From patchwork Thu Sep 14 03:23:27 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139586
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp347372vqi;
        Thu, 14 Sep 2023 06:26:46 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IG4jzcPpIYKBONibnIHnU4wtEI4y9sVuky98P9M8zngXOAcDk4bM9i7uqBAMsOvnOl2cyw3
X-Received: by 2002:a17:90a:de88:b0:268:553f:1938 with SMTP id
 n8-20020a17090ade8800b00268553f1938mr4938581pjv.4.1694698005632;
        Thu, 14 Sep 2023 06:26:45 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694698005; cv=none;
        d=google.com; s=arc-20160816;
        b=BOf9+sz6/PwFTHUlyzelNAwQXEqXl68rYd/VkfISnfQnrnp2Ro0hz5Ik04t1bVkV9I
         xe0ZrxquKBklLTTcYGRKUTdH5zJS4VBBr9AAzyOGkxMh5l1zHgCEH34Nx449udfpwWiv
         DSOOeE3SmTxZlTgoah67rRxooGRP2tb4Ay3fXlqD+w212JhrRl+1jp7KzlEjjiy/7u9d
         rmKiYrrasKTVJgx9rNgR4HI2XM0h1Pt/s6hFGnEkBvF7AMZnEBPHnkn06Ud9oik3qQRP
         En3gwst4CDJ2IAH77OiO9ElUixvKWWlmxrYn5m9K61Vs+n2bmYxPkw6wcx6NP0pMwi90
         K0Og==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=xVABnXeOkMZlJo+ZffrqSfE/4k2ea3Z1/0rzSIi4N90=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=Ko78gGyu+tn5Da5d1rwd5rlYxmPFXzuKXjtvJ5OwCOZ/W3Qhs2mpHOMfM0+p/3GgL/
         KFL3IRgiyPtE7+ee3kixnU3QI7i53XTB9K6qq1Vh4rixJRhpP+evXQjbWWZmVJPU9k2H
         cS7D65ScKhq0p7oQdVcuP5Gkj4iwecPqFw4rynGvsJxwzog7SX+fjXO3iA8CGW/IX285
         ZUY/kUETbGKUMFpt3SsvJcnN+VDMaR2lLT2zRh+xsD5+Q5/HikPT0XnLTo0HchrazOMw
         DLvr8aYcp4DqzZhPx+kg3BV/SkYnBMUTtsxF79ouQ67QPCx9Wzhu5HWogqfagkaq0kDr
         /mOg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Erj7Y+SG;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:6 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6])
        by mx.google.com with ESMTPS id
 az18-20020a17090b029200b00263eb5054fdsi3730440pjb.32.2023.09.14.06.26.45
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 06:26:45 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:6 as permitted sender)
 client-ip=2620:137:e000::3:6;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Erj7Y+SG;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:6 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by pete.vger.email (Postfix) with ESMTP id AB06581A3282;
	Wed, 13 Sep 2023 23:29:05 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235433AbjING2s (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:28:48 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46364 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232171AbjING2q (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:46 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5103BF9;
        Wed, 13 Sep 2023 23:28:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672922; x=1726208922;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=0H4/DsmRdq6ZAqAGPRiCyRQ3eI7Btuj1gad9cmvRYIo=;
  b=Erj7Y+SGRTMfMtKFj4T5JjoATZ8yWnkb50Dqtua6w0ULPbXekPebMXT5
   lIa9msZG797l2eubx0d/SzRQ7bt6RCCJ6pmxZo3i8npMTcGbzD+fwoBs4
   sBCzheKjV10UGqH9FlX07wQ7hLNCG8qAHqPfWfMZNtrlOCwLiVw1RcCI8
   13M3QatZBpcm5Tk9KougOrZylOsAMFwmmzu0ItoMwCdKWRCVab9RjOb8x
   nQ9HlOO9NQJMh754lShr9erzOA3l7ovD5JDERynaYWkarl5op6/jEm74c
   jJbOjSDvkw4CCcYsnQGPCoAjfqFfYTZhdqHf8Y7+H2Zg29e39rk1YniQy
   A==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672437"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672437"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:41 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937978"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937978"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:41 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 1/8] x86/fpu/xstate: Manually check and add
 XFEATURE_CET_USER xstate bit
Date: Wed, 13 Sep 2023 23:23:27 -0400
Message-Id: <20230914032334.75212-2-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:29:05 -0700 (PDT)
X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06,
	DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777019656137815707
X-GMAIL-MSGID: 1777019656137815707

Remove XFEATURE_CET_USER entry from dependency array as the entry doesn't
reflect true dependency between CET features and the xstate bit, instead
manually check and add the bit back if either SHSTK or IBT is supported.

Both user mode shadow stack and indirect branch tracking features depend
on XFEATURE_CET_USER bit in XSS to automatically save/restore user mode
xstate registers, i.e., IA32_U_CET and IA32_PL3_SSP whenever necessary.

Although in real world a platform with IBT but no SHSTK is rare, but in
virtualization world it's common, guest SHSTK and IBT can be controlled
independently via userspace app.

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kernel/fpu/xstate.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index cadf68737e6b..12c8cb278346 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -73,7 +73,6 @@ static unsigned short xsave_cpuid_features[] __initdata = {
 	[XFEATURE_PT_UNIMPLEMENTED_SO_FAR]	= X86_FEATURE_INTEL_PT,
 	[XFEATURE_PKRU]				= X86_FEATURE_OSPKE,
 	[XFEATURE_PASID]			= X86_FEATURE_ENQCMD,
-	[XFEATURE_CET_USER]			= X86_FEATURE_SHSTK,
 	[XFEATURE_XTILE_CFG]			= X86_FEATURE_AMX_TILE,
 	[XFEATURE_XTILE_DATA]			= X86_FEATURE_AMX_TILE,
 };
@@ -798,6 +797,14 @@ void __init fpu__init_system_xstate(unsigned int legacy_size)
 			fpu_kernel_cfg.max_features &= ~BIT_ULL(i);
 	}
 
+	/*
+	 * Manually add CET user mode xstate bit if either SHSTK or IBT is
+	 * available. Both features depend on the xstate bit to save/restore
+	 * CET user mode state.
+	 */
+	if (boot_cpu_has(X86_FEATURE_SHSTK) || boot_cpu_has(X86_FEATURE_IBT))
+		fpu_kernel_cfg.max_features |= BIT_ULL(XFEATURE_CET_USER);
+
 	if (!cpu_feature_enabled(X86_FEATURE_XFD))
 		fpu_kernel_cfg.max_features &= ~XFEATURE_MASK_USER_DYNAMIC;
 

