From patchwork Thu Sep 14 19:50:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 140170 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp848447vqi; Thu, 14 Sep 2023 23:42:17 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEXmBUeFzGu+FpYgPoqx8wRRXaQTZ/J9xvGIKWGEEfC8NibGp8ldPlILVDqcxYQVFarnXgA X-Received: by 2002:a05:6a20:3952:b0:137:a3c9:aaa9 with SMTP id r18-20020a056a20395200b00137a3c9aaa9mr1135299pzg.16.1694760137045; Thu, 14 Sep 2023 23:42:17 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1694760137; cv=pass; d=google.com; s=arc-20160816; b=YUrULCAa6eytpCIZmfRFBP8fTOHRJk8XZKCY4ZPLhYBbJx1BgtAAnoiWs2DwJ56/VJ W30ag5wmcwKzCZcyFdjS2lyWqPxrrmUujeXnc/RIebD1Ij6xsJ0jv/ftIFknbtcBjPfv S2RhtGCc/lyn6iGnRIp+gwRzrXb/mCcjtZhLEgz6wlp+bnHRyZ3FiOb0qbkzNDs8dXob nceXJMv3zgfjsH5X2qKynEFBbNjyWiMTWlsoyuz+8rcgh50cYbS3Q2tL+QmqBLhpG6DP LQFD8xgBsjLHH33ioMEOE6FQXg1vbQR6KgleHy01FCg51dEaUhDmbMC+WUy2XCjha0rc JT/w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Tm7BRgNjA2/a8nv58XJCd38dhES5SBSuBVKXmgnM2xo=; fh=nraIGUByMO9TeTqtnjpfkxT3+9PIiP6QcjmYSUCVuSc=; b=wAsG1RBQisB4RImeDtmNcTuCUVHnC4QKUexnAHHF5U8yVMpTP9SUzx1Pg1QsiykFt5 oSNQQmYphFObPOWXDrtOecaMejZIdUSvVroAjKAi+FcwyOZKwHQ5ZG92qTTVLvU01wYz 7Fhez5M3q6P6l3j6VZOGpDv1m23FiI/8gDrt5N7zH3AS3yAmZj4YvrFN8/oBcWH72kmY RMS9j2rIOYozzmBVD8VinTVMldWgvZK7KCHF+9zDJjclTjW43WgbcmbkdcgI1jhIbvoy j74B2/HJPS+4Dk6xnzbgiiuJXv+3AgAygkwoylyXUBQxeD5rTrdoCpDnoOljQu/+dcaI w5Gg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=rW9Ju303; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id y14-20020a056a001c8e00b0068fd642fc12si2825787pfw.12.2023.09.14.23.42.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 23:42:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=rW9Ju303; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 501E6837BE64; Thu, 14 Sep 2023 12:51:34 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236703AbjINTv2 (ORCPT + 33 others); Thu, 14 Sep 2023 15:51:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54280 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229980AbjINTv0 (ORCPT ); Thu, 14 Sep 2023 15:51:26 -0400 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2041.outbound.protection.outlook.com [40.107.92.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0CDF526BE; Thu, 14 Sep 2023 12:51:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ar1OaB7GGjf0KDp88OIBzjBsp8Dj3Zvc6mLfZeYnEuxv3FbdbafgGaF0jcCFSkemjNIH8hgiAo/Xa3/DM9k4234K56J7j9UgyauJxsrDbvfdvXYS9ZLsAAbQJ5qyBclHnRFbj5qLVWQ+bQuU8q/3ayCS438DgcNKiV6I+A389d5eWaKV9p5Qs0bv4U/kKWiWnt7e8q1ljQqLUjSVrJlS1DTY1TIkwaTAV8QSBxUN8JuxcAjn1evvjW0fuDlTA1MMMOtu+szdb7YrihAywmNSRpBJ75nvEL3A//jol/jA864vQmMi/SEK+3gOaVDA3+0foMR5RmuKLkGgJemYnj+D6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Tm7BRgNjA2/a8nv58XJCd38dhES5SBSuBVKXmgnM2xo=; b=lpYj07/bGqfDybbey30amcoKyP9prj7SwaJZ7RqY5mdlYqvI5i5xG7q7AxrSaDWsFsc5kX4lTNcBMoEqH2wk6gC1l/abe2IfQdvE5qCg6fp4n+KTnBCvvnO+uaLbbV+mhxYF7I9qhBYfd8ZA43HB6ijUlnoD4KLqor9j4+F5s+E8mk18skg57RgrPNZos10kNKERaLVAjRZYD4yvqBvVhUDX9BKQ8d5Q6O92Y47ml94K7Bgxe8xPjFi+6G8ayuenXIv7K/zB3WQlNA5O3HpbmArk0KUJoVy744HuO86+Kqjfb6AT3SRIC2LVfOX4/vXmcmpEweE9DEpZwl+7zijY4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Tm7BRgNjA2/a8nv58XJCd38dhES5SBSuBVKXmgnM2xo=; b=rW9Ju303WvTjufB06jpAmEpRD634dm8Ro2n/yN8gL96hiqApw06ZLkv5nLDNH8sH3KQsnLGQ5WI89wBHyH4Q4LDywW8HfGHO5GUiRChVpI/bwRZovaCceM3Apz2IPhVy4rYOtCVXUth3bmmNtbpgYPXEtmwDLDr6HxbifgwjeWM= Received: from DM6PR17CA0034.namprd17.prod.outlook.com (2603:10b6:5:1b3::47) by BL0PR12MB4914.namprd12.prod.outlook.com (2603:10b6:208:1c4::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6792.19; Thu, 14 Sep 2023 19:51:15 +0000 Received: from CY4PEPF0000EE38.namprd03.prod.outlook.com (2603:10b6:5:1b3:cafe::e3) by DM6PR17CA0034.outlook.office365.com (2603:10b6:5:1b3::47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6792.20 via Frontend Transport; Thu, 14 Sep 2023 19:51:15 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000EE38.mail.protection.outlook.com (10.167.242.