LinuxLists.cc - [PATCH v5 17/19] KVM:x86: Enable guest CET supervisor xstate bit support

2023-08-03 08:27:48

Subject: [PATCH v5 17/19] KVM:x86: Enable guest CET supervisor xstate bit support

Add S_CET bit in kvm_caps.supported_xss so that guest can enumerate
the feature in CPUID(0xd,1).ECX.

Guest S_CET xstate bit is specially handled, i.e., it can be exposed
without related enabling on host side, because KVM manually saves/reloads
guest supervisor SHSTK SSPs and current XSS swap logic for host/guest aslo
supports doing so, thus it's safe to enable the bit without host support.

Signed-off-by: Yang Weijiang <[email protected]>
---
arch/x86/kvm/x86.c | 8 +++++++-
arch/x86/kvm/x86.h | 2 +-
2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index aa92dec66f1e..2e200a5d00e9 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -230,7 +230,8 @@ static struct kvm_user_return_msrs __percpu *user_return_msrs;
| XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 \
| XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE)

-#define KVM_SUPPORTED_XSS (XFEATURE_MASK_CET_USER)
+#define KVM_SUPPORTED_XSS (XFEATURE_MASK_CET_USER | \
+ XFEATURE_MASK_CET_KERNEL)

u64 __read_mostly host_efer;
EXPORT_SYMBOL_GPL(host_efer);
@@ -9657,8 +9658,13 @@ static int __kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
rdmsrl_safe(MSR_EFER, &host_efer);

if (boot_cpu_has(X86_FEATURE_XSAVES)) {
+ u32 eax, ebx, ecx, edx;
+
+ cpuid_count(0xd, 1, &eax, &ebx, &ecx, &edx);
rdmsrl(MSR_IA32_XSS, host_xss);
kvm_caps.supported_xss = host_xss & KVM_SUPPORTED_XSS;
+ if (ecx & XFEATURE_MASK_CET_KERNEL)
+ kvm_caps.supported_xss |= XFEATURE_MASK_CET_KERNEL;
}

kvm_init_pmu_capability(ops->pmu_ops);
diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
index 373386fb9ed2..ea0ecb8f0df6 100644
--- a/arch/x86/kvm/x86.h
+++ b/arch/x86/kvm/x86.h
@@ -363,7 +363,7 @@ static inline bool kvm_mpx_supported(void)
== (XFEATURE_MASK_BNDREGS | XFEATURE_MASK_BNDCSR);
}

-#define CET_XSTATE_MASK (XFEATURE_MASK_CET_USER)
+#define CET_XSTATE_MASK (XFEATURE_MASK_CET_USER | XFEATURE_MASK_CET_KERNEL)
/*
* Shadow Stack and Indirect Branch Tracking feature enabling depends on
* whether host side CET user xstate bit is supported or not.
--
2.27.0

2023-08-04 23:55:05

by Paolo Bonzini

[permalink] [raw]

Subject: Re: [PATCH v5 17/19] KVM:x86: Enable guest CET supervisor xstate bit support

On 8/3/23 06:27, Yang Weijiang wrote:
> if (boot_cpu_has(X86_FEATURE_XSAVES)) {
> + u32 eax, ebx, ecx, edx;
> +
> + cpuid_count(0xd, 1, &eax, &ebx, &ecx, &edx);
> rdmsrl(MSR_IA32_XSS, host_xss);
> kvm_caps.supported_xss = host_xss & KVM_SUPPORTED_XSS;
> + if (ecx & XFEATURE_MASK_CET_KERNEL)
> + kvm_caps.supported_xss |= XFEATURE_MASK_CET_KERNEL;
> }

This is a bit hackish and makes me lean more towards adding support for
XFEATURE_MASK_CET_KERNEL in host MSR_IA32_XSS (and then possibly hide it
in the actual calls to XSAVE/XRSTORS for non-guest FPU).

Paolo

2023-08-09 07:32:52

by Yang, Weijiang

[permalink] [raw]

Subject: Re: [PATCH v5 17/19] KVM:x86: Enable guest CET supervisor xstate bit support

On 8/5/2023 6:02 AM, Paolo Bonzini wrote:
> On 8/3/23 06:27, Yang Weijiang wrote:
>>       if (boot_cpu_has(X86_FEATURE_XSAVES)) {
>> +        u32 eax, ebx, ecx, edx;
>> +
>> +        cpuid_count(0xd, 1, &eax, &ebx, &ecx, &edx);
>>           rdmsrl(MSR_IA32_XSS, host_xss);
>>           kvm_caps.supported_xss = host_xss & KVM_SUPPORTED_XSS;
>> +        if (ecx & XFEATURE_MASK_CET_KERNEL)
>> +            kvm_caps.supported_xss |= XFEATURE_MASK_CET_KERNEL;
>>       }
>
> This is a bit hackish and makes me lean more towards adding support for XFEATURE_MASK_CET_KERNEL in host MSR_IA32_XSS (and then possibly hide it in the actual calls to XSAVE/XRSTORS for non-guest FPU).
Yes, if kernel can support CET_U/S bits in XSS, things would be much easier.
But if CET_S bit cannot be enabled for somehow, we may have KVM emulation
for it.
> Paolo
>