From patchwork Fri Feb 17 23:10:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58801 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114553wrn; Fri, 17 Feb 2023 15:12:24 -0800 (PST) X-Google-Smtp-Source: AK7set9wNmr/GeZkKzViBMz2XLFHDg3qD3F7hitd59Yc0ZM2vwXEJJMEiTuo/DcfFM/olQOoszWk X-Received: by 2002:a17:906:b20d:b0:8b1:62d2:dffc with SMTP id p13-20020a170906b20d00b008b162d2dffcmr7048956ejz.24.1676675543867; Fri, 17 Feb 2023 15:12:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675543; cv=none; d=google.com; s=arc-20160816; b=eJXZoBUFE6yyC5gJ55+D49tacCE/cszK1On/xIO0VetsHWiN568/w/wfZNNIepAqxB UuG8oLJsEDjVkvEcDynqo4gKM0thx4lI2k2KHreDuKnfUv0oGq6amaMAnUPlYUditPjZ rtN1UtqXF1+zWq1dYtnC+saFdIPVvvbDme9OK+5PMV7WYo4O3pit/BPLBpt495yeB+JV kpdNiz0kh92u88uIswmEd+38q1IhUT7OwGaG5nf/+XlU6N3YifmbisXvpxk7/T8kC8Pj T5cUgkRxkKrHjSuIYXloDwSNiswDIjggIHgloYuZWH9rA9SGTOs0wlbQStcQyLro8V5r elAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=KioFTda0zEdQSBw0TQsNW7u7HebdEbC7ULL51zMSfbE=; b=WIc3AYlYFP/Iy7ge2KBJSkhuSRasPP1rEc2qDyDSHY/G8C8a/F6VpEZEJPL2QKzU1g b/ZfonlJ/sM+mqY+nvBo1dGhcgiUCRnGYKpcUm0znWJr4Km4eXMyZRZp8pFPbl01fQZr AB+pXyINu5ITK2o8tJYD1dq3I4CRoPFRO5tGiUqyBpBe43+/VIlh/ZVzntlTW6jr3zbJ oKn+0gf/z/bmyCEzluvXTpk02SUpI3yYsC/PZVKYSBzk+FVr3C4M+pTA8MPLyLD1LZ4R h6EAi2thuMYHfb09/v8y2F46aEDnLbneKwIx893BLS0aiNFlZkfaLblKgZBRZCR3tJ/o vlgg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=MCT5iiV4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id bo22-20020a0564020b3600b004acbd72dec2si6248019edb.47.2023.02.17.15.12.00; Fri, 17 Feb 2023 15:12:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=MCT5iiV4; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229928AbjBQXKj (ORCPT + 99 others); Fri, 17 Feb 2023 18:10:39 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56250 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229826AbjBQXKb (ORCPT ); Fri, 17 Feb 2023 18:10:31 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 103E8582BF for ; Fri, 17 Feb 2023 15:10:29 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5365a8dd33aso17105927b3.22 for ; Fri, 17 Feb 2023 15:10:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=KioFTda0zEdQSBw0TQsNW7u7HebdEbC7ULL51zMSfbE=; b=MCT5iiV4rc2yE80RyBM9o4KOTMsZUh2bAIbwptEF0tPQ9AAIaLqeXfPV1v20xeQdBJ ngvY5MNXm07+nxgNuRVOw426oKdsi4ub/BMFNHHzgpk+EOmpzHjGpfwdwZBvTVIsXJ1Z ixYtudyqlOIGwVMjR24PG6YIbvmFhc89VzwHoRedtJxRbKHjBrbkpRxTQeXTDHZ53RLv v75nUo1kDzVi4ZVoxG0a8eb1dmu/6aE1NqaDLwhmqbHynV8Y12e7IUCx+nsNis1FHY/k nW0CsLs/BM7+/PNt0iB7yoNFIxk5lLvX8E9NBgK01X2cqZqg5s3MH84roh/Ua50ptKae XOmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KioFTda0zEdQSBw0TQsNW7u7HebdEbC7ULL51zMSfbE=; b=4m6DcBcaKVUIdQ8tBovJFQ4XWykMZrU3lP4OBSq9Z5IZlW9ehPsGZuY7B9vdNMjxjr UMXNr04NA8RLm9ZH+2Ups4hqsKh9nAqYpsER+Ob1h/agyU9p8k4TSr/VQ9sD9lCkzPUm mDkFuxGO4/GMp+lFnZqy4G95s/nhnbWH2PriR/fflx4zp1OM/h2QtA5ZLFfWFS6HI0Fq pQJGLGfNBCIXTDicUN/4M1O04IIqqES30uaggLsWEltg4TvlyGBGGXVssU+OLQnO9xHC qHoGLLZsBge/XlpVpi6gcyWS3U+7cFCnZ6YnnJdOe9VaFPs1BJid97/r4Tqm+wK9U26Y yaGw== X-Gm-Message-State: AO0yUKVoeMsY+O8sBR411CSuVpLdxRs9MG9bb7r49GTAukiYRLW4B2KX IHyVhz7eFp7VCiH5ZuIt9kpQgNK0WFg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:9205:0:b0:8ef:90e1:b2f8 with SMTP id b5-20020a259205000000b008ef90e1b2f8mr206400ybo.2.1676675428316; Fri, 17 Feb 2023 15:10:28 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:11 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-2-seanjc@google.com> Subject: [PATCH 01/12] KVM: x86: Add a framework for enabling KVM-governed x86 features From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121735162693928?= X-GMAIL-MSGID: =?utf-8?q?1758121735162693928?= Introduce yet another X86_FEATURE flag framework to manage and cache KVM governed features (for lack of a better term). "Governed" in this case means that KVM has some level of involvement and/or vested interest in whether or not an X86_FEATURE can be used by the guest. The intent of the framework is twofold: to simplify caching of guest CPUID flags that KVM needs to frequently query, and to add clarity to such caching, e.g. it isn't immediately obvious that SVM's bundle of flags for "optional nested] SVM features" track whether or not a flag is exposed to L1. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 11 +++++++ arch/x86/kvm/cpuid.c | 2 ++ arch/x86/kvm/cpuid.h | 51 ++++++++++++++++++++++++++++++++ arch/x86/kvm/governed_features.h | 9 ++++++ 4 files changed, 73 insertions(+) create mode 100644 arch/x86/kvm/governed_features.h diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 792a6037047a..cd660de02f7b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -835,6 +835,17 @@ struct kvm_vcpu_arch { struct kvm_cpuid_entry2 *cpuid_entries; struct kvm_hypervisor_cpuid kvm_cpuid; + /* + * Track whether or not the guest is allowed to use features that are + * governed by KVM, where "governed" means KVM needs to manage state + * and/or explicitly enable the feature in hardware. Typically, but + * not always, governed features can be used by the guest if and only + * if both KVM and userspace want to expose the feature to the guest. + */ + struct { + u32 enabled; + } governed_features; + u64 reserved_gpa_bits; int maxphyaddr; diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 8f8edeaf8177..013fdc27fc8f 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -335,6 +335,8 @@ static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) struct kvm_lapic *apic = vcpu->arch.apic; struct kvm_cpuid_entry2 *best; + vcpu->arch.governed_features.enabled = 0; + best = kvm_find_cpuid_entry(vcpu, 1); if (best && apic) { if (cpuid_entry_has(best, X86_FEATURE_TSC_DEADLINE_TIMER)) diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h index b1658c0de847..f61a2106ba90 100644 --- a/arch/x86/kvm/cpuid.h +++ b/arch/x86/kvm/cpuid.h @@ -232,4 +232,55 @@ static __always_inline bool guest_pv_has(struct kvm_vcpu *vcpu, return vcpu->arch.pv_cpuid.features & (1u << kvm_feature); } +enum kvm_governed_features { +#define KVM_GOVERNED_FEATURE(x) KVM_GOVERNED_##x, +#include "governed_features.h" + KVM_NR_GOVERNED_FEATURES +}; + +static __always_inline int kvm_governed_feature_index(unsigned int x86_feature) +{ + switch (x86_feature) { +#define KVM_GOVERNED_FEATURE(x) case x: return KVM_GOVERNED_##x; +#include "governed_features.h" + default: + return -1; + } +} + +static __always_inline int kvm_is_governed_feature(unsigned int x86_feature) +{ + return kvm_governed_feature_index(x86_feature) >= 0; +} + +static __always_inline u32 kvm_governed_feature_bit(unsigned int x86_feature) +{ + int index = kvm_governed_feature_index(x86_feature); + + BUILD_BUG_ON(index < 0); + return BIT(index); +} + +static __always_inline void kvm_governed_feature_set(struct kvm_vcpu *vcpu, + unsigned int x86_feature) +{ + BUILD_BUG_ON(KVM_NR_GOVERNED_FEATURES > + sizeof(vcpu->arch.governed_features.enabled) * BITS_PER_BYTE); + + vcpu->arch.governed_features.enabled |= kvm_governed_feature_bit(x86_feature); +} + +static __always_inline void kvm_governed_feature_check_and_set(struct kvm_vcpu *vcpu, + unsigned int x86_feature) +{ + if (guest_cpuid_has(vcpu, x86_feature)) + kvm_governed_feature_set(vcpu, x86_feature); +} + +static __always_inline bool guest_can_use(struct kvm_vcpu *vcpu, + unsigned int x86_feature) +{ + return vcpu->arch.governed_features.enabled & kvm_governed_feature_bit(x86_feature); +} + #endif diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h new file mode 100644 index 000000000000..40ce8e6608cd --- /dev/null +++ b/arch/x86/kvm/governed_features.h @@ -0,0 +1,9 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#if !defined(KVM_GOVERNED_FEATURE) || defined(KVM_GOVERNED_X86_FEATURE) +BUILD_BUG() +#endif + +#define KVM_GOVERNED_X86_FEATURE(x) KVM_GOVERNED_FEATURE(X86_FEATURE_##x) + +#undef KVM_GOVERNED_X86_FEATURE +#undef KVM_GOVERNED_FEATURE From patchwork Fri Feb 17 23:10:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58795 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114318wrn; Fri, 17 Feb 2023 15:11:43 -0800 (PST) X-Google-Smtp-Source: AK7set+ELLYvzFNNmff6+y8zSwwQ6/54RdPmVILn6E7PeXklc3fVKpDsBng/i3n/CHJagLvzZpTP X-Received: by 2002:a17:906:a217:b0:8a4:7806:6eed with SMTP id r23-20020a170906a21700b008a478066eedmr2901872ejy.63.1676675502867; Fri, 17 Feb 2023 15:11:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675502; cv=none; d=google.com; s=arc-20160816; b=eH22HJHHfN/IMGnYzcDEWM0B9FuPf79kJxmRUWTadsZ2lI3NDJbLCIb705ZxEJJT+2 vUnEXnRfs2xO2bd/iQ3cvP+gRStsF6k3BPIOAvi+AJrFiREsh+xBn6er2KZ6J7t4wXZM u1tqQzJ/sPRWChQMnPZYiX0Ha0dP+WqoRb4IQZW2y3QvnMGg6a0jo9nAsYs0T1aYMbE1 PvgA9kDx1NtAh1seNS+4y1knLR8yhyGZ9MNmIEyXlt5KBtAB8xmCE94KkS/hXRUJiU1+ Eklp6u3DHqLFEzDIe1Icdaa2VDkmskz9Or0OcJ95cgrFswt63oBSuzIVeQmBSatABdgJ Jdhg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=Jv7eFJCQHJdShrZad4wg6qbhczS1BO2S26DrILrvWfg=; b=iv4VqxKGU9Z3NvGpnyBk1yQsBEa1ElxRoYat5SS+Ol/553KsR0s7Tm8IgljGiGwFIy SU5igQzA4usiaHm2FgbjFiVlytwMwYGdm3cAM2cmItHq/BvMlrjgCyl9sWbzz/I+eNtU 5O+LTXXkcEynkeKxyfYPcYQybYyHlKHr4ty/nJL4P7J3LwPz1ECia3ARRQ97fqUVprgi Y6ZUpDn1VZCT3N1VY7d2CG79XIa1i4eUqbyQnEczzzRsZVWpnGP0cRx+nj9e0WEvnG9o mhSSbM9Iq/BU4rgcF1rJPuwMgBRBDlHXzZ4OgC2XM5lv4d3/HPQzb0vJIMgJpwzlzeII eD8Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=PFHXa5FB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 16-20020a17090602d000b008af4651d2a2si8543112ejk.530.2023.02.17.15.11.19; Fri, 17 Feb 2023 15:11:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=PFHXa5FB; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229915AbjBQXKo (ORCPT + 99 others); Fri, 17 Feb 2023 18:10:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56320 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229893AbjBQXKc (ORCPT ); Fri, 17 Feb 2023 18:10:32 -0500 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1078E68AC5 for ; Fri, 17 Feb 2023 15:10:30 -0800 (PST) Received: by mail-pj1-x104a.google.com with SMTP id qa16-20020a17090b4fd000b00233c6b388ddso914398pjb.5 for ; Fri, 17 Feb 2023 15:10:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Jv7eFJCQHJdShrZad4wg6qbhczS1BO2S26DrILrvWfg=; b=PFHXa5FBY+a98Z9yhWweF+SxDQQJFEMs/DEpJGFZxDfSIxf44H5vOl3VOmkB5k/UXL U3qRSMbobqQF16A/BVrXRskJUiV2o0dTn/LKHqc9U2JijMlZ4cxm9EioE+Ge1KjSeugJ ILLisMTKa/AFV865ZWzsbS1JSwkmuPn6yF7z18WK9tugVUsjbEiBPGQNPv3f5dQabJPH /nHNy9lxyEQQezs5pqgLJcaAPGgIepldgdv4CCVkTaRmLij2029pBnXCp7ZCf2MZjXZo OawdxxDdwOLXn91PoeKTV+UXRw0EChPxEAp31Vk9jO5/uqniV2CbcKYWBO31lsjoM89w lebQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Jv7eFJCQHJdShrZad4wg6qbhczS1BO2S26DrILrvWfg=; b=qI/RJ+nDSc+vYfFxCcY/41ODZ93gOSAvrPLJXyMijcARH5FL0ZHJb+JicwN5+O4LhH 9NX0APiCMuh9y90a9LvYJFkYuB6x6qpeV6w9ufaKG7I8LzwCljqVRiioB1BjTptwSBe2 zDL4e8hBeOUNFBB9gv1v02kt1Gz3EtKtmC2iljbz9vZmlmsSQM72O7Vmtxflf9M04aU6 Oya5XbiyMwyzkg7eVsd8hUxSActYNwzaLO2ZmOCzVuQCT8Dmil1f3k4pGy88pG+UKKoG pw7DdsdbcnIqjT11d0pvXGvhIS9fnGH0RLHL6NyTEnjU8Coca//q4UVwoLG1LiCj23W1 KMtQ== X-Gm-Message-State: AO0yUKV8p1GSp72S3Wo9wrW8vdxYVueOANbiXZ/m+gUvgViIIgstL4RK OB/g+NQEIg4bbrZ+hloKPOq0O1vLzAA= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:ab0e:b0:19b:c29:3932 with SMTP id ik14-20020a170902ab0e00b0019b0c293932mr427871plb.3.1676675430051; Fri, 17 Feb 2023 15:10:30 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:12 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-3-seanjc@google.com> Subject: [PATCH 02/12] KVM: x86/mmu: Use KVM-governed feature framework to track "GBPAGES enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121691868468046?