Received: by 10.223.176.5 with SMTP id f5csp4321742wra; Tue, 30 Jan 2018 05:41:04 -0800 (PST) X-Google-Smtp-Source: AH8x225s+MZ9TnLaSjSBuhGQRYq94dJ44BYIWNyRmfLDlV1wkkP1FKt7EjQEriwkqT6W+BVsOvQD X-Received: by 10.101.69.7 with SMTP id n7mr24229918pgq.62.1517319664075; Tue, 30 Jan 2018 05:41:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517319664; cv=none; d=google.com; s=arc-20160816; b=P+/My5OKqZ0aB4+tt1f6sw1LX9kGJ6hvvL7pVLWcg7qA8dWtY8O0E9BW2JlDObTRex B6DepYZaliV7hqBjUlGu1ykJckNKDvz4rpPw8oTQ96s1Wj38KA7D8/qppOYwJwgqTX2c Xqbs58wjfBu7P3AqP4WkUSxGw498GF4QNGcHlS128cNj5rEiiAkGAkaOz4TWilvbUx32 vqO/ooI14vhvfiy1MVRHmHpmMiQz9RE37r3ByC4Y65f725ofGTDIwxY9eVFp8Y+Nob4N QexTvv8sFzjiE2zUFjZ+xTdnMyWvayvSIT1UbWueHFdtRVQEw5jDkFwmfLj8Zl7PQ2+8 3cdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=qlrbCbK7WSEIIfjdqQZafCl8i0eWRPgGIKz8BCCHq0Y=; b=T3RlpebClUOIeBMLcv0PPenYTTPzoSYyD66z318smWFXnMeD4yhxwpvaeJ+xQ7DTh0 4TFZhhiBiklxPqrhuzHxUhC21tZwADH6EBqmbxTOtIP4TvA/vevaNywuvGE8mzqhLKN0 Wv3vqGDXpX8vaTjWTkfTZ4TyI6OfoRG5OMonNyzY7UqeMzq8qhp+HbEqfKt4kjXGcl7J GJz/ooP6bkXQbx/Md8K8TKC+AvAhsis92VDJVm8vcYwjGWUzvi28wpFLQW4n6SjbDx4y LSC3+ADjWusrOMkaJSdH9riiCr5unxJwLHmUom8YsCjUMH2D5mbCGocS0fxQJg/L7OjA VQLA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=RIrd/t/W; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v69si9281709pgb.303.2018.01.30.05.40.49; Tue, 30 Jan 2018 05:41:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=RIrd/t/W; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752357AbeA3NVf (ORCPT + 99 others); Tue, 30 Jan 2018 08:21:35 -0500 Received: from userp2130.oracle.com ([156.151.31.86]:55270 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752391AbeA3NVd (ORCPT ); Tue, 30 Jan 2018 08:21:33 -0500 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w0UDGutF017333; Tue, 30 Jan 2018 13:21:15 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=qlrbCbK7WSEIIfjdqQZafCl8i0eWRPgGIKz8BCCHq0Y=; b=RIrd/t/WO47CBYk+qAX0iyT1VWYsVHgZTHN84LU8k/t00MBq9XEBJ81tEbPHIfIm5wzV xANaecUXLIMNNMR4WWuAkHrorzuZtqwZwFa/VWMUDmtcruAmnYbXD3c9kKahdG8Ix2rr 3EdZ8lGSksyJrhDX5S0SOV9SF9fAbCznFDG0eAAGm+Hma1D+FlOp8MVwqvFQCZ2iPWDM PpjrqYQwseCwiJq5aTUVmn3lFSjTr2vwUbkAfF3q2VhtGk1JEP3PV8ytpL1CkVBchsLe IhdXrzdvsXIPzOiLzKbFkuoi1mrW/+FYzH7Ode8zBmEKKM+fSFxqvrbKsYcZAItnjjFi mQ== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by userp2130.oracle.com with ESMTP id 2ftsby0227-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 30 Jan 2018 13:21:15 +0000 Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w0UDLEBt031000 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 30 Jan 2018 13:21:14 GMT Received: from abhmp0001.oracle.com (abhmp0001.oracle.com [141.146.116.7]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w0UDLDMN005886; Tue, 30 Jan 2018 13:21:13 GMT Received: from [172.17.0.254] (/141.85.241.41) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 30 Jan 2018 05:21:13 -0800 Subject: Re: [9/8] KVM: x86: limit MSR_IA32_SPEC_CTRL access based on CPUID availability To: Paolo Bonzini , linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: rkrcmar@redhat.com, liran.alon@oracle.com, jmattson@google.com, aliguori@amazon.com, thomas.lendacky@amd.com, dwmw@amazon.co.uk, bp@alien8.de, x86@kernel.org, Konrad Rzeszutek Wilk References: <20180109120311.27565-10-pbonzini@redhat.com> From: Mihai Carabas Message-ID: <6dc02278-7004-1794-3705-69c8cad86be4@oracle.com> Date: Tue, 30 Jan 2018 15:21:11 