From patchwork Thu Sep 14 03:23:28 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139410
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp176807vqi;
        Thu, 14 Sep 2023 00:42:15 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IEsiN9ofWK7Vt9uiCvou2JIhs46xfaBp7oMv/5Obis55zmTQ9JkCeQi0H/urNG+zmaiHpsn
X-Received: by 2002:a17:90a:f009:b0:263:9e9b:5586 with SMTP id
 bt9-20020a17090af00900b002639e9b5586mr4544497pjb.44.1694677335373;
        Thu, 14 Sep 2023 00:42:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694677335; cv=none;
        d=google.com; s=arc-20160816;
        b=W/VFapHJ8/qt/48m5eLG1m0cecYq6B/6ZO2qXikz7eda0OQRfw71/uYd8QmEqYoogL
         /KjY0HldTNcVV5fUEa/Gv0AhZV/HKAPpSaQbDTonxBnfMD+k6tgLmRHEuh7K05iwgZeM
         4JmmQZfvIgzW/cbp1clPSd+Hoc/WUVIQJS2IwgQJy8LheSv+0d/8CvR5nzOnhKcyQZfu
         NhvSNU8gzd6QD3vnJNccnND7LZ2XlwTTiR9NHfW+q3US+I55FRnHZFntqJp464yxllnX
         Kg1jkQ4bkarjHl4f2RnPkIKQOan9loghZ29OkAPeMY9QzNhkyBCxoPB56HwafTnER0xR
         DcmQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=nYxuvNshQMN9deYRRgEOiv1auCQcrolT6NBytTZvMoY=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=h0IxK79/2LsX0NgNNFnTwwqBvM6dSGCgxH/wefPW8OMHONPAVFePaPeycIT6w25yoC
         N8GwknQKDDs1nPTwTYzl97iPjbdwCYd88R7JzE6VrgWLKY2rTQ5LrKuodCrq+1VeXUX9
         vD9VjKXLYpW2+byZqeNpKV80SXe3CTMLT645QFvn8Tf/FfeynJ1dynSq97mQpukAndiZ
         Qk7ZjnBelKHxO9DE3tlXpinTBpy8WxYVaxExuSe+tqRE7+8gaLM8cRWjoy0RRliqgD09
         pa+izXhZF3r2EUrx2TKm93g4iFd1sqcpJ3OiRy5MnThVU7/zza08bHfKeTxfwwcAjFKW
         cX8Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=SnhbiDqR;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.35 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from groat.vger.email (groat.vger.email. [23.128.96.35])
        by mx.google.com with ESMTPS id
 rm9-20020a17090b3ec900b00267b910cb37si1203455pjb.52.2023.09.14.00.42.15
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 00:42:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=SnhbiDqR;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.35 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by groat.vger.email (Postfix) with ESMTP id 7D499832821F;
	Wed, 13 Sep 2023 23:29:10 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235410AbjING2w (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:28:52 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46372 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232446AbjING2q (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:46 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A74C7F7;
        Wed, 13 Sep 2023 23:28:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672922; x=1726208922;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=FKJfPu7lwKGVQbgKOQaw0mIzmXpCo4IrXnEnhDUCXZg=;
  b=SnhbiDqRJSU+wg4VUdWeFQ0GwHBkJkSPlcZQRNdR43uCZRXrwU2YzmaA
   a9Ul2fYwpXN3jxbys3VEVcE9NkHZtJObmlY/Z/h16Ugl5jn9naTvWbEBy
   P7y3IpNmThZMgXh8gymZNB79iqY6kty/cOAzlBI+RQEyxGRrPmVxJDi3B
   KJMeOXGFiTzL+LEBzLrlks2bRa3uRruxyOTbr6CV9sjIPe2aC5hmFj6ez
   3TrI46/Fu0/Ca/mbo7e8Pzf8Dyckpp+J56Hw/87Qj/OTlZWsRssUV61ao
   NHq7xh6Kj3z/wW3iPK7RYKAiv8Z6C6NLeB0j9Hugo3MCs519Z5uosQHFo
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672443"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672443"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:42 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937981"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937981"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:41 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 2/8] x86/fpu/xstate: Fix guest fpstate allocation size
 calculation
Date: Wed, 13 Sep 2023 23:23:28 -0400
Message-Id: <20230914032334.75212-3-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:29:10 -0700 (PDT)
X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06,
	DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1776997981648389809
X-GMAIL-MSGID: 1776997981648389809

Fix guest xsave area allocation size from fpu_user_cfg.default_size to
fpu_kernel_cfg.default_size so that the xsave area size is consistent
with fpstate->size set in __fpstate_reset().

With the fix, guest fpstate size is sufficient for KVM supported guest
xfeatures.

Fixes: 69f6ed1d14c6 ("x86/fpu: Provide infrastructure for KVM FPU cleanup");
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kernel/fpu/core.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c
index a86d37052a64..a42d8ad26ce6 100644
--- a/arch/x86/kernel/fpu/core.c
+++ b/arch/x86/kernel/fpu/core.c
@@ -220,7 +220,9 @@ bool fpu_alloc_guest_fpstate(struct fpu_guest *gfpu)
 	struct fpstate *fpstate;
 	unsigned int size;
 
-	size = fpu_user_cfg.default_size + ALIGN(offsetof(struct fpstate, regs), 64);
+	size = fpu_kernel_cfg.default_size +
+	       ALIGN(offsetof(struct fpstate, regs), 64);
+
 	fpstate = vzalloc(size);
 	if (!fpstate)
 		return false;

From patchwork Thu Sep 14 03:23:29 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139651
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp444424vqi;
        Thu, 14 Sep 2023 08:50:16 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IG8UK1lnuNVZnnTdOB7whOF3PMtcWngGG3cLoxPwLHr+BBO/AzTP78Ng7CIwOIjJznEs4Yz
X-Received: by 2002:a17:90a:f60b:b0:268:ac99:4bb4 with SMTP id
 bw11-20020a17090af60b00b00268ac994bb4mr5349385pjb.46.1694706616242;
        Thu, 14 Sep 2023 08:50:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694706616; cv=none;
        d=google.com; s=arc-20160816;
        b=lU9v5QPiRb8+t/YuKlm973pli4G033II7UHDhH1Xjg2UtmtA0Yk/yDayJuWPSy6K03
         HwiaO7bvYF8TR4ryXSAKLKEqplrh2Ef8Vm8MAyce8D7VLZ9uo5rC+Mcc2+z4kb53g2re
         kkIQyWvxQMUCE8GoEvvMajqosG4Kms2XEYyg2aX6P1fpOFr4bTPy6jg/2L+L8Ij/q7MR
         zXAqp3FCe93xsgrDjsIaeQPj21SbpcRiNtB3393HsWpmU0bliWP1AcdrtkizpefilXTx
         WmGmoOtkqaO7b3enBWZRNTOrJwSIW4MSRp/kS3QBFyMrFARKtAzRXVWAMAlJTcTBdk3r
         xD/A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=ffjA9L8TziRR9s+3BG81BNzJMjjifwHlLy5qfG/MckI=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=R0kTMrvtsnNosr11U5Rx6/1iimiX2WluDROBSRN44nrhf3GtHzjcZu1ddlaSkWM9Gv
         M7XQwgBAQWFYsuNqSXuMIiQi1cU6YSxjmBg8BX97E98UW3PfIKTquSXFQO2bzrCP6JCR
         v3Wkbv1dicq1lWzvSxAq8sFjnbPgnW3GzjZrXWuLw6cVq8mkMVmYMnD/qSDTmg9f1dQG
         qLtFtkc9cir8YZxyiCknlJimYsQpdbD/8dD0HaW9QbX5KkOCu6Rj3fHqRA22tssuDOt7
         3nmL9KjMisrJ1C0A2EePIN2ApFdPBM+J+xnq4PWQCrdVjFgrCZHhU/PKfFP6csdFRvbd
         uQog==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=ROBswMT5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:4 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4])
        by mx.google.com with ESMTPS id
 f3-20020a17090ac28300b0026360db339fsi1800345pjt.12.2023.09.14.08.50.15
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 08:50:16 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:4 as permitted sender)
 client-ip=2620:137:e000::3:4;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=ROBswMT5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:4 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id 333468226AC9;
	Wed, 13 Sep 2023 23:28:57 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235541AbjING2y (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:28:54 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46380 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235209AbjING2r (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:47 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F05ECF9;
        Wed, 13 Sep 2023 23:28:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672923; x=1726208923;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=DH/kwoW6eRQtxK0yZo8tCx3soKPTztRafZKZYlHzFUA=;
  b=ROBswMT5MVWv75ejWPyQbkYLKmI2tk7mZCRDyFBU3TFj56ikcijFfAT3
   1nuq8rVMNeg0GUSz+ttBXM2RjSBc80UsSF/vPOS7FaalHaClr1xP366x9
   fkjZ0dZgVUQMrsBX+4Ef04XJSboF26QZhTmeufe7H8QOQ7H7p1eCz9ji7
   Z86u1LKHPDLBL3gUzRJ5qLr84NthyOq+m6WHW5DnU2G++DfNAewIwQfoE
   t4LGDhvGpvFduBAvpsXtJwLrMZ8gM/e9+L4XeB10LgXnHvJf32s6EYuGj
   uejWui7f2sxiTXxN99dwUPW5DeZ9FgDyM7tZ6YmbkaHwPstd3kpKTUCr+
   g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672449"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672449"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:42 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937984"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937984"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:42 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 3/8] x86/fpu/xstate: Add CET supervisor mode state support
Date: Wed, 13 Sep 2023 23:23:29 -0400
Message-Id: <20230914032334.75212-4-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:28:57 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777028684635716591
X-GMAIL-MSGID: 1777028684635716591