= X-GMAIL-MSGID: =?utf-8?q?1758121691868468046?= Use the governed feature framework to track whether or not the guest can use 1GiB pages, and drop the one-off helper that wraps the surprisingly non-trivial logic surrounding 1GiB page usage in the guest. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/cpuid.c | 16 ++++++++++++++++ arch/x86/kvm/governed_features.h | 2 ++ arch/x86/kvm/mmu/mmu.c | 20 +++----------------- 3 files changed, 21 insertions(+), 17 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 013fdc27fc8f..3b604499c35c 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -337,6 +337,22 @@ static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) vcpu->arch.governed_features.enabled = 0; + /* + * If TDP is enabled, let the guest use GBPAGES if they're supported in + * hardware. The hardware page walker doesn't let KVM disable GBPAGES, + * i.e. won't treat them as reserved, and KVM doesn't redo the GVA->GPA + * walk for performance and complexity reasons. Not to mention KVM + * _can't_ solve the problem because GVA->GPA walks aren't visible to + * KVM once a TDP translation is installed. Mimic hardware behavior so + * that KVM's is at least consistent, i.e. doesn't randomly inject #PF. + * If TDP is disabled, honor guest CPUID as KVM has full visibility and + * can install smaller shadow pages if the host lacks 1GiB support. + */ + if (!tdp_enabled) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_GBPAGES); + else if (boot_cpu_has(X86_FEATURE_GBPAGES)) + kvm_governed_feature_set(vcpu, X86_FEATURE_GBPAGES); + best = kvm_find_cpuid_entry(vcpu, 1); if (best && apic) { if (cpuid_entry_has(best, X86_FEATURE_TSC_DEADLINE_TIMER)) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index 40ce8e6608cd..b29c15d5e038 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -5,5 +5,7 @@ BUILD_BUG() #define KVM_GOVERNED_X86_FEATURE(x) KVM_GOVERNED_FEATURE(X86_FEATURE_##x) +KVM_GOVERNED_X86_FEATURE(GBPAGES) + #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index c91ee2927dd7..36e4561554ca 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4728,28 +4728,13 @@ __reset_rsvds_bits_mask(struct rsvd_bits_validate *rsvd_check, } } -static bool guest_can_use_gbpages(struct kvm_vcpu *vcpu) -{ - /* - * If TDP is enabled, let the guest use GBPAGES if they're supported in - * hardware. The hardware page walker doesn't let KVM disable GBPAGES, - * i.e. won't treat them as reserved, and KVM doesn't redo the GVA->GPA - * walk for performance and complexity reasons. Not to mention KVM - * _can't_ solve the problem because GVA->GPA walks aren't visible to - * KVM once a TDP translation is installed. Mimic hardware behavior so - * that KVM's is at least consistent, i.e. doesn't randomly inject #PF. - */ - return tdp_enabled ? boot_cpu_has(X86_FEATURE_GBPAGES) : - guest_cpuid_has(vcpu, X86_FEATURE_GBPAGES); -} - static void reset_guest_rsvds_bits_mask(struct kvm_vcpu *vcpu, struct kvm_mmu *context) { __reset_rsvds_bits_mask(&context->guest_rsvd_check, vcpu->arch.reserved_gpa_bits, context->cpu_role.base.level, is_efer_nx(context), - guest_can_use_gbpages(vcpu), + guest_can_use(vcpu, X86_FEATURE_GBPAGES), is_cr4_pse(context), guest_cpuid_is_amd_or_hygon(vcpu)); } @@ -4826,7 +4811,8 @@ static void reset_shadow_zero_bits_mask(struct kvm_vcpu *vcpu, __reset_rsvds_bits_mask(shadow_zero_check, reserved_hpa_bits(), context->root_role.level, context->root_role.efer_nx, - guest_can_use_gbpages(vcpu), is_pse, is_amd); + guest_can_use(vcpu, X86_FEATURE_GBPAGES), + is_pse, is_amd); if (!shadow_me_mask) return; From patchwork Fri Feb 17 23:10:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58799 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114507wrn; Fri, 17 Feb 2023 15:12:16 -0800 (PST) X-Google-Smtp-Source: AK7set+sWdnsLANPRAiEtD05H1fqcUy5341CCdM7411Mk7IG4zYbB0xs3dInmKqbeiDWq87x/AYh X-Received: by 2002:a17:907:3e29:b0:8b1:2614:edfe with SMTP id hp41-20020a1709073e2900b008b12614edfemr9123816ejc.9.1676675536389; Fri, 17 Feb 2023 15:12:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675536; cv=none; d=google.com; s=arc-20160816; b=D8iuUbcCvF9PI2yBx0na4e4o96BasBFRY5iOTRlCbL8nQBjdIuNARA0SEuZelBkDn7 +yVgbkcQTElQfu3z6mRV/RyTiv3YmMaF9iLEQham1XXr74DRn2RN7IqVpGBx7MGGVWUL HWdnN7cbkL7Ywg3/p92SCTV8hXJV/G3w7hLKVocEbQgW4UpJRDldm9ut7/gEHUVgMNzS GdwQtaO5aHwN3suek5RyTzubToJeEFoxNcC80SYTK6XLc2j55GRjkbZfYAlbxR6ZqSSB 22hlugu45mEEw15bmaHRecHZtNUYEhDYOru/YUSGNgf3tLij+cH8oAmo4t0YXCtJBuNI rRVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=kJiU495PRP5A5yKfuE+SWyHAevKRlJJJV0/9mgyLCwE=; b=EoDfg6Dha12+yuLZr5ZVKw7f+BlZEG+iDXIxd75//1EprU1DVierM7qa0kEf/gHcnl d+VvGJF8NSy/37FzVJaMsvN669E9PyThu9/RIXh4FDGpVmgfAchVeqIDsPvLfOSmoTMJ o78zu56QEiuyXSGh7dAgJ3quG4sg4ZrHV4Ofvy5kNz1wnx5TYmfa+y1jJYqudTRPGI24 lcR5UD5kxRxXu5g3l0GGB9ZW2EFTNgQJlTj+ewnN6IPRPhHnCmvgAAl0yy2Tpkd0CP9z KE2A4N6lbEOpe2ocbSr1HOX/3xwseXEgaf0CByHdidlbppdMcBq70JHveVG8aQ5tAju1 /U8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=gGRP8xLI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t25-20020aa7d4d9000000b004ad0c88b55csi6486724edr.401.2023.02.17.15.11.52; Fri, 17 Feb 2023 15:12:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=gGRP8xLI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229931AbjBQXKr (ORCPT + 99 others); Fri, 17 Feb 2023 18:10:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229875AbjBQXKj (ORCPT ); Fri, 17 Feb 2023 18:10:39 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D4AF56A042 for ; Fri, 17 Feb 2023 15:10:32 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5365780ce32so22556407b3.23 for ; Fri, 17 Feb 2023 15:10:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=kJiU495PRP5A5yKfuE+SWyHAevKRlJJJV0/9mgyLCwE=; b=gGRP8xLIV88x5+pesHlVSzH3eaURYkYcw9vwHWwO8otNJ8uT8UFPqg/GOY5panNWVn kEGeFIyz5hBE74qRNMuhJA2YZcEyKw5HhR40IEfFVJ4HTvJl44BCvkzPRoPslCZ5v9FP i97P7A81huZghUvo0ONVhCtFQbCKNfVmmM5gxglAxn67NPCcV8uQ/2eXhMgJ1gRGRmNw XpuDim0RFlBUosrevfxb+JUDXdtgrk8gobMn7ujgLNpTw9we+jT9m+OikOKQOpl9Auix op9EYj7vbSG3oMCuvGHNuRM7gbVKBqp7bTGgvZwEqv8quf47MYGRFfprbJalGiMKUTBL 1yaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=kJiU495PRP5A5yKfuE+SWyHAevKRlJJJV0/9mgyLCwE=; b=BV3RIwXDQVOrxXuivK7K87aYxkWQ07br9qqx30btU+CkN2FuDv2E7G0DMD7I/o90yy VFrXkbMv383cGNIPhrbgpZM8ZEf9VXTXFxtQ8xP9HExqJmMLw2FWsVLfd3VjS7ndVVbv ngJyiJ6//goKUg/k+XaI7oczHSbSbhJpnYNAW3BKqpJKwsWTPjh2F2YFr+r2ch981kdN lfPLg0GE7P+NoQpO1M+ekBHSUPdBe8M700TV2JmUPgjV8hpDIPfPPVSlxiMm7L3R8oa/ +/xDAjWzBcIa/8VpHGPIbuyHvPMzZ235UPyzBwyErLCT+RjfcsDOV55qCQAcgWFAlyQP f54Q== X-Gm-Message-State: AO0yUKWBfLY1yxPWRG0MVGVJ5DVZgEYMOXNCaq7bBTWPB7YyV2lZgkgM qpFWDGdvUs42SlEogOQeMgB2gmBVf/I= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:7b02:0:b0:52e:d589:c893 with SMTP id w2-20020a817b02000000b0052ed589c893mr1365013ywc.457.1676675431997; Fri, 17 Feb 2023 15:10:31 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:13 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-4-seanjc@google.com> Subject: [PATCH 03/12] KVM: VMX: Recompute "XSAVES enabled" only after CPUID update From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121727204562615?= X-GMAIL-MSGID: =?utf-8?q?1758121727204562615?= Recompute whether or not XSAVES is enabled for the guest only if the guest's CPUID model changes instead of redoing the computation every time KVM generates vmcs01's secondary execution controls. The boot_cpu_has() and cpu_has_vmx_xsaves() checks should never change after KVM is loaded, and if they do the kernel/KVM is hosed. Opportunistically add a comment explaining _why_ XSAVES is effectively exposed to the guest if and only if XSAVE is also exposed to the guest. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 47abd9101e68..b6fdb311a7d8 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -4620,19 +4620,10 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx *vmx) if (!enable_pml || !atomic_read(&vcpu->kvm->nr_memslots_dirty_logging)) exec_control &= ~SECONDARY_EXEC_ENABLE_PML; - if (cpu_has_vmx_xsaves()) { - /* Exposing XSAVES only when XSAVE is exposed */ - bool xsaves_enabled = - boot_cpu_has(X86_FEATURE_XSAVE) && - guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) && - guest_cpuid_has(vcpu, X86_FEATURE_XSAVES); - - vcpu->arch.xsaves_enabled = xsaves_enabled; - + if (cpu_has_vmx_xsaves()) vmx_adjust_secondary_exec_control(vmx, &exec_control, SECONDARY_EXEC_XSAVES, - xsaves_enabled, false); - } + vcpu->arch.xsaves_enabled, false); /* * RDPID is also gated by ENABLE_RDTSCP, turn on the control if either @@ -7709,8 +7700,15 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); - /* xsaves_enabled is recomputed in vmx_compute_secondary_exec_control(). */ - vcpu->arch.xsaves_enabled = false; + /* + * XSAVES is effectively enabled if and only if XSAVE is also exposed + * to the guest. XSAVES depends on CR4.OSXSAVE, and CR4.OSXSAVE can be + * set if and only if XSAVE is supported. + */ + vcpu->arch.xsaves_enabled = cpu_has_vmx_xsaves() && + boot_cpu_has(X86_FEATURE_XSAVE) && + guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) && + guest_cpuid_has(vcpu, X86_FEATURE_XSAVES); vmx_setup_uret_msrs(vmx); From patchwork Fri Feb 17 23:10:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58796 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114419wrn; Fri, 17 Feb 2023 15:12:01 -0800 (PST) X-Google-Smtp-Source: AK7set+eTzYXo9xGihZdnL69S/o7OJQHZwLdBFpznIt85IvLGTGkQ2vM32xJruwzvKWNvp/4UgJd X-Received: by 2002:a17:906:9c8d:b0:8b1:7841:8dd9 with SMTP id fj13-20020a1709069c8d00b008b178418dd9mr4488703ejc.9.1676675521593; Fri, 