From patchwork Wed Mar 22 01:14:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 73139 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2104505wrt; Tue, 21 Mar 2023 18:28:27 -0700 (PDT) X-Google-Smtp-Source: AK7set9MxMrii6cpY0UwIs2xfoBJpTI+YsZrMvqjM+nxqMTl17Q5YDsxJjP5Kxrbuh5MX4zEIcZi X-Received: by 2002:a17:902:e18b:b0:19d:1d32:fbe with SMTP id y11-20020a170902e18b00b0019d1d320fbemr917898pla.20.1679448506902; Tue, 21 Mar 2023 18:28:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679448506; cv=none; d=google.com; s=arc-20160816; b=inxcLINk5jKTP+jszPFiV5acweyXrJjgUVflEzFMtLJ2VJFfOOrKfm9Qk31iUedXwd nzdWCU5oHIdq+4ssGkp9oU3oEtN8Pz3JC9TeE56Y+KaiMJub5DeJlbr3oGLMYYWkjjb8 qUaD63KWZbFy7eIHKAnLRF1B5EtYqAn7GP2quO6bjMHgFxIQeYuPH61cVIPjH9ZMcwGV AMD0yM6aG6A0oXyPeu0u4avfGabaQWUehE/UNvVxvh+HB3Lx+28KvP5jxt9d2Pfg8EHK eaqVNmmiF9iMXuztNQkazWY9BsZ8Rxij7P02L3Bf19ECTTYH6EYku1bkXzt05WUECU7t IH7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=r2E6+28pFIcVoD7c62WV1LTJDe4T0Oa+OT5aWWRY1ec=; b=uL0ekMZg6AShYp0nlr2lgE5QjPj1MOvdvpGkRRpIysd7oTobz1yvh6gOZIUznclsh+ 37DbU6Cr2rUPne1WDvQUaiqhzzM4jY3ijdo/+Ek9fVBV/uWtljbu522XY6YFWmTyzlsC QJKohQmkptov0nhNzfvcY/w4tiNw3WWk54IeQnVv41eCboXFY/jInf4626zQOgVrxRUg NhB5ZXr2/Rkjzvd6u2ZCqC6VVKjok5bpZy1+LaZSb70NABcgMB4BOEjnImkDXE516dQ2 6Oi7FqdIrLbq4o3CgjxSSbNkvl2Rj5ebYUcJRoeS+5i60OSKzOLVu4gb/uRyC1KSKZlG V9yA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=GuTR6vZj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i7-20020a635407000000b00508d4eae759si14627550pgb.231.2023.03.21.18.28.14; Tue, 21 Mar 2023 18:28:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=GuTR6vZj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230106AbjCVBPx (ORCPT + 99 others); Tue, 21 Mar 2023 21:15:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52880 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230101AbjCVBPl (ORCPT ); Tue, 21 Mar 2023 21:15:41 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 414DC5A6EB for ; Tue, 21 Mar 2023 18:15:20 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id j15-20020a17090a318f00b0023fe33f8825so1040932pjb.9 for ; Tue, 21 Mar 2023 18:15:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1679447717; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=r2E6+28pFIcVoD7c62WV1LTJDe4T0Oa+OT5aWWRY1ec=; b=GuTR6vZjRwaqrGPvM/+L09WWxqjQDN7+wT3jEVHzXWuWUZqTmurtmFEM7Qe0oW8M9J KnZHcD5vT8q/++rXX8l1kkfjDUVpOdYQJ8OP+QHPrIZEFrFPMEpklM0CFAj9A9zpH8Ed NTkWX2N8zoDDbsE3K7sPU5BHL5B759yae0/0itmniEqVUZTRsps99zrgYkezYHfxCjRI BmzXVMrGFo0YlLanINz4dqUyvTY3rJRj+B86hErG4loF+g2UtYbEL+HaaZCwk98PMTBY k+fXNg4uxi7/eHWecDTs8IS8jtXRcrc8ftTLZn3zuKqdeZmw7Xj3NdzzAwQU9e4wfOcX NUdw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679447717; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=r2E6+28pFIcVoD7c62WV1LTJDe4T0Oa+OT5aWWRY1ec=; b=rhZhMUWbl1ddnd9pMH+k71H73sVJUUIsoYXlbcCdLKAvpChdIaozE67csCQPz7/OqZ rKU49Repd26/60RVFV2N3wcQXExKmytqxpeOCvOrZJlP1e69HiqdCf789AXXlhj5nP1q gf8OL/ALzCgQmKbtGrYtTrh6xkYAF/PGHzBq9cH4dpdMy8XKvcIpNdsyuKT+MC/QG3B3 BvnQqVQoZ2wGb4IV6m5u1U93DKmos3RbR86r+oDZGtYMDVe5gu8vITklSO5zOEvW7akm JIhJ4lNhgBJfU3ECo0wM5GG1qwWjrcQSTtPxZoVVHRXNHIHU5r+To1o9Y0ohEJNZHvZE n8PQ== X-Gm-Message-State: AO0yUKWElgvtBPSspGf6xzkCUi5GKsN0zj9xj6QZRzrZ/nICg6QpSUor 1PK0R4o3d/n2nTtRSasJ538zxwlEjww= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a65:63c4:0:b0:503:7be2:19a7 with SMTP id n4-20020a6563c4000000b005037be219a7mr302089pgv.1.1679447717170; Tue, 21 Mar 2023 18:15:17 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 21 Mar 2023 18:14:35 -0700 In-Reply-To: <20230322011440.2195485-1-seanjc@google.com> Mime-Version: 1.0 References: <20230322011440.2195485-1-seanjc@google.com> X-Mailer: git-send-email 2.40.0.rc2.332.ga46443480c-goog Message-ID: <20230322011440.2195485-2-seanjc@google.com> Subject: [PATCH 1/6] KVM: x86: Revert MSR_IA32_FLUSH_CMD.FLUSH_L1D enabling From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Nathan Chancellor , Emanuele Giuseppe Esposito , Pawan Gupta , Jim Mattson X-Spam-Status: No, score=-7.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761029397374788615?= X-GMAIL-MSGID: =?utf-8?q?1761029397374788615?= Revert the recently added virtualizing of MSR_IA32_FLUSH_CMD, as both the VMX and SVM are fatally buggy to guests that use MSR_IA32_FLUSH_CMD or MSR_IA32_PRED_CMD, and because the entire foundation of the logic is flawed. The most immediate problem is an inverted check on @cmd that results in rejecting legal values. SVM doubles down on bugs and drops the error, i.e. silently breaks all guest mitigations based on the command MSRs. The next issue is that neither VMX nor SVM was updated to mark MSR_IA32_FLUSH_CMD as being a possible passthrough MSR, which isn't hugely problematic, but does break MSR filtering and triggers a WARN on VMX designed to catch this exact bug. The foundational issues stem from the MSR_IA32_FLUSH_CMD code reusing logic from MSR_IA32_PRED_CMD, which in turn was likely copied from KVM's support for MSR_IA32_SPEC_CTRL. The copy+paste from MSR_IA32_SPEC_CTRL was misguided as MSR_IA32_PRED_CMD (and MSR_IA32_FLUSH_CMD) is a write-only MSR, i.e. doesn't need the same "deferred passthrough" shenanigans as MSR_IA32_SPEC_CTRL. Revert all MSR_IA32_FLUSH_CMD enabling in one fell swoop so that there is no point where KVM advertises, but does not support, L1D_FLUSH. This reverts