From patchwork Wed May 3 16:08:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 89779 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1444789vqo; Wed, 3 May 2023 09:11:41 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ5TfAEkQmbpHbFuvT5hDVenSuWCUBuxqqupYt79yFR6ozMmhGI/5Z4vySsG9VSNwa4JCzP9 X-Received: by 2002:a17:902:da8f:b0:1aa:d6ad:4eaa with SMTP id j15-20020a170902da8f00b001aad6ad4eaamr485250plx.2.1683130301430; Wed, 03 May 2023 09:11:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683130301; cv=none; d=google.com; s=arc-20160816; b=A3Pi3/HKYKdOWFNh/oeTMDIp15PobfTX7jypRoP7/1LC5xQjsImd2Rn7piAJBpaAUL 9SG1VISurcat12AzUVeuckXbM0UtlWYo/u0+xLOMEhXSPSFV0WPrKwLvSWk1Ov/Q/NX3 rwTFdzvCx/3B41oguhWPPAbp6rOMKnG6iIh827gi0/8XQeFtvSOvacpSn0eGz5lVfPq1 MUTDLUWzF1E2NTl8Bd7rrmOCROvEdTR9NTWpuT6MnO/xZMyRMIKsn0FdzNAm+pllnLBY ZPoAAiWlknHoVqMZZjGmTZa8il0lfewCUNDCcMa9p/lBO++ZG9B6NTEjpcOhr3yAMEYp dz7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=D/GzhD/DCduvp6JChcNXJ0v97/LpisAJTKI+lJVJGfk=; b=WhtPADw5xglqEp1nGN33s//1NGENTf3+rqY4boxoexvQMFz1znGvjcFhhSIwmpY524 Px0+v8lJJibIe5C8KfvslyA/2A9uyhI45nDBcv7Ri/+qBrqOzacUOtTMNBGgyjHNGeuU d09rzilyhv39aB7mENjtuqlONQBraRVkPUvNWigpNRUP0Vs6lixcGpbnRoY9RagRb35A 2usmgW/AUkVy7Ba3LxvtDncvqa5PEuPWjtIcXRRJ4s5Ny1c6v+Wpk8uJAitfl5Sjthwm nWXa0q8tE9CqOPfM+XaaSTUo9UZ0kekqd1fajQEyx1BqwgWEeF4DbhgZ/WQqmI7c8xeK Zpeg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=YfaFbAD8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id n3-20020a170902f60300b001a64e866c8csi35176932plg.374.2023.05.03.09.11.25; Wed, 03 May 2023 09:11:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=YfaFbAD8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230200AbjECQIt (ORCPT + 99 others); Wed, 3 May 2023 12:08:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42856 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230349AbjECQIp (ORCPT ); Wed, 3 May 2023 12:08:45 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 20D2D5BAE for ; Wed, 3 May 2023 09:08:44 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-559c416b024so57322837b3.1 for ; Wed, 03 May 2023 09:08:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683130123; x=1685722123; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=D/GzhD/DCduvp6JChcNXJ0v97/LpisAJTKI+lJVJGfk=; b=YfaFbAD8Vw1BXUf9Sq2ANnubH3wUeOjR3KQ69e/KJCC9TsYugMwRz2CQvYgUdfMyZj k2zD1k567dS6+uXkgAhDZW2sfbq4uCAsN2LaIKNadVZveDufFFximiEmFVRC4/M0vsEI VZnSCU4xI5Uc4Xg22qwugM912YezY1N424qRMInuF1UcykT9FRFkMvGsQkT/cqGTV39o 1nUl6JWRXBknktDgVErj5H42941mdgLGoa86Gp5JNKqSnjWcDcV6oRvuI6gC4Exh8m28 3Hlb+b6iuFL+hY4s/6WaIwNRsPMLKqgWCtJPKB2yMOaJqsShmk+pxBL87yjphAFJh1bh 43og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683130123; x=1685722123; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=D/GzhD/DCduvp6JChcNXJ0v97/LpisAJTKI+lJVJGfk=; b=gOTPa8loyROhSFTm7tKYYjAexmXWazK4yEPZZLy2oX+KiLpHpv4G5QnWgol9C6a5yi