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20180109120311.27565-10-pbonzini@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8789 signatures=668655 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=809 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801300169 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello Paolo, I've back ported this patch on 4.1, after adding the per-vcpu MSR bitmap. Also enabled the SPEC_CTRL_MSR intercept if qemu instructed so [1]. Reviewed-by: Mihai Carabas [1] +++ b/arch/x86/kvm/vmx.c @@ -8391,6 +8391,16 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id) vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_PRED_CMD, MSR_TYPE_R | MSR_TYPE_W); vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_BNDCFGS, MSR_TYPE_R | MSR_TYPE_W); + /* + * If the physical CPU or the vCPU of this VM doesn't + * support SPEC_CTRL feature, catch each access to it. + */ + if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) || + !guest_cpuid_has_spec_ctrl(&vmx->vcpu)) + vmx_enable_intercept_for_msr( + msr_bitmap, + MSR_IA32_SPEC_CTRL, + MSR_TYPE_R | MSR_TYPE_W); /* * If PML is turned on, failure on enabling PML just results in failure On 09.01.2018 14:03, Paolo Bonzini wrote: > MSR_IA32_SPEC_CTRL is not available unless CPU[7,0].EDX[26] is 1. > Check that against host CPUID or guest CPUID, respectively for > host-initiated and guest-initiated accesses. > > Suggested-by: Jim Mattson > Signed-off-by: Paolo Bonzini > --- > This is for after X86_FEATURE_SPEC_CTRL is added to Linux, but > I still wanted to ack Jim's improvement. > > arch/x86/kvm/svm.c | 8 ++++++++ > arch/x86/kvm/vmx.c | 8 ++++++++ > 2 files changed, 16 insertions(+) > > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > index 97126c2bd663..3a646580d7c5 100644 > --- a/arch/x86/kvm/svm.c > +++ b/arch/x86/kvm/svm.c > @@ -3648,6 +3648,10 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > msr_info->data = svm->nested.vm_cr_msr; > break; > case MSR_IA32_SPEC_CTRL: > + if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) || > + (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL))) > + return 1; > msr_info->data = svm->spec_ctrl; > break; > case MSR_IA32_UCODE_REV: > @@ -3806,6 +3810,10 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) > vcpu_unimpl(vcpu, "unimplemented wrmsr: 0x%x data 0x%llx\n", ecx, data); > break; > case MSR_IA32_SPEC_CTRL: > + if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) || > + (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL))) > + return 1; > svm->spec_ctrl = data; > break; > case MSR_IA32_APICBASE: > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index 49b4a2d61603..42bc7ee293e4 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -3368,6 +3368,10 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > msr_info->data = guest_read_tsc(vcpu); > break; > case MSR_IA32_SPEC_CTRL: > + if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) || > + (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL))) > + return 1; > msr_info->data = to_vmx(vcpu)->spec_ctrl; > break; > case MSR_IA32_SYSENTER_CS: > @@ -3510,6 +3514,10 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > kvm_write_tsc(vcpu, msr_info); > break; > case MSR_IA32_SPEC_CTRL: > + if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) || > + (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL))) > + return 1; > to_vmx(vcpu)->spec_ctrl = data; > break; > case MSR_IA32_CR_PAT: >