17 Feb 2023 15:12:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675521; cv=none; d=google.com; s=arc-20160816; b=dQlBgiEK/d1Dki6sKqJebwI+rSkOXLghKd5+FTdrfyOdSi80KW+00shEYfasq0jJyL uVz0fBroQLr7JXMliI2lznfGPJh5pkglznsMsakyiUGGOjYflT/6iIAISBePsw30d2et 4Y8gyBtODjB74+ez9J/NxEnQNBIf9WnoUtp6TwxskXRsVsH+D7RH01kZHikpsh+EdGjm KWCy/N+7vHv5xqNB+whlt8f31LF2qY8TxWnNDJqj5dCLdH8MsevPxU8p3Q6K7hJ6JCiP u2Wrtxg3eA2yioDtpqQIR52caQ2ym80FeUODLky/TRGHfMwC0cSdaWQyA8De1VCMAA0n UbUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=CaPfkcXmkBtA2D8Z87DWoQYnHOyWPdakqD7fSwd7G24=; b=MkjmWWq0mgm6jppfrxxbFIoUcvSrzi5plJ0QO8YKt0b2U0qJf/GZOVSL8EjUp3+Hbe hYeOduktztMWOzaUNMRCmv3B2RzZVriYw2BMAqyvg7x6FC4lqeiCJnZisdIrPjg/SwJf VQPlO8Cyi+yvlXoAZ9yEjgASw1K7nzqyazx+AD4zcVAsRJ/TxZyxdYZ2UHGWcF3cHI3b G9UotakHL9r9tls0bkFVFYkaGOX401pKnZ6D3KmlpCNpINK1v77WhAIBruFoTAcsYG6y ejEgMTulKV295LbSGhyJteug/m1rxz+YM/zHNioTr3L5Jm19SDfdne9hfm7gf1VJfR+l Rrwg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="o8r/4PUL"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gh13-20020a1709073c0d00b008b19eb2bcc8si3101011ejc.600.2023.02.17.15.11.38; Fri, 17 Feb 2023 15:12:01 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="o8r/4PUL"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229974AbjBQXKw (ORCPT + 99 others); Fri, 17 Feb 2023 18:10:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56264 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229849AbjBQXKk (ORCPT ); Fri, 17 Feb 2023 18:10:40 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 959D068ACC for ; Fri, 17 Feb 2023 15:10:34 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-53657805673so22025947b3.0 for ; Fri, 17 Feb 2023 15:10:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=CaPfkcXmkBtA2D8Z87DWoQYnHOyWPdakqD7fSwd7G24=; b=o8r/4PULq9yEbjeUsh71LSJhc1lJ8bkaR5WaNXMyqA4+4XPVUCxKwwXcnLE1CHGc8w 9nyn5fAOI8sLNMoIzdrE5cBMEqd0dlUyNoM7LxPIN6JSi9K23b3EyCUEQf8J37GO/zMG H00hMnY3qXelWrkK9CPXZzNlGE1mw41mxNbmUDZxiyolPd3uTBR31wt1uousgdnKjTJe dJJDypc6eJMlVyXE+SV3aKkIt5IUvagP3iIExEM1EGabPJWdzyPTlyLh/IIneyXVQiUh eOTOeI9RCJRBr4b3AeCsJKgUyQHXtSzg72E0/FW6HWWC67noH7trvDIYJhw1yQCd5iUA j+ZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=CaPfkcXmkBtA2D8Z87DWoQYnHOyWPdakqD7fSwd7G24=; b=SyB+iprsFwrvDYxTIliyOaFUkHiWEcn+fNQmDvRCpOwOE4Ao7l2j9DboImUEJhKp2D SwEhCxE3bAXFWPURZYRbrSIrCO07zS/XZrFjChF5Q73EsgMiFW7N+qD66t8QxQBn8jf2 UVMaKsou45R2YsXsSKAOUW4oIt8yLR8hk4XhPaq6LINDLBT/w249bfH5t9XVeRcsFrwj 4lqXeJM6W/xwhaTmSqSzVJ0gymGutvFGeIgKTuXLJ+cKLqxtX074mv+Oma5aLlsLfadl +MbVGe10lOJwMqNij2iU9pwMZKVqYO51smVzi3JE20NjQVGJuPMTd3sg6ZtIWyZPMMLo BOgg== X-Gm-Message-State: AO0yUKXva3vV5P2anyk4gu505fJwELXGeI+wxIDMbmvFCCNHtPpI7eV5 cNNHKxdhwla73XLpKzriKAHF0mir1eU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:1024:b0:8fc:686c:cf87 with SMTP id x4-20020a056902102400b008fc686ccf87mr29473ybt.4.1676675433776; Fri, 17 Feb 2023 15:10:33 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:14 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-5-seanjc@google.com> Subject: [PATCH 04/12] KVM: VMX: Rename XSAVES control to follow KVM's preferred "ENABLE_XYZ" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121712022377130?= X-GMAIL-MSGID: =?utf-8?q?1758121712022377130?= Rename the XSAVES secondary execution control to follow KVM's preferred style so that XSAVES related logic can use common macros that depend on KVM's preferred style. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/vmx.h | 2 +- arch/x86/kvm/vmx/capabilities.h | 2 +- arch/x86/kvm/vmx/hyperv.h | 2 +- arch/x86/kvm/vmx/nested.c | 6 +++--- arch/x86/kvm/vmx/nested.h | 2 +- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/kvm/vmx/vmx.h | 2 +- 7 files changed, 9 insertions(+), 9 deletions(-) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index 498dc600bd5c..aeb319665502 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -69,7 +69,7 @@ #define SECONDARY_EXEC_RDSEED_EXITING VMCS_CONTROL_BIT(RDSEED_EXITING) #define SECONDARY_EXEC_ENABLE_PML VMCS_CONTROL_BIT(PAGE_MOD_LOGGING) #define SECONDARY_EXEC_PT_CONCEAL_VMX VMCS_CONTROL_BIT(PT_CONCEAL_VMX) -#define SECONDARY_EXEC_XSAVES VMCS_CONTROL_BIT(XSAVES) +#define SECONDARY_EXEC_ENABLE_XSAVES VMCS_CONTROL_BIT(XSAVES) #define SECONDARY_EXEC_MODE_BASED_EPT_EXEC VMCS_CONTROL_BIT(MODE_BASED_EPT_EXEC) #define SECONDARY_EXEC_PT_USE_GPA VMCS_CONTROL_BIT(PT_USE_GPA) #define SECONDARY_EXEC_TSC_SCALING VMCS_CONTROL_BIT(TSC_SCALING) diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilities.h index 45162c1bcd8f..3c3875b3dedd 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -252,7 +252,7 @@ static inline bool cpu_has_vmx_pml(void) static inline bool cpu_has_vmx_xsaves(void) { return vmcs_config.cpu_based_2nd_exec_ctrl & - SECONDARY_EXEC_XSAVES; + SECONDARY_EXEC_ENABLE_XSAVES; } static inline bool cpu_has_vmx_waitpkg(void) diff --git a/arch/x86/kvm/vmx/hyperv.h b/arch/x86/kvm/vmx/hyperv.h index 78d17667e7ec..51fe0251cb67 100644 --- a/arch/x86/kvm/vmx/hyperv.h +++ b/arch/x86/kvm/vmx/hyperv.h @@ -87,7 +87,7 @@ DECLARE_STATIC_KEY_FALSE(enable_evmcs); SECONDARY_EXEC_DESC | \ SECONDARY_EXEC_ENABLE_RDTSCP | \ SECONDARY_EXEC_ENABLE_INVPCID | \ - SECONDARY_EXEC_XSAVES | \ + SECONDARY_EXEC_ENABLE_XSAVES | \ SECONDARY_EXEC_RDSEED_EXITING | \ SECONDARY_EXEC_RDRAND_EXITING | \ SECONDARY_EXEC_TSC_SCALING | \ diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 7c4f5ca405c7..1d19fcf02a8e 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2301,7 +2301,7 @@ static void prepare_vmcs02_early(struct vcpu_vmx *vmx, struct loaded_vmcs *vmcs0 SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE | SECONDARY_EXEC_ENABLE_INVPCID | SECONDARY_EXEC_ENABLE_RDTSCP | - SECONDARY_EXEC_XSAVES | + SECONDARY_EXEC_ENABLE_XSAVES | SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE | SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | SECONDARY_EXEC_APIC_REGISTER_VIRT | @@ -6321,7 +6321,7 @@ static bool nested_vmx_l1_wants_exit(struct kvm_vcpu *vcpu, * If if it were, XSS would have to be checked against * the XSS exit bitmap in vmcs12. */ - return nested_cpu_has2(vmcs12, SECONDARY_EXEC_XSAVES); + return nested_cpu_has2(vmcs12, SECONDARY_EXEC_ENABLE_XSAVES); case EXIT_REASON_UMWAIT: case EXIT_REASON_TPAUSE: return nested_cpu_has2(vmcs12, @@ -6882,7 +6882,7 @@ void nested_vmx_setup_ctls_msrs(struct vmcs_config *vmcs_conf, u32 ept_caps) SECONDARY_EXEC_ENABLE_INVPCID | SECONDARY_EXEC_ENABLE_VMFUNC | SECONDARY_EXEC_RDSEED_EXITING | - SECONDARY_EXEC_XSAVES | + SECONDARY_EXEC_ENABLE_XSAVES | SECONDARY_EXEC_TSC_SCALING | SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE; diff --git a/arch/x86/kvm/vmx/nested.h b/arch/x86/kvm/vmx/nested.h index 96952263b029..b4b9d51438c6 100644 --- a/arch/x86/kvm/vmx/nested.h +++ b/arch/x86/kvm/vmx/nested.h @@ -168,7 +168,7 @@ static inline int nested_cpu_has_ept(struct vmcs12 *vmcs12) static inline bool nested_cpu_has_xsaves(struct vmcs12 *vmcs12) { - return nested_cpu_has2(vmcs12, SECONDARY_EXEC_XSAVES); + return nested_cpu_has2(vmcs12, SECONDARY_EXEC_ENABLE_XSAVES); } static inline bool nested_cpu_has_pml(struct vmcs12 *vmcs12) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index b6fdb311a7d8..14ce195eee5a 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -4622,7 +4622,7 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx *vmx) if (cpu_has_vmx_xsaves()) vmx_adjust_secondary_exec_control(vmx, &exec_control, - SECONDARY_EXEC_XSAVES, + SECONDARY_EXEC_ENABLE_XSAVES, vcpu->arch.xsaves_enabled, false); /* diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 2acdc54bc34b..2db14e0f4081 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -574,7 +574,7 @@ static inline u8 vmx_get_rvi(void) SECONDARY_EXEC_APIC_REGISTER_VIRT | \ SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | \ SECONDARY_EXEC_SHADOW_VMCS | \ - SECONDARY_EXEC_XSAVES | \ + SECONDARY_EXEC_ENABLE_XSAVES | \ SECONDARY_EXEC_RDSEED_EXITING | \ SECONDARY_EXEC_RDRAND_EXITING | \ SECONDARY_EXEC_ENABLE_PML | \ From patchwork Fri Feb 17 23:10:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58797 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114459wrn; Fri, 17 Feb 2023 15:12:09 -0800 (PST) X-Google-Smtp-Source: AK7set8mALM5NShKHOMoDcaLQv0yL/XGqSf+K9onH7qTZZIFT9MSoBgBT/dGn6YOBxIUpiLr7XKR X-Received: by 2002:a17:906:5a42:b0:8b1:7ac6:3186 with SMTP id my2-20020a1709065a4200b008b17ac63186mr5073856ejc.68.1676675529059; Fri, 17 Feb 2023 15:12:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675529; cv=none; d=google.com; s=arc-20160816; b=zlbaq+VibiVh5WCxUfdcp/Smr3EmUSzISBgbSUxM7CPuho5BtVRWKxQlqmbH7GI4V2 oEzygIzqaqguCLvtaVCw37v2XMswewQ7C/SDlPlMB1oSg41/sYYRwiiFIV79FEsG3xE1 irPb/v740ZRK0RWSbhNnFcr3WqqxNYWHnVVLuiewrdAMr/He2Gyfv37tkuLsRbuznFlB Sg972xMk4uMfio/MSU+e9Z0ajdWNAtVjBcNaZQgXUKtoE2Xt+fV232s/ZH2LPtSCqNvX N36kwO/NRVol3I3iwY8pSKUcrCdiqfKM7Xzxo1wVhaDhFui3kDT04fvgx4jhViXTQL/W lQ4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=2TnnXLHs2EigAQxoZxOgm8ELOh1fY6tAR5v57woQrQM=; b=KctmZ8xYns9Ok6qczuWKLSEuNTQ5tHkYDYp101ryQCnEz8squwAlmrxrisPriIFgXp 4qjBiLGwTALCPwpypcii1geYFHhWBeppSB6Ri/7cPXhVzNVt9KtT4FBw4aP++hhG3h70 gW8NGugDJn9WubleCX+uB3aRG28dN4ceYp3DlTfL/2ei3T8W1xXnC7rw+zOfMwRppx+f oQRVjVfMX2SRA1gwRCZWKq0OfrwsBjzmEYsQRyVo5DfSKv9TVqtUlSTSYWv46JeIdxic QlIo37dQq/YxXsdGWKnRBoD3bR0Avfxn/kiKssZy/+6Lrkd3y/rISOnhWjiYXl+4ilFn OAig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=evWLFJz9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u16-20020aa7d990000000b004acc6cbcca1si6365909eds.342.2023.02.17.15.11.45; Fri, 17 Feb 2023 15:12:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=evWLFJz9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229988AbjBQXKz (ORCPT + 99 others); Fri, 17 Feb 2023 18:10:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56250 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229914AbjBQXKm (ORCPT ); Fri, 17 Feb 2023 18:10:42 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8E10768AC9 for ; Fri, 17 Feb 2023 15:10:36 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id 188-20020a2503c5000000b008e1de4c1e7dso2131606ybd.17 for ; Fri, 17 Feb 2023 15:10:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=2TnnXLHs2EigAQxoZxOgm8ELOh1fY6tAR5v57woQrQM=; b=evWLFJz9F/oKh/+eqv6kDQcb25TLjrSKGiZ+885GucdcbYldsNDzdH5NDukODm5mES Xax2e9thCVVomFzY5yxPyLPBjJkAtXUsgxyTUk3DlpsaylUfFdp6qu59Md5UtCpFeWHT riYbvV5qIXDbPm0yBIP//Xxf/o/cfrnOxu+wv8G5R4Z4ibzLL1o1LLzJ+FveFN19oNVT vTCEusG7Vs/2GMEH2O0V6eV+mmI3qKAezzH4K5cFM922iXnY1DSBwSdRnNp57rGpFtdp MM5BMjHWDkRSFwYXcQVxjyFPFKgTon0rJNdIbPuXnBizF+upt3SEQVw+Om1aDVl9JwKr l6Gg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2TnnXLHs2EigAQxoZxOgm8ELOh1fY6tAR5v57woQrQM=; b=0jPE/ypOU80lcUsuhxtqjMrknJTkcwdu02PCVlYrZEJglG6PDpAyyM+ODIeGXLnaCy z2X6MEVMPIf0BB6rbOqnkbKUqizgdTcl7YKIqHPUkc1+VkHFu7pWD3NLl5yGQGC4u5D1 R6HSaGuWzEiFPRQKaiLbyN6gwJkvXmi60LHUeq1sx03rEPEbVAG3yOKKjQzsGJqFtruN Rqy9HSSfU3Yv7rLZfCnuKd2jae3ILi7gxDgtMu2a8SfK6B9stuY7fPiprlJ2n1GXDlxb imvWOeLPHTj6qxmc2LHl81OI6vv5DsLumk/b2hmfxxwLOjHRGwwTsueD42gFmA3d9tIu l5WQ== X-Gm-Message-State: AO0yUKXRo8o5+E9VyEd+UdLT+ns9LI76ucjr2Bz/52YaJN2ODGb9Qqlr NWzNtPrYySLEqH3wB1Vp+iygRLRMs58= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a0d:d543:0:b0:52e:ebb7:98f9 with SMTP id x64-20020a0dd543000000b0052eebb798f9mr1162884ywd.201.1676675435569; Fri, 17 Feb 2023 15:10:35 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:15 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-6-seanjc@google.com> Subject: [PATCH 05/12] KVM: x86: Use KVM-governed feature framework to track "XSAVES enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121719510538095?