QY8Hj0c8v2VjixsPulhRFpAyzIvAntgldJq65ZWnsvfLvn63ykqOnHkGPHaEVPJk7NQD gKFHVE1v9ylLE/D9q3R7kHL35STVKHQl89yqHrARwJDEm3T5D4hlfCjCXF4L86orwIoR KkzSo3Rmr2Da6BP8DtmhRCKJKclDdjrWYCzhTIMqzig7fc4PjgTQQ3dg3VdPEtBMhWcB wxcQA+GIwjuGP3M3NBgejn9qqNlzi9p3rjcMpAGDeCwLlmq3BDCuZZekLQRknb+ewsym whHw== X-Gm-Message-State: AC+VfDwpCwbaHxwOYcnaneO71B6pxogayH4lmu3nDo8IWyC7rFd2N7/J AWHKp4GImm/ZfQzzhZDdb9wzyS0CzF8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:690c:72c:b0:52e:e095:d840 with SMTP id bt12-20020a05690c072c00b0052ee095d840mr13426066ywb.0.1683130123340; Wed, 03 May 2023 09:08:43 -0700 (PDT) Reply-To: Sean Christopherson Date: Wed, 3 May 2023 09:08:36 -0700 In-Reply-To: <20230503160838.3412617-1-seanjc@google.com> Mime-Version: 1.0 References: <20230503160838.3412617-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.495.gc816e09b53d-goog Message-ID: <20230503160838.3412617-2-seanjc@google.com> Subject: [PATCH v2 1/3] KVM: VMX: Don't rely _only_ on CPUID to enforce XCR0 restrictions for ECREATE From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Kai Huang X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764890038496828962?= X-GMAIL-MSGID: =?utf-8?q?1764890038496828962?= Explicitly check the vCPU's supported XCR0 when determining whether or not the XFRM for ECREATE is valid. Checking CPUID works because KVM updates guest CPUID.0x12.1 to restrict the leaf to a subset of the guest's allowed XCR0, but that is rather subtle and KVM should not modify guest CPUID except for modeling true runtime behavior (allowed XFRM is most definitely not "runtime" behavior). Reviewed-by: Kai Huang Tested-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/sgx.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/sgx.c b/arch/x86/kvm/vmx/sgx.c index 0574030b071f..2261b684a7d4 100644 --- a/arch/x86/kvm/vmx/sgx.c +++ b/arch/x86/kvm/vmx/sgx.c @@ -170,12 +170,19 @@ static int __handle_encls_ecreate(struct kvm_vcpu *vcpu, return 1; } - /* Enforce CPUID restrictions on MISCSELECT, ATTRIBUTES and XFRM. */ + /* + * Enforce CPUID restrictions on MISCSELECT, ATTRIBUTES and XFRM. Note + * that the allowed XFRM (XFeature Request Mask) isn't strictly bound + * by the supported XCR0. FP+SSE *must* be set in XFRM, even if XSAVE + * is unsupported, i.e. even if XCR0 itself is completely unsupported. + */ if ((u32)miscselect & ~sgx_12_0->ebx || (u32)attributes & ~sgx_12_1->eax || (u32)(attributes >> 32) & ~sgx_12_1->ebx || (u32)xfrm & ~sgx_12_1->ecx || - (u32)(xfrm >> 32) & ~sgx_12_1->edx) { + (u32)(xfrm >> 32) & ~sgx_12_1->edx || + xfrm & ~(vcpu->arch.guest_supported_xcr0 | XFEATURE_MASK_FPSSE) || + (xfrm & XFEATURE_MASK_FPSSE) != XFEATURE_MASK_FPSSE) { kvm_inject_gp(vcpu, 0); return 1; } From patchwork Wed May 3 16:08:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 89780 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1445459vqo; Wed, 3 May 2023 09:12:31 