Received: by 10.223.176.5 with SMTP id f5csp2804565wra; Thu, 1 Feb 2018 06:23:05 -0800 (PST) X-Google-Smtp-Source: AH8x224vnzbLqTlbxPZLfzlO48HHdSerseb/jPfGd0Lt58dMvL+Es65fCgREvFpckS4goOz6IWwP X-Received: by 10.101.82.203 with SMTP id z11mr29742300pgp.164.1517494985280; Thu, 01 Feb 2018 06:23:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517494985; cv=none; d=google.com; s=arc-20160816; b=qXxz2liUarHVskjqygNcbep5oF5nFRTY8aLnr6extZO+DOWTz864A/8ecm5mapwtb8 ik0Nl/rdJiuKJREttpNjZWTv/xPS6L3zCe4b7Bi6rkpLuDqpyn/B6Aipa6jrzout8ZSL 9GaHALnWBi/ec2V5qTY/GsxxfC8IW9Zv5QNbN31Dj2K97LsgQ0CU+6/Mvl0Cvg7dqtC3 zv5cKk5hAT1YLApe/ZNL3SGKej3ZHcPyAScrdfLl5gjsGprwTuwpL72JHuEE7nF0bmc8 51XH924VuHtzx63mMwpssZuyZhOOdipQAlH2AVgOOyc278MIsDk52NNSLA7f3RFJrSCv HBcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=J57l11VPLDUhZOvWXFFVGbIEFjxpukD0H+/FWKw64/k=; b=DQVJyeyafwy62l1t+g5gfcZxgtHcqNnosxd277VzensyD+y4yyHHig/fZIUQ+vOaTF DZEwUF4f2MGSPDSBokxw/hG7pFmG+rIX+b/P1Wt9ZEt6g+vbGAKlrAXXhQtauPy8T+T4 j5WSwtc5ADLcJ2pU30z6wHszrcM3QvdDugZSd6Dk4UHrAUnIBG+4AGA/17Vs1JA2MGB/ SPoNMrxWzOIAXHeZ80O5tqXSluk4NfwHA26QOwdNqa7NJHBPXSp+fIgRzK6HTMpsfwG9 jBbI6QlHeXIZKVIhOyzceAKZCsMaL896trE6CBzrutAXU5jp5iwiWzqDgKV7EvmkyoCI FtGQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=EG6fNM4+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v68si1458119pfb.292.2018.02.01.06.22.50; Thu, 01 Feb 2018 06:23:05 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=EG6fNM4+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751913AbeBAOVp (ORCPT + 99 others); Thu, 1 Feb 2018 09:21:45 -0500 Received: from aserp2120.oracle.com ([141.146.126.78]:54954 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751584AbeBAOVg (ORCPT ); Thu, 1 Feb 2018 09:21:36 -0500 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w11EH9BW166975; Thu, 1 Feb 2018 14:20:03 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=corp-2017-10-26; bh=J57l11VPLDUhZOvWXFFVGbIEFjxpukD0H+/FWKw64/k=; b=EG6fNM4+djLDx3dWMmzCSPld3brjUEQWO1TSK1wE5zADrbF08Xhz5NcSH2GAiCYoEDCU cDRgtfcsDj3oW0WcHDO+IFUfHzdlN1hjU9T6pll9fCG2wgsFs/8/TBEZBU9a/nA6pezD yDU1I/e+vL2xsJvNQF0ehYt01kl3r2vj1RK+qFyVH7ZfgrgVoGFjCP/jYnEuFRmbGris phcQTVVqDkHEaVzWloYc6s+IYoCAJOdSx0Fs3OeA5Cv4iRNDa/qPeecKXZzYY/8PXs5V 0NS7tUbmkakh19WDyOb7cez//XJIX3f0jYRD/CRAnmuLiv6QFyJ1kZF0FoDnEsS8IBE5 KA== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2120.oracle.com with ESMTP id 2fuxdv9p1c-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 01 Feb 2018 14:20:03 +0000 Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w11EK2Fq003726 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 1 Feb 2018 14:20:02 GMT Received: from abhmp0008.oracle.com (abhmp0008.oracle.com [141.146.116.14]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w11EK1c5025070; Thu, 1 Feb 2018 14:20:01 GMT Received: from char.us.oracle.com (/10.137.176.158) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 01 Feb 2018 06:20:01 -0800 Received: by char.us.oracle.com (Postfix, from userid 1000) id BBA4B6A09F6; Thu, 1 Feb 2018 09:19:57 -0500 (EST) Date: Thu, 1 Feb 2018 09:19:57 -0500 From: Konrad Rzeszutek Wilk To: KarimAllah Ahmed Cc: Jim Mattson , KarimAllah