= X-GMAIL-MSGID: =?utf-8?q?1758121719510538095?= Use the governed feature framework to track if XSAVES is "enabled", i.e. if XSAVES can be used by the guest. Add a comment in the SVM code to explain the very unintuitive logic of deliberately NOT checking if XSAVES is enumerated in the guest CPUID model. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/svm/svm.c | 17 ++++++++++++--- arch/x86/kvm/vmx/vmx.c | 36 ++++++++++++++++---------------- arch/x86/kvm/x86.c | 4 ++-- 4 files changed, 35 insertions(+), 23 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index b29c15d5e038..b896a64e4ac3 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -6,6 +6,7 @@ BUILD_BUG() #define KVM_GOVERNED_X86_FEATURE(x) KVM_GOVERNED_FEATURE(X86_FEATURE_##x) KVM_GOVERNED_X86_FEATURE(GBPAGES) +KVM_GOVERNED_X86_FEATURE(XSAVES) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b43775490074..d89e516449ad 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4128,9 +4128,20 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) struct vcpu_svm *svm = to_svm(vcpu); struct kvm_cpuid_entry2 *best; - vcpu->arch.xsaves_enabled = guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) && - boot_cpu_has(X86_FEATURE_XSAVE) && - boot_cpu_has(X86_FEATURE_XSAVES); + /* + * SVM doesn't provide a way to disable just XSAVES in the guest, KVM + * can only disable all variants of by disallowing CR4.OSXSAVE from + * being set. As a result, if the host has XSAVE and XSAVES, and the + * guest has XSAVE enabled, the guest can execute XSAVES without + * faulting. Treat XSAVES as enabled in this case regardless of + * whether it's advertised to the guest so that KVM context switches + * XSS on VM-Enter/VM-Exit. Failure to do so would effectively give + * the guest read/write access to the host's XSS. + */ + if (boot_cpu_has(X86_FEATURE_XSAVE) && + boot_cpu_has(X86_FEATURE_XSAVES) && + guest_cpuid_has(vcpu, X86_FEATURE_XSAVE)) + kvm_governed_feature_set(vcpu, X86_FEATURE_XSAVES); /* Update nrips enabled cache */ svm->nrips_enabled = kvm_cpu_cap_has(X86_FEATURE_NRIPS) && diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 14ce195eee5a..c64a12756016 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -4551,16 +4551,19 @@ vmx_adjust_secondary_exec_control(struct vcpu_vmx *vmx, u32 *exec_control, * based on a single guest CPUID bit, with a dedicated feature bit. This also * verifies that the control is actually supported by KVM and hardware. */ -#define vmx_adjust_sec_exec_control(vmx, exec_control, name, feat_name, ctrl_name, exiting) \ -({ \ - bool __enabled; \ - \ - if (cpu_has_vmx_##name()) { \ - __enabled = guest_cpuid_has(&(vmx)->vcpu, \ - X86_FEATURE_##feat_name); \ - vmx_adjust_secondary_exec_control(vmx, exec_control, \ - SECONDARY_EXEC_##ctrl_name, __enabled, exiting); \ - } \ +#define vmx_adjust_sec_exec_control(vmx, exec_control, name, feat_name, ctrl_name, exiting) \ +({ \ + struct kvm_vcpu *__vcpu = &(vmx)->vcpu; \ + bool __enabled; \ + \ + if (cpu_has_vmx_##name()) { \ + if (kvm_is_governed_feature(X86_FEATURE_##feat_name)) \ + __enabled = guest_can_use(__vcpu, X86_FEATURE_##feat_name); \ + else \ + __enabled = guest_cpuid_has(__vcpu, X86_FEATURE_##feat_name); \ + vmx_adjust_secondary_exec_control(vmx, exec_control, SECONDARY_EXEC_##ctrl_name,\ + __enabled, exiting); \ + } \ }) /* More macro magic for ENABLE_/opt-in versus _EXITING/opt-out controls. */ @@ -4620,10 +4623,7 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx *vmx) if (!enable_pml || !atomic_read(&vcpu->kvm->nr_memslots_dirty_logging)) exec_control &= ~SECONDARY_EXEC_ENABLE_PML; - if (cpu_has_vmx_xsaves()) - vmx_adjust_secondary_exec_control(vmx, &exec_control, - SECONDARY_EXEC_ENABLE_XSAVES, - vcpu->arch.xsaves_enabled, false); + vmx_adjust_sec_exec_feature(vmx, &exec_control, xsaves, XSAVES); /* * RDPID is also gated by ENABLE_RDTSCP, turn on the control if either @@ -4642,6 +4642,7 @@ static u32 vmx_secondary_exec_control(struct vcpu_vmx *vmx) SECONDARY_EXEC_ENABLE_RDTSCP, rdpid_or_rdtscp_enabled, false); } + vmx_adjust_sec_exec_feature(vmx, &exec_control, invpcid, INVPCID); vmx_adjust_sec_exec_exiting(vmx, &exec_control, rdrand, RDRAND); @@ -7705,10 +7706,9 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) * to the guest. XSAVES depends on CR4.OSXSAVE, and CR4.OSXSAVE can be * set if and only if XSAVE is supported. */ - vcpu->arch.xsaves_enabled = cpu_has_vmx_xsaves() && - boot_cpu_has(X86_FEATURE_XSAVE) && - guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) && - guest_cpuid_has(vcpu, X86_FEATURE_XSAVES); + if (cpu_has_vmx_xsaves() && boot_cpu_has(X86_FEATURE_XSAVE) && + guest_cpuid_has(vcpu, X86_FEATURE_XSAVE)) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_XSAVES); vmx_setup_uret_msrs(vmx); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index f706621c35b8..541982de5762 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -988,7 +988,7 @@ void kvm_load_guest_xsave_state(struct kvm_vcpu *vcpu) if (vcpu->arch.xcr0 != host_xcr0) xsetbv(XCR_XFEATURE_ENABLED_MASK, vcpu->arch.xcr0); - if (vcpu->arch.xsaves_enabled && + if (guest_can_use(vcpu, X86_FEATURE_XSAVES) && vcpu->arch.ia32_xss != host_xss) wrmsrl(MSR_IA32_XSS, vcpu->arch.ia32_xss); } @@ -1023,7 +1023,7 @@ void kvm_load_host_xsave_state(struct kvm_vcpu *vcpu) if (vcpu->arch.xcr0 != host_xcr0) xsetbv(XCR_XFEATURE_ENABLED_MASK, host_xcr0); - if (vcpu->arch.xsaves_enabled && + if (guest_can_use(vcpu, X86_FEATURE_XSAVES) && vcpu->arch.ia32_xss != host_xss) wrmsrl(MSR_IA32_XSS, host_xss); } From patchwork Fri Feb 17 23:10:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58798 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114471wrn; Fri, 17 Feb 2023 15:12:11 -0800 (PST) X-Google-Smtp-Source: AK7set++d0H/H9tG871zpKJgr2gZX66fVdO8Vi8b0faRNYUQEoMntNSXI+89e5oie+3jT4xOekMm X-Received: by 2002:a05:6402:d2:b0:4ae:eae1:946a with SMTP id i18-20020a05640200d200b004aeeae1946amr861341edu.13.1676675531408; Fri, 17 Feb 2023 15:12:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675531; cv=none; d=google.com; s=arc-20160816; b=pzUGfDADUm/pKUGJWW8vCJaMCT4RJ9P61uM2V3A2mNzjcn+V5EQvYwbA/SkK0xYQOr w7fyfDdS89SpCd/roBQVsl0ZF0CQv5UTa34kigeYBv+fu4leDWRxivt5WRxAju+p5FeA 1ORlKqTcWqhqW2nhQkSIRnYxQTs49X0lJsd7gmSxN8aeN1nqnvGnKr4p0g4oEdIzT/dz /CxwPQTF4zuXhip7apbGv2jSmOyMqU8uxcGlM+2vimXoQFB6geAyuuX4RlRvXDjiK6+E OVPU0fejCYGEc+Ar25Tk4ry56p5wgiLYY5Q/J5BW9C7ZDiM+Ox10PvjP1KDYUfeoIOuR lJWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=2tf53EPfhatPCq2VnYmKd0iZ7HVFsZitkXwBonW9dJw=; b=M++QzIU8hfMqEzs9yLjsHQ97TVMFMV8iq4pSvdxo/xvGx6vNAv9phN/m/4uT+rBtVp Tv7toYcEVomo4CC2YIozrONTj/ShIUxeDb48f9zbdl3FQo3VQdkxGdTLeQGCWLxNU4Oi xZZkNEaCpCC5AuKQA9LCKKXh0ogrE2Wnplt5RJlDD4AdFmFGbNc7u/4pEuJ6PIRnSRup 1a227pQH2rqRcI0TqfQy31xXVdUkM+ZryqeINLAJ4gE4P0/ADnwXRl3Zv92fg51GT7N7 K02qYCYBLeRYcnrYWbSS7TMKOafVyVC0DkvCFzqp9WcgEkENYxzpX1A2+4gHdrxURKaK Av5g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=GJHSCDcj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x20-20020aa7dad4000000b004acbd7134d5si6717954eds.632.2023.02.17.15.11.48; Fri, 17 Feb 2023 15:12:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=GJHSCDcj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229891AbjBQXLI (ORCPT + 99 others); Fri, 17 Feb 2023 18:11:08 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56642 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229924AbjBQXKp (ORCPT ); Fri, 17 Feb 2023 18:10:45 -0500 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2864168AD1 for ; Fri, 17 Feb 2023 15:10:38 -0800 (PST) Received: by mail-pf1-x449.google.com with SMTP id be26-20020a056a001f1a00b0059085684b50so1364356pfb.16 for ; Fri, 17 Feb 2023 15:10:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=2tf53EPfhatPCq2VnYmKd0iZ7HVFsZitkXwBonW9dJw=; b=GJHSCDcjNVTZEVMG0mYD9ul4hN1+85Aunqv+jYXWQzMde9aoMzeSYZ4I1pC/+SHt3R /cyuE7zkSQkNLdFBx7HFJwR+2iAs21M21LyvgD51QkoX2EuiEh0rKweO1iFWNdjJU/Pg sgHDHKNYahaQ0ONGkeD57lK1suAGWoqaN35Pq1ckpJAs4PQZG4AuP+844LGzaAUocaz8 MBCFU4GWjw3IXSqouObLLnefpVjp8F6viiv5vqJaK7xwy4E6o0mUXtiCgiMc1Xq1E2I1 XPtmI9DLJX8EFQjlTP6cBR3csvVTSzK72LrqM/fPpJ9/J/tOO/GQn2saRsDVpnba48is zRAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2tf53EPfhatPCq2VnYmKd0iZ7HVFsZitkXwBonW9dJw=; b=VCyOV2OwfSlkUR42DmrxQ0HMgnhJ53HEWe878Gov8BA9e2Lmhb8E6Ev2sx9R2P3PwJ FXjVRrA/uQ5dcB2DGYRHcOfEsNpe1gPKRqO/E1XivUZ0QZ2BtqouEP178cRrnYRpVjyB t3pUyOJ5/46PE2vJ+e7iBW0jEITNJ8yS9q8IYR3I3B3aXNb4QmIh5NQqlDeb1MUSUB9W OySblvcGpi+XE/tRNHVW7QDONsg5tHazObk4yRcbofCWycul6VwlrJtazURxqFsu0XtR pRr6xhr2d2idAXlCDQfn5IP/SwnaDVE2CJmTBDH7muf7oSoG4aJ83SmFV7o6a7N4xip2 8Lyg== X-Gm-Message-State: AO0yUKWBdhTcdaG+cNSEU3nPWs8XqDdRGl/L8EGf7tbgAfT7jJ5Iwiyw S6pt/j68FEDnDp89H4Mf60oLc2DpwIs= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:7a54:0:b0:4fc:d6df:85a3 with SMTP id j20-20020a637a54000000b004fcd6df85a3mr507170pgn.1.1676675437475; Fri, 17 Feb 2023 15:10:37 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:16 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-7-seanjc@google.com> Subject: [PATCH 06/12] KVM: nSVM: Use KVM-governed feature framework to track "NRIPS enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121722154455271?= X-GMAIL-MSGID: =?utf-8?q?1758121722154455271?= Track "NRIPS exposed to L1" via a governed feature flag instead of using a dedicated bit/flag in vcpu_svm. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/svm/nested.c | 6 +++--- arch/x86/kvm/svm/svm.c | 5 ++--- arch/x86/kvm/svm/svm.h | 1 - 4 files changed, 6 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index b896a64e4ac3..359914112615 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -7,6 +7,7 @@ BUILD_BUG() KVM_GOVERNED_X86_FEATURE(GBPAGES) KVM_GOVERNED_X86_FEATURE(XSAVES) +KVM_GOVERNED_X86_FEATURE(NRIPS) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 05d38944a6c0..0641cb943450 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -694,7 +694,7 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, * what a nrips=0 CPU would do (L1 is responsible for advancing RIP * prior to injecting the event). */ - if (svm->nrips_enabled) + if (guest_can_use(vcpu, X86_FEATURE_NRIPS)) vmcb02->control.next_rip = svm->nested.ctl.next_rip; else if (boot_cpu_has(X86_FEATURE_NRIPS)) vmcb02->control.next_rip = vmcb12_rip; @@ -704,7 +704,7 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, svm->soft_int_injected = true; svm->soft_int_csbase = vmcb12_csbase; svm->soft_int_old_rip = vmcb12_rip; - if (svm->nrips_enabled) + if (guest_can_use(vcpu, X86_FEATURE_NRIPS)) svm->soft_int_next_rip = svm->nested.ctl.next_rip; else svm->soft_int_next_rip = vmcb12_rip; @@ -1004,7 +1004,7 @@ int nested_svm_vmexit(struct vcpu_svm *svm) if (vmcb12->control.exit_code != SVM_EXIT_ERR) nested_save_pending_event_to_vmcb12(svm, vmcb12); - if (svm->nrips_enabled) + if (guest_can_use(vcpu, X86_FEATURE_NRIPS)) vmcb12->control.next_rip = vmcb02->control.next_rip; vmcb12->control.int_ctl = svm->nested.ctl.int_ctl; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d89e516449ad..cdffc6db8bc5 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4143,9 +4143,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) guest_cpuid_has(vcpu, X86_FEATURE_XSAVE)) kvm_governed_feature_set(vcpu, X86_FEATURE_XSAVES); - /* Update nrips enabled cache */ - svm->nrips_enabled = kvm_cpu_cap_has(X86_FEATURE_NRIPS) && - guest_cpuid_has(vcpu, X86_FEATURE_NRIPS); + if (kvm_cpu_cap_has(X86_FEATURE_NRIPS)) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_NRIPS); svm->tsc_scaling_enabled = tsc_scaling && guest_cpuid_has(vcpu, X86_FEATURE_TSCRATEMSR); svm->lbrv_enabled = lbrv && guest_cpuid_has(vcpu, X86_FEATURE_LBRV); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 839809972da1..bd6ee6945bdd 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -258,7 +258,6 @@ struct vcpu_svm { bool soft_int_injected; /* optional nested SVM features that are enabled for this guest */ - bool nrips_enabled : 1; bool tsc_scaling_enabled : 1; bool v_vmload_vmsave_enabled : 1; bool lbrv_enabled : 1; From patchwork Fri Feb 17 23:10:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58802 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp114568wrn; Fri, 17 Feb 2023 15:12:28 -0800 (PST) X-Google-Smtp-Source: AK7set8drQ0YvBALOJLXTREKkA0fnT1fuu4XbGgRTxF8HBXjlS28BctRiyWEIV6xpjtTlF7dSuuZ X-Received: by 2002:a05:6402:164c:b0:47f:6531:dee9 with SMTP id s12-20020a056402164c00b0047f6531dee9mr2389559edx.20.1676675548066; Fri, 17 Feb 2023 15:12:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675548; cv=none; d=google.com; s=arc-20160816; b=dTqwDwNTjjXfcicLEQHk45DNigmMS0FKzEGpD5Mz59Zk6sWNAO7yYic6/uH0novfPV blK5kNdN3rn4nUwo+PsZmvW4L+2IPsCRpC2vzjPw8l4J5A3pv0eSxgN17yEITLFimttf YCR1C5jcfgXVI1cLMIuPv1k4mpq9HYIGygDRGTtmB/MFQYv2geUrHcSAVbbTQwPkJizM CeRo86aHs3e0JJPI9g+6Sgy7M9ApxUz/B2m1CeDgawnYBHBiWL7a308oB0mXhaO+gjEa ThKtmjbO2jPRZH1ylcjREI9w8XMHjsI6A+A5Hue656USqQ1LE63vCFFZqAQPl4KrbFBM fYVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=POxuYt4fAOA6ZFnHfsbFWDtIU9nPZFu5zx86sbOziVE=; b=zRTa4XsYQK9OSGCPtzzZPjK6xGPdmaQ/cXXPbrhat/UTneDSAckUUz584AhnJZY0l2 4KMp1C3XAMe6IciTgB7liR4/R7ga9lVllnHif/pM5k57DkoSY/Io12euP+pt2jO2Hrr9 iBIoZIUTnT9BMq2j/bBLMmkeZ2bsWZcrlCMlgKU0n2VudQJfMZum3+jfGzRBjMVCOO9q y1QAwft/XRsKCjArzx2ZcsJWaNJBK2fMeQ5jwXWc7YUk2uDkLGXKW5oAidkbKmFcfyKi Z+wDm+UIEcnQBLw5VbeaIBOxfeRiIY7qr+dqq6jtOXtZ4HoRsy7DrK5oe8pyTTE3jP2k PYwg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=QdavNrkd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b8-20020aa7df88000000b004ad7389704dsi4416409edy.177.2023.02.17.15.12.05; Fri, 17 Feb 2023 15:12:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=QdavNrkd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229849AbjBQXLL (ORCPT + 99 others); Fri, 17 Feb 2023 18:11:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56260 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229797AbjBQXKt (ORCPT ); Fri, 17 Feb 2023 18:10:49 -0500 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74F105B2D8 for ; Fri, 17 Feb 2023 15:10:39 -0800 (PST) Received: by mail-pj1-x104a.google.com with SMTP id qa16-20020a17090b4fd000b00233c6b388ddso914555pjb.5 for ; Fri, 17 Feb 2023 15:10:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=POxuYt4fAOA6ZFnHfsbFWDtIU9nPZFu5zx86sbOziVE=; b=QdavNrkdWkG2gZ3NsrzLR/fOs76DCKkMTVMxakZG6LoyMRh9Cf0XobBJFuUDa5G8r4 XF3yBtTZC2TMaUgjSZcjLQLbOnwIZpk0cM7vq4aeQcCccbCup+W/Fgll7QICn6WEauEO VCObIXioMDVz/EIaqO1tvqg8S2hLBr2pmkJWqMz6Ss2Gt+9n2OkXMQMdAVj+JDI8hcKO kdOmvMUAGpAXU7n+IcWsoXn1l5Q3RTHtu7kNi5bCj8WwNJ7RMYrBYJtfNTDmNNcEr8MO VDbssRqj35CSLlJWpbu4egzKdtsJYM3Kdw54fzQJ7ApuG2owQDYBmX0UCSHEVUGGtzmK RPmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=POxuYt4fAOA6ZFnHfsbFWDtIU9nPZFu5zx86sbOziVE=; b=VtxHXDPROm3W567ITsLxWOiKLQYKkyUKCSId8ao+1bYbLyGH0MHIpWB/AwtBygyd/Q wIzyLjEmhos9AU5mbHbGcRsPYyJ6W1ZCK6myArwAON+namKQm0hrRsEOkZsHaTAoQkRS mOV1tXuz5qwzH10fAtlovbuUx6rfBz7eMf0CsCvhzbce+nYAqgISA6r8rin75R/TyUVR tASGQNLRbgm3+v79NGaLRoQdWZeRkKNAZ5u2mt3IjfOjUxpk4yGDngkQ+3fTnNIPDt0y kOjBfBggffg8rnedjyHiWOWOxUbmRCTmWEcpQlAtwE8aED449Ohz/kzTFC4ASz67+xc4 fhIA== X-Gm-Message-State: AO0yUKVkajDT4+JI3suSrU4vQLVq3Ah04BbGS/Yl68XWMH3v5aSykn21 BIWOkFlllaOdZXeqtHaUYJloZyY776s= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:ef85:b0:19a:fdca:e3f1 with SMTP id iz5-20020a170902ef8500b0019afdcae3f1mr441371plb.3.1676675439193; Fri, 17 Feb 2023 15:10:39 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:17 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-8-seanjc@google.com> Subject: [PATCH 07/12] KVM: nSVM: Use KVM-governed feature framework to track "TSC scaling enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121739084810608?= X-GMAIL-MSGID: =?utf-8?q?1758121739084810608?= Track "TSC scaling exposed to L1" via a governed feature flag instead of using a dedicated bit/flag in vcpu_svm. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/svm/nested.c | 4 ++-- arch/x86/kvm/svm/svm.c | 12 ++++++++---- arch/x86/kvm/svm/svm.h | 1 - 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index 359914112615..0335576a80a8 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -8,6 +8,7 @@ BUILD_BUG() KVM_GOVERNED_X86_FEATURE(GBPAGES) KVM_GOVERNED_X86_FEATURE(XSAVES) KVM_GOVERNED_X86_FEATURE(NRIPS) +KVM_GOVERNED_X86_FEATURE(TSCRATEMSR) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 0641cb943450..30e00c4e07c7 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -673,7 +673,7 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, vmcb02->control.tsc_offset = vcpu->arch.tsc_offset; if (svm->tsc_ratio_msr != kvm_caps.default_tsc_scaling_ratio) { - WARN_ON(!svm->tsc_scaling_enabled); + WARN_ON(!guest_can_use(vcpu, X86_FEATURE_TSCRATEMSR)); nested_svm_update_tsc_ratio_msr(vcpu); } @@ -1043,7 +1043,7 @@ int nested_svm_vmexit(struct vcpu_svm *svm) } if (svm->tsc_ratio_msr != kvm_caps.default_tsc_scaling_ratio) { - WARN_ON(!svm->tsc_scaling_enabled); + WARN_ON(!guest_can_use(vcpu, X86_FEATURE_TSCRATEMSR)); vcpu->arch.tsc_scaling_ratio = vcpu->arch.l1_tsc_scaling_ratio; __svm_write_tsc_multiplier(vcpu->arch.tsc_scaling_ratio); } diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index cdffc6db8bc5..dd4aead5462c 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2737,7 +2737,8 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) switch (msr_info->index) { case MSR_AMD64_TSC_RATIO: - if (!msr_info->host_initiated && !svm->tsc_scaling_enabled) + if (!msr_info->host_initiated && + !guest_can_use(vcpu, X86_FEATURE_TSCRATEMSR)) return 1; msr_info->data = svm->tsc_ratio_msr; break; @@ -2879,7 +2880,7 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) switch (ecx) { case MSR_AMD64_TSC_RATIO: - if (!svm->tsc_scaling_enabled) { + if (!guest_can_use(vcpu, X86_FEATURE_TSCRATEMSR)) { if (!msr->host_initiated) return 1; @@ -2901,7 +2902,8 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) svm->tsc_ratio_msr = data; - if (svm->tsc_scaling_enabled && is_guest_mode(vcpu)) + if (guest_can_use(vcpu, X86_FEATURE_TSCRATEMSR) && + is_guest_mode(vcpu)) nested_svm_update_tsc_ratio_msr(vcpu); break; @@ -4146,7 +4148,9 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) if (kvm_cpu_cap_has(X86_FEATURE_NRIPS)) kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_NRIPS); - svm->tsc_scaling_enabled = tsc_scaling && guest_cpuid_has(vcpu, X86_FEATURE_TSCRATEMSR); + if (tsc_scaling) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_TSCRATEMSR); + svm->lbrv_enabled = lbrv && guest_cpuid_has(vcpu, X86_FEATURE_LBRV); svm->v_vmload_vmsave_enabled = vls && guest_cpuid_has(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index bd6ee6945bdd..a523cfcdd12e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -258,7 +258,6 @@ struct vcpu_svm { bool soft_int_injected; /* optional nested SVM features that are enabled for this guest */ - bool tsc_scaling_enabled : 1; bool v_vmload_vmsave_enabled : 1; bool lbrv_enabled : 1; bool pause_filter_enabled : 1; From patchwork Fri Feb 17 23:10:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58803 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp115422wrn; Fri, 17 Feb 2023 15:15:09 -0800 (PST) X-Google-Smtp-Source: AK7set8ypeMZY43XmSX8XeUASwQz69FH4Oru2DhaasfKwKTGYXm9hpjc5vvCfCcdU64POlyNO0OS X-Received: by 2002:a05:6402:2d1:b0:4ac:d925:ee82 with SMTP id b17-20020a05640202d100b004acd925ee82mr2906030edx.28.1676675709342; Fri, 17 Feb 2023 15:15:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675709; cv=none; d=google.com; s=arc-20160816; b=oL/g4GlVde9lJ8F1yBD4Ls8DsbFZsjPD3agqAKDW9g5fCIgSStBNj0db2RjQPGQN3E ZYNz3lwcoACVw0ZBVxMziP/ZnOIp2PcUuWKJuSDUalSMOyvhg/FH1/zIvV0AFH6iBapa OZ91iKvxNQAMvGBizAJFNpp5DFy8J3xBQ8jLi5jy9x66s86S/Y7nMGw7LxIPAQBHHu9+ KMmTm+xjoknyt09oP7IKQV4LJRlvg76wShvuL8F30nup3Dxqttt6ZCnoh9s8zLBJIXeb kpwTFSB6+HZ1lZcljr3OlNgN2vwHODevSHQ4zPFA3oIU3FyWNAbZ0t/qAOHWEi0fqlZH 83xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=xoyujDYNcmSn6sbEuz9ptxpGQrMCz4NdSnDyJI75LQw=; b=hmAOYk/xxunJ/k0rle5GxxKiNiupWgl6+bVgILcp6XIcewzLqKpzHadbVJpwyLiIfk 