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4yrFUpVNnryAZZMxXTpAWPRAJKR6B6nnFJSEq/bDdVWKDaFRss9Wu8s6X3whi/ItC3woGt X-Received: by 2002:a05:6a20:1608:b0:f8:8879:7480 with SMTP id l8-20020a056a20160800b000f888797480mr28978113pzj.39.1683130351412; Wed, 03 May 2023 09:12:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683130351; cv=none; d=google.com; s=arc-20160816; b=VoXsagCxq+deEpPjxbh6MmsCt3c6RQ9yPPmvF3mKPu4zIi+HKtmkk9i892LtuO6S0P oozoCVj2FO0bFZ7nQyuFyhyqLVnXTLffBUSTIr2dnM7UH39qrpqftRq/cQn7qspL/RXc vaQqg3ye1t6RxZRlQmTCaTErcnk2fOYe3KXR2DWc2EphEGMlG4Ex+Id2pRiM840DGp8K SD3JVm28iOXxALym/CVYlIPe6bYobUCMUaHp4X1K+TgQt90saY9dTOJoNPqtOBNU1kpS 9Votqdp6/aCjABpINbFPH3B1JbR51lzESvwijgDntD4Yq28C/PMJYZdsXivm6lu+S8IN LwrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=F144eoCeyA3mGp/9QFbuPwEidkOEdjSbu5w6lAyh6tg=; b=LljH4ss4hyKMILz6e/8Hu4FnQYQnMpQqDITTHmHHYaPlYJVJD3QQIcmVCvrDnp0lKp 0G8k9uu/CsRyFx9d51IQ/wxxYgv9QGpPXD2+Db/GLZZ6ObdCFn0hS5cvSPOzuUriKcEE C25iScAE3b0HbW8PlMN736YrmbRTSr1rE6OxnrPzscylOe9SdYdbzjjsF1YgpgEuRf9e HC1T1JiJgxpVCt3W7xE25dgoJp7xUsOhBR7vWEXG8tEWNPg4ZKhSmSs8OQriT8BjtdFR +o5XY+uYPSixc4MVL6jVx6MWhKPFdAgr4u/3DO1yWN6kUsVVdr1ygfe8sV8JALxXrqey ZHdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=bzRemaUO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e11-20020a17090a728b00b0023418ec51f8si1799031pjg.136.2023.05.03.09.12.16; Wed, 03 May 2023 09:12:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=bzRemaUO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230468AbjECQIx (ORCPT + 99 others); Wed, 3 May 2023 12:08:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42890 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230332AbjECQIr (ORCPT ); Wed, 3 May 2023 12:08:47 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D8A995FD9 for ; Wed, 3 May 2023 09:08:45 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id 98e67ed59e1d1-24e1e19f63fso1586562a91.0 for ; Wed, 03 May 2023 09:08:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683130125; x=1685722125; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=F144eoCeyA3mGp/9QFbuPwEidkOEdjSbu5w6lAyh6tg=; b=bzRemaUOhe4C2ko7GCOlJLuq4pAEvX1VHd29wjyOtd4yYZaBvIwoy/d+o1waEdMyJj BCgAibDdiUHQbECs2na1CLXIDKB8pKhbMPaifjHkxl7PwyoJCRUPb+XXAXe1VpCyvZzF 7IACK9zyJZOsu5REQr/z65uvP+RIC6+GaVIzmT33T0r6LS6sCDP1yzEacksdwPT0L582 KR3RWa86mAFLWYWQeAI8NOF/HxqdxLv82FA5TYSmGjd3xBpRz6FZPe4oVDKGDUeRjbfj YXPEkHv31IlyuPYpResgGE3Yqrn4AenSHyAqfRwZVDh+C/2NM49WlnJ0lIhaxEhlK6ap lcvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683130125; x=1685722125; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=F144eoCeyA3mGp/9QFbuPwEidkOEdjSbu5w6lAyh6tg=; b=h5eSpl1yVKaCuaMWK9jndyu7d1CNiUtxBYvncQUnSHxWDKB2MfU8Ig5YeWr1zqja3Z ydydqlY+czEaYQb5hlbeyPqUSnj82eNYgUGB/vMwU50WQqhAmPoEM6a3nTt+Rga4a87P LK2/k7Qj56YFKDWeYio5WLFXAMEzoOK2PjHt+FaOvOleWmLwcTQ8HC4M3jITfq0E+FG1 SZjqXKfec1gqSWaQhQ83Qgt/wxdly3lLoGR1b0VXQAPRmlqbYqdpxKeRePl95g1SIAS0 