Received: by 10.223.176.5 with SMTP id f5csp1792842wra;
        Wed, 31 Jan 2018 11:39:23 -0800 (PST)
X-Google-Smtp-Source: AH8x225C0P6b09XpBx/TxqBIH5sq3YBKO+0rtPzq58hkxoOCtTsJQ4zhPOWKKrd3/ztmMeNoJEL7
X-Received: by 2002:a17:902:2901:: with SMTP id g1-v6mr28590218plb.69.1517427563252;
        Wed, 31 Jan 2018 11:39:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517427563; cv=none;
        d=google.com; s=arc-20160816;
        b=K50KvQUIVUnyaQ/kanaYSWam9aWei0/3fkkX8w9F/JOJFfupZK695sHsN22fsbnLKv
         x2Ts69w/xhUlAoQz9yRIGxd2jKM80bOGY+y+EOITU6pkc8b3aBZn6WPzqtV0KqwKyJq/
         nxI2l1eL8rQsW0e8GsN3kgMxEgxEvMWRIoozD8okMa4jtWCwb2SDGVeLaSCcbicKTgux
         3bbyPhuLJ2kTzkCsnF4E4w2B1dbilEnkIF5ibZ9WlzHE0lRujyFh0sXum55rKPBLYshD
         v1OPTNOS00oxakyRe005+VkE6IHI3I9tsuiH7qcfBIY71xPAlAwreULasCWB1n6+qK1S
         opqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature
         :arc-authentication-results;
        bh=j/WxHtZowDC9TyamxJ4Xqd3W+zpdrutp7e6JtY1SR7c=;
        b=b18mHQRhF59gAUETvbP+Lhkqh5ZpF1wUF1wjVdIdS0qjFRNOOn42+ootFGsAe3hu7L
         3UbTXxfDtjL1knvj2yFEHdulsmCjBLWZFCfu9D3vg1GSdhdmQ6iHEAThg2l3tsD+EWti
         f4SgfkpD/LKmNTHBm+x1tyK9k3XMXJobqO5/ocy7+4m+46IXOgT0jnzzY+HsBfyf6ECI
         hUyZMtVQTvxSJnYRq5zkiCvE2deL5/rYX/00rTz12ZlIzbm3shlSnk3ixebWnnrLCQ26
         sLb7qoiInpI9rCaqZQNlGpZBrUCeJ5WJmd2NrBTRv0A6ISTHeybY5ocOIByZ3TjIRYIG
         Yv1g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=e3SvHxkS;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m3-v6si2584336plb.330.2018.01.31.11.39.07;
        Wed, 31 Jan 2018 11:39:23 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=e3SvHxkS;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751716AbeAaTiZ (ORCPT <rfc822;learnos2017@gmail.com>
        + 99 others); Wed, 31 Jan 2018 14:38:25 -0500
Received: from smtp-fw-33001.amazon.com ([207.171.190.10]:51744 "EHLO
        smtp-fw-33001.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751675AbeAaTiX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 31 Jan 2018 14:38:23 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209;
  t=1517427503; x=1548963503;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=j/WxHtZowDC9TyamxJ4Xqd3W+zpdrutp7e6JtY1SR7c=;
  b=e3SvHxkS6W01nfl3+2QO6J/ROrQDdtl+d5fSmHQkLbSAVvqRdJZYLARh
   XD+V2AIz21T96Yng8IHPV7Rp+4PlAYnbh5KOpXS5QKsLWytmG6mf9YSOm
   jwjP/QQs4IbvJvCXmfPhpysdx7A9vZrlIa6BIkVS/4Ikx/VpgMo6Sb7MF
   g=;
X-IronPort-AV: E=Sophos;i="5.46,441,1511827200"; 
   d="scan'208";a="717695813"
Received: from sea3-co-svc-lb6-vlan2.sea.amazon.com (HELO email-inbound-relay-2c-579b7f5b.us-west-2.amazon.com) ([10.47.22.34])
  by smtp-border-fw-out-33001.sea14.amazon.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 31 Jan 2018 19:38:11 +0000
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (pdx2-ws-svc-lb17-vlan2.amazon.com [10.247.140.66])
        by email-inbound-relay-2c-579b7f5b.us-west-2.amazon.com (8.14.7/8.14.7) with ESMTP id w0VJc5HR024726
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
        Wed, 31 Jan 2018 19:38:07 GMT
Received: from u54e1ad5160425a4b64ea.ant.amazon.com (localhost [127.0.0.1])
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Debian-3) with ESMTP id w0VJc2jv028666;
        Wed, 31 Jan 2018 20:38:03 +0100
Received: (from karahmed@localhost)
        by u54e1ad5160425a4b64ea.ant.amazon.com (8.15.2/8.15.2/Submit) id w0VJbxfB028661;
        Wed, 31 Jan 2018 20:37:59 +0100
From:   KarimAllah Ahmed <karahmed@amazon.de>
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org
Cc:     KarimAllah Ahmed <karahmed@amazon.de>,
        Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>,
        Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>,
        Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH v5 0/5] KVM: Expose speculation control feature to guests
Date:   Wed, 31 Jan 2018 20:37:42 +0100
Message-Id: <1517427467-28567-1-git-send-email-karahmed@amazon.de>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Add direct access to speculation control MSRs for KVM guests. This allows the
guest to protect itself against Spectre V2 using IBRS+IBPB instead of a
retpoline+IBPB based approach.

It also exposes the ARCH_CAPABILITIES MSR which is going to be used by future
Intel processors to indicate RDCL_NO and IBRS_ALL.

v5:
- svm: add PRED_CMD and SPEC_CTRL to direct_access_msrs list.
- vmx: check also for X86_FEATURE_SPEC_CTRL for msr reads and writes.
- vmx: Use MSR_TYPE_W instead of MSR_TYPE_R for the nested IBPB MSR
- rewrite commit message for IBPB patch [2/5] (Ashok)

v4:
- Add IBRS passthrough for SVM (5/5).
- Handle nested guests properly.
- expose F(IBRS) in kvm_cpuid_8000_0008_ebx_x86_features

Ashok Raj (1):
  KVM: x86: Add IBPB support

KarimAllah Ahmed (4):
  KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX
  KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
  KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL
  KVM: SVM: Allow direct access to MSR_IA32_SPEC_CTRL

 arch/x86/kvm/cpuid.c |  22 +++++++---
 arch/x86/kvm/cpuid.h |   1 +
 arch/x86/kvm/svm.c   |  87 ++++++++++++++++++++++++++++++++++++++
 arch/x86/kvm/vmx.c   | 117 +++++++++++++++++++++++++++++++++++++++++++++++++--
 arch/x86/kvm/x86.c   |   1 +
 5 files changed, 218 insertions(+), 10 deletions(-)

Cc: Andi Kleen <ak@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Asit Mallick <asit.k.mallick@intel.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: x86@kernel.org

-- 
2.7.4