5IkjNx0yRgANXdEQCBTP/8ig7wA1Yx5Urf14IyOIUZ35yn5UBLJ+4tEzAodL6MkGlSeX BXPbKrsslg5oQJx17rI6OZI6HGo6IVDru7fpMNxrMHE4gjWXda74P3A8EIwMnhTXuu7P vj9U9DZvoPfA+BPuDBTsokpOjc/9LmO3XDchS+lbri3/TyuEDOf1iaDO76A+omttzDIQ kta3XkFpaXFj0jQo+xHwedxCuHpmUKM9UpKbQ+W8oKEKHxfJCIgLgZ+OZJSS4963kkRQ LafA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=dpQqFvss; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u26-20020aa7d99a000000b004acb7b6a25csi6570015eds.42.2023.02.17.15.14.46; Fri, 17 Feb 2023 15:15:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=dpQqFvss; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230049AbjBQXLR (ORCPT + 99 others); Fri, 17 Feb 2023 18:11:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56928 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229994AbjBQXLF (ORCPT ); Fri, 17 Feb 2023 18:11:05 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 41F566A057 for ; Fri, 17 Feb 2023 15:10:41 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5365663d982so25237067b3.3 for ; Fri, 17 Feb 2023 15:10:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=xoyujDYNcmSn6sbEuz9ptxpGQrMCz4NdSnDyJI75LQw=; b=dpQqFvssXE0UA8WwasFAKBnP2Qr+hAS9iMB0u9edTg/bAjZj4XhrrT0weBm/X/66Sn ypVCWH0fcamcMwYZNEgACrCuZJDSNYJfRhyFQLb/NOILy9Q0miLSTkFhTFbq0TrMWfM/ TBSppg3h4vxQWjOUaDfKkQx6IQ8SrOEwxeV9Z761h2EGa/iL/m2uPZdjE3dOUODAHph2 ffxbJMs9RdgFl517e8dx/LN6AumlRS3X80c/mT/QLwtAgkM4xONk8O7zKU/QTMep2STF 7/RxkTXmbAtp1FVs07RE/ej5J703siUuwOmmIwMxoXaENzvI3YUKWMPvemIkiMgNtHxj mbKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xoyujDYNcmSn6sbEuz9ptxpGQrMCz4NdSnDyJI75LQw=; b=mU6kJ/P4nn90lFBiCRncTQCazkO+V8+8f0PdJln+dlPMOZDLQArJigebLF6eY2qaZ/ w8qGQgWYus3+9kbpkF4lPWCnLl00o20YA2vWDA5EXi38zK58pFKasLmNdDs7k0Vft06u FZUbbcvWUvh5JitgDDGK9JXPfwojkA8FsPyxUZiBtr1NV+vMpUnPC1Yk8YH9LlPKZcA9 VZYLtGkIktzPj+9tLa9hvHisbrsZWRSXivci5g/HxGK94PLMsow+hwOFc/ECA8TBI3lR PgtDqqJUiJmSLXZ/1jn5POt3MZm4kOmCIfP5b5THJPJ+b+ev7uMBBL8ntz2wVNnbno2b HxzQ== X-Gm-Message-State: AO0yUKWFJyk9N3tOMtn4imGVxv03DF99SLK2qAYMm+4gchY5PGchKKyL JGTeC14xxYfn/a07xgn8TncDpj5LSX4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:9346:0:b0:909:4c2d:3092 with SMTP id g6-20020a259346000000b009094c2d3092mr1339095ybo.643.1676675440994; Fri, 17 Feb 2023 15:10:40 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:18 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-9-seanjc@google.com> Subject: [PATCH 08/12] KVM: nSVM: Use KVM-governed feature framework to track "vVM{SAVE,LOAD} enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121908440931313?= X-GMAIL-MSGID: =?utf-8?q?1758121908440931313?= Track "virtual VMSAVE/VMLOAD exposed to L1" via a governed feature flag instead of using a dedicated bit/flag in vcpu_svm. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/svm/nested.c | 2 +- arch/x86/kvm/svm/svm.c | 5 ++--- arch/x86/kvm/svm/svm.h | 1 - 4 files changed, 4 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index 0335576a80a8..b66b9d550f33 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -9,6 +9,7 @@ KVM_GOVERNED_X86_FEATURE(GBPAGES) KVM_GOVERNED_X86_FEATURE(XSAVES) KVM_GOVERNED_X86_FEATURE(NRIPS) KVM_GOVERNED_X86_FEATURE(TSCRATEMSR) +KVM_GOVERNED_X86_FEATURE(V_VMSAVE_VMLOAD) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 30e00c4e07c7..6a96058c0e48 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -107,7 +107,7 @@ static void nested_svm_uninit_mmu_context(struct kvm_vcpu *vcpu) static bool nested_vmcb_needs_vls_intercept(struct vcpu_svm *svm) { - if (!svm->v_vmload_vmsave_enabled) + if (!guest_can_use(&svm->vcpu, X86_FEATURE_V_VMSAVE_VMLOAD)) return true; if (!nested_npt_enabled(svm)) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index dd4aead5462c..b3f0271c73b9 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1162,8 +1162,6 @@ static inline void init_vmcb_after_set_cpuid(struct kvm_vcpu *vcpu) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 0, 0); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 0, 0); - - svm->v_vmload_vmsave_enabled = false; } else { /* * If hardware supports Virtual VMLOAD VMSAVE then enable it @@ -4153,7 +4151,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) svm->lbrv_enabled = lbrv && guest_cpuid_has(vcpu, X86_FEATURE_LBRV); - svm->v_vmload_vmsave_enabled = vls && guest_cpuid_has(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); + if (vls && !guest_cpuid_is_intel(vcpu)) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); svm->pause_filter_enabled = kvm_cpu_cap_has(X86_FEATURE_PAUSEFILTER) && guest_cpuid_has(vcpu, X86_FEATURE_PAUSEFILTER); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index a523cfcdd12e..1e3e7462b1d7 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -258,7 +258,6 @@ struct vcpu_svm { bool soft_int_injected; /* optional nested SVM features that are enabled for this guest */ - bool v_vmload_vmsave_enabled : 1; bool lbrv_enabled : 1; bool pause_filter_enabled : 1; bool pause_threshold_enabled : 1; From patchwork Fri Feb 17 23:10:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58804 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp115468wrn; Fri, 17 Feb 2023 15:15:15 -0800 (PST) X-Google-Smtp-Source: AK7set8WZDbZxzEbo2p1HQXnV4NfzZXRaHXO8ORxkj6+aVctFutkSHLpLVtLGECK6bS9OC/UhdLD X-Received: by 2002:a17:906:5a42:b0:8b1:7ac6:3186 with SMTP id my2-20020a1709065a4200b008b17ac63186mr5079624ejc.68.1676675715214; Fri, 17 Feb 2023 15:15:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675715; cv=none; d=google.com; s=arc-20160816; b=XF2AfQo4/L7u+0ztzOFEgH2HuQQ83BytumNTPSpQnq5CwHITkT8UzLHdcCiDnx37TF qFFX2dAhEScvN8yT7pYwzWByXfuXSgma7uav3ngc7dBXZVBgKISGork/yHyLnTA2zgpv 6slh5B4hKWYYQTWBwhHPE5MV6nSPMOYkZQ2kmjAyZ3BZUp/yqNi24qKYoG5fN5NAEd5g TCZJaohNHMEKTubVKMVd/0v2coC+7qCrDlazQs3th7QFfits9dG92L0YJK2H5xw9XM1K wrifFecm77yVlMxCf6UqfdHcMe5EydlxW+bLoxV2tNjmeauWTLoLngHR2yXN0GsaIfOJ lk3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=6T3Gs2nuLFt+Gi9I5SyZU1o7dxUXgiYSrrrG2VNSMxo=; b=VFWDutrGmM8zEOzUK9epN8s4U3fTseK/laGepd7pT3/q+BPdiF7sOFCBPncquW9UO2 4/dcyhNtq8x+3ugo58J0kor+EbzN0IciwY8Qv7AqZ6lWcyYWilUDLOCcgGkVrVK/RkAs 1zPv53OcIlMgDYQCkhLYE2b3b8Yl8ra9ZKgXfoh1+etoiuPpRcuYtKGcPmbau0T1MBnX 5u4Ro7bw2ZDuBPZ7ovbzoyAZf3u2uE5/qza7tkViP0i2XvGMP6qgSwtYIBaeLzaCehXF C9xrNSypRZT0okDKvRq2MJknB4fQkYntQGeoJehLCO0QtRWImP453cl4TVZpexr9AX/b JVDA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Wt0DYMxG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ex18-20020a170907955200b008b14ba10186si5625199ejc.216.2023.02.17.15.14.52; Fri, 17 Feb 2023 15:15:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Wt0DYMxG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229933AbjBQXLd (ORCPT + 99 others); Fri, 17 Feb 2023 18:11:33 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57208 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229667AbjBQXLK (ORCPT ); Fri, 17 Feb 2023 18:11:10 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 330196C012 for ; Fri, 17 Feb 2023 15:10:44 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id cf37-20020a056902182500b009802c10698cso3193908ybb.22 for ; Fri, 17 Feb 2023 15:10:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=6T3Gs2nuLFt+Gi9I5SyZU1o7dxUXgiYSrrrG2VNSMxo=; b=Wt0DYMxGoRYkGatQPo0coKl/wrq7XW9qyPmdmUcYgYWqmxuF681eSGUYynQunnMGGC xzoG074xtnXxckeWUMdMuWVp2SSsVy1IiIfyNm+dk/D+Zv5n0TgI4qxGq4xHjEnajKC+ 2FBcS7lAs0bdc3CeB1Thb5ALnwV3m3OShvahkhL79qyWZ0amtCnp98lLVxLvyyLiDNFK 4JOfuA8IXxUJM3RkOO+9eIgwPp3lnHjBjV184/6Ezh1U9VNqdoYwI5xPccf4SbfjHGAA 5reeKVcnzRZdWBLPF4eaCJI3zTWyXmGD0sq8YUOxeM6NXFHtC8VCb4PtWvcXfLbItS0t 9TbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6T3Gs2nuLFt+Gi9I5SyZU1o7dxUXgiYSrrrG2VNSMxo=; b=ysBMKroVWcHURWeD5H5AyAuJXvhgdgh/lvdqWULqYRHdpPkZtoh3VpuBEH9rnBHC6e saqUgNGzFT6Et3zm06rAplJrmgs31tsdCz9AOsJDOwDUcQ6S5OBs0pYX/zVWnq7+v919 koIu767x593gPwqI2r6jfoZQSW0OJC66G3nhumRTxG/LfQTwjOOGTE6T+WJQ1LGnFMby Kf3QkDwBqbzCoK6mhzZeSZPw03bWYXIqsbT/eQBFUgbpr9MD5PtLPRPAHD7UQwO/c/FB q4PnfEwvSxwlQ2gD5YbOGNfk7fkR+Fn02eEOWt4PhJukek3Ly04p1onvYqrzdbawF+CG NBdQ== X-Gm-Message-State: AO0yUKW5DDKn+kRwZZsBeBMzijN0imX70t6gx0TlsaPfaGmxajUKJvjm HfXOcVC5IMr2I5IGAkYqtyBZ/f95MmU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:10c:b0:997:c919:4484 with SMTP id o12-20020a056902010c00b00997c9194484mr16415ybh.6.1676675442720; Fri, 17 Feb 2023 15:10:42 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:19 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-10-seanjc@google.com> Subject: [PATCH 09/12] KVM: nSVM: Use KVM-governed feature framework to track "LBRv enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121915063372746?= X-GMAIL-MSGID: =?utf-8?q?1758121915063372746?= Track "LBR virtualization exposed to L1" via a governed feature flag instead of using a dedicated bit/flag in vcpu_svm. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/svm/nested.c | 23 +++++++++++++---------- arch/x86/kvm/svm/svm.c | 7 +++++-- arch/x86/kvm/svm/svm.h | 1 - 4 files changed, 19 insertions(+), 13 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index b66b9d550f33..16c58d61bdf6 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -10,6 +10,7 @@ KVM_GOVERNED_X86_FEATURE(XSAVES) KVM_GOVERNED_X86_FEATURE(NRIPS) KVM_GOVERNED_X86_FEATURE(TSCRATEMSR) KVM_GOVERNED_X86_FEATURE(V_VMSAVE_VMLOAD) +KVM_GOVERNED_X86_FEATURE(LBRV) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 6a96058c0e48..9e210b03e635 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -540,6 +540,7 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm *svm, struct vmcb *vmcb12 bool new_vmcb12 = false; struct vmcb *vmcb01 = svm->vmcb01.ptr; struct vmcb *vmcb02 = svm->nested.vmcb02.ptr; + struct kvm_vcpu *vcpu = &svm->vcpu; nested_vmcb02_compute_g_pat(svm); @@ -565,18 +566,18 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm *svm, struct vmcb *vmcb12 vmcb_mark_dirty(vmcb02, VMCB_DT); } - kvm_set_rflags(&svm->vcpu, vmcb12->save.rflags | X86_EFLAGS_FIXED); + kvm_set_rflags(vcpu, vmcb12->save.rflags | X86_EFLAGS_FIXED); - svm_set_efer(&svm->vcpu, svm->nested.save.efer); + svm_set_efer(vcpu, svm->nested.save.efer); - svm_set_cr0(&svm->vcpu, svm->nested.save.cr0); - svm_set_cr4(&svm->vcpu, svm->nested.save.cr4); + svm_set_cr0(vcpu, svm->nested.save.cr0); + svm_set_cr4(vcpu, svm->nested.save.cr4); svm->vcpu.arch.cr2 = vmcb12->save.cr2; - kvm_rax_write(&svm->vcpu, vmcb12->save.rax); - kvm_rsp_write(&svm->vcpu, vmcb12->save.rsp); - kvm_rip_write(&svm->vcpu, vmcb12->save.rip); + kvm_rax_write(vcpu, vmcb12->save.rax); + kvm_rsp_write(vcpu, vmcb12->save.rsp); + kvm_rip_write(vcpu, vmcb12->save.rip); /* In