7TGvjpI P4dNCqEYZExaVH/QWCjnzClksLdV6wUPI1upDS10dnHJrknGBWgF89+1FHn1RjPlQo06 ZAZPw4oxIvWcpEv/QtUPoZE6w/aocTx3oJI5y/+BM7Yxnfr/A/q2IdUf/rC+MHysfdYd B2HLkSUXvKmTFgClWL3NCW0XwUFB8lhDeF3YkakrmwYIu6cyZtVK7QZ6Dlj+RPJUgjJq aJvw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=kJh6d7hv; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-50983-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-50983-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Forwarded-Encrypted: i=1; AJvYcCXvUwPXav60qQtacvkHasUa3GSPTiHF2sXZF9CDsTDuAEhoj2Mal4CHlqDIL7GaYLTpxWsNsra5Rfw6PxoyZuSjMxQK9g== Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id c21-20020a631c55000000b005dbec91be93si3180317pgm.595.2024.02.03.07.30.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 03 Feb 2024 07:30:26 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-50983-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=kJh6d7hv; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-50983-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-50983-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id DF352B26AE9 for ; Sat, 3 Feb 2024 09:02:17 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 45F3D5EE7F; Sat, 3 Feb 2024 09:00:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="kJh6d7hv" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E2D7E5C61F; Sat, 3 Feb 2024 09:00:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706950829; cv=none; b=WV9LJdm+Byfpc7XIRQJjZle0XtYGTyrLvEvzAm37+dnSG4gU3NCuIxvcLTiwkktY9Vm/5bWe0Uc+gexQg7XEKgeiW3oGQk6PWWRpXJtPMNhyO8UfdRvIgrskdD/uEW+A1EGkSbd0LijAX29Xa9YRbJYPDlgz/EhLRyAtLxKZ7TU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706950829; c=relaxed/simple; bh=SCjjaAWB7G5busdQtgw95kBzyDRKHqtVEz1Bv3Q2lXo=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=qC0ybgDqc6+0ucFY0DJtTvRlLGxheCAbWlh10XWYUaYpJXIO1MoDeonMAADHCJexyjqLrAAhbypU/tDW/Q5q2yrLKJka7Prz6T+L3xvTOiqmWqGSZ04lT6ErQcAVH+qc9h5jBV0ZAq88h5wmUTqiNBp6snyn12ZWoxg0rhSxN1w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.mailfrom=linux.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=kJh6d7hv; arc=none smtp.client-ip=198.175.65.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1706950828; x=1738486828; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=SCjjaAWB7G5busdQtgw95kBzyDRKHqtVEz1Bv3Q2lXo=; b=kJh6d7hv6OGZ80CVV+AFZZcrJ/XlBPL7M38Z1rj8bYO4bj5FRjjCQFRE OPxmDuCxCDUt7/BWpaJt0NocHZ27wKTdXGfNZ/LPcBizK87UXkBKs52gy MSG03aLL0plHfAvJF4KnEsEigtDB3WWmzKo0LDVsXpAL5qax2LdtV14JZ vMSM/+zUsi3/sWoMaYeWuuiC2aHgLt2V+eoQxO8kDR8BBXT1hc9AiekQq 9E+PVq6Kp9XHNEAGjxI62QHedLrqv7fZffQXNCWyRN4kRAsm5mSSCbozD bOSyTuyHf/0q5ItWyivr7hEPHfp6jy61sz+5bAWjhEUronu/v55NqnzDt Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10971"; a="4131903" X-IronPort-AV: E=Sophos;i="6.05,240,1701158400"; d="scan'208";a="4131903" Received: from fmviesa009.fm.intel.com ([10.60.135.149]) by orvoesa106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Feb 2024 01:00:15 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.05,240,1701158400"; d="scan'208";a="291244" Received: from liuzhao-optiplex-7080.sh.intel.com ([10.239.160.36]) by fmviesa009.fm.intel.com with ESMTP; 03 Feb 2024 01:00:09 -0800 From: Zhao Liu To: Paolo Bonzini , Sean Christopherson , "Rafael J . Wysocki" , Daniel Lezcano , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H . Peter Anvin" , kvm@vger.kernel.org, linux-pm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: Ricardo Neri , Len Brown , Zhang Rui , Zhenyu Wang , Zhuocheng Ding , Dapeng Mi , Yanting Jiang , Yongwei Ma , Vineeth Pillai , Suleiman Souhlal , Masami Hiramatsu , David Dai , Saravana Kannan , Zhao Liu Subject: [RFC 05/26] KVM: x86: Reset hardware history at vCPU's sched_in/out Date: Sat, 3 Feb 2024 17:11:53 +0800 Message-Id: <20240203091214.411862-6-zhao1.liu@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240203091214.411862-1-zhao1.liu@linux.intel.com> References: <20240203091214.411862-1-zhao1.liu@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789892206189928132 X-GMAIL-MSGID: 1789892206189928132 From: Zhao Liu Reset the classification history of the vCPU thread when it's scheduled in and scheduled out. Hardware will start the classification of the vCPU thread from scratch. This helps protect Host/VM history information from leaking Host history to VMs or leaking VM history to sibling VMs. Tested-by: Yanting Jiang Signed-off-by: Zhao Liu --- arch/x86/include/asm/kvm_host.h | 2 -- arch/x86/kvm/x86.c | 8 ++++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 2be78549bec8..b5b2d0fde579 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2280,8 +2280,6 @@ static inline int kvm_cpu_get_apicid(int mps_cpu) int memslot_rmap_alloc(struct kvm_memory_slot *slot, unsigned long npages); -static inline void kvm_arch_sched_out(struct kvm_vcpu *vcpu) {} - #define KVM_CLOCK_VALID_FLAGS \ (KVM_CLOCK_TSC_STABLE | KVM_CLOCK_REALTIME | KVM_CLOCK_HOST_TSC) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 363b1c080205..cd9a7251c768 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -79,6 +79,7 @@ #include #include #include +#include #include #include #include @@ -12491,9 +12492,16 @@ void kvm_arch_sched_in(struct kvm_vcpu *vcpu, int cpu) pmu->need_cleanup = true; kvm_make_request(KVM_REQ_PMU, vcpu); } + + reset_hardware_history(); static_call(kvm_x86_sched_in)(vcpu, cpu); } +void kvm_arch_sched_out(struct kvm_vcpu *vcpu) +{ + reset_hardware_history(); +} + void kvm_arch_free_vm(struct kvm *kvm) { #if IS_ENABLED(CONFIG_HYPERV)