Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754130AbeAIKLW (ORCPT + 1 other); Tue, 9 Jan 2018 05:11:22 -0500 Received: from mail-lf0-f46.google.com ([209.85.215.46]:46100 "EHLO mail-lf0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751540AbeAIKLP (ORCPT ); Tue, 9 Jan 2018 05:11:15 -0500 X-Google-Smtp-Source: ACJfBot0ia4RcakCD3B/OZoMfl6dtrXTyYoR3VtHv+1FL8T6mfOOKcQjbPVPEx8FrOycE2hZop+SYw== Subject: Re: [PATCH 3/7] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest To: Jim Mattson Cc: LKML , kvm list , aliguori@amazon.com, Tom Lendacky , dwmw@amazon.co.uk, bp@alien8.de References: <1515434925-10250-1-git-send-email-pbonzini@redhat.com> <1515434925-10250-4-git-send-email-pbonzini@redhat.com> <996327789.31733050.1515450744981.JavaMail.zimbra@redhat.com> From: Paolo Bonzini Message-ID: <162a48a4-1f72-1fbe-fc19-cd46cf43b97e@redhat.com> Date: Tue, 9 Jan 2018 11:11:11 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On 09/01/2018 00:19, Jim Mattson wrote: >>>> + vmx_disable_intercept_for_msr(MSR_IA32_SPEC_CTRL, false); >>>> + vmx_disable_intercept_for_msr(MSR_IA32_PRED_CMD, false); >>> I have a lot of changes to MSR permission bitmap handling, but these >>> intercepts should only be disabled when guest_cpuid_has(vcpu, >>> X86_FEATURE_SPEC_CTRL). >> That's harder to backport and not strictly necessary (just like >> e.g. we don't check guest CPUID bits before emulation). I agree that >> your version is better, but I think the above is fine as a minimal >> fix. > > Due to the impacts that spec_ctrl has on the neighboring hyperthread, > one may want to disable MSRs 0x48 and 0x49 for a particular VM. We do > this by masking off CPUID.(EAX=7, ECX=0).EDX[26] and CPUID.(EAX=7, > ECX=0).EDX[27] from the userspace agent. However, with your patch, > *any* VCPU gets unrestricted access to these MSRs, without any > mechanism for disabling them. Yes, I agree that having the check is superior. However, I also want to get there step by step. >>>> + if (have_spec_ctrl) { >>>> + rdmsrl(MSR_IA32_SPEC_CTRL, vmx->spec_ctrl); >>>> + if (vmx->spec_ctrl) >>>> + wrmsrl(MSR_IA32_SPEC_CTRL, 0); >>>> + } >>>> + >>> >>> I know the VM-exit MSR load and store lists are probably slower, but >>> I'm a little uncomfortable restoring the host's IA32_SPEC_CTRL MSR >>> late if the guest has it clear and the host has it set. >> >> There is no indirect branch before though, isn't it? > > I guess that depends on how you define "before." --verbose? :-/ Paolo