Ahmed , kvm list , LKML , the arch/x86 maintainers , Asit Mallick , Arjan Van De Ven , Dave Hansen , Andi Kleen , Andrea Arcangeli , Linus Torvalds , Tim Chen , Thomas Gleixner , Dan Williams , Jun Nakajima , Paolo Bonzini , David Woodhouse , Greg KH , Andy Lutomirski , Ashok Raj Subject: Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL Message-ID: <20180201141957.GC19621@char.us.oracle.com> References: <1517427467-28567-1-git-send-email-karahmed@amazon.de> <1517427467-28567-5-git-send-email-karahmed@amazon.de> <06cb88da-f355-41ed-380f-7daa8ddf6159@amazon.com> <20180201042650.GD21751@char.us.oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180201042650.GD21751@char.us.oracle.com> User-Agent: Mutt/1.8.3 (2017-05-23) X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8791 signatures=668659 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=837 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802010185 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org .snip.. > > +/* Is SPEC_CTRL intercepted for the currently running vCPU? */ > > +static bool spec_ctrl_intercepted(struct kvm_vcpu *vcpu) > > +{ > > + unsigned long *msr_bitmap; > > + int f = sizeof(unsigned long); > > + > > + if (!cpu_has_vmx_msr_bitmap()) > > + return true; > > + > > + msr_bitmap = is_guest_mode(vcpu) ? > > + to_vmx(vcpu)->nested.vmcs02.msr_bitmap : > > + to_vmx(vcpu)->vmcs01.msr_bitmap; > > + > > + return !!test_bit(MSR_IA32_SPEC_CTRL, msr_bitmap + 0x800 / f); > > +} > > + ..snip.. > > @@ -3359,6 +3393,34 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > > case MSR_IA32_TSC: > > kvm_write_tsc(vcpu, msr_info); > > break; > > + case MSR_IA32_SPEC_CTRL: > > + if (!msr_info->host_initiated && > > + !guest_cpuid_has(vcpu, X86_FEATURE_IBRS) && > > + !guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL)) > > + return 1; > > + > > + vmx->spec_ctrl_used = true; > > + > > + /* The STIBP bit doesn't fault even if it's not advertised */ > > + if (data & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP)) > > + return 1; > > + > > + vmx->spec_ctrl = data; > > + > > + /* > > + * When it's written (to non-zero) for the first time, pass > > + * it through. This means we don't have to take the perf > > .. But only if it is a nested guest (as you have && is_guest_mode). > > Do you want to update the comment a bit? > > > + * hit of saving it on vmexit for the common case of guests > > + * that don't use it. > > + */ > > + if (cpu_has_vmx_msr_bitmap() && data && > > + spec_ctrl_intercepted(vcpu) && > > + is_guest_mode(vcpu)) > ^^^^^^^^^^^^^^^^^^ <=== here Would it be perhaps also good to mention the complexity of how we ought to be handling L1 and L2 guests in the commit? We are all stressed and I am sure some of us haven't gotten much sleep - but it can help in say three months when some unluckly new soul is trying to understand this and gets utterly confused. > > + vmx_disable_intercept_for_msr( > > + vmx->vmcs01.msr_bitmap, > > + MSR_IA32_SPEC_CTRL, > > + MSR_TYPE_RW); > > + break; > > case MSR_IA32_PRED_CMD: > > if (!msr_info->host_initiated && > > !guest_cpuid_has(vcpu, X86_FEATURE_IBPB) &&