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6792.20 via Frontend Transport; Thu, 14 Sep 2023 19:51:15 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Thu, 14 Sep 2023 14:51:13 -0500 From: Tom Lendacky To: , , CC: Paolo Bonzini , Sean Christopherson , Borislav Petkov , Dave Hansen , Ingo Molnar , "Thomas Gleixner" , Babu Moger Subject: [PATCH 1/2] KVM: SVM: Fix TSC_AUX virtualization setup Date: Thu, 14 Sep 2023 14:50:44 -0500 Message-ID: <8a5c1d2637475c7fb9657cdd6cb0e86f2bb3bab6.1694721045.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000EE38:EE_|BL0PR12MB4914:EE_ X-MS-Office365-Filtering-Correlation-Id: d02e8ee4-ba73-4afa-0171-08dbb55bf4a5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: gDIfLHPduSMYOGHEmmD/OeGo8t0bg18ohulZw9qpraXYakn2DuIsK3qG12s+9epsQEr9p7T1jxr7DEw5lkgDiPFnr5PhEljvzpVvrpYqfA1pRMSSApDevUfwEsY19Vvlh4XZICprVBrQldlYRsYSod3ou9miXWROKbX0rZ/e9Qmh9rtNTobkg/b/osvYVeRF7VQS3OedUNLAma/sO2gvbjGN3MPE5GJ0yb+BiTa4XPOix0Pk5N9L0OLKEGoWfhsjfcM4i8oYcLzJDl7vQLZJph1yhO1oip+ZNpvWueV+YMqwU9l6hH+4yHqc1tfC3jiZPIqh3H5IBX/lrzglPyXtFT3VmcqBi2ywcnOf2Tlk+dDiY1KPFXnNN/UEbFlxHxZwxtHWNxXMhQuOKforGLF0eULzabIdz0vT6n3KGg6TDlm/pJ6EuTVEKFiE+Qkcp9rlkYxCyL/3El8ULnFsmh0BO9lk7BqNaxnfHeYtby7y8B84VBnwpuYj+AvObRINdBhxuVd1uOtrytilpr7rRM23eE+/GXh/pqaGC1ed9g6neQA0QuBdtCpwv/QbEFsYxcAvDjyYay31jEvKRnz+ekwo7FULJoyr3RYVxy3mjyOwPzoRLWjvKgv/MqoQKAELEeuwrrHPBuP+dMByijv4OP4ovl/2kZkKDsG1oE2GwRgJkCh1InHvH97rEE9DJ4C21CG4qu/5jMzcgg3EsRzKH0j5/JD5limoH95+P5kJPbv4GgKK8XsR9j8vX6KBjYSac68vdt4cOHJoBUxN65RLk19G+Q== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(396003)(346002)(82310400011)(1800799009)(186009)(451199024)(36840700001)(40470700004)(46966006)(40460700003)(478600001)(16526019)(83380400001)(2616005)(26005)(426003)(47076005)(336012)(36860700001)(54906003)(316002)(70206006)(70586007)(8676002)(41300700001)(110136005)(5660300002)(8936002)(4326008)(2906002)(6666004)(40480700001)(86362001)(36756003)(82740400003)(81166007)(356005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Sep 2023 19:51:15.3069 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d02e8ee4-ba73-4afa-0171-08dbb55bf4a5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000EE38.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB4914 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Thu, 14 Sep 2023 12:51:34 -0700 (PDT) X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1777049016356050605 X-GMAIL-MSGID: 1777084805347461156 The checks for virtualizing TSC_AUX occur during the vCPU reset processing path. However, at the time of initial vCPU reset processing, when the vCPU is first created, not all of the guest CPUID information has been set. In this case the RDTSCP and RDPID feature support for the guest is not in place and so TSC_AUX virtualization is not established. This continues for each vCPU created for the guest. On the first boot of an AP, vCPU reset processing is executed as a result of an APIC INIT event, this time with all of the guest CPUID information set, resulting in TSC_AUX virtualization being