Received: by 10.223.185.116 with SMTP id b49csp1034734wrg;
        Fri, 16 Feb 2018 11:12:02 -0800 (PST)
X-Google-Smtp-Source: AH8x226q23DsvYe0pVUENX0CmaiDyzc+OAqYTmKx/7+rYHyPSmyH6HHAZg13qkBhkP1vs0idm0mV
X-Received: by 2002:a17:902:bf4a:: with SMTP id u10-v6mr6340010pls.416.1518808322843;
        Fri, 16 Feb 2018 11:12:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1518808322; cv=none;
        d=google.com; s=arc-20160816;
        b=0AeiH//BgPVV8tKfDFjzDbhYgQrBpnkBsehglxtukLvT985kFInflTeebwjRasNxr7
         WClV+cYygRHE1XAsiVHsz956LBY/zVPt9IgZo+X9u9B9oZUSo1gf9tPt5UfztJMX+7Fr
         MGXRSHHMfMB0yABy10cgv0M9A2gR5FyIcsNd+TQ3n1L/A4IT/YJ3hDUh8mit+7YL3bss
         d1qwSjCAg2Iy/gpXl1P/0P+Vz+OGDDVYlnqbhk+4ZysWapqLqAjSwDmIfuG4AWoV5GdS
         g16LliXpiCcVHEJw6SmnozpynxrrHvj3J5oV2wM2xQLSwZ3K1TohQE8ZeB/xEH/10ip3
         KSug==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:to:subject:dkim-signature
         :arc-authentication-results;
        bh=AwahgsFMRVIabsovV/brCn95qId8mqkLxauoPRRmWGc=;
        b=drGjBbqleL2wKc8OUcBcK7X6195qaFJo8af6fulXwleQQUmN50FFa6fEnBPep9w0Tm
         O6adY9TYRyD+s9kXV6YXhaaPjKXyJBY2fTbWIkyus6GURiteug5uireBAmWUSsWlPAzI
         zcVbWQJYljMRwAw1XFYXJyvj32hnfNQ2MWtfdw7x26DyOFjk970U2BADamNwp3KV289I
         Jb6ZMMiQhHHtCTfj7C+0wS8oD1e3ywtOg9LieZtLyZNGS5kNGKTKv+sls3OX3kaCjgml
         gH0T9TVgbtLqgBmg4dgHUzyY4/gDx0IgMlrw0/z6TNdxTKZCU3YO8nBMv0rZxZZFd5No
         Jawg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=Bqy5gokf;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id h1-v6si1767995pld.637.2018.02.16.11.11.48;
        Fri, 16 Feb 2018 11:12:02 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=Bqy5gokf;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1034108AbeBPOSx (ORCPT <rfc822;zoe.song.ucas@gmail.com>
        + 99 others); Fri, 16 Feb 2018 09:18:53 -0500
Received: from mail-wm0-f66.google.com ([74.125.82.66]:35797 "EHLO
        mail-wm0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1033893AbeBPOSj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 16 Feb 2018 09:18:39 -0500
Received: by mail-wm0-f66.google.com with SMTP id x21so3417908wmh.0;
        Fri, 16 Feb 2018 06:18:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:subject:to:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=AwahgsFMRVIabsovV/brCn95qId8mqkLxauoPRRmWGc=;
        b=Bqy5gokfv6O0CIiR/3rNHvxYbjDyiy9uU+edupi1ZA8U8c/XwVEf7nW9W9wJ4f/yLq
         UfxQyJBocS4cDDtRLsp8p2EzTJgPDCqA8k5Gt5fM6s7VW6P+FVvamnxpm2rtZEVJ3yuF
         ZckcbGp3pHtwNtkOLPSrJry9alXdETKaDo/ofOYFQjPTq2Bii6sgaHfbRfciZZY162qj
         OYHyIwaq2QubKrKNNeE9xqQCPpY1QEdCnjOU6LxQAT2/7jgZGXOpkruClRWdzD9irWJJ
         tJZ+5qLQDrh63f8xTZj4AcoGS/xOQlKvCBRjz8gnm3Np2bInY0SB1uwbVFRWzDPAA7OJ
         2j+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:subject:to:references:from:message-id
         :date:user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=AwahgsFMRVIabsovV/brCn95qId8mqkLxauoPRRmWGc=;
        b=MNBXOvS9GnJMeTyPJVeAjfZS5cr0sevwlsbyDVB4gtZeYxe8jEReIvicfqvavnP7dv
         oThvZG4OvvjORRV/8KlA3EaMKWAuIKhv4AVK5iw/BDCJhw6oWexCPykaQVmUV0sxPnAD
         Tzew+RvB+7vT4OCi51R+4XU0RttqIzlRkXCwB889ETiepqk5rwJxPpiisu1fdXXh0XBI
         /QKdgQWs06sOG31QFKng1poE9gNDKWwWspdvAmTX0pvEpYBh/s0C6h27MjTB76FVKW8s
         f2xmid/JaP796tp6bdQDdle7yhXDOGIhIUf3L7frr1LGbVWmuELkbrA/k9LWfWnNivTP