Add supervisor mode state support within FPU xstate management framework.
Although supervisor shadow stack is not enabled/used today in kernel,KVM
requires the support because when KVM advertises shadow stack feature to
guest, architechturally it claims the support for both user and supervisor
modes for Linux and non-Linux guest OSes.

With the xstate support, guest supervisor mode shadow stack state can be
properly saved/restored when 1) guest/host FPU context is swapped 2) vCPU
thread is sched out/in.

The alternative is to enable it in KVM domain, but KVM maintainers NAKed
the solution. The external discussion can be found at [*], it ended up
with adding the support in kernel instead of KVM domain.

Note, in KVM case, guest CET supervisor state i.e., IA32_PL{0,1,2}_MSRs,
are preserved after VM-Exit until host/guest fpstates are swapped, but
since host supervisor shadow stack is disabled, the preserved MSRs won't
hurt host.

[*]: https://lore.kernel.org/all/806e26c2-8d21-9cc9-a0b7-7787dd231729@intel.com/

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/include/asm/fpu/types.h  | 14 ++++++++++++--
 arch/x86/include/asm/fpu/xstate.h |  6 +++---
 arch/x86/kernel/fpu/xstate.c      |  6 +++++-
 3 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/arch/x86/include/asm/fpu/types.h b/arch/x86/include/asm/fpu/types.h
index eb810074f1e7..c6fd13a17205 100644
--- a/arch/x86/include/asm/fpu/types.h
+++ b/arch/x86/include/asm/fpu/types.h
@@ -116,7 +116,7 @@ enum xfeature {
 	XFEATURE_PKRU,
 	XFEATURE_PASID,
 	XFEATURE_CET_USER,
-	XFEATURE_CET_KERNEL_UNUSED,
+	XFEATURE_CET_KERNEL,
 	XFEATURE_RSRVD_COMP_13,
 	XFEATURE_RSRVD_COMP_14,
 	XFEATURE_LBR,
@@ -139,7 +139,7 @@ enum xfeature {
 #define XFEATURE_MASK_PKRU		(1 << XFEATURE_PKRU)
 #define XFEATURE_MASK_PASID		(1 << XFEATURE_PASID)
 #define XFEATURE_MASK_CET_USER		(1 << XFEATURE_CET_USER)
-#define XFEATURE_MASK_CET_KERNEL	(1 << XFEATURE_CET_KERNEL_UNUSED)
+#define XFEATURE_MASK_CET_KERNEL	(1 << XFEATURE_CET_KERNEL)
 #define XFEATURE_MASK_LBR		(1 << XFEATURE_LBR)
 #define XFEATURE_MASK_XTILE_CFG		(1 << XFEATURE_XTILE_CFG)
 #define XFEATURE_MASK_XTILE_DATA	(1 << XFEATURE_XTILE_DATA)
@@ -264,6 +264,16 @@ struct cet_user_state {
 	u64 user_ssp;
 };
 
+/*
+ * State component 12 is Control-flow Enforcement supervisor states
+ */
+struct cet_supervisor_state {
+	/* supervisor ssp pointers  */
+	u64 pl0_ssp;
+	u64 pl1_ssp;
+	u64 pl2_ssp;
+};
+
 /*
  * State component 15: Architectural LBR configuration state.
  * The size of Arch LBR state depends on the number of LBRs (lbr_depth).
diff --git a/arch/x86/include/asm/fpu/xstate.h b/arch/x86/include/asm/fpu/xstate.h
index d4427b88ee12..3b4a038d3c57 100644
--- a/arch/x86/include/asm/fpu/xstate.h
+++ b/arch/x86/include/asm/fpu/xstate.h
@@ -51,7 +51,8 @@
 
 /* All currently supported supervisor features */
 #define XFEATURE_MASK_SUPERVISOR_SUPPORTED (XFEATURE_MASK_PASID | \
-					    XFEATURE_MASK_CET_USER)
+					    XFEATURE_MASK_CET_USER | \
+					    XFEATURE_MASK_CET_KERNEL)
 
 /*
  * A supervisor state component may not always contain valuable information,
@@ -78,8 +79,7 @@
  * Unsupported supervisor features. When a supervisor feature in this mask is
  * supported in the future, move it to the supported supervisor feature mask.
  */
-#define XFEATURE_MASK_SUPERVISOR_UNSUPPORTED (XFEATURE_MASK_PT | \
-					      XFEATURE_MASK_CET_KERNEL)
+#define XFEATURE_MASK_SUPERVISOR_UNSUPPORTED (XFEATURE_MASK_PT)
 
 /* All supervisor states including supported and unsupported states. */
 #define XFEATURE_MASK_SUPERVISOR_ALL (XFEATURE_MASK_SUPERVISOR_SUPPORTED | \
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index 12c8cb278346..c3ed86732d33 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -51,7 +51,7 @@ static const char *xfeature_names[] =
 	"Protection Keys User registers",
 	"PASID state",
 	"Control-flow User registers",
-	"Control-flow Kernel registers (unused)",
+	"Control-flow Kernel registers",
 	"unknown xstate feature",
 	"unknown xstate feature",
 	"unknown xstate feature",
@@ -73,6 +73,7 @@ static unsigned short xsave_cpuid_features[] __initdata = {
 	[XFEATURE_PT_UNIMPLEMENTED_SO_FAR]	= X86_FEATURE_INTEL_PT,
 	[XFEATURE_PKRU]				= X86_FEATURE_OSPKE,
 	[XFEATURE_PASID]			= X86_FEATURE_ENQCMD,
+	[XFEATURE_CET_KERNEL]			= X86_FEATURE_SHSTK,
 	[XFEATURE_XTILE_CFG]			= X86_FEATURE_AMX_TILE,
 	[XFEATURE_XTILE_DATA]			= X86_FEATURE_AMX_TILE,
 };
@@ -277,6 +278,7 @@ static void __init print_xstate_features(void)
 	print_xstate_feature(XFEATURE_MASK_PKRU);
 	print_xstate_feature(XFEATURE_MASK_PASID);
 	print_xstate_feature(XFEATURE_MASK_CET_USER);
+	print_xstate_feature(XFEATURE_MASK_CET_KERNEL);
 	print_xstate_feature(XFEATURE_MASK_XTILE_CFG);
 	print_xstate_feature(XFEATURE_MASK_XTILE_DATA);
 }
@@ -346,6 +348,7 @@ static __init void os_xrstor_booting(struct xregs_state *xstate)
 	 XFEATURE_MASK_BNDCSR |			\
 	 XFEATURE_MASK_PASID |			\
 	 XFEATURE_MASK_CET_USER |		\
+	 XFEATURE_MASK_CET_KERNEL |		\
 	 XFEATURE_MASK_XTILE)
 