case we don't even reach vcpu_run, the fields are not updated */ vmcb02->save.rax = vmcb12->save.rax; @@ -590,7 +591,8 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm *svm, struct vmcb *vmcb12 vmcb_mark_dirty(vmcb02, VMCB_DR); } - if (unlikely(svm->lbrv_enabled && (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { + if (unlikely(guest_can_use(vcpu, X86_FEATURE_LBRV) && + (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { /* * Reserved bits of DEBUGCTL are ignored. Be consistent with * svm_set_msr's definition of reserved bits. @@ -712,7 +714,7 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, vmcb02->control.virt_ext = vmcb01->control.virt_ext & LBR_CTL_ENABLE_MASK; - if (svm->lbrv_enabled) + if (guest_can_use(vcpu, X86_FEATURE_LBRV)) vmcb02->control.virt_ext |= (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK); @@ -1021,7 +1023,8 @@ int nested_svm_vmexit(struct vcpu_svm *svm) svm_switch_vmcb(svm, &svm->vmcb01); - if (unlikely(svm->lbrv_enabled && (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { + if (unlikely(guest_can_use(vcpu, X86_FEATURE_LBRV) && + (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK))) { svm_copy_lbrs(vmcb12, vmcb02); svm_update_lbrv(vcpu); } else if (unlikely(vmcb01->control.virt_ext & LBR_CTL_ENABLE_MASK)) { diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b3f0271c73b9..42591c77f98a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -994,9 +994,11 @@ void svm_update_lbrv(struct kvm_vcpu *vcpu) bool current_enable_lbrv = !!(svm->vmcb->control.virt_ext & LBR_CTL_ENABLE_MASK); - if (unlikely(is_guest_mode(vcpu) && svm->lbrv_enabled)) + if (unlikely(is_guest_mode(vcpu) && + guest_can_use(vcpu, X86_FEATURE_LBRV))) { if (unlikely(svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK)) enable_lbrv = true; + } if (enable_lbrv == current_enable_lbrv) return; @@ -4149,7 +4151,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) if (tsc_scaling) kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_TSCRATEMSR); - svm->lbrv_enabled = lbrv && guest_cpuid_has(vcpu, X86_FEATURE_LBRV); + if (lbrv) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_LBRV); if (vls && !guest_cpuid_is_intel(vcpu)) kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 1e3e7462b1d7..60817ff346b0 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -258,7 +258,6 @@ struct vcpu_svm { bool soft_int_injected; /* optional nested SVM features that are enabled for this guest */ - bool lbrv_enabled : 1; bool pause_filter_enabled : 1; bool pause_threshold_enabled : 1; bool vgif_enabled : 1; From patchwork Fri Feb 17 23:10:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58805 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp115665wrn; Fri, 17 Feb 2023 15:15:42 -0800 (PST) X-Google-Smtp-Source: AK7set/PAmktJKRaSeXNU5fqWAqqxhfCQJDxb1MO3QzP63ZnUje4qviZDw14tz5y3TNB7J+CcrF5 X-Received: by 2002:a05:6402:506:b0:4ac:c9ea:17b4 with SMTP id m6-20020a056402050600b004acc9ea17b4mr2204844edv.41.1676675742154; Fri, 17 Feb 2023 15:15:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675742; cv=none; d=google.com; s=arc-20160816; b=BmBqAO7dBWQShZUSt+i34eCYg+AwBmG7oXtMJwx38jrNxWPycEmVuzAbwAi8RUcTRa qMtMqzzypKPmjtnS2pfbXHfTYpxFO16hSfDIcSnee1qtYKJwAkPbhMCHbIDj4FR9/T4d vm3myn6ClOIU3WlCZxJ6Fa9pUMb0Avc78XsNAnHzO4VTwzH6mKszGxXbX7Gkek1Wsj1R x1FlP91r2tnTs1VU1BAFK0ZvYxIVi12IZlhNkS95bqysCXpEERZFoCmbddYGJrudP8Li 9TrAJm+68Uk8Fians10wiHJjlcxAxmpseIvIXGueYvkkf9l1g/mKcZ2liYxcpTBhX6xP d/QQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=y+vRasImpgsONkuFWEwkUJDlQ5PlpYyW5BuRWOgPo+I=; b=ulwMUIIy4gMCs4/8tgPqlS5Knaz0oMPa4rmfOfpq06eMTRmAsqe6gedrGArjajIFEJ eiEbOhm5KiFWZ9HxIAzEY+CdB/HLtaDJVU86nYHBdZe+3VAsHwnxSMZSTm1Y0tkLihBT gWTYAc+eRqUKCHhfMet6ofYb/Q6XvoYpiJVNknBI5Gh+bdcLiKaDOjq3xKySe4dz+NYY BJdxz5sTBItvGVtbX2SH99UNUHQRionmYX4HA4sFtEIpPrtIpISLvxkRnPCBvPaMBs2r orNVR09DSeKumlBB0NpdZg3r1BoVOQZJFBV1DKXysOWExPsKGuvRZGqZKLTfegdYBwJV KG0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=duZP1OUS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n10-20020aa7d04a000000b00469b79303b6si6437586edo.195.2023.02.17.15.15.19; Fri, 17 Feb 2023 15:15:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=duZP1OUS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229998AbjBQXLf (ORCPT + 99 others); Fri, 17 Feb 2023 18:11:35 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57674 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230039AbjBQXLO (ORCPT ); Fri, 17 Feb 2023 18:11:14 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0066F69290 for ; Fri, 17 Feb 2023 15:10:45 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id 127-20020a251885000000b0092aabd4fa90so1931358yby.18 for ; Fri, 17 Feb 2023 15:10:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=y+vRasImpgsONkuFWEwkUJDlQ5PlpYyW5BuRWOgPo+I=; b=duZP1OUSZ8GA7t5Oa5HX6hRRseF3k5EiTGYt+R3pS76fquatD1J2o/MeZx61e/YmEh CawMVRWWt0V1OGElmhOpu7JQeTb9c8c8ArnCdaPGyYtsEztkDJFZMSqJW49jcfZnWuOI r6zEtJTbWpCHlEi4nqmAUmyUUYVLgzsxzfB5rpRpdncAM8upT8wdTy4kY4ItoCkvmUD/ SNkmdMzpy9OHA8yBwwKdb4C9CnpNujIVT1dagQgfMC0QCmS9gDZUNaC5eCBX1edGb46X +8fmBURigrx+J18D+rONdcH1qQDIHZgCXK4mFz9FbdVyli0FBzWBF0MVID7xgLINh+/Y 3FLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=y+vRasImpgsONkuFWEwkUJDlQ5PlpYyW5BuRWOgPo+I=; b=lKhYEOrjL+C6IRTcJaxgR3Jr6iIE5GG7CFwcKqJcO5PPAhU4ogDsQWgGgHYLD6Hugb hWKR4p98sddeOPvqcip19k2ntJbuNAAJRUOdUJqqIlvpUqyvhHYzMYqZ3OU1j/WRuDyK 13rRMNVUmTe8hsYKV6tHmhfyoDrwEw+B2kOTiqEefE3n2YFOwOO4xgsJmNXaULnZXFnL t+juh2LgUe3mKQKs96BtcnSl8RMeE3b4abpNBBuTlz2GB1imMNffqdLGUWWA/XRA+Ntp McohcM1rLv9mAmvV8unNpJOEJ/KAb3bklo+C2FSJ5iDB8E0OSdyNyulZaPimqtVseIsp +L6A== X-Gm-Message-State: AO0yUKU0f2TjW/32gWJoZeqtBDBBSdUcSrx5xeSnPcIIaF00hkPg2I4u J+wi4/VSF8BT5ZVmqpQf0TrGNsvRHIw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a0d:eb8f:0:b0:52f:f71:31c9 with SMTP id u137-20020a0deb8f000000b0052f0f7131c9mr1159924ywe.250.1676675444598; Fri, 17 Feb 2023 15:10:44 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:20 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-11-seanjc@google.com> Subject: [PATCH 10/12] KVM: nSVM: Use KVM-governed feature framework to track "Pause Filter enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758121942599219120?= X-GMAIL-MSGID: =?utf-8?q?1758121942599219120?= Track "Pause Filtering is exposed to L1" via governed feature flags instead of using dedicated bits/flags in vcpu_svm. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 2 ++ arch/x86/kvm/svm/nested.c | 10 ++++++++-- arch/x86/kvm/svm/svm.c | 8 ++++---- arch/x86/kvm/svm/svm.h | 2 -- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index 16c58d61bdf6..93c7d840e546 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -11,6 +11,8 @@ KVM_GOVERNED_X86_FEATURE(NRIPS) KVM_GOVERNED_X86_FEATURE(TSCRATEMSR) KVM_GOVERNED_X86_FEATURE(V_VMSAVE_VMLOAD) KVM_GOVERNED_X86_FEATURE(LBRV) +KVM_GOVERNED_X86_FEATURE(PAUSEFILTER) +KVM_GOVERNED_X86_FEATURE(PFTHRESHOLD) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 9e210b03e635..c38f17ba818e 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -721,8 +721,14 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, if (!nested_vmcb_needs_vls_intercept(svm)) vmcb02->control.virt_ext |= VIRTUAL_VMLOAD_VMSAVE_ENABLE_MASK; - pause_count12 = svm->pause_filter_enabled ? svm->nested.ctl.pause_filter_count : 0; - pause_thresh12 = svm->pause_threshold_enabled ? svm->nested.ctl.pause_filter_thresh : 0; + if (guest_can_use(vcpu, X86_FEATURE_PAUSEFILTER)) + pause_count12 = svm->nested.ctl.pause_filter_count; + else + pause_count12 = 0; + if (guest_can_use(vcpu, X86_FEATURE_PFTHRESHOLD)) + pause_thresh12 = svm->nested.ctl.pause_filter_thresh; + else + pause_thresh12 = 0; if (kvm_pause_in_guest(svm->vcpu.kvm)) { /* use guest values since host doesn't intercept PAUSE */ vmcb02->control.pause_filter_count = pause_count12; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 42591c77f98a..b18bd0b33942 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4157,11 +4157,11 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) if (vls && !guest_cpuid_is_intel(vcpu)) kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); - svm->pause_filter_enabled = kvm_cpu_cap_has(X86_FEATURE_PAUSEFILTER) && - guest_cpuid_has(vcpu, X86_FEATURE_PAUSEFILTER); + if (kvm_cpu_cap_has(X86_FEATURE_PAUSEFILTER)) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PAUSEFILTER); - svm->pause_threshold_enabled = kvm_cpu_cap_has(X86_FEATURE_PFTHRESHOLD) && - guest_cpuid_has(vcpu, X86_FEATURE_PFTHRESHOLD); + if (kvm_cpu_cap_has(X86_FEATURE_PFTHRESHOLD)) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PFTHRESHOLD); svm->vgif_enabled = vgif && guest_cpuid_has(vcpu, X86_FEATURE_VGIF); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 60817ff346b0..c05eea319d28 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -258,8 +258,6 @@ struct vcpu_svm { bool soft_int_injected; /* optional nested SVM features that are enabled for this guest */ - bool pause_filter_enabled : 1; - bool pause_threshold_enabled : 1; bool vgif_enabled : 1; u32 ldr_reg; From patchwork Fri Feb 17 23:10:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58807 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp116404wrn; Fri, 17 Feb 2023 15:17:58 -0800 (PST) X-Google-Smtp-Source: AK7set9xAcroHE0lL2o2JFz2b+F5hdxJ83hOwOG8PYP6GXtUc6YzOUWn+cAs5vYEM+tYD4q/3dzJ X-Received: by 2002:a05:6a20:840e:b0:c7:20e9:de29 with SMTP id c14-20020a056a20840e00b000c720e9de29mr9656600pzd.5.1676675877755; Fri, 17 Feb 2023 15:17:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675877; cv=none; d=google.com; s=arc-20160816; b=h3WNvj+JcboD6SzUOdlQvX760OXCNdmuohzWVfHU7wjuW0sVFtfYfdngfWxTXAYDiU 0OGT3RUg/nF/fw6Ge9yrPAV1kY7JIHp8rTKyJDJRLKd8dYCWrqlt5z49w1Z3Klu0rKOJ 85eP9E0F1dkVz7TE8cdGny6u+ZDlhYuRujR9eBSYPhA6AUU5UhmkVz/ZfTPTsiFyt0+u JGv/GnBKobNoE6x8Tgbal4x/m9K/kOycIYqUXD4ga7/WKtsCn8UC68+2g0Ul6tGCqS66 04sfuQ8dxggG3c/ZXR4VmJDcuYZjot8etNQ810960tQFSJXDBVH5UH8FnvYcYkwwjkNR HHjA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=TQzYXroMSTeC6jBkk8L8kpJ+IXUUCZH+35l1d+2iFCk=; b=DkwMdvUWW+SGY0hC+gzwgHnNNWsXsGoQe+H6o685b+y0+LwzGzV02b1S2/eZlj1Q9r HaJfo4+ga2Q7ZctyaIWkR2cEWQ3MZp1nCvYZ4iW2PsG/TwT17ROvz/xRjkEG9p3bzYJn I2EgWgh+5l94phqVE2XEsAZBA9+Ec+N65yZEIIb4LtM2RkkygQylHc5RCnf1dxQvYVpo GAnCiMB44NHf4e/eCZuFSoie5kjKM17I73NG/fQzMv+hbXCLbYcxJQ/XhdVzo8nluAaa hSY5ihxht0RSX1QeZyYr9p9E8CKRZT9aXY+SUpDKEiBM7Qouqd7OuxsrlIwqMqqTkFm8 VtMQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=nDWIVzLI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k63-20020a638442000000b004fc274006ddsi4963993pgd.670.2023.02.17.15.17.45; Fri, 17 Feb 2023 15:17:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=nDWIVzLI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229930AbjBQXLt (ORCPT + 99 others); Fri, 17 Feb 2023 18:11:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58034 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230003AbjBQXL0 (ORCPT ); Fri, 17 Feb 2023 18:11:26 -0500 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B3FF669292 for ; Fri, 17 Feb 2023 15:10:51 -0800 (PST) Received: by mail-pf1-x449.google.com with SMTP id d23-20020aa78697000000b005a9b2e7702dso784301pfo.8 for ; Fri, 17 Feb 2023 15:10:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=TQzYXroMSTeC6jBkk8L8kpJ+IXUUCZH+35l1d+2iFCk=; b=nDWIVzLIP0yst3AFQlqDNtPsqJCThrW68j/ZDgsIoK51pQLuviijWNO1GiQNNGfcD4 GYM/nmpNu2qua902e+XJlPwfEnqeyWoe4s3Vb9i0Y1jVuzJWJ0wCTnDT4WrRry0KOOdA 1EvSk1Ml1D4JrModuEI7cV+JTr2ved0KqLeoFWDFdZZeMDm6Uui++DSXcDEHfDmoGKEn Amq0zZule0c9Xfswa3PJzg+CfbLGjw6SxBGdcFuUGioZRdQjUYH1XO7H/YAz36FXKc6W 1N6fmIjiwtceyLVKbWIRc4iUOqgSuX5UaryxPThGgeLffTTL/uoZX6eCLzvFdhzYcE6M jPHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TQzYXroMSTeC6jBkk8L8kpJ+IXUUCZH+35l1d+2iFCk=; b=rj6BU+0nd4pgxYX2YWlgtxQiVZRTe9EvXcLh4hfoVq7ml5DiBEU0ssOte6KhE0Gm1x xud7DpWx/01UynPVCPOR5dE/4k8H2v8baTAHmftgJTX7ArJxKx4y0avjMERh+CREFBzS r1Lmgyx8pJb31zOOfkhG9mbEIVjA37bP9aoHmIDOElMSb+Z93S+YN7dJMfVb+NQiG/YJ AK+2/eFT9hSw/tW4VE+986uSq9IuFIMnZEt8nDxJiPow8p2PHxXxNnlGdwYAGyZ38LiF lomGxipYVQJwBbIng3NAg4KbLhrnOzSmkD8WB0BjieEnpZ3TfwrDk/ilQAwqMYc4gf5j mW0w== X-Gm-Message-State: AO0yUKXS0p5ceFhnlE+DSjvJ2smL161E8VCgbzUdwhXuxzJc47fYHEck QHkXRbJa9iZKUAU7GBvnCTXi2XYigUI= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:6d4a:0:b0:500:16e8:a008 with SMTP id i71-20020a636d4a000000b0050016e8a008mr130045pgc.8.1676675446370; Fri, 17 Feb 2023 15:10:46 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:21 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-12-seanjc@google.com> Subject: [PATCH 11/12] KVM: nSVM: Use KVM-governed feature framework to track "vGIF enabled" From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758122085286198899?= X-GMAIL-MSGID: =?utf-8?q?1758122085286198899?= Track "virtual GIF exposed to L1" via a governed feature flag instead of using a dedicated bit/flag in vcpu_svm. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/governed_features.h | 1 + arch/x86/kvm/svm/nested.c | 3 ++- arch/x86/kvm/svm/svm.c | 3 ++- arch/x86/kvm/svm/svm.h | 7 +++---- 4 files changed, 8 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index 93c7d840e546..b49fdabb88c4 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -13,6 +13,7 @@ KVM_GOVERNED_X86_FEATURE(V_VMSAVE_VMLOAD) KVM_GOVERNED_X86_FEATURE(LBRV) KVM_GOVERNED_X86_FEATURE(PAUSEFILTER) KVM_GOVERNED_X86_FEATURE(PFTHRESHOLD) +KVM_GOVERNED_X86_FEATURE(VGIF) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index c38f17ba818e..c73c2acaf4c0 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -648,7 +648,8 @@ static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, * exit_int_info, exit_int_info_err, next_rip, insn_len, insn_bytes. */ - if (svm->vgif_enabled && (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK)) + if (guest_can_use(vcpu, X86_FEATURE_VGIF) && + (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK)) int_ctl_vmcb12_bits |= (V_GIF_MASK | V_GIF_ENABLE_MASK); else int_ctl_vmcb01_bits |= (V_GIF_MASK | V_GIF_ENABLE_MASK); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b18bd0b33942..11068e8eb969 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4163,7 +4163,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) if (kvm_cpu_cap_has(X86_FEATURE_PFTHRESHOLD)) kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_PFTHRESHOLD); - svm->vgif_enabled = vgif && guest_cpuid_has(vcpu, X86_FEATURE_VGIF); + if (vgif) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_VGIF); svm_recalc_instruction_intercepts(vcpu, svm); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c05eea319d28..be5419975694 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -22,6 +22,7 @@ #include #include +#include "cpuid.h" #include "kvm_cache_regs.h" #define __sme_page_pa(x) __sme_set(page_to_pfn(x) << PAGE_SHIFT) @@ -257,9 +258,6 @@ struct vcpu_svm { unsigned long soft_int_next_rip; bool soft_int_injected; - /* optional nested SVM features that are enabled for this guest */ - bool vgif_enabled : 1; - u32 ldr_reg; u32 dfr_reg; struct page *avic_backing_page; @@ -484,7 +482,8 @@ static inline bool svm_is_intercept(struct vcpu_svm *svm, int bit) static inline bool nested_vgif_enabled(struct vcpu_svm *svm) { - return svm->vgif_enabled && (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK); + return guest_can_use(&svm->vcpu, X86_FEATURE_VGIF) && + (svm->nested.ctl.int_ctl & V_GIF_ENABLE_MASK); } static inline struct vmcb *get_vgif_vmcb(struct vcpu_svm *svm) From patchwork Fri Feb 17 23:10:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 58806 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp116083wrn; Fri, 17 Feb 2023 15:16:54 -0800 (PST) X-Google-Smtp-Source: AK7set8lTFKS2DKIjJBNJZPYTS/9iWRHjlUxkiNSNQGD9Uwqdf4sF1Dl7VY8SFsj1ZX612GKYGH6 X-Received: by 2002:aa7:d6d0:0:b0:4ad:7056:23a5 with SMTP id x16-20020aa7d6d0000000b004ad705623a5mr5510517edr.14.1676675814467; Fri, 17 Feb 2023 15:16:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676675814; cv=none; d=google.com; s=arc-20160816; b=Hg7Khm15jI3HYDY322Q90sYbBShj0QIyvgldNEVUcvE1f/GTS/s1rYSyb0el9+66XC +RpPpMPRoAE0kRz9KYJHT0IYlKOIDr34KN6fnCnLUkM+Ht2EMObbQZthnjheWcQsO1VP ttcDZEF5hRpXVK4QMlSXGydWNriW+sxdmrT5FpEndq6T+P4jBuMezeh92ptrKmN8Wvk+ ULJ6a6Y8dKiimsb+jezBPF8kA9vCo7DQrb0Kk/ZkzMCu1sT40xyItsihCANKbDpiZk19 UajtVJGU0PFZaWdg5U0ZZumQLbsPoo4MML9NqP6AegMxxX5gvO2z6FALpdTnAtRQ52q1 b70g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=npHi3V7E0yjLP2ajthwoOQ/SU63n4hMuJXlKMFS+nHI=; b=cdS+gU7B8YhxcRiErQAlHVtTiFXg2RrrHXFCBSsHEpJDqEPdA8A+xAweT5GvvZLu6+ PeeLDHDmC/irTQ+sQl7a9u9UWRMZmCXORICILapqI/fpmngiXDsh52pOOeTf4elNmTL1 a1nfiJnJjyCGQHpgfg6RuzvKsMx/CWC6pKRK2/IIG058vGFjdcq1m8DKVIXxeAbM4Faa O9K8opvD+e6sEJF3Dn83S6TkbKCULOITK+hTn/SEyQnZsni2cMj93Z99ASQq5HZL3760 3Z6eI5idLtSKZNXzaPjhsdZ5WAUOHjrk/T7wWN94H6z/592Y0q2aafxlZQTJKsK/gdZs pMMQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=P8vTeMvH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w19-20020a056402071300b004acc45a0577si7237995edx.277.2023.02.17.15.16.31; Fri, 17 Feb 2023 15:16:54 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=P8vTeMvH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230010AbjBQXLq (ORCPT + 99 others); Fri, 17 Feb 2023 18:11:46 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57468 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230005AbjBQXL0 (ORCPT ); Fri, 17 Feb 2023 18:11:26 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E7D6A68E6D for ; Fri, 17 Feb 2023 15:10:52 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id q8-20020a25f408000000b00944353b6a81so2360193ybd.7 for ; Fri, 17 Feb 2023 15:10:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=npHi3V7E0yjLP2ajthwoOQ/SU63n4hMuJXlKMFS+nHI=; b=P8vTeMvHJCNfFsDWiLgIMpvKAPjVVwfRvi5yeYuL1WdcjubdsboNwBPVGDt+BksKvF 4zW5PNtqyX0zM7Qk4N95bYPYTer1L8lrDmHW8jXVK02zLEFiKAonT7XaVBYT7J+iyvgc WoJO3O26G7CBJotWPGqB2pmQo8aJi7c25P01waomQQIjiFmsh6q54ESUDx2tqgi5JUid OiBR38TxZopIgMZAPbxaItPr7wFx5bFVZmAOUlckkeOOVFE+Ae5o/wsBMzl6KyqJel0K 6kghLY1vDdnJrl0uydKaQl0uyZWCcekXaH3WIlhWI08zsOo0eWtsQ9LIKOpF4kH771pf C2Tw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=npHi3V7E0yjLP2ajthwoOQ/SU63n4hMuJXlKMFS+nHI=; b=UGdJayLlsN4RkELdOCY8efoAhoxdVLDU856KtPX9D7650wuFGgH1W/AvQ7krbzKizK +gK0vs67ePIGLxywHo/NkluSia5a6g9CWGpKo4/KPL6tHwjslvHsqEvabgA1ME8HmoEC 3GB2Vit52QVJlsHN5R2ORW9Nwy+d6dpx0FC7NeaypxZ5Xk4pMxrlm5W1n5b0h4WWQQ74 GewWJireMVU189l/jinrPPXxosYQDZV7mrsF0YJ2B/kwVmhG62ifpnW6t7jFloyYyKM+ 7r/TMJ3Flx5wrtuE29WJMLc1g/25ZSQ9SkKRj3LqzMsam3ELaVBWeolE+IrprOg1apvW spnw== X-Gm-Message-State: AO0yUKUwQNYksx+KoIgeUUNazmOtX55qmOSotDZbW1cUCX7VJpsIP1z8 kfafNdqJ+VFXZpVkkzRgHit3r/h1P/c= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:9c45:0:b0:913:5de0:5acc with SMTP id x5-20020a259c45000000b009135de05accmr1520970ybo.494.1676675448091; Fri, 17 Feb 2023 15:10:48 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 17 Feb 2023 15:10:22 -0800 In-Reply-To: <20230217231022.816138-1-seanjc@google.com> Mime-Version: 1.0 References: <20230217231022.816138-1-seanjc@google.com> X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog Message-ID: <20230217231022.816138-13-seanjc@google.com> Subject: [PATCH 12/12] KVM: x86: Disallow guest CPUID lookups when IRQs are disabled From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini , Vitaly Kuznetsov Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758122019219097686?= X-GMAIL-MSGID: =?utf-8?q?1758122019219097686?= Now that KVM has a framework for caching guest CPUID feature flags, add a "rule" that IRQs must be enabled when doing guest CPUID lookups, and enforce the rule via a lockdep assertion. CPUID lookups are slow, and within KVM, IRQs are only ever disabled in hot paths, e.g. the core run loop, fast page fault handling, etc. I.e. querying guest CPUID with IRQs disabled, especially in the run loop, should be avoided. Signed-off-by: Sean Christopherson --- arch/x86/kvm/cpuid.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 3b604499c35c..0f34774129d8 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -11,6 +11,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt #include +#include "linux/lockdep.h" #include #include #include @@ -90,6 +91,18 @@ static inline struct kvm_cpuid_entry2 *cpuid_entry2_find( struct kvm_cpuid_entry2 *e; int i; + /* + * KVM has a semi-arbitrary rule that querying the guest's CPUID model + * with IRQs disabled is disallowed. The CPUID model can legitimately + * have over one hundred entries, i.e. the lookup is slow, and IRQs are + * typically disabled in KVM only when KVM is in a performance critical + * patch, e.g. the core VM-Enter/VM-Exit run loop. Nothing will break + * if this rule is violated, this assertion is purely to flag potential + * performance issues. If this fires, consider moving the lookup out + * of the hotpath, e.g. by caching information during CPUID updates. + */ + lockdep_assert_irqs_enabled(); + for (i = 0; i < nent; i++) { e = &entries[i];