rF0maaSAy4bsjP7fSNkHFFdAWMtFxjZnOx6yvLoSBQrAa7vFl+0+1B7u5JtQhV2qUb29 bLrg== X-Gm-Message-State: AC+VfDx25G+LZtMbibi64orZfrsomtfxIhBhN95lKMSKHKKVXR8x+eBz 323GLySqWfb6mKeAJui4dTOwSqdSfis= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:b616:b0:1a9:baa9:e573 with SMTP id b22-20020a170902b61600b001a9baa9e573mr178574pls.5.1683130125382; Wed, 03 May 2023 09:08:45 -0700 (PDT) Reply-To: Sean Christopherson Date: Wed, 3 May 2023 09:08:37 -0700 In-Reply-To: <20230503160838.3412617-1-seanjc@google.com> Mime-Version: 1.0 References: <20230503160838.3412617-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.495.gc816e09b53d-goog Message-ID: <20230503160838.3412617-3-seanjc@google.com> Subject: [PATCH v2 2/3] KVM: x86: Don't adjust guest's CPUID.0x12.1 (allowed SGX enclave XFRM) From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Kai Huang X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764890091570393988?= X-GMAIL-MSGID: =?utf-8?q?1764890091570393988?= Drop KVM's manipulation of guest's CPUID.0x12.1 ECX and EDX, i.e. the allowed XFRM of SGX enclaves, now that KVM explicitly checks the guest's allowed XCR0 when emulating ECREATE. Note, this could theoretically break a setup where userspace advertises a "bad" XFRM and relies on KVM to provide a sane CPUID model, but QEMU is the only known user of KVM SGX, and QEMU explicitly sets the SGX CPUID XFRM subleaf based on the guest's XCR0. Reviewed-by: Kai Huang Tested-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kvm/cpuid.c | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 123bf8b97a4b..0c9660a07b23 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -253,7 +253,6 @@ static void __kvm_update_cpuid_runtime(struct kvm_vcpu *vcpu, struct kvm_cpuid_e int nent) { struct kvm_cpuid_entry2 *best; - u64 guest_supported_xcr0 = cpuid_get_supported_xcr0(entries, nent); best = cpuid_entry2_find(entries, nent, 1, KVM_CPUID_INDEX_NOT_SIGNIFICANT); if (best) { @@ -292,21 +291,6 @@ static void __kvm_update_cpuid_runtime(struct kvm_vcpu *vcpu, struct kvm_cpuid_e vcpu->arch.ia32_misc_enable_msr & MSR_IA32_MISC_ENABLE_MWAIT); } - - /* - * Bits 127:0 of the allowed SECS.ATTRIBUTES (CPUID.0x12.0x1) enumerate - * the supported XSAVE Feature Request Mask (XFRM), i.e. the enclave's - * requested XCR0 value. The enclave's XFRM must be a subset of XCRO - * at the time of EENTER, thus adjust the allowed XFRM by the guest's - * supported XCR0. Similar to XCR0 handling, FP and SSE are forced to - * '1' even on CPUs that don't support XSAVE. - */ - best = cpuid_entry2_find(entries, nent, 0x12, 0x1); - if (best) { - best->ecx &= guest_supported_xcr0 & 0xffffffff; - best->edx &= guest_supported_xcr0 >> 32; - best->ecx |= XFEATURE_MASK_FPSSE; - } } void kvm_update_cpuid_runtime(struct kvm_vcpu *vcpu) From patchwork Wed May 3 16:08:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 