 /*
@@ -546,6 +549,7 @@ static bool __init check_xstate_against_struct(int nr)
 	case XFEATURE_PASID:	  return XCHECK_SZ(sz, nr, struct ia32_pasid_state);
 	case XFEATURE_XTILE_CFG:  return XCHECK_SZ(sz, nr, struct xtile_cfg);
 	case XFEATURE_CET_USER:	  return XCHECK_SZ(sz, nr, struct cet_user_state);
+	case XFEATURE_CET_KERNEL: return XCHECK_SZ(sz, nr, struct cet_supervisor_state);
 	case XFEATURE_XTILE_DATA: check_xtile_data_against_struct(sz); return true;
 	default:
 		XSTATE_WARN_ON(1, "No structure for xstate: %d\n", nr);

From patchwork Thu Sep 14 03:23:30 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139501
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp258993vqi;
        Thu, 14 Sep 2023 03:54:43 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IG30wEyqPSet6qHf9QhpXEcNmq39F4ceSi1FgEDCRAXmzojWADdEySN/Icej7zvEvKXjgYj
X-Received: by 2002:a05:6a00:39a5:b0:68f:cd32:c52d with SMTP id
 fi37-20020a056a0039a500b0068fcd32c52dmr5692208pfb.14.1694688882936;
        Thu, 14 Sep 2023 03:54:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694688882; cv=none;
        d=google.com; s=arc-20160816;
        b=aPcZN16lx9EO5a4Re/m2Eqhy/kG8v3Gi8tfMDwwhiGcwvDZsVdJiKn2+xflwzMPIKo
         Ei7Y97mkRXUgXnUt8h0P0dpE2tSa/vqVnkrb4RHK0YZTlSVNqyMXCSw7+uHYJoF+QRvR
         5gMmqfatBRhF69W8gNkqvN/Ops1azfBMNa+d/t544/+yC0OP+Jdd/QKNJbiH75mTZv/U
         V1KG1F+7AiebILAu32q8bs2WeJLfFstu5TO+IQJ+sh8k1oCvyq5+cJPVOkRc2rywaz6a
         iTNhz5WDQGJoHJSaWk9S/0lZ1h8nDs1hiHFVlb0EymQsTMqX7sW+6oUMwRQhKsrfKM80
         POTQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=Uj/uIkifhxYe243RLIyYA/4oIY9s6e3zTKdEeOhULDA=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=Nhynsnm9RqhdeCqnJZDyn5/+8PHMF2o0ttMUfAl8ljZRY0qi9G9yQyNkawcu/uV1DI
         LsV60yQyg5ZyJBZApwN8tG8H1fQbYJIZXgW3l4aFNKdlnNJLda0KMbV8G4ZD1KYZkUh0
         yY50pN6sqVPgFVGTpJ4F82XjyA+waKJp6e3T9gSKQpAVmK6d3a6JTrkxsFbDJLhzKsQP
         68sTxJLmVN6wjqybDUQMwQ9og4MOBuKbsa8Ls8N1T3Kb9hRFj8uOPbmmCNuLLgA0nJ85
         3M9Tr20j8ync+HtJIWEt2gHi0hdMFU8GegOVHgaiA3w/gYt7wWEx1Agsusf5q1pb6MDx
         df8w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Tc7YvM78;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.31 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from morse.vger.email (morse.vger.email. [23.128.96.31])
        by mx.google.com with ESMTPS id
 d15-20020a056a00198f00b0068ff3a3c9d0si1433476pfl.91.2023.09.14.03.54.42
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 03:54:42 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Tc7YvM78;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.31 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by morse.vger.email (Postfix) with ESMTP id CE3AE80C5A01;
	Wed, 13 Sep 2023 23:29:19 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235589AbjING24 (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:28:56 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46396 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235344AbjING2r (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:47 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7A873F9;
        Wed, 13 Sep 2023 23:28:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672923; x=1726208923;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=RiRpO69NN4+D9BiPv1b8kqQ9mDIXR5b5ZIvKZMvuZW0=;
  b=Tc7YvM78ki119DQU8AXTlj+eR6/WKAiafjX5L7+z2qE3GEXOq9jNAb9F
   LK1Xlv0rJbOFt1HBHw9fpyQTep7eu3aG/LmvqUlqLHyUETpiUtYr1JMvG
   WhwK6f9qoSkxPVFFMLBTwRujZMP/zfzkIQmXbjFikI4YIT63NIpFZyIMb
   X/UPS+5KfqbqoEYOmCJYo0m2tFg04J/SZyLUO3VXgvbY3g8woIQ1zCw2Q
   4BgnjLefwfOZ4C08JiuckohhbEu6NpjoQpuwuXlrmqDEAs3JEfh1lzQ/o
   ur7IIq3IThxbA2C/4uc4w/devaRlmdUKvbiTqoJrM5CZbproC/cwPrrnU
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672455"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672455"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:43 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937987"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937987"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:42 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 4/8] x86/fpu/xstate: Introduce kernel dynamic xfeature set
Date: Wed, 13 Sep 2023 23:23:30 -0400
Message-Id: <20230914032334.75212-5-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:29:19 -0700 (PDT)
X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06,
	DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777010090009266298
X-GMAIL-MSGID: 1777010090009266298

Define a new kernel xfeature set including the features can be dynamically
enabled, i.e., the relevant feature is enabled on demand. The xfeature set
is currently used by KVM to configure __guest__ fpstate, i.e., calculating
the xfeature and fpstate storage size etc. The xfeature set is initialized
once and used whenever it's referenced to avoid repeat calculation.

Currently it's used when 1) guest fpstate __state_size is calculated while
guest permits are configured 2) guest vCPU is created and its fpstate is
initialized.

Suggested-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kernel/fpu/xstate.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index c3ed86732d33..eaec05bc1b3c 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -84,6 +84,8 @@ static unsigned int xstate_sizes[XFEATURE_MAX] __ro_after_init =
 	{ [ 0 ... XFEATURE_MAX - 1] = -1};
 static unsigned int xstate_flags[XFEATURE_MAX] __ro_after_init;
 
+u64 fpu_kernel_dynamic_xfeatures __ro_after_init;
+
 #define XSTATE_FLAG_SUPERVISOR	BIT(0)
 #define XSTATE_FLAG_ALIGNED64	BIT(1)
 
@@ -740,6 +742,23 @@ static void __init fpu__init_disable_system_xstate(unsigned int legacy_size)
 	fpstate_reset(&current->thread.fpu);
 }
 