enabled, but only for the APs. The BSP always sees a TSC_AUX value of 0 which probably went unnoticed because, at least for Linux, the BSP TSC_AUX value is 0. Move the TSC_AUX virtualization enablement into the vcpu_after_set_cpuid() path to allow for proper initialization of the support after the guest CPUID information has been set. Fixes: 296d5a17e793 ("KVM: SEV-ES: Use V_TSC_AUX if available instead of RDTSC/MSR_TSC_AUX intercepts") Signed-off-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 27 +++++++++++++++++++-------- arch/x86/kvm/svm/svm.c | 3 +++ arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 23 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b9a0a939d59f..565c9de87c6d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2962,6 +2962,25 @@ int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in) count, in); } +static void sev_es_init_vmcb_after_set_cpuid(struct vcpu_svm *svm) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + + if (boot_cpu_has(X86_FEATURE_V_TSC_AUX) && + (guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) || + guest_cpuid_has(vcpu, X86_FEATURE_RDPID))) { + set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, 1, 1); + if (guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) + svm_clr_intercept(svm, INTERCEPT_RDTSCP); + } +} + +void sev_init_vmcb_after_set_cpuid(struct vcpu_svm *svm) +{ + if (sev_es_guest(svm->vcpu.kvm)) + sev_es_init_vmcb_after_set_cpuid(svm); +} + static void sev_es_init_vmcb(struct vcpu_svm *svm) { struct vmcb *vmcb = svm->vmcb01.ptr; @@ -3024,14 +3043,6 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 1, 1); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTFROMIP, 1, 1); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 1, 1); - - if (boot_cpu_has(X86_FEATURE_V_TSC_AUX) && - (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP) || - guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDPID))) { - set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, 1, 1); - if (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP)) - svm_clr_intercept(svm, INTERCEPT_RDTSCP); - } } void sev_init_vmcb(struct vcpu_svm *svm) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f283eb47f6ac..c58d5632e74a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1225,6 +1225,9 @@ static inline void init_vmcb_after_set_cpuid(struct kvm_vcpu *vcpu) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 1, 1); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 1, 1); } + + if (sev_guest(vcpu->kvm)) + sev_init_vmcb_after_set_cpuid(svm); } static void init_vmcb(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index f41253958357..c0d17da46fae 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -684,6 +684,7 @@ void __init sev_hardware_setup(void); void sev_hardware_unsetup(void); int sev_cpu_init(struct svm_cpu_data *sd); void sev_init_vmcb(struct vcpu_svm *svm); +void sev_init_vmcb_after_set_cpuid(struct vcpu_svm *svm); void sev_free_vcpu(struct kvm_vcpu *vcpu); int sev_handle_vmgexit(struct kvm_vcpu *vcpu); int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); From patchwork Thu Sep 14 19:50:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 139824 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp610823vqi; Thu, 14 Sep 2023 13:35:01 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGny/FB6f/hBGm3M3rnXfC4+mzFJjmPGOpTqtYs+78iwQOhNL1WTK9O1t7Ylo7FLPtV5kOC X-Received: by 2002:a05:6a00:1505:b0:68b:fb93:5b48 with SMTP id q5-20020a056a00150500b0068bfb935b48mr7873173pfu.18.1694723700940; Thu, 