Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751821AbeAJUNi (ORCPT + 1 other); Wed, 10 Jan 2018 15:13:38 -0500 Received: from mail-dm3nam03on0074.outbound.protection.outlook.com ([104.47.41.74]:51328 "EHLO NAM03-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751273AbeAJUNg (ORCPT ); Wed, 10 Jan 2018 15:13:36 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Subject: Re: [PATCH 6/8] kvm: svm: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to guest To: Paolo Bonzini , linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: rkrcmar@redhat.com, liran.alon@oracle.com, jmattson@google.com, aliguori@amazon.com, dwmw@amazon.co.uk, bp@alien8.de, x86@kernel.org References: <20180109120311.27565-1-pbonzini@redhat.com> <20180109120311.27565-7-pbonzini@redhat.com> From: Tom Lendacky Message-ID: <18c3f6e4-84af-87c8-3441-d8b368ade1c8@amd.com> Date: Wed, 10 Jan 2018 14:13:28 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20180109120311.27565-7-pbonzini@redhat.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: MWHPR1701CA0011.namprd17.prod.outlook.com (10.172.58.21) To MWHPR12MB1150.namprd12.prod.outlook.com (10.169.204.14) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: b0383c2a-070e-467b-c0d4-08d55866a003 X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020);SRVR:MWHPR12MB1150; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;3:NjlVyI9Lvsu2JIxhCILnJ6VfLz62vQZwNND12mrCPMuLZUvr0MMySxhnTJVLjaj6vRtkvxCCgqb32Jznd+WQhQMwXuVjc4+f4YQYcLTt6nQJHZP/NncKQTOEUt2UvGRgVu83bYgWmsJNggEEMoDQEXf+M9SkYwga2OX4zyj7UB/KC1Fy7+rQo4GSfPlnJ6He45u9hY1L3Man8UxQm2c2nCpZJuxfz2YMobjo95v581TIBoi9QOXK0aQJXWt0foJS;25:fbdz6X8JN6A+9KRveBSyPrvgiFFo4sYl3fR910pzFR8JV2cXz4V/A7XUcoMVmlgia58iugJZ5tI0nwQxoA9rVZXtQd4R+Mu5Y8lz42a0MAisGwQLdZY7e8g5663yxf/K0CzQw88uyFl9azVwc2dX3qaJYwCUW6mKL6JIrSSPbaJmvgzbZe+2eS/bVgG5vm+ylRyal/Y329SDV3ngfUVw8ncWBpZaC8DcoAllGsa1vlyluj+wa0HyEOmR0hAlRFQRym0TyzWJTwPiV3TGGn1pC2IO9NwpC0aHAGb4DTJ0aZeeVIHmoCQZey1goUSy0aeOXdRvDuZdjR2/xtuDvmnfOA==;31:JXuB33JUHX/O4FhClYAeSD2lhn9kao4eylb2ltMLftSzXzG14mFKwv/L2VJR8x4YpoYhEvVtoQBPI+UW+ZuqWxBRuUWhNcBUzSnzGdJ0qKKxNV26SKw+rinot8SzxRWjWmVI4uWM7jxxsRM7KEUD92DF8Cgm3yb45wUGLT1k5kr2hT3LkSqESniiDmCX3P4q8KY80oMov0uIxTSVx37tVUp7Dgmc5mY7ykd5HYBxg9Y= X-MS-TrafficTypeDiagnostic: MWHPR12MB1150: X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;20:kuiTCxR0/27LAsOhZA354a1lrYQ2U6ao5Lqp7IEjdirSOGnYQh+hNCahd7kVxnyRLQiU6TQfSwX6y/4Jgej44QtgKGBrh+o+0bt3YwKzz0mZgya46ALOAH1SG3De7XFzHDUNOunpi0eDbVrLSzguWWylsAmkjVUr9Kvnfs2f4d//yv8Ko/pfBC+MpncvohBclgnEBVO70RnPuGDMgpQy/6yNqmtBI9j0sq6LPjho0P8RTzRCsKjLMSaJcCWeIe3DxzziaitBet88ms5SRYGi+jvmjZr2FMGzPg/DJZhPHGtvny/nYQOeh3KQcnjshbDMnW0+RID5h17WhU1RTUIBPL3aM0dHANXTeQtYEek17LIUNfLkAcrhqTZ09qdDKUQ/W33VKvdUYPh/whxSYtEhRdvg/lwNhw6sjbkBjP5VHQiLZ1R43KoHvqQdOc3xEUuurrYB07vCw6jDZowXyI37nKa11SX5yibTBKe417sjuie6LU5WIbu3jWM2jSxU8QyR;4:Y9L2Pod30be63xDH/VXUvw0zdNmZBLPfvVs3mP4JqK/B93zFz2ebEPmfYUnswLnVMvQmzgXCaIVpn1ItLrrIbm6lMfdnh0sKy8Rr9z1v7xPLJbwvUZYybMVlICyvDmY1C/2TMXYGOfWr4PpHnJorI5Bk9Od0xHSVm1TZohTpyHQ27zRWdsF57N7lkn1eQzUq1EBgcgL6qcMUy91KZvGW5vIdzsg4fDqh/bJbsx5PPiAhB9JszPrAGmv3sQTCdSH5+6ADLmVpyy2SWzMgEObT2g== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(5005006)(8121501046)(3231023)(944501075)(93006095)(93001095)(10201501046)(3002001)(6055026)(6041268)(20161123564045)(20161123560045)(20161123562045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011);SRVR:MWHPR12MB1150;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:MWHPR12MB1150; X-Forefront-PRVS: 0548586081 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6049001)(366004)(376002)(346002)(396003)(39860400002)(39380400002)(189003)(199004)(24454002)(16576012)(478600001)(7736002)(86362001)(68736007)(6306002)(77096006)(6486002)(90366009)(83506002)(386003)(53546011)(72206003)(16526018)(15760500003)(7416002)(36756003)(305945005)(966005)(316002)(58126008)(59450400001)(52116002)(31696002)(3846002)(8936002)(65956001)(97736004)(66066001)(47776003)(6666003)(52146003)(25786009)(81166006)(6116002)(81156014)(230700001)(76176011)(65826007)(64126003)(4326008)(229853002)(23676004)(50466002)(5660300001)(105586002)(6246003)(31686004)(2486003)(2950100002)(2906002)(8676002)(53936002)(65806001)(106356001)(3260700006)(6606295002);DIR:OUT;SFP:1101;SCL:1;SRVR:MWHPR12MB1150;H:[10.236.65.116];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxMTUwOzIzOmIzbktTeTBoWnlBd0JYUWVwSEVObmVDdyty?= =?utf-8?B?aDFmU092Rjd6WE5UYTl6Smc1b2hma081eUo3UTd3d0ZBREY5NzJ4NHZMZlJG?= =?utf-8?B?YU1sQzRMM2hTV1MxRCtVRm9RLzRJMHJqOE9GUWYyYlpydFZUOWdHbUo4eXFX?= =?utf-8?B?L1lmWFFUNUhQQk5iV014NUJkMzhodFYxL3dDSG5DUlFzVWNmSng3c3kwN1h6?= =?utf-8?B?ZFZXTlBybnBnNUtFYUx2SVdpZVY4NEJLR3BCa3hsUUQ4a1hYbTZZRE4zU1J2?= =?utf-8?B?Q2h6WjFTeS95VStuMGROM3VqQkZtTms4b2FMNUhFazE4OVdCSENJbE9IWmhO?= =?utf-8?B?MEtuUGhkYWwrekt6T2MzUm82T0QxemRSa2E0UVgyTzBHK1N1cGZDVVpnZlhm?= =?utf-8?B?MVZiRUlROElzL3gxT3FVdDZoOWNJVzE2bVduWEJmMVF2MlA1UmZJbGthZHh2?