         oz4g==
X-Gm-Message-State: APf1xPAoJx/cL/Lb2uEWRKVCLxlIWzdOWwQwXNI3Bv38AIPfSFZZeQY+
        9tGjZaxz0uclhspLNfHbn3qiwNmW
X-Received: by 10.28.129.138 with SMTP id c132mr4840545wmd.159.1518790717356;
        Fri, 16 Feb 2018 06:18:37 -0800 (PST)
Received: from [192.168.10.165] ([82.84.102.245])
        by smtp.googlemail.com with ESMTPSA id l15sm17153854wrb.91.2018.02.16.06.18.35
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 16 Feb 2018 06:18:36 -0800 (PST)
Subject: Re: [PATCH 7/9] KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES
To:     David Woodhouse <dwmw@amazon.co.uk>,
        Jim Mattson <jmattson@google.com>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
        KarimAllah Ahmed <karahmed@amazon.de>,
        gregkh@linuxfoundation.org, stable@vger.kernel.org
References: <1517938181-15317-1-git-send-email-dwmw@amazon.co.uk>
 <1517938181-15317-8-git-send-email-dwmw@amazon.co.uk>
From:   Paolo Bonzini <pbonzini@redhat.com>
Message-ID: <4be4e462-61be-53a9-b0e1-3508466d1645@redhat.com>
Date:   Fri, 16 Feb 2018 15:18:35 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.2
MIME-Version: 1.0
In-Reply-To: <1517938181-15317-8-git-send-email-dwmw@amazon.co.uk>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 06/02/2018 18:29, David Woodhouse wrote:
> From: KarimAllah Ahmed <karahmed@amazon.de>
> 
> Intel processors use MSR_IA32_ARCH_CAPABILITIES MSR to indicate RDCL_NO
> (bit 0) and IBRS_ALL (bit 1). This is a read-only MSR. By default the
> contents will come directly from the hardware, but user-space can still
> override it.

Uhm, taking contents from the hardware is wrong (guess why---live
migration).  I'll send a revert of those two lines.

Paolo

> [dwmw2: The bit in kvm_cpuid_7_0_edx_x86_features can be unconditional]
> 
> Signed-off-by: KarimAllah Ahmed <karahmed@amazon.de>
> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
> Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
> Reviewed-by: Jim Mattson <jmattson@google.com>
> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> Cc: Andrea Arcangeli <aarcange@redhat.com>
> Cc: Andi Kleen <ak@linux.intel.com>
> Cc: Jun Nakajima <jun.nakajima@intel.com>
> Cc: kvm@vger.kernel.org
> Cc: Dave Hansen <dave.hansen@intel.com>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> Cc: Andy Lutomirski <luto@kernel.org>
> Cc: Asit Mallick <asit.k.mallick@intel.com>
> Cc: Arjan Van De Ven <arjan.van.de.ven@intel.com>
> Cc: Greg KH <gregkh@linuxfoundation.org>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: Tim Chen <tim.c.chen@linux.intel.com>
> Cc: Ashok Raj <ashok.raj@intel.com>
> Link: https://lkml.kernel.org/r/1517522386-18410-4-git-send-email-karahmed@amazon.de
> 
> (cherry picked from commit 28c1c9fabf48d6ad596273a11c46e0d0da3e14cd)
> Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
> ---
>  arch/x86/kvm/cpuid.c |  8 +++++++-
>  arch/x86/kvm/cpuid.h |  8 ++++++++
>  arch/x86/kvm/vmx.c   | 15 +++++++++++++++
>  arch/x86/kvm/x86.c   |  1 +
>  4 files changed, 31 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 6f24483..9c6493f 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -380,6 +380,10 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
>  	/* cpuid 7.0.ecx*/