+static unsigned short xsave_kernel_dynamic_xfeatures[] = {
+	[XFEATURE_CET_KERNEL]	= X86_FEATURE_SHSTK,
+};
+
+static void __init init_kernel_dynamic_xfeatures(void)
+{
+	unsigned short cid;
+	int i;
+
+	for (i = 0; i < ARRAY_SIZE(xsave_kernel_dynamic_xfeatures); i++) {
+		cid = xsave_kernel_dynamic_xfeatures[i];
+
+		if (cid && boot_cpu_has(cid))
+			fpu_kernel_dynamic_xfeatures |= BIT_ULL(i);
+	}
+}
+
 /*
  * Enable and initialize the xsave feature.
  * Called once per system bootup.
@@ -809,6 +828,8 @@ void __init fpu__init_system_xstate(unsigned int legacy_size)
 	if (boot_cpu_has(X86_FEATURE_SHSTK) || boot_cpu_has(X86_FEATURE_IBT))
 		fpu_kernel_cfg.max_features |= BIT_ULL(XFEATURE_CET_USER);
 
+	init_kernel_dynamic_xfeatures();
+
 	if (!cpu_feature_enabled(X86_FEATURE_XFD))
 		fpu_kernel_cfg.max_features &= ~XFEATURE_MASK_USER_DYNAMIC;
 

From patchwork Thu Sep 14 03:23:31 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139502
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp260950vqi;
        Thu, 14 Sep 2023 03:59:42 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IE8iq4DLIxSQ56p1g1JiwSL+HlbCjxg3U9LtGduoX60Q2it5Wrc+IrBPfgHWe0EcazOLhbC
X-Received: by 2002:a05:6a20:8e03:b0:14e:429e:b0e3 with SMTP id
 y3-20020a056a208e0300b0014e429eb0e3mr5908683pzj.52.1694689182113;
        Thu, 14 Sep 2023 03:59:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694689182; cv=none;
        d=google.com; s=arc-20160816;
        b=K5gNrLnqEuAvMLfpTyz/etmdf2Gap67GBTu/IBIrG2vzf9fciavtnbcfZdAEwMvTog
         5mxP93qk8ccDvVvx5VJi6oENaTVlBMzkSrDBNRzyRXorepleZ9ArAL48nV05CboQv9Zd
         c25AGefblEGH/piszVYePAZPSLCTJnXva9D1fkNhH/RXVxEOcMUlNlaNJ9kWZHeyluKs
         oi7i+JNU/Rf1pDs9DfdqqpwcO6NjNYEVNMGCoJ2hLn8XnnIvN+G+U4l4QBqed5DMCPaI
         ylIpfFHdB/gYHo8jnFAT310//snC3FNAwwhDhNuAk8MJTZyVwvfPEKn3CLHFMVOBWGga
         lWFw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=92qN2Z5YRHy0C1uwmGGQ48IyvoSvHnH/ADqVY06OFoc=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=MmxKiyrNo4LyZvf6dGLUse5iVrhwx2gseJDuY2SsOAiTS6vcoziWv1z6tFUu/98tlK
         j+Sx0n5r+QQhp7gzX6XOmB1sHTmCEdkXRpTl9LxoUKhaggMjBBF0YpQQBRtRUGgXN69E
         JkLdVKblcegDSANdRsVuVizxCEFy4KMbsanRC/SGTlgaiWJMgcoSByYH6Jn+4CH14b35
         IR2osSqhKXXBtn6IyqgtQ2IEB+kfM08g9ddK0THRJKjww3dm9LJ/uS1MYel50NXDCDJi
         v1YQI52SOuuEPA2T5MPZStQVf5PRpxCtAptF+ebcayBT7+xz3I9lfmIBTkGU2CHjOxp5
         cf5g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=DddmQyhu;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.38 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from fry.vger.email (fry.vger.email. [23.128.96.38])
        by mx.google.com with ESMTPS id
 l13-20020a17090ac58d00b0026b38330c7asi3537952pjt.179.2023.09.14.03.59.41
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 03:59:42 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=DddmQyhu;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.38 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by fry.vger.email (Postfix) with ESMTP id 70373801B654;
	Wed, 13 Sep 2023 23:29:11 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235611AbjING26 (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:28:58 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46406 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235408AbjING2s (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:48 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0981DF7;
        Wed, 13 Sep 2023 23:28:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672924; x=1726208924;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=7cLERNq1vvTBAZ52sQIMEUGAduSmp4Knqxddo4MpnMo=;
  b=DddmQyhubC1R3xKiHIgjXIR7wenWJqr4gRkwV+FSCBn73jBhi6JT/cUy
   /cMsKpy7z70H1xrIRu4ADXqmIP6ShbBA4O/o++Sb0W1iDKsLdv1Hm4qn1
   JrQ7hhUB153MMKcyXqiX2jc/dERZOHBpSpW6r5d9huFZh1o+kNo50Zg0k
   hguStWWyKCHKkzhWLrR4gDF3wl9pifHECJmAcKJ658HhnE2GIXzWLydTf
   xrwoCjSaz7n7+H7pTKxk1YQqOhjui4n9qJplp0vp6fPv8NeAuB9bROjST
   YXHYBuDTxHBfFlBVCX0OwlslHXx/TveCd2bQJ+iZpJsRaMV1gk0v2ImMs
   Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672461"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672461"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:43 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937990"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937990"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:42 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 5/8] x86/fpu/xstate: Remove kernel dynamic xfeatures from
 kernel default_features
Date: Wed, 13 Sep 2023 23:23:31 -0400
Message-Id: <20230914032334.75212-6-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:29:11 -0700 (PDT)
X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06,
	DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777010403407657174
X-GMAIL-MSGID: 1777010403407657174

The kernel dynamic xfeatures are supported by host, i.e., they're enabled
in xsaves/xrstors operating xfeature set (XCR0 | XSS), but the corresponding
CPU features are disabled for the time-being in host kernel so the bits are
not necessarily set by default.

Remove the bits from fpu_kernel_cfg.default_features so that the bits in
xstate_bv and xcomp_bv are cleared and xsaves/xrstors can be optimized by HW
for normal fpstate.

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kernel/fpu/xstate.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index eaec05bc1b3c..4753c677e2e1 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -845,6 +845,7 @@ void __init fpu__init_system_xstate(unsigned int legacy_size)
 	/* Clean out dynamic features from default */
 	fpu_kernel_cfg.default_features = fpu_kernel_cfg.max_features;
 	fpu_kernel_cfg.default_features &= ~XFEATURE_MASK_USER_DYNAMIC;
+	fpu_kernel_cfg.default_features &= ~fpu_kernel_dynamic_xfeatures;
 
 	fpu_user_cfg.default_features = fpu_user_cfg.max_features;
 	fpu_user_cfg.default_features &= ~XFEATURE_MASK_USER_DYNAMIC;