commits 45cf86f26148e549c5ba4a8ab32a390e4bde216e, 723d5fb0ffe4c02bd4edf47ea02c02e454719f28, and a807b78ad04b2eaa348f52f5cc7702385b6de1ee. Reported-by: Nathan Chancellor Link: https://lkml.kernel.org/r/20230317190432.GA863767%40dev-arch.thelio-3990X Cc: Emanuele Giuseppe Esposito Cc: Pawan Gupta Cc: Jim Mattson Signed-off-by: Sean Christopherson Tested-by: Mathias Krause --- arch/x86/kvm/cpuid.c | 2 +- arch/x86/kvm/svm/svm.c | 43 ++++++++----------------- arch/x86/kvm/vmx/nested.c | 3 -- arch/x86/kvm/vmx/vmx.c | 68 ++++++++++++++------------------------- 4 files changed, 39 insertions(+), 77 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 9583a110cf5f..599aebec2d52 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -653,7 +653,7 @@ void kvm_set_cpu_caps(void) F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES) | F(INTEL_STIBP) | F(MD_CLEAR) | F(AVX512_VP2INTERSECT) | F(FSRM) | F(SERIALIZE) | F(TSXLDTRK) | F(AVX512_FP16) | - F(AMX_TILE) | F(AMX_INT8) | F(AMX_BF16) | F(FLUSH_L1D) + F(AMX_TILE) | F(AMX_INT8) | F(AMX_BF16) ); /* TSC_ADJUST and ARCH_CAPABILITIES are emulated in software. */ diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 70183d2271b5..252e7f37e4e2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2869,28 +2869,6 @@ static int svm_set_vm_cr(struct kvm_vcpu *vcpu, u64 data) return 0; } -static int svm_set_msr_ia32_cmd(struct kvm_vcpu *vcpu, struct msr_data *msr, - bool guest_has_feat, u64 cmd, - int x86_feature_bit) -{ - struct vcpu_svm *svm = to_svm(vcpu); - - if (!msr->host_initiated && !guest_has_feat) - return 1; - - if (!(msr->data & ~cmd)) - return 1; - if (!boot_cpu_has(x86_feature_bit)) - return 1; - if (!msr->data) - return 0; - - wrmsrl(msr->index, cmd); - set_msr_interception(vcpu, svm->msrpm, msr->index, 0, 1); - - return 0; -} - static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) { struct vcpu_svm *svm = to_svm(vcpu); @@ -2965,14 +2943,19 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SPEC_CTRL, 1, 1); break; case MSR_IA32_PRED_CMD: - r = svm_set_msr_ia32_cmd(vcpu, msr, - guest_has_pred_cmd_msr(vcpu), - PRED_CMD_IBPB, X86_FEATURE_IBPB); - break; - case MSR_IA32_FLUSH_CMD: - r = svm_set_msr_ia32_cmd(vcpu, msr, - guest_cpuid_has(vcpu, X86_FEATURE_FLUSH_L1D), - L1D_FLUSH, X86_FEATURE_FLUSH_L1D); + if (!msr->host_initiated && + !guest_has_pred_cmd_msr(vcpu)) + return 1; + + if (data & ~PRED_CMD_IBPB) + return 1; + if (!boot_cpu_has(X86_FEATURE_IBPB)) + return 1; + if (!data) + break; + + wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PRED_CMD, 0, 1); break; case MSR_AMD64_VIRT_SPEC_CTRL: if (!msr->host_initiated && diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index f63b28f46a71..1bc2b80273c9 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -654,9 +654,6 @@ static inline bool nested_vmx_prepare_msr_bitmap(struct kvm_vcpu *vcpu, nested_vmx_set_intercept_for_msr(vmx, msr_bitmap_l1, msr_bitmap_l0, MSR_IA32_PRED_CMD, MSR_TYPE_W); - nested_vmx_set_intercept_for_msr(vmx, msr_bitmap_l1, msr_bitmap_l0, - MSR_IA32_FLUSH_CMD, MSR_TYPE_W); - kvm_vcpu_unmap(vcpu, &vmx->nested.msr_bitmap_map, false); vmx->nested.force_msr_bitmap_recalc = false; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index d7bf14abdba1..f777509ecf17 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2133,39 +2133,6 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated return debugctl; } -static int vmx_set_msr_ia32_cmd(struct kvm_vcpu *vcpu, - struct msr_data *msr_info, - bool guest_has_feat, u64 cmd, - int x86_feature_bit) -{ - if (!msr_info->host_initiated && !guest_has_feat) - return 1; - - if (!(msr_info->data & ~cmd)) - return 1; - if (!boot_cpu_has(x86_feature_bit)) - return 1; - if (!msr_info->data) - return 0; - - wrmsrl(msr_info->index, cmd); - - /* - * For non-nested: - * When it's written (to non-zero) for the first time, pass - * it through. - * - * For nested: - * The handling of the MSR bitmap for L2 guests is done in - * nested_vmx_prepare_msr_bitmap. We should not touch the - * vmcs02.msr_bitmap here since it gets completely overwritten - * in the merging. - */ - vmx_disable_intercept_for_msr(vcpu, msr_info->index, MSR_TYPE_W); - - return 0; -} - /* * Writes msr value into the appropriate "register". * Returns 0 on success, non-0 otherwise. @@ -2319,16 +2286,31 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) return 1; goto find_uret_msr; case MSR_IA32_PRED_CMD: - ret = vmx_set_msr_ia32_cmd(vcpu, msr_info, - guest_has_pred_cmd_msr(vcpu), - PRED_CMD_IBPB, - X86_FEATURE_IBPB); - break; - case MSR_IA32_FLUSH_CMD: - ret = vmx_set_msr_ia32_cmd(vcpu, msr_info, - guest_cpuid_has(vcpu, X86_FEATURE_FLUSH_L1D), - L1D_FLUSH, - X86_FEATURE_FLUSH_L1D); + if (!msr_info->host_initiated && + !guest_has_pred_cmd_msr(vcpu)) + return 1; + + if (data & ~PRED_CMD_IBPB) + return 1; + if (!boot_cpu_has(X86_FEATURE_IBPB)) + return 1; + if (!data) + break; + + wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); + + /* + * For non-nested: + * When it's written (to non-zero) for the first time, pass + * it through. + * + * For nested: + * The handling of the MSR bitmap for L2 guests is done in + * nested_vmx_prepare_msr_bitmap. We should not touch the + * vmcs02.msr_bitmap here since it gets completely overwritten + * in the merging. + */ + vmx_disable_intercept_for_msr(vcpu, MSR_IA32_PRED_CMD, MSR_TYPE_W); break; case