Received: by 10.223.176.5 with SMTP id f5csp2714236wra;
        Mon, 29 Jan 2018 02:46:48 -0800 (PST)
X-Google-Smtp-Source: AH8x2245jeOJmx6uBSYm6+uKkKbEu0tNbQLmeyJUMS1aJwZQ9L3sJSmM6odJ15Ycphc9zADQXNFT
X-Received: by 2002:a17:902:ad05:: with SMTP id i5-v6mr6046102plr.139.1517222808128;
        Mon, 29 Jan 2018 02:46:48 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517222808; cv=none;
        d=google.com; s=arc-20160816;
        b=P6oyWT8lyk96xD5yX83Czgk5JkI+o5LAow0jjcl0eL3U3FzRkoRqkfPdeXHo/ySyH/
         kd1zrSPHccxNVN7DmBHLxAq54TAnv3Hd5I8JZv3F3Vk977tH7Z7w5dqM/ZxlahxsrBD+
         Wg45oBIkFNqk3lHWqm09Gy7BRj+maaFASfywnroJLBFcvxxkA/OoclUHBEPQgiLZBn7Y
         gHNjjw+DHmrrz6Jw69UXk5rZ9c7D5DFs+CfHEixwWDeqwf/SItFJzQLMv5BvN8/I7wFu
         bm7gkCOVg+UUVE/HC6d05zvVgUA5yWOAeqTezf9hQAG8+gqe2OP715tuGuiMO7Dmb3qf
         /mrQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=K1hDG1bDE+wyIW057I+OM4Q6vnh3CZc+PCPPJqa/1TI=;
        b=Jre3MZnS28x2Dp6ofgY2at4UCfn+829MbLpmYY8R7QkfWkoQ1JQF88PKpLeTDXMuwh
         co8YKT/CZpoACRnQR67EI17qNZCjKhDfkDIrA5HNccAJLt4BbGsg6pgjr/mUFHNzQwmu
         VmXBmKujC2ga4eJn5viCsQ+o8sKa7faN2tquNneKB3i5YIAA8rgbMRbPNrRnQB+KXkOy
         nGM2LMSm4LHSI5SszA4Hbvy/MbBE55p7OceDzs7/w4a3ty80kZ3pgC1edDMjL69wJml7
         PeTr1yUvzvjXBKatIWoqaUdUmyqOQ59Rt51kZO/sapp4qlVzWDTdGtN7jqSkVX5uDsVH
         2IkQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=BV1Fxtyy;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i3-v6si9130245plt.369.2018.01.29.02.46.33;
        Mon, 29 Jan 2018 02:46:48 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=BV1Fxtyy;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751766AbeA2KpZ (ORCPT <rfc822;mohamedabbas.us@gmail.com>
        + 99 others); Mon, 29 Jan 2018 05:45:25 -0500
Received: from mail-wm0-f68.google.com ([74.125.82.68]:54047 "EHLO
        mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751298AbeA2KpY (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 Jan 2018 05:45:24 -0500
Received: by mail-wm0-f68.google.com with SMTP id t74so13284877wme.3;
        Mon, 29 Jan 2018 02:45:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=K1hDG1bDE+wyIW057I+OM4Q6vnh3CZc+PCPPJqa/1TI=;
        b=BV1FxtyyKTieK0fGCD8635aUy5pC09v9Ff5ngf3yrTLzudhxDIf+oks9tg85lEeUH2
         NPs8pM0HsqjfxQYVqEiXPUaq/+MfXifUoS4fFvVeTgnDZOW3VNKnn/fzo0Mv5F/VgxZS
         tEHPaCxoZ1bvuSMwWGYjNMlqx4+/VKPSh2ExUcnhZ1Wk68/PDFNtk6ZOcAoh4XSuReg6
         YMC1xi0VR/4RUGIDzR7Hn8/PtyGNLAQ69nyebp9pJkUwIaXY+2zOEKe/iho27aXEG2Mg
         jFgMr12sVLTNue1CTtJCbMSE5GeMlKuOHICFP51lnUn08YQ2BkSXp8YoYnMj8rS32sls
         KoGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:subject:to:cc:references:from:message-id
         :date:user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=K1hDG1bDE+wyIW057I+OM4Q6vnh3CZc+PCPPJqa/1TI=;
        b=QgcxcGE/Nf8li7VnSR6Jwai2l4mw75SWNi2eaMJxBDYQU0C3qi/jqCY+puxy4Mw6Mm
         QY0NvkPV+BVGov9HT7igeR3j5h2wPToj0pjmPsENWJJt0lTBuX3aCuymoX9/YoDzmDdB
         Nu4im59pWpsDVgVipSKpjHbTGrexFv2HTKqTXXANaPGH/VKrvPXmNAdkqC9ctkBhzJ8D
         tBzfoKP5g7PlHQnay+6RVfN0yQ6axYqN1Qb4Bp7hE+VAwPM5scFpOSwOls8DdutbhEnG
         AUS7JgoBJlObV9hSB1K5jjl18xqSqRxyJONfFUCVQ6pFp7ggkd+EIs8Yqk7PQcuPdHrH
         B1VA==
X-Gm-Message-State: AKwxytd8kh5fi/4fmDi2diDxu8X6UPPyvjItBbIykr7rjOmgIOVidR+b
        tyZlfmD7PzijhyfCNsJMUHs=
X-Received: by 10.80.146.81 with SMTP id j17mr46818278eda.205.1517222722580;
        Mon, 29 Jan 2018 02:45:22 -0800 (PST)
Received: from [10.1.123.162] ([31.131.246.13])
        by smtp.googlemail.com with ESMTPSA id g21sm6282418edg.88.2018.01.29.02.45.21
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 29 Jan 2018 02:45:21 -0800 (PST)
Subject: Re: [PATCH v2 4/4] x86: vmx: Allow direct access to
 MSR_IA32_ARCH_CAPABILITIES
To:     KarimAllah Ahmed <karahmed@amazon.de>, kvm@vger.kernel.org,
        linux-kernel@vger.kernel.org, x86@kernel.org
Cc:     Asit Mallick <asit.k.mallick@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        Arjan Van De Ven <arjan.van.de.ven@intel.com>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andi Kleen <ak@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Andy Lutomirski <luto@kernel.org>,
        Greg KH <gregkh@linuxfoundation.org>,
        Ashok Raj <ashok.raj@intel.com>
References: <1517187532-32286-1-git-send-email-karahmed@amazon.de>
 <1517187532-32286-5-git-send-email-karahmed@amazon.de>
From:   Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <32627024-026c-4415-8153-bfb9778877b8@redhat.com>
Date:   Mon, 29 Jan 2018 11:45:22 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.2
MIME-Version: 1.0
In-Reply-To: <1517187532-32286-5-git-send-email-karahmed@amazon.de>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 29/01/2018 01:58, KarimAllah Ahmed wrote:
> Add direct access to MSR_IA32_SPEC_CTRL for guests. Future intel processors
> will use this MSR to indicate RDCL_NO (bit 0) and IBRS_ALL (bit 1).