From patchwork Thu Sep 14 03:23:32 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139707
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp489041vqi;
        Thu, 14 Sep 2023 10:00:00 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IHXHVTI5Aua9orW8lirgqYGhj98RJ7exCUij0XNgc3kuarPE0on7ARH0NMTaDQ7TZ/Ecy53
X-Received: by 2002:a05:6a00:3091:b0:68a:42d0:6b9b with SMTP id
 bh17-20020a056a00309100b0068a42d06b9bmr6279708pfb.3.1694710799891;
        Thu, 14 Sep 2023 09:59:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694710799; cv=none;
        d=google.com; s=arc-20160816;
        b=C60YiqtBegAKcDvj/ssU19R3tNd2igZMVfO1VvLIP1zAPjkRdCgFLiaqBTlLScysWS
         wxv+hb3Wq04CXgFzF3hs27yqepz5dhsLELiidUjsj/RT5710Kp6OTdZZCMYyoUpQvY6I
         yyNOTL9UL2DG8vKYG6y1kbFmQL/n6nx0eCWMf2SriEBDgfWM690VSdSEByDfcMgLa4cT
         5UB2lyRDSjak8Nzb4F2zdUzWYE1FdfONAJQoO0g5e6xWrAHYZ9OutbXMfSds8N5XbJC1
         jspePwKvAoBm0+Bf8ua/R2tNT3QuCN7RjC0E98n9BWVvjpbEVaO0iLAlmegVs6ugXtjw
         icYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=4cCg4cl0sgNB+0Scy33zONxGQc7yEzBlhwxNEWru1t8=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=kqI8UEss6YU6UReO/9cDU88I/uJqOzm/zG/kncRO5F5NRo19OsCpU1yoxN7XsUNyU/
         vcNmLInTXNsPGRhyP91JeIxCIgwoBmt21DBkaKP78wy/8CfJeq91XJrv43IbXah8oR/6
         NLIVK69LZaZl1ONzYZqzzTfy4l18WwdZ2i0RadAe74KAk9olsymryp/Iui/15Z1mpQTQ
         S2XbN6O6XHUI7OVVhEykYEV9gST7vpQ2GKtWYqCyH0VnF/68WemqYtWtSfFsX5D0DS52
         xfyBgSjdwhL18R38LQ2Vuv18wAistyJVv9V5CFjvqiTFeBbPD9Wh6gzxbjrROIcaQCBk
         EsFQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=dyyBO5i0;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from snail.vger.email (snail.vger.email. [23.128.96.37])
        by mx.google.com with ESMTPS id
 fo24-20020a056a00601800b00690158064aasi1867906pfb.118.2023.09.14.09.59.59
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 09:59:59 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=dyyBO5i0;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.37 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by snail.vger.email (Postfix) with ESMTP id 32F9E81E9A40;
	Wed, 13 Sep 2023 23:29:04 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235507AbjING3B (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:29:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46418 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235411AbjING2s (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:48 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7FCEBF9;
        Wed, 13 Sep 2023 23:28:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672924; x=1726208924;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=kg4jzy9ndQH5j3Qk6jXnrqWtPLjorVO+dQ5iT2oQlDE=;
  b=dyyBO5i0YubFNjkr5xUeIVfW/RTxmsNv+smF/gQFoyXYvGjquQ8ikW9c
   lu8Wo4JX09VUdX7N+9MWZNCdgHD9BQ0DnMif7eQ1JdFtyRGxfLRKexkz5
   E91+0Gp9qT/pSRuRh7Qz1Rl1qy0Q6/gKAld6FFMz9l3SDBIAQXiDqrj1R
   41cXPfUEQQWwK8F4oyFRMmvBqoD2GmUCob+jz/FEmLH3S2TXketA/oe9x
   REkkJ4VhwI1sklm8oFIT5BGCE72MO6nUsTLVzU50LMRbI7UJGMjYQc0Fd
   YRKiw4UwKwJ6PHlJtuObvhGpgSLTbpUTwgoL73ZWljnuC5mIvbnPZ8Y2N
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672467"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672467"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:44 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937993"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937993"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:43 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 6/8] x86/fpu/xstate: Opt-in kernel dynamic bits when
 calculate guest xstate size
Date: Wed, 13 Sep 2023 23:23:32 -0400
Message-Id: <20230914032334.75212-7-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:29:04 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777033072064235474
X-GMAIL-MSGID: 1777033072064235474

When user space requests guest xstate permits, the sufficient xstate size
is calculated from permitted mask. Currently the max guest permits are set
to fpu_kernel_cfg.default_features, and the latter doesn't include kernel
dynamic xfeatures, so add them back for correct guest fpstate size.

If guest dynamic xfeatures are enabled, KVM re-allocates guest fpstate area
with above resulting size before launches VM.

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kernel/fpu/xstate.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index 4753c677e2e1..c5d903b4df4d 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -1636,9 +1636,17 @@ static int __xstate_request_perm(u64 permitted, u64 requested, bool guest)
 
 	/* Calculate the resulting kernel state size */
 	mask = permitted | requested;
-	/* Take supervisor states into account on the host */
+	/*
+	 * Take supervisor states into account on the host. And add
+	 * kernel dynamic xfeatures to guest since guest kernel may
+	 * enable corresponding CPU feaures and the xstate registers
+	 * need to be saved/restored properly.
+	 */
 	if (!guest)
 		mask |= xfeatures_mask_supervisor();
+	else
+		mask |= fpu_kernel_dynamic_xfeatures;
+
 	ksize = xstate_calculate_size(mask, compacted);
 
 	/* Calculate the resulting user state size */

From patchwork Thu Sep 14 03:23:33 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139898
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp685920vqi;
        Thu, 14 Sep 2023 16:23:39 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IGMmP8yhmbb+XX3Cl5nP9gk/sEbPupn/hT2JKVCjima5igY3vlCE5R1wNPJ5ly9+lc2JDuF
X-Received: by 2002:a05:6808:18aa:b0:3a8:5133:4831 with SMTP id
 bi42-20020a05680818aa00b003a851334831mr45142oib.50.1694733819454;
        Thu, 14 Sep 2023 16:23:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694733819; cv=none;
        d=google.com; s=arc-20160816;
        b=foWhPBRf0LzEKa+LswIlXpLXwRUc/MxMfAJPbN9CAjyVoo7h8KcQKd0L63LJkq5Mt7
         NlSvI7s3ugQQ6UZc9E3wb6mkJkDCDtQJzE1SeRIC+J9KjbjM21lmUISX6wdddSPihAG2
         BSb7j9748fs+507anSoX6dHQhnITq6zSsi2s+F6/GWo1IAD1Z7CT84LqqwAWa6m8IsF7
         ldaoGcVPQDtxT+PEvh6cuwoWOPp5wnKtpBWl+AHkib3X2n8OdNhjanIhYlBCmQqU8SXX
         hbd+kxk00v3Gshu8kgy7AXVb4e57bMJmSTRG4dA+Xrp1mjReWo2kAGlG+x7D7nOyHv08
         GkUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=vKxIFi+p2CKgVg5+2NrvVr4sMj5wnJnB0/E0RK/jXsY=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=nhtGgVKqfedrvbxVJAIRc6m3d4pXlrJs60arWy/B/b1G7vQDviAHMi4vviBqYBrXeD
         6WqCV0sHN9tYR+y4aiMVXoZFn6cBJDapYgDaxGeMMgwHvA6Vg2gc+qmgaEDxa4be9+Eb
         TnkjEIO/FTXh1HqipVfzWaFpD9lHNpf84DdNLGt1L4V3EKLDu+Ewa5vAqPpphxb9n11G
         wVyPpAM67GR8rf7for21PQbuenShL2jnaa2PFZLCfSx18xVBV5BSvxKk0KXwOLV5ykK/
         GkcvBrm+r9BK5NRZNj+4J7uSxcYq+slPrKiX8zPiWkyMMlV0Fpgp4pSHbRe+ak9xt47G
         AEYw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=jaIFJSE1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.34 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from howler.vger.email (howler.vger.email. [23.128.96.34])
        by mx.google.com with ESMTPS id
 bt8-20020a632908000000b00577a073a80fsi2155141pgb.293.2023.09.14.16.23.39
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 16:23:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=jaIFJSE1;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 23.128.96.34 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id A5B7482DAD08;
	Wed, 13 Sep 2023 23:29:05 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235673AbjING3E (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:29:04 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46422 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235438AbjING2t (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:49 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E7DC1F7;
        Wed, 13 Sep 2023 23:28:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672924; x=1726208924;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=Qn5wUWy4Vkg3CghO5UGfFtXHTUkaS9WcgUAH/F4Vglo=;
  b=jaIFJSE1T5OohwIkN56tbVqM0jgXHai/DLMsHe5I1JXAuInZO77w7fRV
   vaC030NxFrmrdeEgTvClW3Iy3xGET1kjhoT0geHAU7JLBepA1efsKpYrB
   oHYHNXp0zm3IDvrtTnq8Mx9cpK/mTMf5CPge9DgyjbX0jyyf+hEp/KYwQ
   SOskIe4Okt8OgYwMf6dNsbhvbqG40PXPhdhQQmHpOuENBbana14GpN8Xf
   7OHF9BZPr7WBZWeaJw+q8c1yks0QAWqNZbamRdPIrd0N9Sgi6/idsk2YW
   rI4FDAmgqFy/3tHUiobldEvpfg2jWKSeR+hubCMy8i6IiKfFXnYSIAtum
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672474"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672474"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:44 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937996"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937996"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:44 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 7/8] x86/fpu/xstate: Tweak guest fpstate to support kernel
 dynamic xfeatures
Date: Wed, 13 Sep 2023 23:23:33 -0400
Message-Id: <20230914032334.75212-8-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:29:05 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777057209433041670
X-GMAIL-MSGID: 1777057209433041670

