Do some cleanups about MSR_IA32_ARCH_CAPABILITIES in KVM e.g, fix stale
comments, elimite open-coded MSR reads, track features that can be exposed to
guests to avoid computing them runtime. They are found when reading the code.
No functional change intented.
Changes from v1 -> v2:
1. toggle ARCH_CAP_SKIP_VMENTRY_L1DFLUSH bit when l1tf mitigation state is
changed by module param. [Xiaoyao, Sean]
2. add more cleanups (patch 2/3)
Chao Gao (3):
KVM: x86: Track supported ARCH_CAPABILITIES in kvm_caps
KVM: x86: Correct the name for skipping VMENTER l1d flush
x86/cpu, KVM: Use helper function to read MSR_IA32_ARCH_CAPABILITIES
arch/x86/kernel/cpu/common.c | 1 +
arch/x86/kvm/vmx/vmx.c | 44 +++++++++++++++++++++++-------------
arch/x86/kvm/x86.c | 16 +++++--------
arch/x86/kvm/x86.h | 1 +
4 files changed, 36 insertions(+), 26 deletions(-)
base-commit: b9846a698c9aff4eb2214a06ac83638ad098f33f
--
2.40.0
There is no VMENTER_L1D_FLUSH_NESTED_VM. It should be
ARCH_CAP_SKIP_VMENTRY_L1DFLUSH.
Signed-off-by: Chao Gao <[email protected]>
---
arch/x86/kvm/x86.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 2408b5f554b7..f7838260c183 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1631,7 +1631,7 @@ static u64 kvm_get_arch_capabilities(void)
* If we're doing cache flushes (either "always" or "cond")
* we will do one whenever the guest does a vmlaunch/vmresume.
* If an outer hypervisor is doing the cache flush for us
- * (VMENTER_L1D_FLUSH_NESTED_VM), we can safely pass that
+ * (ARCH_CAP_SKIP_VMENTRY_L1DFLUSH), we can safely pass that
* capability to the guest too, and if EPT is disabled we're not
* vulnerable. Overall, only VMENTER_L1D_FLUSH_NEVER will
* require a nested hypervisor to do a flush of its own.
--
2.40.0
On 5/24/2023 2:16 PM, Chao Gao wrote:
> There is no VMENTER_L1D_FLUSH_NESTED_VM. It should be
> ARCH_CAP_SKIP_VMENTRY_L1DFLUSH.
Reviewed-by: Xiaoyao Li <[email protected]>
> Signed-off-by: Chao Gao <[email protected]>
> ---
> arch/x86/kvm/x86.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 2408b5f554b7..f7838260c183 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -1631,7 +1631,7 @@ static u64 kvm_get_arch_capabilities(void)
> * If we're doing cache flushes (either "always" or "cond")
> * we will do one whenever the guest does a vmlaunch/vmresume.
> * If an outer hypervisor is doing the cache flush for us
> - * (VMENTER_L1D_FLUSH_NESTED_VM), we can safely pass that
> + * (ARCH_CAP_SKIP_VMENTRY_L1DFLUSH), we can safely pass that
> * capability to the guest too, and if EPT is disabled we're not
> * vulnerable. Overall, only VMENTER_L1D_FLUSH_NEVER will
> * require a nested hypervisor to do a flush of its own.
On Wed, 24 May 2023 14:16:30 +0800, Chao Gao wrote:
> Do some cleanups about MSR_IA32_ARCH_CAPABILITIES in KVM e.g, fix stale
> comments, elimite open-coded MSR reads, track features that can be exposed to
> guests to avoid computing them runtime. They are found when reading the code.
>
> No functional change intented.
>
> Changes from v1 -> v2:
> 1. toggle ARCH_CAP_SKIP_VMENTRY_L1DFLUSH bit when l1tf mitigation state is
> changed by module param. [Xiaoyao, Sean]
> 2. add more cleanups (patch 2/3)
>
> [...]
Applied [2/3] to kvm-x86 misc, no need for that one to wait for the dust to
settle on the "supported" snapshot. Thanks!
[2/3] KVM: x86: Correct the name for skipping VMENTER l1d flush
https://github.com/kvm-x86/linux/commit/02f1b0b73660
--
https://github.com/kvm-x86/linux/tree/next
https://github.com/kvm-x86/linux/tree/fixes