This has to be customizable per-VM (similar to the patches Amazon posted
a while ago for UCODE_REV for example).  It's not urgent anyway given
that no processor has it yet.

Thanks,

Paolo

> Cc: Asit Mallick <asit.k.mallick@intel.com>
> Cc: Dave Hansen <dave.hansen@intel.com>
> Cc: Arjan Van De Ven <arjan.van.de.ven@intel.com>
> Cc: Tim Chen <tim.c.chen@linux.intel.com>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Andrea Arcangeli <aarcange@redhat.com>
> Cc: Andi Kleen <ak@linux.intel.com>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: Jun Nakajima <jun.nakajima@intel.com>
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Greg KH <gregkh@linuxfoundation.org>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Ashok Raj <ashok.raj@intel.com>
> Signed-off-by: KarimAllah Ahmed <karahmed@amazon.de>
> ---
>  arch/x86/kvm/cpuid.c | 4 +++-
>  arch/x86/kvm/vmx.c   | 2 ++
>  2 files changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 32c0c14..2339b1a 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -71,6 +71,7 @@ u64 kvm_supported_xcr0(void)
>  #define KVM_CPUID_BIT_AVX512_4VNNIW     2
>  #define KVM_CPUID_BIT_AVX512_4FMAPS     3
>  #define KVM_CPUID_BIT_IBRS              26
> +#define KVM_CPUID_BIT_ARCH_CAPABILITIES 29
>  #define KF(x) bit(KVM_CPUID_BIT_##x)
>  
>  int kvm_update_cpuid(struct kvm_vcpu *vcpu)
> @@ -394,7 +395,8 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
>  	/* cpuid 7.0.edx*/
>  	const u32 kvm_cpuid_7_0_edx_x86_features =
>  		KF(AVX512_4VNNIW) | KF(AVX512_4FMAPS) | \
> -		(boot_cpu_has(X86_FEATURE_IBRS) ? KF(IBRS) : 0);
> +		(boot_cpu_has(X86_FEATURE_IBRS) ? KF(IBRS) : 0) | \
> +		(boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES) ? KF(ARCH_CAPABILITIES) : 0);
>  
>  	/* all calls to cpuid_count() should be made on the same cpu */
>  	get_cpu();
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index f82a44c..99cb761 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -9617,6 +9617,8 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
>  
>  	if (boot_cpu_has(X86_FEATURE_IBPB))
>  		vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_PRED_CMD, MSR_TYPE_RW);
> +	if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES))
> +		vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_ARCH_CAPABILITIES, MSR_TYPE_R);
>  	vmx_disable_intercept_for_msr(msr_bitmap, MSR_FS_BASE, MSR_TYPE_RW);
>  	vmx_disable_intercept_for_msr(msr_bitmap, MSR_GS_BASE, MSR_TYPE_RW);
>  	vmx_disable_intercept_for_msr(msr_bitmap, MSR_KERNEL_GS_BASE, MSR_TYPE_RW);
>