The guest fpstate is sized with fpu_kernel_cfg.default_size (by preceding
fix) and the kernel dynamic xfeatures are not taken into account, so add
the support and tweak fpstate xfeatures and size accordingly.

Below configuration steps are currently enforced to get guest fpstate:
1) User space sets thread group xstate permits via arch_prctl().
2) User space creates vcpu thread.
3) User space enables guest dynamic xfeatures.

In #1, guest fpstate size (i.e., __state_size [1]) is induced from
(fpu_kernel_cfg.default_features | user dynamic xfeatures) [2].
In #2, guest fpstate size is calculated with fpu_kernel_cfg.default_size
and fpstate->size is set to the same. fpstate->xfeatures is set to
fpu_kernel_cfg.default_features.
In #3, guest fpstate is re-allocated as [1] and fpstate->xfeatures is
set to [2].

By adding kernel dynamic xfeatures in above #1 and #2, guest xstate area
size is expanded to hold (fpu_kernel_cfg.default_features | kernel dynamic
_xfeatures | user dynamic xfeatures)[3], and guest fpstate->xfeatures is
set to [3]. Then host xsaves/xrstors can act on all guest xfeatures.

The user_* fields remain unchanged for compatibility of non-compacted KVM
uAPIs.

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kernel/fpu/core.c   | 56 +++++++++++++++++++++++++++++-------
 arch/x86/kernel/fpu/xstate.c |  2 +-
 arch/x86/kernel/fpu/xstate.h |  2 ++
 3 files changed, 49 insertions(+), 11 deletions(-)

diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c
index a42d8ad26ce6..e5819b38545a 100644
--- a/arch/x86/kernel/fpu/core.c
+++ b/arch/x86/kernel/fpu/core.c
@@ -33,6 +33,8 @@ DEFINE_STATIC_KEY_FALSE(__fpu_state_size_dynamic);
 DEFINE_PER_CPU(u64, xfd_state);
 #endif
 
+extern unsigned int xstate_calculate_size(u64 xfeatures, bool compacted);
+
 /* The FPU state configuration data for kernel and user space */
 struct fpu_state_config	fpu_kernel_cfg __ro_after_init;
 struct fpu_state_config fpu_user_cfg __ro_after_init;
@@ -193,8 +195,6 @@ void fpu_reset_from_exception_fixup(void)
 }
 
 #if IS_ENABLED(CONFIG_KVM)
-static void __fpstate_reset(struct fpstate *fpstate, u64 xfd);
-
 static void fpu_init_guest_permissions(struct fpu_guest *gfpu)
 {
 	struct fpu_state_perm *fpuperm;
@@ -215,28 +215,64 @@ static void fpu_init_guest_permissions(struct fpu_guest *gfpu)
 	gfpu->perm = perm & ~FPU_GUEST_PERM_LOCKED;
 }
 
-bool fpu_alloc_guest_fpstate(struct fpu_guest *gfpu)
+static struct fpstate *__fpu_alloc_init_guest_fpstate(struct fpu_guest *gfpu)
 {
+	bool compacted = cpu_feature_enabled(X86_FEATURE_XCOMPACTED);
+	unsigned int gfpstate_size, size;
 	struct fpstate *fpstate;
-	unsigned int size;
+	u64 xfeatures;
+
+	/*
+	 * fpu_kernel_cfg.default_features includes all enabled xfeatures
+	 * except those dynamic xfeatures. Compared with user dynamic
+	 * xfeatures, the kernel dynamic ones are enabled for guest by
+	 * default, so add the kernel dynamic xfeatures back when calculate
+	 * guest fpstate size.
+	 *
+	 * If the user dynamic xfeatures are enabled, the guest fpstate will
+	 * be re-allocated to hold all guest enabled xfeatures, so omit user
+	 * dynamic xfeatures here.
+	 */
+	xfeatures = fpu_kernel_cfg.default_features |
+		    fpu_kernel_dynamic_xfeatures;
+
+	gfpstate_size = xstate_calculate_size(xfeatures, compacted);
 
-	size = fpu_kernel_cfg.default_size +
-	       ALIGN(offsetof(struct fpstate, regs), 64);
+	size = gfpstate_size + ALIGN(offsetof(struct fpstate, regs), 64);
 
 	fpstate = vzalloc(size);
 	if (!fpstate)
-		return false;
+		return NULL;
+	/*
+	 * Initialize sizes and feature masks, use fpu_user_cfg.*
+	 * for user_* settings for compatibility of exiting uAPIs.
+	 */
+	fpstate->size		= gfpstate_size;
+	fpstate->xfeatures	= xfeatures;
+	fpstate->user_size	= fpu_user_cfg.default_size;
+	fpstate->user_xfeatures	= fpu_user_cfg.default_features;
+	fpstate->xfd		= 0;
 
-	/* Leave xfd to 0 (the reset value defined by spec) */
-	__fpstate_reset(fpstate, 0);
 	fpstate_init_user(fpstate);
 	fpstate->is_valloc	= true;
 	fpstate->is_guest	= true;
 
 	gfpu->fpstate		= fpstate;
-	gfpu->xfeatures		= fpu_user_cfg.default_features;
+	gfpu->xfeatures		= xfeatures;
 	gfpu->perm		= fpu_user_cfg.default_features;
 
+	return fpstate;
+}
+
+bool fpu_alloc_guest_fpstate(struct fpu_guest *gfpu)
+{
+	struct fpstate *fpstate;
+
+	fpstate = __fpu_alloc_init_guest_fpstate(gfpu);
+
+	if (!fpstate)
+		return false;
+
 	/*
 	 * KVM sets the FP+SSE bits in the XSAVE header when copying FPU state
 	 * to userspace, even when XSAVE is unsupported, so that restoring FPU
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index c5d903b4df4d..87149aba6f11 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -561,7 +561,7 @@ static bool __init check_xstate_against_struct(int nr)
 	return true;
 }
 