= =?utf-8?B?VW5TOFYrbUhYSVMwOWMrRlVpRjBEV3FzWlJqZUsvM2wvMkNPRElpK1VmOGJG?= =?utf-8?B?bGhFZGZkZzJ4a00raVVnNFdqQTJFNzNzK2pvMnBEbXBxcENUU2tpSENoY3Ry?= =?utf-8?B?VWUrZk1PL09CNWpSL09HTXVwTm5neHh2cG5ENmZJaUs5YWR6QkdVTXpPV0Iy?= =?utf-8?B?TDdvM3lhUk85cjNuVDhkM3JkLzlrL21UaW04QkpzcmYweXlhVCtaNjVnYWdW?= =?utf-8?B?YWhNeUw0akVVSzBJM0J4Wjd5Q0RBeFcxNExwbm9JU01NRGFQV252QUExVEVV?= =?utf-8?B?N2ZCVjljY3NOVVQ1WVA5WG1adWFBUWR1YVdNazZOalFscGhhMEkvTGRSaVBt?= =?utf-8?B?QlBhZkhVODdJMVU5TFFiZTkreWp1amhGcTYyWGlwaGQyMy9LZnBEUkt3NTVh?= =?utf-8?B?S1NoRVJuUkNOMXlUeDJqS3dweE1vZFRRZCs2SVVieUZxV2dWTG9IY0xCQ2ZR?= =?utf-8?B?OXFFWUFGMmwrdWRQazhnQ21WcW40YnZhbGU1UFJQWUxxaDJIcmJJTUY1VTNK?= =?utf-8?B?OWdaSzJFYlBicXJnb3QvazQyb2lkYzJFbHIvRERyWVNITlBaUDI5ZVVHenRx?= =?utf-8?B?aTEvRS82Z1NDRjRkbmJrRVZseEgvOElqMGlzUU9nK1loWnQyUFZyNGdRenlt?= =?utf-8?B?RGtPck82aDRrZnl6U1NLZ3lIZWMvWWorV0s1eTkvalFoK050QlYrWHB4dTZt?= =?utf-8?B?NGZ5MWR5aU5FNkZ4L0xISDF0Tm5WK3Fsa1JRKzZpZlFTYnAwTmI2RDhTZWJn?= =?utf-8?B?YkRMMlhPRE5WQUtzRGxrUHQ2MmpTTmdiRFRjK3RUNUNhY1BYZFVXanJSZGxz?= =?utf-8?B?b1BrM1Q5QTZBaWtMeVZRR3RIRGJ3em5sdTNWRzZ2VEV1RHBybjdldHZjVUwr?= =?utf-8?B?YTl0OStrZi82Z3Vac25MSHg0SDNNRHZnb2JvakcwRk1oc3E1dlYyZ0kxejRO?= =?utf-8?B?RnNCRW04ZTIyR3ZManlScWs0WHBzWjFVWnlJL3A2U015Mlpka0NpdzFlTGhj?= =?utf-8?B?aENsNDV1ZHFDNmpVZmYxaWdZTWV1RFM3bFBDR2NOSnM4OGEzdWJYM1RFbllP?= =?utf-8?B?YnNhZ2xabTIzb21RV1hrZzVnOGZyUGpueWh1RFc3N1JFcDhDZGdEWm5ITWZ6?= =?utf-8?B?czlwSE9CNDFsaVBiQ2xUNWNoV0tNbGRxWnNWc0VTYmd0ZHJFUEhNeDdhWits?= =?utf-8?B?SlRHU2pVcld4SzB0Wkt0d1B4U1cvSVZjV1JmeldzS2VZVXU3RldJVkJQMXV5?= =?utf-8?B?UXB0SkUxWk9ETEhZamoyZzVTWnp4ZGpLYlp4SEhXdE15ZEdZa2RhWUFWZElp?= =?utf-8?B?OUY4OWpYb0gxSklDWks2S1dOc3FLS2dpS2Znc1E1WCt1RUNKcEJxVjgrTlo3?= =?utf-8?B?b0x6emF3c2xMNnRXTEQyQWhRbWoxVEJ6Tkxhb0ZEd0hHWXNMWDQ3NTFQK2Uy?= =?utf-8?B?bHppcUp1aGIzT1pkV0ZZUzVFaU1QekNFRHhBOFZpYVVtbERkOHNHRDNOWGZV?= =?utf-8?B?MDU0T0pCdlhBWCtPc0JzVzJCdTY4UWh6V0Fuakhuay9haEVEWHBuV0FKN2tr?= =?utf-8?Q?fxeyM2qp1B2YoTmQcQd/CTAov?= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;6:jvPHEJPw5SAuUo68p7VtsWfbQ/mw1WQIhtzLbUgLQBbHHwGJQe5fjYB/a3avfKMIHJQka+S/raYO5kKOlCEI1S8IKRHidn4hLF5z1aerH22aIkYg2Rp+4ULBNevDJF5cEBdqU23zaStnhYAgI880hDUpybnTXqlgY4gjH3Abmur++WNxeN1/ktjmTFKojERLgBG/u/e3FciK/Pqe20LbgE83qk/u+smp7FQMYIqw0V0a23uiAGrd8Mx+2fMWsNG9ZEw5SD6y0hXAXMvigEIvsjitLcR9peBDwi8EWA1ldMet5zWVJ4fJhw3qUckzqM7/RdRfT7rQLI5XlI75JL4P0FX8RTmIywxUAlbSooWPoJk=;5:q2c1xxHKC8XSdKfBMceC18bivhmsgc6EykUO8SM1+j4JSMyCS3w9fxbw8HEOPpIH+VxGS20M834pubpFP+vHIfT5TasZygdaFYShchOrRNg1h2iXHQ0yr5NQ/sA5+eI3lO3VRGs7+pvT5sNx+Ujhd3P3CV/A4STQBJ96uc9H3qs=;24:RrQaoGuhJ0b6+5CF3+nDS+FVm5zC6d2YjZCRemPcPixEfBmcmluHphujyk1myqYLCI9L6u07MtptUJwgh6ycGeYfEckkF/oNdBL6w6w5S8s=;7:jXsDUD+RomwTDkTgxRyzWn/SqmB9ibVugD6h4VeMn7Zpc9hFiL0CW/ytd3VXQfJRQKZ5p//HVu3TYOoyXwZPuZhHds/ZYKQkyGpd30hoMSjF062UkzkffctinO9MrArmwyuTovfA928ylY/b+iA/10j2HvM9TPQRMAHNoPFyX/A6oS2jwy8AstIOkcLB/ZmKPVZBJhB01lQDXEaRIs1FKr8EmKg0frD8SjBq1z27JcsHX8pTEjwZNLqeZBH132hG SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;20:Qm3FBCflACKoyS5I0jvfath2zOXEWWkRdkGAk7OCfrBsMzXs+X87TjZTkMdgvCZatzsNi8Fh6t8Mb65e4R77MbvEIe+US4J9BDWyFYwxnKXF97puDHdWWf2G34ri1gTIsJA455gc7tcvsDzJTVAX1QAQpcoWlh07AXLyxkVzFP7hYLfM+6Cag9QrBsYmqVeQndHnOVWPuoihQHNCl04JkftUAbRDT/mH7ULUImbEG6SN+rRAjl/DjBLueCfjOJhW X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Jan 2018 20:13:32.4489 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b0383c2a-070e-467b-c0d4-08d55866a003 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1150 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On 1/9/2018 6:03 AM, Paolo Bonzini wrote: > Direct access to MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD is important > for performance. Allow load/store of MSR_IA32_SPEC_CTRL, restore guest > IBRS on VM entry and set it to 0 on VM exit (because Linux does not use > it yet). > > Signed-off-by: Paolo Bonzini > --- > arch/x86/kvm/svm.c | 42 ++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 42 insertions(+) > > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > index 31ace8d7774a..934a21e02e03 100644 > --- a/arch/x86/kvm/svm.c > +++ b/arch/x86/kvm/svm.c ... > @@ -5015,6 +5045,18 @@ static void svm_vcpu_run(struct kvm_vcpu *vcpu) > #endif > ); > > + if (have_spec_ctrl) { > + rdmsrl(MSR_IA32_SPEC_CTRL, svm->spec_ctrl); > + if (svm->spec_ctrl != 0) > + wrmsrl(MSR_IA32_SPEC_CTRL, 0); > + } > + /* > + * Speculative execution past the above wrmsrl might encounter > + * an indirect branch and use guest-controlled contents of the > + * indirect branch predictor; block it. > + */ > + asm("lfence"); This will end up needing to be an alternative macro based on the LFENCE_RDTSC or MFENCE_RDTSC features [1]. You'll probably just want to use the speculation barrier macro that ends up being defined to control the speculation here. Thanks, Tom [1] https://marc.info/?l=linux-kernel&m=151545930207815&w=2 > + > #ifdef CONFIG_X86_64 > wrmsrl(MSR_GS_BASE, svm->host.gs_base); > #else >