89781 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1454250vqo; Wed, 3 May 2023 09:24:50 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ79FhgxFutMjrmlOMbTDJQRf9ztl+klqBDlESUeOQ3F8IA6lw0PC2pk01kJQ972C37uoPzq X-Received: by 2002:a05:6a20:2302:b0:f2:13cc:2914 with SMTP id n2-20020a056a20230200b000f213cc2914mr20139959pzc.16.1683131090607; Wed, 03 May 2023 09:24:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683131090; cv=none; d=google.com; s=arc-20160816; b=iY8h6JbwJjs1swhbaFpQFa4WM2cCXKjsZghNWuA+XBh3ZiFDDky5+W9428HgCesSGi YpDKqrp4BSqOowPa+Y82Hrjv43YB5Mbk9PELfATEQS+Vd+dmWoAvgftjVa+qcSbRvfiO w0VCr61bj8wTfv2RJAsJOmbIuCXAfLDOsf+AsP54tTTpzuHJkMsAFD6zz3d62QPjO1NH bGKCEJRoyDt6wThZ53gPvGnQap9DBBXI1vqMnGNTw7Q2g5u5Z7RVqJZzP2ZpC63YJlV9 jv43b9UHbGR+MsJhLeZhgksxiakKqH0suaKzQFCva8SisDfu1rQnbvYLx7TBlm/XGagP BkzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=UpESMHY3dXiGunARd4Ma9HdMNvInCBKyCNCSaFRW6Ms=; b=M+h8sYx6dAQ1kyXdL2qYsgUjYIwTedBFeCulC+TnqOlU8PrjcIRaOccjpPXRkAOdob /3dab9oZWirADI4xy771aXatJ6iuCCUsnHqyd5qzgqHvEEAHhZT4Qt7Um0mXCmDS36X0 zNvgvrbcm5AsJLxM0RuzFSEAe0tX3wJZG/UxI106sdHrtqvYWqtjeCYQrHMU80cB2pfb a+kYpb9PvuH2SH0Nxp/p9y/o31kJZNWQ8/b+4150GclsD3Y0NVFUoPtVQrgPuaLyEBSe SY61NX/RT0nlY9yvIihdYjLhckHwmIRN5e6uhSHSJjgVx4bHo4jbK/G7SyxuiyvqRWMh WvRw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=wWTeQSe9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k186-20020a633dc3000000b0051b53255837si448109pga.508.2023.05.03.09.24.37; Wed, 03 May 2023 09:24:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=wWTeQSe9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230306AbjECQI5 (ORCPT + 99 others); Wed, 3 May 2023 12:08:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42976 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230425AbjECQIu (ORCPT ); Wed, 3 May 2023 12:08:50 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 31A497282 for ; Wed, 3 May 2023 09:08:48 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-b9a7553f95dso10691475276.2 for ; Wed, 03 May 2023 09:08:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683130127; x=1685722127; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=UpESMHY3dXiGunARd4Ma9HdMNvInCBKyCNCSaFRW6Ms=; b=wWTeQSe9JCCJ9pUvrrbudQKOTYO/i38kVcvsNhjPCCSRQyOR13ZqBKkCsMKvJO8ipA AUAokED4NY2vc/H9pYe41Pg+X5hIPEcIQpIJWr5NnqmigGPerJ3MtUKWbPYztN+VUJrr mnJUA/qxNDAR0r0LekD481sPNikHnSVY+cqmYJvxgd6hKMwNbcrUoOTlCKNA6uNMWSbE Q0BCvmEIiP24OXh3p2PhMIKcMV4Y4BqTZdm9ZSzMqEMhkrrlKNqVwXQ+sHqtsetsvlRc TZQdxlteiV2+NmkMidg9DbvStomj13XW9N1RgcA+4728Emo1iRtpcSbPxqfI6jxMZRnW JSqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683130127; x=1685722127; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=UpESMHY3dXiGunARd4Ma9HdMNvInCBKyCNCSaFRW6Ms=; b=cqcjSbELncpiC1u/ZV33xDwzZRqeNWRe2/14+O23Dw0G1Rg3/fQ1jm9qrMTjpnD3O4 LogGdVLztOEOu6g4jCeEwJlmEAZE3FXsWt52otlzcMMwBDs86VotjgwtHc04mjZbqIgy