From patchwork Wed Mar 22 20:14:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner X-Patchwork-Id: 73670 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2562150wrt; Wed, 22 Mar 2023 13:46:56 -0700 (PDT) X-Google-Smtp-Source: AK7set9mTUz9tBu7CMPFK18/bFJuRDiLRUod2uaZ7miuouo3ktlL5OEZcTbFO9vHvk8MIP98raID X-Received: by 2002:a17:906:89b:b0:92c:16cc:2dcd with SMTP id n27-20020a170906089b00b0092c16cc2dcdmr7664828eje.33.1679518015820; Wed, 22 Mar 2023 13:46:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679518015; cv=none; d=google.com; s=arc-20160816; b=oK+X7LJTEqoMoemLMjgXccGtu5xmfNGTS5uvpAUZmMrPJEDDwFf46rguaX64E2m73Z eBFBfBGUypWsgzimYDtnEaT2V+Ef9YIW0Mb/gSTqStU3TPwNrH9U9PO/HjiK0fVKKm/C cNHPeEbr1Fiox7NyHuMhNRrsSgc6WuG3jes8st7hj2tOqUGTnAkZU5I/yy60pXvYvgAc hW8aF5sXT4OjtqnmhpqpOckEn0/+nCOIW5eAMnpiwCES2JazzE+uoqOXI3L+1tvu5jlA VyDOG/3JTCt1mbTBwIP6QGoVtc7E1IJ0ZZvFhp5Bglf3nVFufdyoD4sy/v186/Y5Qiq/ 6QwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:cc:subject:to:reply-to:sender:from :dkim-signature:dkim-signature:date; bh=NQQuVQiY/sIoaQ5n0A3D+PWJlpQRmQdA8vFtOkT8Gsk=; b=Ixkz5pnqMlAbM1BsL3OSihGuOFTJyzoZMsdEnzmLV70l05QT+lZS6Vn0Eb8hzB0aZ9 v5Q4KLvMKvYBwXo8GQF5Er/XpCWSapjsVCciAHPtK7pdKm9DuZeJYa8MzDg+bH5C+iVq fI0MjUXOt2CnYCsE0V6+YVH0/hG4Zqrgt20BI4dbd4kps5VBo4LlBL/Ig2cw58eLohdI 3n2jf6TiO3r7Dl8VNULm8pdb5eNp/isevB2LMNqTscrz+nSQaqaEJDEQpdKF5NvvF/WQ sUZRPXD7bFm4o2ML4QNymP81hDVZhuQLQvk1xYnBHscDbEkxodZiQFFM7m37Di9fUL88 2kmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=SLjWGkDX; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=sLiVViCR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ov14-20020a170906fc0e00b0092d0f8f0111si15455636ejb.340.2023.03.22.13.46.31; Wed, 22 Mar 2023 13:46:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=SLjWGkDX; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=sLiVViCR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232091AbjCVU0h (ORCPT + 99 others); Wed, 22 Mar 2023 16:26:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47792 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232172AbjCVU0S (ORCPT ); Wed, 22 Mar 2023 16:26:18 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 003A88C967; Wed, 22 Mar 2023 13:16:28 -0700 (PDT) Date: Wed, 22 Mar 2023 20:14:53 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1679516097; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NQQuVQiY/sIoaQ5n0A3D+PWJlpQRmQdA8vFtOkT8Gsk=; b=SLjWGkDXuJNDL12fSJydNVRbfzMtf5EXpP/AgYUjbmgIkT94WYBN8kaTVJEXxAfZMqbL4Q KY7XhbNjLJtVOxtcKO6IbPQlagTQWNSqEo/hBcbhZ3S8FpbbMRtvQy5VLqf6/zt0j39gMU t92SdepPx2ES7UzpBsX3+1UCjwKV5Ki6clPmtvKg4uUpDIR+fBDTk8xexBt8xenKULsCGg YQbIR0a/bP/TvWXW38V9HN6iQVwvrZ+7I1JnzXSBzU/2C2BrjUbp4J9CGa5o+kcXVR2gof 2XpARYNvAgEBW0iv9L2fkhLFKM1YSjElDG6idVYsmwvxCIQ5WrsHVb8LkiMcvQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1679516097; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=NQQuVQiY/sIoaQ5n0A3D+PWJlpQRmQdA8vFtOkT8Gsk=; b=sLiVViCR4387AXb2Bqoab1YuTB76BZwWUIjmIk3eZIpNLJYRaXOlP1BcO0rEE6DTQVj8kj sVsJQ6jcC8qMi7DA== From: "tip-bot2 for Chang S. Bae" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/fpu] Documentation/x86: Explain the state component permission for guests Cc: "Chang S. Bae" , Dave Hansen , Thiago Macieira , Yang Zhong , Tony Luck , x86@kernel.org, linux-kernel@vger.kernel.org MIME-Version: 1.0 Message-ID: <167951609339.5837.3788677511456464455.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails X-Spam-Status: No, score=-2.5 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761102282975136592?= X-GMAIL-MSGID: =?utf-8?q?1761102282975136592?= The following commit has been merged into the x86/fpu branch of tip: Commit-ID: 5fbff260755750559aa12a30f6fa7f8a863666f1 Gitweb: https://git.kernel.org/tip/5fbff260755750559aa12a30f6fa7f8a863666f1 Author: Chang S. Bae AuthorDate: Fri, 20 Jan 2023 16:19:00 -08:00 Committer: Dave Hansen CommitterDate: Wed, 22 Mar 2023 13:08:02 -07:00 Documentation/x86: Explain the state component permission for guests Commit 980fe2fddcff ("x86/fpu: Extend fpu_xstate_prctl() with guest permissions") extends a couple of arch_prctl(2) options for VCPU threads. Add description for them. Signed-off-by: Chang S. Bae Signed-off-by: Dave Hansen Reviewed-by: Thiago Macieira Reviewed-by: Yang Zhong Reviewed-by: Tony Luck Link: https://lore.kernel.org/all/20230121001900.14900-5-chang.seok.bae%40intel.com --- Documentation/x86/xstate.rst | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/Documentation/x86/xstate.rst b/Documentation/x86/xstate.rst index 23b1c9f..ae5c69e 100644 --- a/Documentation/x86/xstate.rst +++ b/Documentation/x86/xstate.rst @@ -143,3 +143,32 @@ entry if the feature is in its initial configuration. This differs from non-dynamic features which are always written regardless of their configuration. Signal handlers can examine the XSAVE buffer's XSTATE_BV field to determine if a features was written. + +Dynamic features for virtual machines +------------------------------------- + +The permission for the guest state component needs to be managed separately +from the host, as they are exclusive to each other. A coupled of options +are extended to control the guest permission: + +-ARCH_GET_XCOMP_GUEST_PERM + + arch_prctl(ARCH_GET_XCOMP_GUEST_PERM, &features); + + ARCH_GET_XCOMP_GUEST_PERM is a variant of ARCH_GET_XCOMP_PERM. So it + provides the same semantics and functionality but for the guest + components. + +-ARCH_REQ_XCOMP_GUEST_PERM + + arch_prctl(ARCH_REQ_XCOMP_GUEST_PERM, feature_nr); + + ARCH_REQ_XCOMP_GUEST_PERM is a variant of ARCH_REQ_XCOMP_PERM. It has the + same semantics for the guest permission. While providing a similar + functionality, this comes with a constraint. Permission is frozen when the + first VCPU is created. Any attempt to change permission after that point + is going to be rejected. So, the permission has to be requested before the + first VCPU creation. + +Note that some VMMs may have already established a set of supported state +components. These options are not presumed to support any particular VMM.