Received: by 10.223.176.5 with SMTP id f5csp638371wra; Tue, 30 Jan 2018 17:00:49 -0800 (PST) X-Google-Smtp-Source: AH8x226gJ3+Ie2gS/fq9BE7CbudPJ/Aurrz0g8l7JXyTLjGNRfEdLwnn5F3r5YBZ1HnCY8Trlz93 X-Received: by 10.99.65.133 with SMTP id o127mr16119679pga.13.1517360449295; Tue, 30 Jan 2018 17:00:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517360449; cv=none; d=google.com; s=arc-20160816; b=ZPuE3Szb2WUVCURU7mTfLmQYMc/Rx28l2oV8NKKdQDqRxtMCGdGFbm+YrDSMz8vHHT 74nRlX4eHyUQ6uNLelHTe/Viw6dnXkxKCHjHrXRdmLW+stUG4b2a5mUU6eCJXbliEMFC /1MCkmf0OqEt9Aq3x7v9K2x+JWWlhze6EcZJ4bz6+eXxdOC6kZNwpfMPYxVl97VjqKCC 7xCuJs6KHf6kLLgt+bTGwyGip9cCvPTew7FQll/o5ceuT9KDh51+tlVCvBQFpYOeu+mt +RJZq8KkiGZtYp8DwtU3VQiflPzeR4ggaGxkC+stWIhZhlZWk0y/IVapOMlPGHu2rvrw Q9pQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=uRYSnlWbkQsfbsX9D3on5frXTam7eHADs+76yqiQju8=; b=X4WdPwCkpyp1lr8u6YWWPeYuG3MF7mvvVhYajiznvNM/YwX00Z6LPNE+0UMKzGU8P5 vP5Ad5rfdksQBLYU4LNHJpm97Hj/baNJEEb3Ahlu4opsmnS6eLPHlPad7JzLTwz/VkYl EKN24YTYbU8iUsMhzJx6mlZyUjctSIVTHD8eLaClR8U+A0gstc9OTtW70ShFaiWJJ3gS iMQC2p+QLvyYRRJXVUok168Q8fYDMxqq5piRYBFZAQAmDDpi8AOPaKegT0c6pruOSEvh e/Qewcm2aB59Bbpb5P8+egt5okCh66KW/3lsBApzYzNEcQMtAxV0ClwdpBLFWAQZPKXu kuVQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=V4H+ETJj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d4si443324pgf.231.2018.01.30.17.00.34; Tue, 30 Jan 2018 17:00:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=V4H+ETJj; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753184AbeAaAQR (ORCPT + 99 others); Tue, 30 Jan 2018 19:16:17 -0500 Received: from mail-io0-f194.google.com ([209.85.223.194]:35266 "EHLO mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752819AbeAaAQP (ORCPT ); Tue, 30 Jan 2018 19:16:15 -0500 Received: by mail-io0-f194.google.com with SMTP id m11so13476749iob.2 for ; Tue, 30 Jan 2018 16:16:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=uRYSnlWbkQsfbsX9D3on5frXTam7eHADs+76yqiQju8=; b=V4H+ETJjGFcTtXyvtRANNSiKg4bvNXmCSr3e5Jud31myHt+KpBspDMne8jsVOwee1p 9W3LrgBHOZgVEcFK4vbEts/JUVQNaAvTFTNaqgDjV0JJRw/9KnGAu3AT8BI0tXVf4Nbc tSCDJoJrS+saPwpDYrlHrCIbCw1OEkfKqbg9GY+TEa3zkoV/7ZeHvkp3hI8qLjiGXOkx PLR1Uq2YR1wigPC5ztXH3a49SDFPweMepaEYin33uRzKDKmhJhTdg02n3PqJQZCzK2uG FKWNGfpcJI3SAwpifwTzbnkfupdgusBLfI4Sl4OWLhA+giNSxj32nA+dSOd0DoI0vIjw DkZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=uRYSnlWbkQsfbsX9D3on5frXTam7eHADs+76yqiQju8=; b=r1D9N2UjFpt/C+tNs3794JsILUH9WQeI1F3Us0M9WAJvHTpY9wNeqc4ROWbtPgmOSu vuhZQOytEOR4iuZ7kk0p4c/crTIDHYEPPoRgyL261wmHpQGBRNV2plihZ8jVEc0RJjKC V0AMXluwpMelJOLWDNDzjimGwx2EC8waFHrgc8NU2pxYmR5c1i7QlmSE/pUJjCVAfWyJ srawR/m/nhvhm3geNMMA06o2lDd7z0NON5z/fHsS163PI7Rrt6pLAtyg1MtAmaXQWrz1 4VbAhyNUDEWioLZCp5UAlDeD/FuPz6QDSYU7Q8ymDAVakuRKzi3/u80PetgXcquwvneY foDw== X-Gm-Message-State: AKwxytc1p5zKLsX/ZRT0dV4SHLi5alNrwwq3XV3KWFM65cyxy3JcoOwz xl5Y2wWrpz4vuSKhPIqHohpCYP9RZtCavSrQUDUu9g== X-Received: by 10.107.97.24 with SMTP id v24mr31945576iob.296.1517357775077; Tue, 30 Jan 2018 16:16:15 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.128.7 with HTTP; Tue, 30 Jan 2018 16:16:14 -0800 (PST) In-Reply-To: References: <1517271028-15916-1-git-send-email-karahmed@amazon.de> <1517271028-15916-5-git-send-email-karahmed@amazon.de> <43859417-ae76-ed1f-eb4f-8a84a35998fc@amazon.com> From: Jim Mattson Date: Tue, 30 Jan 2018 16:16:14 -0800 Message-ID: Subject: Re: [PATCH v3 4/4] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL To: KarimAllah Ahmed Cc: KarimAllah Ahmed , kvm list , LKML , "the arch/x86 maintainers" , Asit Mallick , Arjan Van De Ven , Dave Hansen , Andi Kleen , Andrea Arcangeli , Linus Torvalds , Tim Chen , Thomas Gleixner , Dan Williams , Jun Nakajima , Paolo Bonzini , David Woodhouse , Greg KH , Andy Lutomirski , Ashok Raj Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 30, 2018 at 3:50 PM, KarimAllah Ahmed wrote: > Okay, I took a second look at the code (specially > nested_vmx_merge_msr_bitmap). > > This means that I simply should not touch the MSR bitmap in set_msr in > case of nested, I just need to properly update the l02 msr_bitmap in > nested_vmx_merge_msr_bitmap. As in here: > > http://git.infradead.org/linux-retpoline.git/commitdiff/d90eedebdd16bb00741a2c93bc13c5e444c99c2b > > or am I still missing something? (sorry, did not actually look at the > nested code before!) + if (cpu_has_vmx_msr_bitmap() && data && + !vmx->save_spec_ctrl_on_exit) { + vmx->save_spec_ctrl_on_exit = true; + + if (is_guest_mode(vcpu)) + break; As Paolo suggested, the test for !is_guest_mode (vcpu) should just be folded into the condition above. If you aren't clearing a 'W' bit in the MSR permission bitmap, there's no need to set vmx->save_spec_ctrl_on_exit. + + vmx_disable_intercept_for_msr(vmx->vmcs01.msr_bitmap, + MSR_IA32_SPEC_CTRL, + MSR_TYPE_RW); + } + break; ... + if (guest_cpuid_has(vcpu, X86_FEATURE_IBRS)) { + nested_vmx_disable_intercept_for_msr( + msr_bitmap_l1, msr_bitmap_l0, + MSR_IA32_SPEC_CTRL, + MSR_TYPE_R | MSR_TYPE_W); + } + However, here, you should set vmx->save_spec_ctrl_on_exit if nested_vmx_disable_intercept_for_msr clears the 'W' bit for MSR_IA32_SPEC_CTRL in msr_bitmap_l0. Perhaps this would be easier if nested_vmx_disable_intercept_for_msr returned something indicative of which bits it cleared (if any).