oUCfN+T+ITQqm6S2Qy3RtaV5Rj2KLz46K1y4p1LS3o4IwyHXBJtYhuJEsp4wRQXPyVRg vDzBr2EyTOLBLuXqEAoHx0TFgqjKw3K0xi1QPqZ5fM+zh8IgBCWeM6/t4HsEkRPkgxgb h1QqLQgSL4Iwr2rPunwkILhQN0wZxQ2D59nuQHf6Cx9E6j7vHrr7baKWosk0ulcl3BpR pPIQ== X-Gm-Message-State: AC+VfDwqigYrvHnAcqF4h514RWrSK2t8y+2grprWAaFnCgW/GTil1Esi WMRRVaBQp2O2oyWZZjAb1NKmd5lxRJk= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:5e03:0:b0:b9e:91e0:ea0a with SMTP id s3-20020a255e03000000b00b9e91e0ea0amr2705234ybb.13.1683130127369; Wed, 03 May 2023 09:08:47 -0700 (PDT) Reply-To: Sean Christopherson Date: Wed, 3 May 2023 09:08:38 -0700 In-Reply-To: <20230503160838.3412617-1-seanjc@google.com> Mime-Version: 1.0 References: <20230503160838.3412617-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.495.gc816e09b53d-goog Message-ID: <20230503160838.3412617-4-seanjc@google.com> Subject: [PATCH v2 3/3] KVM: x86: Open code supported XCR0 calculation in kvm_vcpu_after_set_cpuid() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Kai Huang X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1764890866779865969?= X-GMAIL-MSGID: =?utf-8?q?1764890866779865969?= Drop cpuid_get_supported_xcr0() now that its bastardized usage in __kvm_update_cpuid_runtime() is gone, and open code the logic in its sole caller, kvm_vcpu_after_set_cpuid(). No functional change intended. Reviewed-by: Kai Huang Tested-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kvm/cpuid.c | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 0c9660a07b23..491c88e196c1 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -234,21 +234,6 @@ void kvm_update_pv_runtime(struct kvm_vcpu *vcpu) vcpu->arch.pv_cpuid.features = best->eax; } -/* - * Calculate guest's supported XCR0 taking into account guest CPUID data and - * KVM's supported XCR0 (comprised of host's XCR0 and KVM_SUPPORTED_XCR0). - */ -static u64 cpuid_get_supported_xcr0(struct kvm_cpuid_entry2 *entries, int nent) -{ - struct kvm_cpuid_entry2 *best; - - best = cpuid_entry2_find(entries, nent, 0xd, 0); - if (!best) - return 0; - - return (best->eax | ((u64)best->edx << 32)) & kvm_caps.supported_xcr0; -} - static void __kvm_update_cpuid_runtime(struct kvm_vcpu *vcpu, struct kvm_cpuid_entry2 *entries, int nent) { @@ -323,8 +308,16 @@ static void kvm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) kvm_apic_set_version(vcpu); } - vcpu->arch.guest_supported_xcr0 = - cpuid_get_supported_xcr0(vcpu->arch.cpuid_entries, vcpu->arch.cpuid_nent); + /* + * Calculate guest's supported XCR0 taking into account guest CPUID data and + * KVM's supported XCR0 (comprised of host's XCR0 and KVM_SUPPORTED_XCR0). + */ + best = kvm_find_cpuid_entry_index(vcpu, 0xd, 0); + if (!best) + vcpu->arch.guest_supported_xcr0 = 0; + else + vcpu->arch.guest_supported_xcr0 = (best->eax | ((u64)best->edx << 32)) & + kvm_caps.supported_xcr0; /* * FP+SSE can always be saved/restored via KVM_{G,S}ET_XSAVE, even if