MSR_IA32_CR_PAT: if (!kvm_pat_valid(data)) From patchwork Wed Mar 22 01:14:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 73133 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2100932wrt; Tue, 21 Mar 2023 18:17:51 -0700 (PDT) X-Google-Smtp-Source: AK7set/N3HdMV1guAS0Jnwb+o6PwEXKdkyx1AYA2RJdWqPNSm6GfP2YhOide+iR8o9JVRvtGhcje X-Received: by 2002:a17:906:d8ba:b0:933:32a9:bfb2 with SMTP id qc26-20020a170906d8ba00b0093332a9bfb2mr4507027ejb.57.1679447870971; Tue, 21 Mar 2023 18:17:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679447870; cv=none; d=google.com; s=arc-20160816; b=CLXZjU0nhSD065uJw7pZXQrrubXTZ4GWYnBMrLlsuXxnf5Ozhc+c13v4AGgxlCXv0n /+f+aLBOMUfI/++l8RavU3BWXGPgdLIinEAQPKQq6fqa5X5+IhlEX7z7yccxXiuwdwZs 6wvPiO9egiCxqyPyPHLxzrMulUMCnQYTwuMNXdXxVeWZyYnpOMJKhL/syCL9YaheWiLz 3b2rzpOywRCUbnQT5UkYOryuOtnUlGd/upguhb52gbXieMK3bJkblNzWYRw4B6yoPwtZ tFcKX/MVVOAEg7vsV81ioQrz/FZVXAb2XhIaMtMd2+le1J1mWP2vgC53joddJN2MC4KB Kxjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=CY4cnk4UOMeVTH0kQ1tQ9VzeyOFu2K0f5K2GYFhb34s=; b=IjgLwTmCdxTN2L8zVHNcz08e7ZmKdGDBpp4RtqV3SVB2RONHvGOr69cZo/Dn40+ABx i1BDC0FKTNR5Q1TO0Q2LENeLmMpjg4U6TR+P+2GsspZI9cPfT+jaY0UUyjnTdgD9EOCB DrYQoiRlEONFBPqjeBYwGFvu6FjxpQ4fiiTICzHHSFvPirtSx1HmiXJLUCwKLTlwPZKQ /ywZm6GCg7ti6yy6BMZ3+zZE4HG+mk/FhRbQ1uZ33vuxQrR4iYWtdw+2beE6eOBx2Tt/ 2DH1y5lm74fEnyyTBtbvKev/G3DvAgshveyNk2Ivie99ANOqb/rQlcHpVwXB1EUKbfck ageQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=AkqrcYEi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e12-20020a170906c00c00b0092ffaa6aa2bsi15061967ejz.513.2023.03.21.18.17.27; Tue, 21 Mar 2023 18:17:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=AkqrcYEi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230196AbjCVBQF (ORCPT + 99 others); Tue, 21 Mar 2023 21:16:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53064 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229838AbjCVBPr (ORCPT ); Tue, 21 Mar 2023 21:15:47 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D0C2D5A901 for ; Tue, 21 Mar 2023 18:15:23 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id y144-20020a253296000000b00b69ce0e6f2dso9844322yby.18 for ; Tue, 21 Mar 2023 18:15:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1679447719; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=CY4cnk4UOMeVTH0kQ1tQ9VzeyOFu2K0f5K2GYFhb34s=; b=AkqrcYEiE53LAVOgUo3cY+bXfl82+gNCSSPEEGj65pQsP74Nh5wscxPvqarY6zz8gX wxFFEj4sVQ55KaHHudOG4SDRtxMvI7uReX6C9FV2XQ/Kr1D1OmZn/Kzzzn2h0yJ0saqI JoqmsXg94qdQ2pJ5/VzpC1eYtVTUY20JIwxA80o8ZYoMjbHr5HHZx8pKe+9qsOk8FJPe H/SVIFvpeBwLPKZyiYdt9ta06DDjeJs1pCzvoW/rlLWhDOAoV3sIwYqJVVTJh/xgYRlC dY9OC0h/FG9tJKvDkkaea/P/7kzKuE1QUvgRtkl5IgPrgLUX94yW+4No4Wyc5PB/xOCB nvIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679447719; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=CY4cnk4UOMeVTH0kQ1tQ9VzeyOFu2K0f5K2GYFhb34s=; b=1MbaXD+qyqidvPqqLVEBVqcIodjHwgTgTCRQm3tRGo7IbK7n7+SJns2G6e5jIA3QFr sAeDNw59HGHIw7sRhE84RVsnMctLIZGp85rIlUZqhFuQPlVLKkRHbsbE/EzdXzRjBTNN J0L48Q69soJhrwYN3H1yPzLC6BLzcHOX+4fUgqQCkS8qNJbFTsM6MVy/dg7+k4x6tlpC +6EnQozuKjwyMuDeWEZe7mcjSWzA4TT/kIJ7AvUVHp736aoaOw+H/B+Z55pXtDqnvMKw NBfy/vPQqB2yKIgerQ2fNl0hZXdYBkloOGdSrXBxwyHFHMrHO93U77XpBmR+Y7V9Y000 6sig== X-Gm-Message-State: AAQBX9fts6NxrgwIN78N6xDOMPqT1rIDlY1o9c15h9QmXfvoRgafpi3E Ju9rIb7vCrDBkcgefrSlvEY3+C/E5kM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:820d:0:b0:a27:3ecc:ffe7 with SMTP id q13-20020a25820d000000b00a273eccffe7mr361394ybk.3.1679447719213; Tue, 21 Mar 2023 18:15:19 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 21 Mar 2023 18:14:36 -0700 In-Reply-To: <20230322011440.2195485-1-seanjc@google.com> Mime-Version: 1.0 References: <20230322011440.2195485-1-seanjc@google.com> X-Mailer: git-send-email 2.40.0.rc2.332.ga46443480c-goog Message-ID: <20230322011440.2195485-3-seanjc@google.com> Subject: [PATCH 2/6] KVM: VMX: Passthrough MSR_IA32_PRED_CMD based purely on host+guest CPUID From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Nathan Chancellor , Emanuele Giuseppe Esposito , Pawan Gupta , Jim Mattson X-Spam-Status: No, score=-7.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761028730594266425?= X-GMAIL-MSGID: =?utf-8?q?1761028730594266425?= Passthrough MSR_IA32_PRED_CMD based purely on whether or not the MSR is supported and enabled, i.e. don't wait until the first write. There's no benefit to deferred passthrough, and the extra logic only adds complexity. Signed-off-by: Sean Christopherson Reviewed-by: Xiaoyao Li --- arch/x86/kvm/vmx/vmx.c | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f777509ecf17..5c01c76c0d45 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2298,19 +2298,6 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) break; wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); - - /* - * For non-nested: - * When it's written (to non-zero) for the first time, pass - * it through. - * - * For nested: - * The handling of the MSR bitmap for L2 guests is done in - * nested_vmx_prepare_msr_bitmap. We should not touch the - * vmcs02.msr_bitmap here since it gets completely overwritten - * in the merging. - */ - vmx_disable_intercept_for_msr(vcpu, MSR_IA32_PRED_CMD, MSR_TYPE_W); break; case MSR_IA32_CR_PAT: if (!kvm_pat_valid(data)) @@ -7743,6 +7730,9 