Received: by 10.223.176.5 with SMTP id f5csp483775wra; Tue, 30 Jan 2018 14:51:04 -0800 (PST) X-Google-Smtp-Source: AH8x225qQnbuJ2oAnuMq79WEOGiYIngC2b88Z5P6ZLaUY861EhiHV3FmYxTjSmO/HMGD5pIbyukk X-Received: by 2002:a17:902:221:: with SMTP id 30-v6mr27145234plc.134.1517352664038; Tue, 30 Jan 2018 14:51:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517352664; cv=none; d=google.com; s=arc-20160816; b=LI0JYfrwn7U72bLktx/a8PIejRvG2d4penpmWKBimPQ63RrBCYUZa93+npUYGMANMc LHjuOeCtWzbCTZn/IwzPAfIKR+iLvQYcXADQONOBXhSabKuW6vW7agAryWnb6SeLKNBF vUK/D4LSAu1h2C/vDa9YGL7AXgEuCbZ4gtE3Q4qPPtS3dzQqaTM9P+JwV+94RX3JyXEa YEfysOB8o9eYc78RT8Y4/Dzs2bhSq4srU5WmVuhTItv0j0Bc2UttO3Kun6CsqWNYMeeO WejNbNaE09B9PNEIw8ZtB+nyJEFgQlWrOwf9Om9ifRUzvGyAWzVwURK4vLNAioD6dO7j hvbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=TgO2AMAN+FGcVTwckFb3Rh6WcNdipP72b6cNvO2uR24=; b=eYGP+Q1YCDoQ4y66DyElGp/6+tedxzQZB+qT1pT/oN5Qkpp9vy4Qbx/23KeVyNL0Sk Ermp2GrfVuoC3JcLC3JvAWapAdOSXAjSPpw26v5j35CuhCeUhxcjtBI2ILnkFk1xvDP9 vaJ7I9qLZgvXI77NHfVD3CKRdy6CF/t6nL4aNIhKfUgSW1rEwwLow3vVqnrdMhouQ4t+ U4447SLmN/FCUgqFH9ujF8j755NFlJ3pJGDYJd5hwQz1n6js3J3dN5M9r6FvPh0EvQTn Ux2ssGT7Aw+MPjfJ4pNC0yct37FmK5BdJWJG+pVKrBSUvWjYCW0X6xwlIJeNm2wSNf1F H/UQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=u48Tpa2G; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 95-v6si613043ple.831.2018.01.30.14.50.49; Tue, 30 Jan 2018 14:51:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=u48Tpa2G; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753765AbeA3Wth (ORCPT + 99 others); Tue, 30 Jan 2018 17:49:37 -0500 Received: from mail-io0-f174.google.com ([209.85.223.174]:46323 "EHLO mail-io0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752892AbeA3Wtf (ORCPT ); Tue, 30 Jan 2018 17:49:35 -0500 Received: by mail-io0-f174.google.com with SMTP id f34so13265586ioi.13 for ; Tue, 30 Jan 2018 14:49:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TgO2AMAN+FGcVTwckFb3Rh6WcNdipP72b6cNvO2uR24=; b=u48Tpa2GDEkwaIb4dD2XP+dXAMErHyBFGFErOoFwmOTjOiiqFruELRQNAGTk0V9wMX wdsK22FBPW+YYfNpwMBmcS84XqxnpOCbZ66N/F6ylKCYQzqJA2AU9VK8Pj4Q0kC0eWqx RRalWmtOBk4tSTlYLdv0imEvyBcA02k6cPP5Vf+XJ2KvjiH2rFwMy35VHsX+faNrpuNW tZztwbZYYxPhMPlQZw5Ul1G9L8DR8vYd+XIg7/4703hegRAcAHz1iQVcVf9sq/ZiMivo 29OYCz4QbVsdzTphUBVm28mKoUR5e9P8o9zUR1E9JnVca1Ml8ZJtRsgLOM9DXN1UEKt2 /lRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TgO2AMAN+FGcVTwckFb3Rh6WcNdipP72b6cNvO2uR24=; b=s3U6QOgQCnZEBrN7UMmjnxvPzjH+ahMYeDPT3wTYt7hGXWWewsEant9vSOK7jNkA+I zlGGgHNI8I21oLxB9LSRDem9lPrqhyzzsfF/oc84aySpgkXJKF6tMzepY2uXO0E8SR5T 8QetzcTZSgW2crsKDxzAVpnPg2W4ZmNSibBRAIzjsGsXd7qd9iZrJ7O7UB2Mm4hovKei 2px8yBBgPFwVS6hTEOIMB8wnG407h+xtXpNuxAm8ERDiZbTAwj2iaW2yDlrteOwf4aNh