14 Sep 2023 13:35:00 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1694723700; cv=pass; d=google.com; s=arc-20160816; b=oHZLq3MHqZJnB+8UWM3imQr1JPcs/AtFRHmcT7IVQdpb3Yv8i4y3HxoUKXsOHaLC4x THoKX2rwo3cCluYh+V5365tV5xwpHL7wuiAJaGvH+hmB98+yiLCapN5G2qXVJK0N2bUr G4r3WJQq1kS8DyoktoF25hk72mpV5nIysHVnqJBwJcS6dyzPxvBhoxvwMkAWKrb/9VGN uwmvqddLUu7mfVtwfWjRFFGYnz3L0d9uFW/G+usF+7EnPJ/z8XTQal75PfCRlNeEEkIm YCBRpxyiEROCi0NQx9FL1aiKy9CCHjFsLlLxBHsAMUy1iXwmVHOfD073RQVe+dPEF0lu mYIw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ryjtQanXScVgjoFWtmekPEcaPOMluYCd+MZp1yqQs8k=; fh=nraIGUByMO9TeTqtnjpfkxT3+9PIiP6QcjmYSUCVuSc=; b=ujKuzidueLJOwR/08WRCGHpeHWmEKnk5bIW+11Qsiw/TZsWOBx5E7nJqmJtPwriohK hrNPSGjnfMbogASTkf/WLbPZu2LJ0doFJijts5pUnBKoEt2EnSPLeptYKlKBnPKdQzmm IU9cxneJt6AS74FQpldPcAcpOYrgt3uMu5Pr8SRPrAY8dLwDhrtpsLBzJuKjIGtaohIK DhdW31QGVl2ra3mbDv6/73YufZ6V5npY5FS0ZMIrThjynLQonW6/8AivDufpImF+kV8H TJrEH5EIAxs3xwJ4WCGy9NtMafZKTgYDfB2NNEoWuV1t80EWWPC4jq1ZqjF+BfvoAM6c +c7w== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=v0VWSgbE; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id l28-20020a63701c000000b00573faa3bb52si2074299pgc.395.2023.09.14.13.35.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 13:35:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=v0VWSgbE; arc=pass (i=1 spf=pass spfdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id EB84A836FE90; Thu, 14 Sep 2023 12:51:40 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237108AbjINTvd (ORCPT + 33 others); Thu, 14 Sep 2023 15:51:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54476 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236766AbjINTvb (ORCPT ); Thu, 14 Sep 2023 15:51:31 -0400 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2056.outbound.protection.outlook.com [40.107.102.56]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4583926BE; Thu, 14 Sep 2023 12:51:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NoQSum5AaFWC5d2Swhy9PSnBQBV1IdmJeTADPBCTVcKO3QnOmS2Y4STbg16XVEOIkr7UtFBgzuCQmWBYq2lKGvIufcfMvm8TLUUU1Jpp5Zd84zqWY6pzuPDU81Cfk9CBZEsZE0KC2dTfHNc9WNGUTwLTK7FrmC9yWawtlpKBrQBF6VY4mJZw+0RzSfJhD6s7nZu1/2MsT30QWKUQ17ivmOomAm/ll1vzC8LdKQE5AqKtwc4tpDAsSAZaQEn2/6JCCAUDr6z1LXPbo4W7ZVDEodcswxbCgQvC749AtM0b2xdXCfk4jbGMjkWjm6JLohKMG1SPzquhpnkI/VZWeKDwSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ryjtQanXScVgjoFWtmekPEcaPOMluYCd+MZp1yqQs8k=; b=B9a55HC7QbZ+o1Q7UYJ11MQf3T6lf1mvfvEX1LzLbd2GYb/gy9YwsYfoqdvZKdgMLFiVzvdkpaF7nJCDm6AVoVmgWW866c2J7RgrU4Kx7a+J4i+J2OimD27fPD/kH441tRgc2kTH/0KIFCCe535R59yeU0z31euaukB8mVawFIDkV6LV61CBS1cVhwgFh9NqVTZ6Wn2fj09zk+eOQH6qdTZ9d9APubO37+wpcgLSQsOEhqvwhbqtfyULTJx7FYAC5q0t4xjwIQo4Cw+d3fD08hzGaP6X2Z13jEBMiyEqbG+Y9UYKkYSPDlIYQVHchQ9udyvoUzRRyORZaaxRlJ2VwQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ryjtQanXScVgjoFWtmekPEcaPOMluYCd+MZp1yqQs8k=; b=v0VWSgbE+rZW3ibnjRA13aGu8mchnD16bqTqIPfPfP4BC8n9A9kvFnIou9cplPqVMzXAxiVvUsN7dgjsvYPtmpiTq2cAWx+5PrtG9MYEjR/XQQtmdCuf8dx5IgqdFc79FgS927p789BPAMV1FqiNfWxlb4IR6ZxPtAqTi14R59s= Received: from DM6PR11CA0001.namprd11.prod.outlook.com (2603:10b6:5:190::14) by PH0PR12MB5451.namprd12.prod.outlook.com (2603:10b6:510:ee::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6792.19; Thu, 14 Sep 2023 19:51:23 +0000 Received: from CY4PEPF0000EE3B.namprd03.prod.outlook.com (2603:10b6:5:190:cafe::b9) by DM6PR11CA0001.outlook.office365.com (2603:10b6:5:190::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6792.21 via Frontend Transport; Thu, 14 Sep 2023 19:51:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000EE3B.mail.protection.outlook.com (10.167.242.