>  	const u32 kvm_cpuid_7_0_ecx_x86_features = F(PKU) | 0 /*OSPKE*/;
>  
> +	/* cpuid 7.0.edx*/
> +	const u32 kvm_cpuid_7_0_edx_x86_features =
> +		F(ARCH_CAPABILITIES);
> +
>  	/* all calls to cpuid_count() should be made on the same cpu */
>  	get_cpu();
>  
> @@ -462,12 +466,14 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
>  			/* PKU is not yet implemented for shadow paging. */
>  			if (!tdp_enabled || !boot_cpu_has(X86_FEATURE_OSPKE))
>  				entry->ecx &= ~F(PKU);
> +			entry->edx &= kvm_cpuid_7_0_edx_x86_features;
> +			cpuid_mask(&entry->edx, CPUID_7_EDX);
>  		} else {
>  			entry->ebx = 0;
>  			entry->ecx = 0;
> +			entry->edx = 0;
>  		}
>  		entry->eax = 0;
> -		entry->edx = 0;
>  		break;
>  	}
>  	case 9:
> diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h
> index ec4f9dc..8719997 100644
> --- a/arch/x86/kvm/cpuid.h
> +++ b/arch/x86/kvm/cpuid.h
> @@ -171,6 +171,14 @@ static inline bool guest_cpuid_has_ibpb(struct kvm_vcpu *vcpu)
>  	return best && (best->edx & bit(X86_FEATURE_SPEC_CTRL));
>  }
>  
> +static inline bool guest_cpuid_has_arch_capabilities(struct kvm_vcpu *vcpu)
> +{
> +	struct kvm_cpuid_entry2 *best;
> +
> +	best = kvm_find_cpuid_entry(vcpu, 7, 0);
> +	return best && (best->edx & bit(X86_FEATURE_ARCH_CAPABILITIES));
> +}
> +
>  
>  /*
>   * NRIPS is provided through cpuidfn 0x8000000a.edx bit 3
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index dd6c831..92bf61f 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -551,6 +551,8 @@ struct vcpu_vmx {
>  	u64 		      msr_guest_kernel_gs_base;
>  #endif
>  
> +	u64 		      arch_capabilities;
> +
>  	u32 vm_entry_controls_shadow;
>  	u32 vm_exit_controls_shadow;
>  	/*
> @@ -2979,6 +2981,12 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
>  	case MSR_IA32_TSC:
>  		msr_info->data = guest_read_tsc(vcpu);
>  		break;
> +	case MSR_IA32_ARCH_CAPABILITIES:
> +		if (!msr_info->host_initiated &&
> +		    !guest_cpuid_has_arch_capabilities(vcpu))
> +			return 1;
> +		msr_info->data = to_vmx(vcpu)->arch_capabilities;
> +		break;
>  	case MSR_IA32_SYSENTER_CS:
>  		msr_info->data = vmcs_read32(GUEST_SYSENTER_CS);
>  		break;
> @@ -3110,6 +3118,11 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
>  		vmx_disable_intercept_for_msr(vmx->vmcs01.msr_bitmap, MSR_IA32_PRED_CMD,
>  					      MSR_TYPE_W);
>  		break;
> +	case MSR_IA32_ARCH_CAPABILITIES:
> +		if (!msr_info->host_initiated)
> +			return 1;
> +		vmx->arch_capabilities = data;
> +		break;
>  	case MSR_IA32_CR_PAT:
>  		if (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_IA32_PAT) {
>  			if (!kvm_mtrr_valid(vcpu, MSR_IA32_CR_PAT, data))
> @@ -5200,6 +5213,8 @@ static int vmx_vcpu_setup(struct vcpu_vmx *vmx)
>  		++vmx->nmsrs;
>  	}
>  
> +	if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES))
> +		rdmsrl(MSR_IA32_ARCH_CAPABILITIES, vmx->arch_capabilities);
>  
>  	vm_exit_controls_init(vmx, vmcs_config.vmexit_ctrl);
>  
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index e023ef9..94d1573 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -975,6 +975,7 @@ static u32 msrs_to_save[] = {
>  #endif
>  	MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA,
>  	MSR_IA32_FEATURE_CONTROL, MSR_IA32_BNDCFGS, MSR_TSC_AUX,
> +	MSR_IA32_ARCH_CAPABILITIES
>  };
>  
>  static unsigned num_msrs_to_save;
>