-static unsigned int xstate_calculate_size(u64 xfeatures, bool compacted)
+unsigned int xstate_calculate_size(u64 xfeatures, bool compacted)
 {
 	unsigned int topmost = fls64(xfeatures) -  1;
 	unsigned int offset = xstate_offsets[topmost];
diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h
index a4ecb04d8d64..9c6e3ca05c5c 100644
--- a/arch/x86/kernel/fpu/xstate.h
+++ b/arch/x86/kernel/fpu/xstate.h
@@ -10,6 +10,8 @@
 DECLARE_PER_CPU(u64, xfd_state);
 #endif
 
+extern u64 fpu_kernel_dynamic_xfeatures;
+
 static inline void xstate_init_xcomp_bv(struct xregs_state *xsave, u64 mask)
 {
 	/*

From patchwork Thu Sep 14 03:23:34 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Yang, Weijiang" <weijiang.yang@intel.com>
X-Patchwork-Id: 139600
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp359981vqi;
        Thu, 14 Sep 2023 06:47:07 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IGIR+ewg5LyhvZZWDTOQg5STIiLHJZs1yaZRhM7X5yePONdfSNxTBoG1e9jWO26LGQcZchX
X-Received: by 2002:a17:903:244c:b0:1c3:a396:25ae with SMTP id
 l12-20020a170903244c00b001c3a39625aemr6908469pls.56.1694699227125;
        Thu, 14 Sep 2023 06:47:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1694699227; cv=none;
        d=google.com; s=arc-20160816;
        b=fE83jl8m6/5dT4z4VQSybP9bNobrbLwxHC4Tz6DpRmIpoK/YrZrO+BG+/qKwfxKhtF
         wH6EsBYAwsjvD6nMam+OaysoXc3j0DJ3ABtBDeesIS2gBiVMOeW9GekeOSn2R/dY5Ef9
         WKrOio2VDe0iyyEGBLXuOj/e1elayVJq/gxRKe7mo82hztgYHfm2fL+hM6ZSiG/TkORR
         qBPBAtbcXwyzX50ywwk/BIKEVLUQDPFD97wpXLN7q4RgzakBcAJzPqFzIxLDIXbb6594
         3lzy6UnQ7FsOy7Q9yK57eH64wceYsN+as/2UkABsds3g6NNH+m6dCizPC7bfaJ+tg7nt
         nRJQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=FggzxxUH/b6hV2zW1ZjOUdrnNzRY+MdNgiyVl+BTjIM=;
        fh=VKDky7JI6Mwho+jW2kjyYjgneGFqVaPlgJX6sIBNvQM=;
        b=T5IOJIeWe2l6VCsJkB51FTrQxb5V22ajiwUlcpSQ+g2zMHYRCKXKODhJzHZFTiW2D1
         J3lUCxhcPIZX2MaT7Shqk68l+YHB6BgtPjR2Zk/ipreLSVM0WsTeGqbfmvIgIWiB620W
         YVma6zawpbwQiFLMGJvhsPVFQWJmtkve5qKVHFZ/zV2LWhZBMHpOekUdxHN8+xaX6Dg/
         iOznM8/8Sxosnxs/5qSpGgmr+JqAxfWYtRVOPSFuQqqkYJ+KbD8JS9VnsTao17WN9EuU
         0LjajE7rUNvO4LoH2l2HFPPubvfhPpZ26r4VpwHNS7XZE0Smc8A2zRDemXr/BTWbxo8j
         q/Lw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Y6uA6VCp;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:4 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4])
        by mx.google.com with ESMTPS id
 k7-20020a170902c40700b001bb0ff2b354si1776573plk.425.2023.09.14.06.47.05
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 14 Sep 2023 06:47:07 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:4 as permitted sender)
 client-ip=2620:137:e000::3:4;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=Y6uA6VCp;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::3:4 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by howler.vger.email (Postfix) with ESMTP id 9081D8320DC6;
	Wed, 13 Sep 2023 23:29:10 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235760AbjING3H (ORCPT <rfc822;chrisfriedt@gmail.com>
        + 35 others); Thu, 14 Sep 2023 02:29:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46436 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235443AbjING2t (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 14 Sep 2023 02:28:49 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 545B3F9;
        Wed, 13 Sep 2023 23:28:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1694672925; x=1726208925;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=Mo0J7nmC7/MpnJ3d9RwhENdZi4KZZ89Pbi3lSWxz018=;
  b=Y6uA6VCpNaCCxTjQV54+DXc5d3erxGQYYWtOWL2TV1I+q3Z5WvnFHWaJ
   JS47NT+1WT6NJz+Bd03btwzqy9u2sl3i5l1N/Dt26KEvkaDzyvka2szUU
   kcJn9q4lCAvSyS8GwqFd3KFYaEUaXjGM89ff8PP+l9GRg82+vOxiVZqk0
   wQk+NNOPy1mjmgAP/V0Fx8SNCSkY1Zl8rlfw5i3b/6xL6fbh1Fe3rfXFk
   32gOt5x0r8Jmon0WvaMzxgFn6NZlpM9nAhavdCndb7nVFMdCMua3hHCvq
   pFx/Xowb18L3tm9ne7fACJAD1eoU4aYoP7+E7MYVR0kq2LtJmAzv6Yh8Q
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="382672480"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="382672480"
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:45 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="809937999"
X-IronPort-AV: E=Sophos;i="6.02,145,1688454000";
   d="scan'208";a="809937999"
Received: from embargo.jf.intel.com ([10.165.9.183])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 13 Sep 2023 23:28:44 -0700
From: Yang Weijiang <weijiang.yang@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org
Cc: dave.hansen@intel.com, tglx@linutronix.de, peterz@infradead.org,
        seanjc@google.com, pbonzini@redhat.com, rick.p.edgecombe@intel.com,
        kvm@vger.kernel.org, yang.zhong@intel.com, jing2.liu@intel.com,
        chao.gao@intel.com, Yang Weijiang <weijiang.yang@intel.com>
Subject: [RFC PATCH 8/8] x86/fpu/xstate: WARN if normal fpstate contains
 kernel dynamic xfeatures
Date: Wed, 13 Sep 2023 23:23:34 -0400
Message-Id: <20230914032334.75212-9-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20230914032334.75212-1-weijiang.yang@intel.com>
References: <20230914032334.75212-1-weijiang.yang@intel.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
 not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]);
 Wed, 13 Sep 2023 23:29:10 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777020936270444404
X-GMAIL-MSGID: 1777020936270444404

fpu_kernel_dynamic_xfeatures now are __ONLY__ enabled by guest kernel and
used for guest fpstate, i.e., none for normal fpstate. The bits are added
when guest fpstate is allocated and fpstate->is_guest set to %true.

For normal fpstate, the bits should have been removed when init system FPU
settings, WARN_ONCE() if normal fpstate contains kernel dynamic xfeatures
before xsaves is executed.

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
 arch/x86/kernel/fpu/xstate.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h
index 9c6e3ca05c5c..c2b33a5db53d 100644
--- a/arch/x86/kernel/fpu/xstate.h
+++ b/arch/x86/kernel/fpu/xstate.h
@@ -186,6 +186,9 @@ static inline void os_xsave(struct fpstate *fpstate)
 	WARN_ON_FPU(!alternatives_patched);
 	xfd_validate_state(fpstate, mask, false);
 
+	WARN_ON_FPU(!fpstate->is_guest &&
+		    (mask & fpu_kernel_dynamic_xfeatures));
+
 	XSTATE_XSAVE(&fpstate->regs.xsave, lmask, hmask, err);
 
 	/* We should never fault when copying to a kernel buffer: */