Received: by 10.223.176.5 with SMTP id f5csp647948wra; Tue, 30 Jan 2018 17:09:30 -0800 (PST) X-Google-Smtp-Source: AH8x226kOtYvrI4F/YCq/qIIt4aGM221g4Wt4UKwKoyofaIlDWKYx8VLtmGd44Kd2I5A5KuvmP+t X-Received: by 10.99.114.93 with SMTP id c29mr25677737pgn.419.1517360970207; Tue, 30 Jan 2018 17:09:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517360970; cv=none; d=google.com; s=arc-20160816; b=C05uGSYeWizjchMCkZldjOW+qfSVCfumS/Z9/K6zv08h95l2PKhK5J5icYtQaybi+c d+sta0o52eXhRZHAEtTMUEuwS8rt1wcShw90GX6OWYGZ6rDLMBms6DliMQStZOi5+ngP HXkK/7tGvbfxx/viUcyPYvFgb1aasl0y2gb1th0XDfMma3Ro+g3iH1tsNuqxUVm+zERs 7RmaObZFeUQ80UUAmQoZGFIfVF/xfjVvp6VDCnympW3aq6rK7MIpkQY1lE23phbkRe7s 9+e5PoAOQt7YTjRL45COVRH93WA+BHarwGy0zv6qjWEjrCUJpWRyGCHPwLsNFIZeh9/N QvOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=VHKu+wfKx9gXoD2jAnjPJ2esU3U2mdnzgcQbPrg249A=; b=csja1I/4fn3VbDwQNG23EuLB3bnlT79BovZudVFqo2QeWedsExSviPpR+Uk0UetEAv BDf+V+iADw/M7679ZWkctNPBjiRcUftJtufKW7WyH6vKo7Rr+K0TK4al+9H3wghEz9BI uGZm5ezfUqLzl3bBiduotR/JahcF3wKF31vmy0pCgFu9QUsehTCtZnqlYur6HvTp9rzy z75q+DM3E5/4jHHL9o87xLyvZTE2rKKFWQkCOKIW7+foQWmfUteUjyUk+vJGNHj77O7S wtF3Ni61PqhJXdvg1ogD/gQutn0AOs80fLTYuMYcV4MzNBxJ7Kj8Ovu304itwaNVeVHZ FPFQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k136si10153544pga.44.2018.01.30.17.09.15; Tue, 30 Jan 2018 17:09:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932087AbeAaA4i (ORCPT + 99 others); Tue, 30 Jan 2018 19:56:38 -0500 Received: from mx1.redhat.com ([209.132.183.28]:42000 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752015AbeAaA4g (ORCPT ); Tue, 30 Jan 2018 19:56:36 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9A67781DFB; Wed, 31 Jan 2018 00:56:36 +0000 (UTC) Received: from [10.36.116.40] (ovpn-116-40.ams2.redhat.com [10.36.116.40]) by smtp.corp.redhat.com (Postfix) with ESMTPS id EADF75C20B; Wed, 31 Jan 2018 00:56:29 +0000 (UTC) Subject: Re: [PATCH v3 4/4] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL To: Jim Mattson Cc: KarimAllah Ahmed , KarimAllah Ahmed , kvm list , LKML , the arch/x86 maintainers , Asit Mallick , Arjan Van De Ven , Dave Hansen , Andi Kleen , Andrea Arcangeli , Linus Torvalds , Tim Chen , Thomas Gleixner , Dan Williams , Jun Nakajima , David Woodhouse , Greg KH , Andy Lutomirski , Ashok Raj References: <1517271028-15916-1-git-send-email-karahmed@amazon.de> <1517271028-15916-5-git-send-email-karahmed@amazon.de> <43859417-ae76-ed1f-eb4f-8a84a35998fc@amazon.com> <7bd999e6-bc15-2470-80fb-771161df39d6@redhat.com> From: Paolo Bonzini Message-ID: Date: Tue, 30 Jan 2018 19:56:27 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Wed, 31 Jan 2018 00:56:36 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 30/01/2018 19:27, Jim Mattson wrote: > On Tue, Jan 30, 2018 at 4:19 PM, Paolo Bonzini wrote: >> The new code in nested_vmx_merge_msr_bitmap should be conditional on >> vmx->save_spec_ctrl_on_exit. > > But then if L1 doesn't use MSR_IA32_SPEC_CTRL itself and it uses the > VM-entry MSR load list to set up L2's MSR_IA32_SPEC_CTRL, you will > never set vmx->save_spec_ctrl_on_exit, and L2's accesses to the MSR > will always be intercepted by L0. If you don't make it conditional, L0 will forget to read back at vmexit what value L2 has written to the MSR. The alternative is to set vmx->save_spec_ctrl_on_exit on all writes, including those coming from L2. That works for me. Paolo