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) vmx_set_intercept_for_msr(vcpu, MSR_IA32_XFD_ERR, MSR_TYPE_R, !guest_cpuid_has(vcpu, X86_FEATURE_XFD)); + if (boot_cpu_has(X86_FEATURE_IBPB)) + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PRED_CMD, MSR_TYPE_W, + !guest_has_pred_cmd_msr(vcpu)); set_cr4_guest_host_mask(vmx); From patchwork Wed Mar 22 01:14:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 73132 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2100865wrt; Tue, 21 Mar 2023 18:17:38 -0700 (PDT) X-Google-Smtp-Source: AK7set+WvAAch4fTIQ33V3pUGuELXoYh9Lg248kUUflhXx8kbdaIJA2RVbnzclEEV1LRzV85plEG X-Received: by 2002:a17:902:da85:b0:19e:b2f3:e8c4 with SMTP id j5-20020a170902da8500b0019eb2f3e8c4mr1123808plx.25.1679447858363; Tue, 21 Mar 2023 18:17:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679447858; cv=none; d=google.com; s=arc-20160816; b=KhvE+zGhMbFnXnAqBNLCXOP8FmYv3tm7DGf29gELwHzb4HSTwtVfSuSrtF4cDYgGCp ynYTMJyfdN1HDDkwe/FVXX6KUs8bU1JPgxTvrmuvsqMCMjwvccVGN4tuQHvF0q9TQIg1 tw4xRKK6geD3ZBNqxprVwyIMSryahLHBTwnxQ+GJd92B9YcKaJ0SIc2GSDzgSrfueXmT /lH8s+DQkOjqHg8kxfD86bnHnaGrNJRStYPLl/D+G93QqkIltkCu54gIiCBkDoZo5rQ9 IOUCz0ZXFoMe5tSZXerbtY+nx3xFwJeESQGbP2y6ItaHjIaKCBuw7nVYkHTITpFQ/3gz ASfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=bCprSD7F8RNK3sb9JsGw6XUAq7a4JeIg3plwEoRHVh8=; b=zQ+OfqDXgpFJJ/ti6NB08IDNOqIRaOO+6wrxVy07XtumEyZ6Chi8MvFIdF+bC6Ib7F hhs+oVs8zsTwem/TpQ9Yt6L1vsyFrUyvxlylw0c5HEkJGN/zYOw1kDgzGCDhMZSqXwbR CWRXml0uRX8E8LdKcqTxek1v3aUwoiIPaEzYjKpnjLU65McBqhPHEbVE/Tw3OZ1WbtJv 8EZbQjDs5nPuYZ1bXzSaPW07qfPvE+yVAup/kXpuuJ3l4MGYhdMrhJEd3AeMdon+cLv7 suFRN5md5DyW1/YahU1ViK8IAVshBJpcyWHjK7/377obHvipImXzsMGFO55iCIqqGh32 7fyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=YIfiHPdY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b6-20020a170902d50600b001a1e237060fsi3543871plg.344.2023.03.21.18.17.25; Tue, 21 Mar 2023 18:17:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=YIfiHPdY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229663AbjCVBQI (ORCPT + 99 others); Tue, 21 Mar 2023 21:16:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52332 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229912AbjCVBPr (ORCPT ); Tue, 21 Mar 2023 21:15:47 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F1DF5A903 for ; Tue, 21 Mar 2023 18:15:24 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 204-20020a2514d5000000b00a3637aea9e1so18272039ybu.17 for ; Tue, 21 Mar 2023 18:15:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1679447721; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=bCprSD7F8RNK3sb9JsGw6XUAq7a4JeIg3plwEoRHVh8=; b=YIfiHPdYGeLXud9fanwJkzpqMhXu9ONdgLi3kWklYWx9AmdlQIm1JlSKnVHYPY903M w4KQNHT7wvCE16Stgyu5u74kWIU/niqgHvn8Nz8qYnIAIneIGXSECDDpWdmZ3POaPEW9 h4V/uzUdVBGQ0Pav6rFS1wv0uf8sbXWgRZf20VkwMZL0ec4osReXufoHf/QT7EF3p4XT jds1OsktmRiJ4pJetVbRgnvOu2NLILefoU6ChynqqWUyoClpLR6ZzqmQJyB80CFjRWC7 Q5SYO0NVDM0r+dYxbm9pi2l4SV2CpfagP+HLD9lHvLyaqcZtW2T4I82SJFq0Kor1DamS mmzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679447721; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=bCprSD7F8RNK3sb9JsGw6XUAq7a4JeIg3plwEoRHVh8=; b=ZbLm1UQcWPERaPf03wGjcmNAGNMli07mwNL2lk+pI5dmoTzYgZXAoSBfGhkJ4BA++V nkZmHMQzMcvzcFyMWUKOgeTRIjrBtiUb7xoz7gLHLAntIdK871iYkxnshLXLt328Jmov IV2Js2chaAv+ueon2E4OcE3VHDchb9c/BtcLaeSZuvLOHMFOQu/x9MvuxFG/a8rN+A2D 8FxpwGGBGSSR3yaX3fN5ON94wzEBOyaY0KwAo3+RFGMRO0m7TR8HcJb3vFhAHraCtyfZ g8NpjjJfZeExGhNBZRd3CyP8lypd21WyfbdkzegggjUjaaBvpsnvEOCBz5rpTzTk7PYM Pfaw== X-Gm-Message-State: AAQBX9cB139SwaU/PsqW9caNS0PlFOaRsM17rtoP5wsbjsC8TJGZ2Kaq jENz8yuHo6JM9Qo1WNUls5bxDh2pGyE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:b3c1:0:b0:541:9895:4ce9 with SMTP id r184-20020a81b3c1000000b0054198954ce9mr2208350ywh.9.1679447720994; Tue, 21 Mar 2023 18:15:20 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 21 Mar 2023 18:14:37 -0700 In-Reply-To: <20230322011440.2195485-1-seanjc@google.com> Mime-Version: 1.0 References: <20230322011440.2195485-1-seanjc@google.com> X-Mailer: git-send-email 2.40.0.rc2.332.ga46443480c-goog Message-ID: <20230322011440.2195485-4-seanjc@google.com> Subject: [PATCH 3/6] KVM: SVM: Passthrough MSR_IA32_PRED_CMD based purely on host+guest CPUID From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Nathan Chancellor , Emanuele Giuseppe Esposito , Pawan Gupta , Jim Mattson X-Spam-Status: No, score=-7.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761028717574138532?= X-GMAIL-MSGID: =?utf-8?q?1761028717574138532?= Passthrough MSR_IA32_PRED_CMD based purely on whether or not the MSR is supported and enabled, i.e. don't wait until the first write. There's no benefit to deferred passthrough, and the extra logic only adds complexity. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 252e7f37e4e2..f757b436ffae 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2955,7 +2955,6 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) break; wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); - set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PRED_CMD, 0, 1); break; case MSR_AMD64_VIRT_SPEC_CTRL: if (!msr->host_initiated && @@ -4151,6 +4150,10 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) svm_recalc_instruction_intercepts(vcpu, svm); + if (boot_cpu_has(X86_FEATURE_IBPB)) + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PRED_CMD, 0, + !!guest_has_pred_cmd_msr(vcpu)); + /* For sev guests, the memory encryption bit is not reserved in CR3. */ if (sev_guest(vcpu->kvm)) { best = kvm_find_cpuid_entry(vcpu, 0x8000001F); From patchwork Wed Mar 22 01:14:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 73137 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2103923wrt; Tue, 21 Mar 2023 18:26:27 -0700 (PDT) X-Google-Smtp-Source: AK7set/CCLlVnYgmoQ7G2F/joYF8F8fd+r8uW3X4OjA6QEm/JbfRDItM5mphNkvoMZiXmKARywxz X-Received: by 2002:a17:90a:1a50:b0:23a:f4b4:630 with SMTP id 16-20020a17090a1a5000b0023af4b40630mr1596348pjl.23.1679448387426; Tue, 21 Mar 2023 18:26:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679448387; cv=none; d=google.com; s=arc-20160816; b=nTmJ+vWrV8XJSbY/20auJQZMDidpEBih7sXpIFzpL+5k7c9geH7e1gBs4yAf4HghDr pQydPzQ/PEHHFdJsmvzpYzYwYbjeUAYkZe+fcVyaZsdVo0FD5VOpkWpDs7AwGSLPqyF7 chzZStRXtruAQYxU3PxsafNtPSTZGEhZaHzmwfUqjqrbeCemf5xahBxF2dAWLDQMeJHD fYudBAHNNkZ5UFUsQ5UsfSw9oTYCFCpZ3kXUJWdGy/oqE3KGmJObW6xVKS6vzA3EbEWs YKxFWVTQkbVjZqesqHQboXDG1rtY91ZEU44ZH2dt4zkj/hgEt+g0hRMlCI/rfSvU5y/r 7Xew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=gDWDUJZKEiSdc2jrx8xTfg9KaQTEhFf0r1pqILfpYfw=; b=aGsNR2svX5eMHBYN7fBhooSmcJuTENVjxlopehfPTurq2G+NOaDOEYo8cBkRve+Owm 9xggsrhD2o3fXD5BPznavq9tAyVttQ6ZTO73145YV654kSRUILwy5W+IH4LTjK4Bl0+N mxP5wl+wYPmlzGyNudHo+E8Jtt6HW3nQaesiAqBi80hGwLfmgOM42QKGCizS2dCKsw1d oxXmY7jYqs5fqcvxL1pTsaTSxYK8PfqJgA1AK5GDQf0RKQYC6Hj7PzY0NIpGmF9qSeVI GcXTB70NNriSwD97vHU1Mqnq53Z1Wp1797+VthXqx8qH8Cqgx6FxEU8PueoftQmiMVn/ jyWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=c3vy0tRL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t191-20020a6381c8000000b0050fb309e9eesi2534865pgd.150.2023.03.21.18.26.14; Tue, 21 Mar 2023 18:26:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=c3vy0tRL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230220AbjCVBQM (ORCPT + 99 others); Tue, 21 Mar 2023 21:16:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229645AbjCVBPw (ORCPT ); Tue, 21 Mar 2023 21:15:52 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3C91B58B55 for ; Tue, 21 Mar 2023 18:15:27 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id d2-20020a170902cec200b001a1e8390831so1369057plg.5 for ; Tue, 21 Mar 2023 18:15:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1679447722; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=gDWDUJZKEiSdc2jrx8xTfg9KaQTEhFf0r1pqILfpYfw=; b=c3vy0tRLOjOsR5JxOTTiqFC4RogaQM7GDamcMvByk11LgnruHpbE0CrS3dqs/uWiNy IfAErbnBxDoXUzsSwlirlmq6tg8Gv02goL5hgS5cbCjhSegRXhoeuOPaxT0K5E/hcjXZ uHly/hPshpkQc2OGsHdsgvAutoX51UwxGGrw7hek4T9CCI5chUpRR7pp80palsbOhg6j CKrExnLgK6rx+rT79i2HMg/l4K5dfZNWoGSokqGj4OGW7/unsdycIDuy1B5fMpI0sqAd 4BYnElvb6yco11+yccg+6cQyxXLc/sKnc9yrX67bmbEmzHw9Lkvy2JffZ8itDeYSorRY L6ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679447722; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gDWDUJZKEiSdc2jrx8xTfg9KaQTEhFf0r1pqILfpYfw=; b=ud+0/BRCaqE/YOKk2OGFW/sA8rPidS0tw5xDVJDcePn26Es7P5bElYv6D4khqY3Hpz 3pK33hqhwPuq+77VZ0Hlq2eftszIRoFIONc6lOC513Kk5wxWsQQ/ItrbsAxwnPGIZU0v DT6bFdLcNyvSTkiJhDakh98BOdDEJXyVNxg+1mGyQiKBt2kzQX7KOP+j9jfCfYZARfsL ab0y8SFRx8NQfrBqsE0sDGRBZOHHObQeJwy/SFC9REwalyPDhyO9g7O8WuXLriRQHCxl 0xrpcn3PGhImcqzF9ePJUByUhsEPvrjH4VvPu66JvxpphlyCM7ws7PrzZjULZyb2qRpa YcRQ== X-Gm-Message-State: AAQBX9eP8u2nKmipJVcMwhDxIbE9p/JAHxjGhH1NW3J9LFMOfyyr7vJl /Z8EDZGELNJtM/OujVN/CQmNHHUkIuA= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:d88d:b0:1a1:def4:a030 with SMTP id b13-20020a170902d88d00b001a1def4a030mr248093plz.0.1679447722736; Tue, 21 Mar 2023 18:15:22 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 21 Mar 2023 18:14:38 -0700 In-Reply-To: <20230322011440.2195485-1-seanjc@google.com> Mime-Version: 1.0 References: <20230322011440.2195485-1-seanjc@google.com> X-Mailer: git-send-email 2.40.0.rc2.332.ga46443480c-goog Message-ID: <20230322011440.2195485-5-seanjc@google.com> Subject: [PATCH 4/6] KVM: x86: Move MSR_IA32_PRED_CMD WRMSR emulation to common code From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Nathan Chancellor , Emanuele Giuseppe Esposito , Pawan Gupta , Jim Mattson X-Spam-Status: No, score=-7.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761029272132798589?= X-GMAIL-MSGID: =?utf-8?q?1761029272132798589?= Dedup the handling of MSR_IA32_PRED_CMD across VMX and SVM by moving the logic to kvm_set_msr_common(). Now that the MSR interception toggling is handled as part of setting guest CPUID, the VMX and SVM paths are identical. Opportunistically massage the code to make it a wee bit denser. Signed-off-by: Sean Christopherson Reviewed-by: Xiaoyao Li --- arch/x86/kvm/svm/svm.c | 14 -------------- arch/x86/kvm/vmx/vmx.c | 14 -------------- arch/x86/kvm/x86.c | 11 +++++++++++ 3 files changed, 11 insertions(+), 28 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f757b436ffae..85bb535fc321 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2942,20 +2942,6 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) */ set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SPEC_CTRL, 1, 1); break; - case MSR_IA32_PRED_CMD: - if (!msr->host_initiated && - !guest_has_pred_cmd_msr(vcpu)) - return 1; - - if (data & ~PRED_CMD_IBPB) - return 1; - if (!boot_cpu_has(X86_FEATURE_IBPB)) - return 1; - if (!data) - break; - - wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); - break; case MSR_AMD64_VIRT_SPEC_CTRL: if (!msr->host_initiated && !guest_cpuid_has(vcpu, X86_FEATURE_VIRT_SSBD)) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 5c01c76c0d45..29807be219b9 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2285,20 +2285,6 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) if (data & ~(TSX_CTRL_RTM_DISABLE | TSX_CTRL_CPUID_CLEAR)) return 1; goto find_uret_msr; - case MSR_IA32_PRED_CMD: - if (!msr_info->host_initiated && - !guest_has_pred_cmd_msr(vcpu)) - return 1; - - if (data & ~PRED_CMD_IBPB) - return 1; - if (!boot_cpu_has(X86_FEATURE_IBPB)) - return 1; - if (!data) - break; - - wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); - break; case MSR_IA32_CR_PAT: if (!kvm_pat_valid(data)) return 1; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 237c483b1230..c83ec88da043 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3617,6 +3617,17 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) vcpu->arch.perf_capabilities = data; kvm_pmu_refresh(vcpu); return 0; + case MSR_IA32_PRED_CMD: + if (!msr_info->host_initiated && !guest_has_pred_cmd_msr(vcpu)) + return 1; + + if (!boot_cpu_has(X86_FEATURE_IBPB) || (data & ~PRED_CMD_IBPB)) + return 1; + if (!data) + break; + + wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); + break; case MSR_EFER: return set_efer(vcpu, msr_info); case MSR_K7_HWCR: From patchwork Wed Mar 22 01:14:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 73135 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2103434wrt; Tue, 21 Mar 2023 18:24:56 -0700 (PDT) X-Google-Smtp-Source: AK7set8iKYb6UcOeuwWHGJfAouYMjjxcAAAlj8PAQ/BvnPRQQIVuByW4HS0R8l8UA25Nr/hUQfZG X-Received: by 2002:a05:6a20:bb09:b0:d9:4c19:fe69 with SMTP id fc9-20020a056a20bb0900b000d94c19fe69mr509573pzb.25.1679448296097; Tue, 21 Mar 2023 18:24:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679448296; cv=none; d=google.com; s=arc-20160816; b=sghlImaPE9hcHfxPct+yJtYO5kwK9o8FDZLeViudKXOmPp5VL42Xrka6hUeTfp1tF2 dQq9Y+yIuLtDv0Ha/MBCdEclQEwCy4RDgGZcv3Ph9ImbyUl/QdOiRZ2PBKMwvYU/E+Gi 0zo3fEbNYjqeucL0FYdszW2b5O+RsI5OOroiHvQEhQNs5pwGah/c61CFLhk46a7wMFKd 5mHZqKNFrOrL3sri/554rtNmjG4XDOYg3sh4BniPW3TzWZdDG9NmF3quBurGXoSjuJ8v ddQpWY4/u/+7V4+Sc5UKQ2suWwMUstONEzHDO4+eElCxIpK+MLHQ/SMtTVF0Ywze3wNr Shaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=WKp3cWIz4EB3TSxmAohTftvSjLswbqRY4EZ6PCZ/cQw=; b=vgzVS9eZ5l5Gti9fYn0PxN+PAv+HzqbY017s8+uBb6ZLI1yTMKmVv9JFhBNsjBIkXx gbZOCZsp+Twrrhh33h+DJUQZYv9J3zk2qDutzVUeb0UW5kQaLTVPcbw+jrdcGeDK9JgZ 2f4SaMXYEIG1gazZIm1rQ8maWxH2U787ilJjZ1lOD3m5Ny/LvzsnKXFkU9ye4gNg1RA5 vyc0BVFb41NaM/S+ny0wxg2xcXWbQlTH0mB/ETbqUdbiu9cuQ3AcSXp7K5qEZqGUxVu4 87FAmQR+zNtNr8LX/BtKgsABPSMfAtT86uWTiLKebQY3NIDXl38f67RVD4JSDmdLIX83 VRHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=SZzJVjS7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u28-20020a056a00099c00b005a7ea9c6d7csi15785633pfg.41.2023.03.21.18.24.43; Tue, 21 Mar 2023 18:24:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=SZzJVjS7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230241AbjCVBQS (ORCPT + 99 others); Tue, 21 Mar 2023 21:16:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53844 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229555AbjCVBP6 (ORCPT ); Tue, 21 Mar 2023 21:15:58 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C6E159E41 for ; Tue, 21 Mar 2023 18:15:31 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5417f156cb9so172491227b3.8 for ; Tue, 21 Mar 2023 18:15:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1679447724; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=WKp3cWIz4EB3TSxmAohTftvSjLswbqRY4EZ6PCZ/cQw=; b=SZzJVjS73HjISYGSqDl5X10T5A6vxZwc8w9BaiTNsBSO0cSNyB4hlwaM9sKizC4ghB YDRUGjRaM4MzLZ4G5+W5IAV2W19DJGyDRDcPXvhb3f3SqjoKsnvIYKT8KW8R/4xVV+H6 RSugV8g6sUBq5chuQC3PsCeCghkYlm+xXE0o4X6rHCbn6QvhYmjpw8YtsPRNt/suO3VU gZfRSe1rwJCkvO3LNXWIp88QcFwDwTVMzZjFikJ6bDs9LRsjMr54Cf4DAC56UN7Ts3Vz EtqGl2A2qZlAFhHKJw59aMgVCZDNFW6pplnwFeTCUoKrP2ES/9Yc5H5OuoP3UvGc5AGY A8Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679447724; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=WKp3cWIz4EB3TSxmAohTftvSjLswbqRY4EZ6PCZ/cQw=; b=EV9UFJFfA702OtrTK0J/wqapoI8oskyqPRrgKi6KiPoc6xZTpEntVcfVZiH1SgGGbh hy6jgO5M98SNyngOppueXbDHc00mrR/jfeelObCyfTPJWS5oc3yAGAeyexBk9BdCwaPz FttYP6+FDetithEfbuaIgpXZgj/qs32SOk+4mqAyx/9GUFmABaQRKf6OZDxLXeAEs45Q Yu+jjd4WNVwwyfTSRGgvWy6HhG//y6EovtZnGa1fQhSZjLhIHulepY64LoQVs3ktviqx spAhxGxtiB4pc3lpIhcPXOqnFKcns8EWQuVbPD8gWJ96Dl7xh4aqNzRFKZbgyGpE0fZz y2Og== X-Gm-Message-State: AAQBX9eZ4/Apa6bnxIu8bQifYb/YtASIB4+t/LVPdtoEtBMQxUt/93yJ uLBiNg7WQ9m0mTD+8WFgzjzi+JkKqjg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:b285:0:b0:541:8291:5237 with SMTP id q127-20020a81b285000000b0054182915237mr352609ywh.0.1679447724562; Tue, 21 Mar 2023 18:15:24 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 21 Mar 2023 18:14:39 -0700 In-Reply-To: <20230322011440.2195485-1-seanjc@google.com> Mime-Version: 1.0 References: <20230322011440.2195485-1-seanjc@google.com> X-Mailer: git-send-email 2.40.0.rc2.332.ga46443480c-goog Message-ID: <20230322011440.2195485-6-seanjc@google.com> Subject: [PATCH 5/6] KVM: x86: Virtualize FLUSH_L1D and passthrough MSR_IA32_FLUSH_CMD From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Nathan Chancellor , Emanuele Giuseppe Esposito , Pawan Gupta , Jim Mattson X-Spam-Status: No, score=-7.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761029176445394552?