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6792.20 via Frontend Transport; Thu, 14 Sep 2023 19:51:22 +0000 Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Thu, 14 Sep 2023 14:51:21 -0500 From: Tom Lendacky To: , , CC: Paolo Bonzini , Sean Christopherson , Borislav Petkov , Dave Hansen , Ingo Molnar , "Thomas Gleixner" , Babu Moger Subject: [PATCH 2/2] KVM: SVM: Do not use user return MSR support for virtualized TSC_AUX Date: Thu, 14 Sep 2023 14:50:45 -0500 Message-ID: <025fd734d35acbbbbca74c4b3ed671a02d4af628.1694721045.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000EE3B:EE_|PH0PR12MB5451:EE_ X-MS-Office365-Filtering-Correlation-Id: 04e64f80-7eb9-4bec-4b4f-08dbb55bf905 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: yPoUcFE8vvaOgTLL16iBbSl3MB9JjCP8KHArm8R2sMJD8JpWkaOo59f01q1B3zjeNs3c/gwrnqJa2ayWLIOUph4Q2RwUalUDekzgXgM3oQyRw/EumWSeFO3YWPJ1QoVIGGNECy/uq54r9n3pui+64pQeT5nVma8HmRPOslEOHSErx1OKpsw3qGy5jCW7U3v9gwPj/oAQ/nRhUmcR8hKCMiujotQhRc375DXJghGqEDALhBEFxcnVXgq/QdLJohgxExOPgDPFVzs84OiFeWKhmqmzjLvfNodP3RMurWSdl3Kz+M6gpvsRVJ2ds9PudgIOrKHxJ4mXxg25uYirA2dhAELE0jjbNMT63B6Yx8NTUnXcN50CP0LX1SAE7tg10dA8B8Uc6EY1zJGSc1Lo0GEnXuw6cgq/Dn9CDQVc8EoGdfmm9GR0F8bwW0WNCVeZj2lnK3EvXvWszgLeKjhwxYOdexg1dqv0jOpVzDGemH69HrYKCIIxZOudoZZ3+2n7gi8A8oazAhpVhhUwEjeAifciTvYHqdDuAj67LC10cENumNuTTLyuKYOEUREf5TiwCDUm7QFzFu6L/JCUzh3Jvi6phch/O+MF7b4Czp3Ov/Ws7R9cgMLF38OKLeQ2cV+mueT6vcdy0tzjP2R1AF6Sc6aFbxc1OAVLy7gXfxnYMpxvjOD6alp9xEDYxdvmkyBW1rOhoLEIec4TWQwTKOboT3Gomzbg3yuGY/1VljBUXxI6SuV7lxyQc0FVR9ecFRIkFzBnXie0xttDRKZqJZKmameVpA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(39860400002)(346002)(396003)(376002)(1800799009)(82310400011)(186009)(451199024)(36840700001)(46966006)(40470700004)(478600001)(5660300002)(41300700001)(316002)(8936002)(8676002)(2616005)(336012)(26005)(36860700001)(426003)(16526019)(86362001)(356005)(4326008)(47076005)(54906003)(83380400001)(81166007)(82740400003)(36756003)(2906002)(40480700001)(40460700003)(70586007)(70206006)(6666004)(110136005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Sep 2023 19:51:22.6644 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 04e64f80-7eb9-4bec-4b4f-08dbb55bf905 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000EE3B.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB5451 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Thu, 14 Sep 2023 12:51:41 -0700 (PDT) X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1777046599452773154 X-GMAIL-MSGID: 1777046599452773154 When the TSC_AUX MSR is virtualized, the TSC_AUX value is swap type "B" within the VMSA. This means that the guest value is loaded on VMRUN and the host value is restored from the host save area on #VMEXIT. Since the value is restored on #VMEXIT, the KVM user return MSR support for TSC_AUX can be replaced by populating the host save area with current host value of TSC_AUX. This replaces two WRMSR instructions with a single RDMSR instruction. Signed-off-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 14 +++++++++++++- arch/x86/kvm/svm/svm.c | 26 ++++++++++++++++---------- arch/x86/kvm/svm/svm.h | 4 +++- 3 files changed, 32 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 565c9de87c6d..1bbaae2fed96 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2969,6 +2969,7 @@ static void sev_es_init_vmcb_after_set_cpuid(struct vcpu_svm *svm) if (boot_cpu_has(X86_FEATURE_V_TSC_AUX) && (guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) || guest_cpuid_has(vcpu, X86_FEATURE_RDPID))) { + svm->v_tsc_aux = true; set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, 1, 1); if (guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) svm_clr_intercept(svm, INTERCEPT_RDTSCP); @@ -3071,8 +3072,10 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm) sev_enc_bit)); } -void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa) +void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm, struct sev_es_save_area *hostsa) { + u32 msr_hi; + /* * All host state for SEV-ES guests is categorized into three swap types * based on how it is handled by hardware during a world switch: @@ -3109,6 +3112,15 @@ void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa) hostsa->dr2_addr_mask = amd_get_dr_addr_mask(2); hostsa->dr3_addr_mask = amd_get_dr_addr_mask(3); } + + /* + * If TSC_AUX virtualization is enabled, MSR_TSC_AUX is loaded but NOT + * saved by the CPU (Type-B). If TSC_AUX is not virtualized, the user + * return MSR support takes care of restoring MSR_TSC_AUX. This + * exchanges two WRMSRs for one RDMSR. + */ + if (svm->v_tsc_aux) + rdmsr(MSR_TSC_AUX, hostsa->tsc_aux, msr_hi); } void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c58d5632e74a..905b1a2664ed 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1529,13 +1529,13 @@ static void svm_prepare_switch_to_guest(struct kvm_vcpu *vcpu) struct sev_es_save_area *hostsa; hostsa = (struct sev_es_save_area *)(page_address(sd->save_area) + 0x400); - sev_es_prepare_switch_to_guest(hostsa); + sev_es_prepare_switch_to_guest(svm, hostsa); } if (tsc_scaling) __svm_write_tsc_multiplier(vcpu->arch.tsc_scaling_ratio); - if (likely(tsc_aux_uret_slot >= 0)) + if (likely(tsc_aux_uret_slot >= 0) && !svm->v_tsc_aux) kvm_set_user_return_msr(tsc_aux_uret_slot, svm->tsc_aux, -1ull); svm->guest_state_loaded = true; @@ -3090,15 +3090,21 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) break; case MSR_TSC_AUX: /* - * TSC_AUX is usually changed only during boot and never read - * directly. Intercept TSC_AUX instead of exposing it to the - * guest via direct_access_msrs, and switch it via user return. + * If TSC_AUX is being virtualized, do not use the user return + * MSR support because TSC_AUX is restored on #VMEXIT. */ - preempt_disable(); - ret = kvm_set_user_return_msr(tsc_aux_uret_slot, data, -1ull); - preempt_enable(); - if (ret) - break; + if (!svm->v_tsc_aux) { + /* + * TSC_AUX is usually changed only during boot and never read + * directly. Intercept TSC_AUX instead of exposing it to the + * guest via direct_access_msrs, and switch it via user return. + */ + preempt_disable(); + ret = kvm_set_user_return_msr(tsc_aux_uret_slot, data, -1ull); + preempt_enable(); + if (ret) + break; + } svm->tsc_aux = data; break; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c0d17da46fae..49427858474e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -213,6 +213,8 @@ struct vcpu_svm { u32 asid; u32 sysenter_esp_hi; u32 sysenter_eip_hi; + + bool v_tsc_aux; uint64_t tsc_aux; u64 msr_decfg; @@ -690,7 +692,7 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu); int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); void sev_es_vcpu_reset(struct vcpu_svm *svm); void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); -void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); +void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm, struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); /* vmenter.S */