zj5fABZM7h2mNFkBTkG7pcw/+QHtauSvfNYvr2qXKsJq2Kf4Isxb6BC5/INDZ8+tBzGw xSmw== X-Gm-Message-State: AKwxytdK6Raow50+UqhdKjVyP54C0l9BM7E8/TKFzTD0jTaSvS+wnZsD 8wTiXh8PaAiTjfEZcbMB/M4SCLXki4+6LMGJfU39qw== X-Received: by 10.107.28.201 with SMTP id c192mr30849258ioc.26.1517352574929; Tue, 30 Jan 2018 14:49:34 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.128.7 with HTTP; Tue, 30 Jan 2018 14:49:33 -0800 (PST) In-Reply-To: <43859417-ae76-ed1f-eb4f-8a84a35998fc@amazon.com> References: <1517271028-15916-1-git-send-email-karahmed@amazon.de> <1517271028-15916-5-git-send-email-karahmed@amazon.de> <43859417-ae76-ed1f-eb4f-8a84a35998fc@amazon.com> From: Jim Mattson Date: Tue, 30 Jan 2018 14:49:33 -0800 Message-ID: Subject: Re: [PATCH v3 4/4] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL To: KarimAllah Ahmed Cc: KarimAllah Ahmed , kvm list , LKML , "the arch/x86 maintainers" , Asit Mallick , Arjan Van De Ven , Dave Hansen , Andi Kleen , Andrea Arcangeli , Linus Torvalds , Tim Chen , Thomas Gleixner , Dan Williams , Jun Nakajima , Paolo Bonzini , David Woodhouse , Greg KH , Andy Lutomirski , Ashok Raj Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 30, 2018 at 1:00 PM, KarimAllah Ahmed wrote: > Ooops! I did not think at all about nested :) > > This should be addressed now, I hope: > > http://git.infradead.org/linux-retpoline.git/commitdiff/f7f0cbba3e0cffcee050a8a5a9597a162d57e572 + if (cpu_has_vmx_msr_bitmap() && data && + !vmx->save_spec_ctrl_on_exit) { + vmx->save_spec_ctrl_on_exit = true; + + msr_bitmap = is_guest_mode(vcpu) ? vmx->nested.vmcs02.msr_bitmap : + vmx->vmcs01.msr_bitmap; + vmx_disable_intercept_for_msr(msr_bitmap, + MSR_IA32_SPEC_CTRL, + MSR_TYPE_RW); + } There are two ways to get to this point in vmx_set_msr while is_guest_mode(vcpu) is true: 1) L0 is processing vmcs12's VM-entry MSR load list on emulated VM-entry (see enter_vmx_non_root_mode). 2) L2 tried to execute WRMSR, writes to the MSR are intercepted in vmcs02's MSR permission bitmap, and writes to the MSR are not intercepted in vmcs12's MSR permission bitmap. In the first case, disabling the intercepts for the MSR in vmx->nested.vmcs02.msr_bitmap is incorrect, because we haven't yet determined that the intercepts are clear in vmcs12's MSR permission bitmap. In the second case, disabling *both* of the intercepts for the MSR in vmx->nested.vmcs02.msr_bitmap is incorrect, because we don't know that the read intercept is clear in vmcs12's MSR permission bitmap. Furthermore, disabling the write intercept for the MSR in vmx->nested.vmcs02.msr_bitmap is somewhat fruitless, because nested_vmx_merge_msr_bitmap is just going to undo that change on the next emulated VM-entry.