= X-GMAIL-MSGID: =?utf-8?q?1761029176445394552?= Virtualize FLUSH_L1D so that the guest can use the performant L1D flush if one of the many mitigations might require a flush in the guest, e.g. Linux provides an option to flush the L1D when switching mms. Passthrough MSR_IA32_FLUSH_CMD for write when it's supported in hardware and exposed to the guest, i.e. always let the guest write it directly if FLUSH_L1D is fully supported. Forward writes to hardware in host context on the off chance that KVM ends up emulating a WRMSR, or in the really unlikely scenario where userspace wants to force a flush. Restrict these forwarded WRMSRs to the known command out of an abundance of caution. Passing through the MSR means the guest can throw any and all values at hardware, but doing so in host context is arguably a bit more dangerous. Link: https://lkml.kernel.org/r/CALMp9eTt3xzAEoQ038bJQ9LN0ZOXrSWsN7xnNUD%2B0SS%3DWwF7Pg%40mail.gmail.com Link: https://lore.kernel.org/all/20230201132905.549148-2-eesposit@redhat.com Signed-off-by: Sean Christopherson --- arch/x86/kvm/cpuid.c | 2 +- arch/x86/kvm/svm/svm.c | 5 +++++ arch/x86/kvm/vmx/nested.c | 3 +++ arch/x86/kvm/vmx/vmx.c | 5 +++++ arch/x86/kvm/vmx/vmx.h | 2 +- arch/x86/kvm/x86.c | 12 ++++++++++++ 6 files changed, 27 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 599aebec2d52..9583a110cf5f 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -653,7 +653,7 @@ void kvm_set_cpu_caps(void) F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES) | F(INTEL_STIBP) | F(MD_CLEAR) | F(AVX512_VP2INTERSECT) | F(FSRM) | F(SERIALIZE) | F(TSXLDTRK) | F(AVX512_FP16) | - F(AMX_TILE) | F(AMX_INT8) | F(AMX_BF16) + F(AMX_TILE) | F(AMX_INT8) | F(AMX_BF16) | F(FLUSH_L1D) ); /* TSC_ADJUST and ARCH_CAPABILITIES are emulated in software. */ diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 85bb535fc321..b32edaf5a74b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -95,6 +95,7 @@ static const struct svm_direct_access_msrs { #endif { .index = MSR_IA32_SPEC_CTRL, .always = false }, { .index = MSR_IA32_PRED_CMD, .always = false }, + { .index = MSR_IA32_FLUSH_CMD, .always = false }, { .index = MSR_IA32_LASTBRANCHFROMIP, .always = false }, { .index = MSR_IA32_LASTBRANCHTOIP, .always = false }, { .index = MSR_IA32_LASTINTFROMIP, .always = false }, @@ -4140,6 +4141,10 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PRED_CMD, 0, !!guest_has_pred_cmd_msr(vcpu)); + if (boot_cpu_has(X86_FEATURE_FLUSH_L1D)) + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_FLUSH_CMD, 0, + !!guest_cpuid_has(vcpu, X86_FEATURE_FLUSH_L1D)); + /* For sev guests, the memory encryption bit is not reserved in CR3. */ if (sev_guest(vcpu->kvm)) { best = kvm_find_cpuid_entry(vcpu, 0x8000001F); diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 1bc2b80273c9..f63b28f46a71 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -654,6 +654,9 @@ static inline bool nested_vmx_prepare_msr_bitmap(struct kvm_vcpu *vcpu, nested_vmx_set_intercept_for_msr(vmx, msr_bitmap_l1, msr_bitmap_l0, MSR_IA32_PRED_CMD, MSR_TYPE_W); + nested_vmx_set_intercept_for_msr(vmx, msr_bitmap_l1, msr_bitmap_l0, + MSR_IA32_FLUSH_CMD, MSR_TYPE_W); + kvm_vcpu_unmap(vcpu, &vmx->nested.msr_bitmap_map, false); vmx->nested.force_msr_bitmap_recalc = false; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 29807be219b9..56e0c7ae961d 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -164,6 +164,7 @@ module_param(allow_smaller_maxphyaddr, bool, S_IRUGO); static u32 vmx_possible_passthrough_msrs[MAX_POSSIBLE_PASSTHROUGH_MSRS] = { MSR_IA32_SPEC_CTRL, MSR_IA32_PRED_CMD, + MSR_IA32_FLUSH_CMD, MSR_IA32_TSC, #ifdef CONFIG_X86_64 MSR_FS_BASE, @@ -7720,6 +7721,10 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) vmx_set_intercept_for_msr(vcpu, MSR_IA32_PRED_CMD, MSR_TYPE_W, !guest_has_pred_cmd_msr(vcpu)); + if (boot_cpu_has(X86_FEATURE_FLUSH_L1D)) + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FLUSH_CMD, MSR_TYPE_W, + !guest_cpuid_has(vcpu, X86_FEATURE_FLUSH_L1D)); + set_cr4_guest_host_mask(vmx); vmx_write_encls_bitmap(vcpu, NULL); diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 2acdc54bc34b..cb766f65a3eb 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -369,7 +369,7 @@ struct vcpu_vmx { struct lbr_desc lbr_desc; /* Save desired MSR intercept (read: pass-through) state */ -#define MAX_POSSIBLE_PASSTHROUGH_MSRS 15 +#define MAX_POSSIBLE_PASSTHROUGH_MSRS 16 struct { DECLARE_BITMAP(read, MAX_POSSIBLE_PASSTHROUGH_MSRS); DECLARE_BITMAP(write, MAX_POSSIBLE_PASSTHROUGH_MSRS); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index c83ec88da043..3c58dbae7b4c 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3628,6 +3628,18 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB); break; + case MSR_IA32_FLUSH_CMD: + if (!msr_info->host_initiated && + !guest_cpuid_has(vcpu, X86_FEATURE_FLUSH_L1D)) + return 1; + + if (!boot_cpu_has(X86_FEATURE_FLUSH_L1D) || (data & ~L1D_FLUSH)) + return 1; + if (!data) + break; + + wrmsrl(MSR_IA32_FLUSH_CMD, L1D_FLUSH); + break; case MSR_EFER: return set_efer(vcpu, msr_info); case MSR_K7_HWCR: From patchwork Wed Mar 22 01:14:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 73134 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2101879wrt; Tue, 21 Mar 2023 18:20:39 -0700 (PDT) X-Google-Smtp-Source: AK7set/xFFbmc/EMhsS9scU0FXCYzO2fPWavgsje47rSsARY2AfsT3IPeSOIie5T/OBuA2QriPzV X-Received: by 2002:a05:6402:8d9:b0:4f9:deb4:b986 with SMTP id d25-20020a05640208d900b004f9deb4b986mr4686928edz.7.1679448039579; Tue, 21 Mar 2023 18:20:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679448039; cv=none; d=google.com; s=arc-20160816; b=CCeID607gtepuPrmXhIC9sVzRh1bkpfWFepIeL2H9vB+6Zi44wxwr+btzI8d58QsVk hBZ9GLzXiGA7/mvGybkmyTcQbC3NhsJ3aZjowuplUkCQHBeiiVmGamR6e3MAp1cva62n 5UHV8ziIz1yo+Q2pXV6QGtlTkG1dP8cc3OOW5xm+6VkgUdB8k6IQ3QQKp0dMExmUDX// EiroStiOZ90zigw3TiRgC3zCDYmplyPy8A9BNTWO6XYPpPeUso6ISOnDVooEA2pW9eiu sTm4QvV9WoAjBMNuZe1G/J2ezDOn37pEYxdGBdHfXkJsI9d5eqUD5g+K3Dr8w5yfpVFO qf4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=R3Ju8+L4fgF6abYzf02i1EjyBRNep0dilDxdCj7Ur6o=; b=EA3y8lwu969O8g4ctOM0AbH7GEcYvMLHfRUXMlQasbeW9whds36q2y+L6faqZDm+5f fiDkHzDtd2RpPP3udAF7ZpIsjLyqHlbNiy0g83rksdwwEOTxI+p+sE8CqTzQjNckcueu o6N0Y40TeLnJhte0wHwrkGAOFRsxFkVXCV11EeZHW9+Ksk/OHHnCeVNG86SbZqsFDZM3 fVYoyYg5dTlW8SSo9PUdId9jWxNuwLf/Fi3xk0gHaZ/9kvCy0notvmOyGqm7lvAy6ppw Uk7m4WnUF5HyLZK2C8V6FL25wfSCMPTImiY0DpFptAVBwv97FZqQOsdfJdj5Eh4RTB56 gsxA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=a2vwCmIp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m1-20020aa7c481000000b004fedca1007dsi15880663edq.161.2023.03.21.18.20.14; Tue, 21 Mar 2023 18:20:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=a2vwCmIp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230174AbjCVBQ3 (ORCPT + 99 others); Tue, 21 Mar 2023 21:16:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52654 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229684AbjCVBQC (ORCPT ); Tue, 21 Mar 2023 21:16:02 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 12BD459800 for ; Tue, 21 Mar 2023 18:15:37 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id a9-20020a170902b58900b0019e2eafafddso9669823pls.7 for ; Tue, 21 Mar 2023 18:15:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1679447726; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=R3Ju8+L4fgF6abYzf02i1EjyBRNep0dilDxdCj7Ur6o=; b=a2vwCmIpZZBVMlv8zgK50uxkIS0xyvGrcbb26ooiKRDtEuoeDMNLY6bOohAPGj6Wlx 2NnVJOjsLYTD3ZqBMs+ROUq33YaZWKwMLnjmyVbpvPv5gy89EbkBhZfD1r7vdOkSs+uv zPrTSZw/8EF8Md12lugEYzIWbquJESphU/VIWTXHmjT+OUkKW4/UpTtYBK//8g/W8i0d SGUWnmJU4A/AzbgvQXXygK4KrBVn+wkTWLRzSGy40vGVnlDmzLQJOJO/fDnZ3ED2hFES Zk9QVxtFz8G+YTDi6az4IydhtKPbdd8AZbFiU22II4Psb5KaepFptGo6J0c2cVWyNbyr SaYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679447726; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=R3Ju8+L4fgF6abYzf02i1EjyBRNep0dilDxdCj7Ur6o=; b=ReFFubLxpGWudvzyreJ3d88L8Nr7d8l7YOCGZFbql9GCijOFEjshhtlSFQtCH9CZz7 04ejnKZlqRNGh3F02WrrCE7YSlBVl+1EbGdc6BiM2/mbjSUMlxHudrFw/CUlagHWPmic bCOmOK779Goksvf7TJ8e7V00lKSU612gvXd834aUS2ntLiPkB+lHdOKNHfsLCpVwdUW2 xexBL0iBPNX173hj94snGCroYou5heZqnOrzxbuxsG3tEx2Tn+e3CADk2kN+YMSS1yP8 fQx3deo+TB8oExKy+xvZIHMiFR8jQQWDyXojn13zI6GBccTAVp4oLV9v4lhza9uJAhhr QMww== X-Gm-Message-State: AO0yUKXesoKW4HOt7L0Gb3E1Bcu0nE3sO9jGgAmveztt2DmT/aVXdYsY QR/dbYgdf7VjBpXEd73ihALYQhv23o8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:ca8d:b0:234:ac9c:5daf with SMTP id y13-20020a17090aca8d00b00234ac9c5dafmr621856pjt.2.1679447726571; Tue, 21 Mar 2023 18:15:26 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 21 Mar 2023 18:14:40 -0700 In-Reply-To: <20230322011440.2195485-1-seanjc@google.com> Mime-Version: 1.0 References: <20230322011440.2195485-1-seanjc@google.com> X-Mailer: git-send-email 2.40.0.rc2.332.ga46443480c-goog Message-ID: <20230322011440.2195485-7-seanjc@google.com> Subject: [PATCH 6/6] KVM: SVM: Return the local "r" variable from svm_set_msr() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Nathan Chancellor , Emanuele Giuseppe Esposito , Pawan Gupta , Jim Mattson X-Spam-Status: No, score=-7.7 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761028907513017881?= X-GMAIL-MSGID: =?utf-8?q?1761028907513017881?= Rename "r" to "ret" and actually return it from svm_set_msr() to reduce the probability of repeating the mistake of commit 723d5fb0ffe4 ("kvm: svm: Add IA32_FLUSH_CMD guest support"), which set "r" thinking that it would be propagated to the caller. Alternatively, the declaration of "r" could be moved into the handling of MSR_TSC_AUX, but that risks variable shadowing in the future. A wrapper for kvm_set_user_return_msr() would allow eliding a local variable, but that feels like delaying the inevitable. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b32edaf5a74b..57f241c5a371 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2873,7 +2873,7 @@ static int svm_set_vm_cr(struct kvm_vcpu *vcpu, u64 data) static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) { struct vcpu_svm *svm = to_svm(vcpu); - int r; + int ret = 0; u32 ecx = msr->index; u64 data = msr->data; @@ -2995,10 +2995,10 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) * guest via direct_access_msrs, and switch it via user return. */ preempt_disable(); - r = kvm_set_user_return_msr(tsc_aux_uret_slot, data, -1ull); + ret = kvm_set_user_return_msr(tsc_aux_uret_slot, data, -1ull); preempt_enable(); - if (r) - return 1; + if (ret) + break; svm->tsc_aux = data; break; @@ -3056,7 +3056,7 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) default: return kvm_set_msr_common(vcpu, msr); } - return 0; + return ret; } static int msr_interception(struct kvm_vcpu *vcpu)