Received: by 10.223.185.116 with SMTP id b49csp3534545wrg; Mon, 26 Feb 2018 01:27:23 -0800 (PST) X-Google-Smtp-Source: AH8x227UTIGxBans3jv7I2hAacBDkNt+q6p2sEZUCEjG7sDFvpEPxKAKW0+SysmsJQOOY3cmd6Qz X-Received: by 10.98.87.212 with SMTP id i81mr10088773pfj.197.1519637243357; Mon, 26 Feb 2018 01:27:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519637243; cv=none; d=google.com; s=arc-20160816; b=fHguSXJpVFd5x7ZNg21wV95g0fYMFYUEwU7PLSiwnfx6aYgX114pcncDZJpi8Lz3U/ HOjT6X0Sb0urTiGEmfnnxHgscWb5XrGKXm8nIFYx8GqMdw2jCfRNGwNZ3owUFxK/QMsm NhCxVb1omOsebl/+NbQ2z/xrLlhMzO/mI/6L+fwXbEgyyI3Hl+JDMx+n3JUxUQ0rRqrB rtXNn4NnAo57uQ9lDhfqI4dBHtjElr1G0iJpKrnZHoCwE5Yr0+XFVscdlFHunYscw0BT ZAh60YbVZzycPfJaAoDHYUew8WEMsHyMjlvZVQ3V7UtB4G//WiqPCaCKGNuHe3mng9nb PmmQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:subject:cc:to:from:date:message-id :mime-version:dkim-signature:arc-authentication-results; bh=1eUiKuOZcdgVHlMeV5/05xHWiTFRcV9M+5719ejr+3Y=; b=YNP+5AnsvLfJmoi8vz7YLJ4uBn6lgWbLx1enL17wEzwQgFdIpRZDfi1Gg0GbfqoVyi Ge6BF755dDTV5WisiQYZqot+v2otQOu0iPqr2bACv4zK/DuVyeQsPpW2gjAed5P9W+ly mzelR3lbe0h3n0ZIVvDB1S5ADj1pC7yGXIeyiHysJ0dHvRofuyQZwB3X2adyufKI+amS 4Y/MGOuQzLTeY5X4wfY0PabkS+G7dMweuP09ff1dgqTYRaU8UsM63jpkcjtNTUnpJgoU bAjTjgnQsH73WouTSAmyjBensoKU2euadZgz7xH7mcklzX9QFqnBUGUKR4noHF2nsMzd lxpQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=ui96MZjM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h3si5081607pgc.493.2018.02.26.01.27.08; Mon, 26 Feb 2018 01:27:23 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=ui96MZjM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752054AbeBZJ03 (ORCPT + 99 others); Mon, 26 Feb 2018 04:26:29 -0500 Received: from userp2130.oracle.com ([156.151.31.86]:37794 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751563AbeBZJ0Z (ORCPT ); Mon, 26 Feb 2018 04:26:25 -0500 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w1Q9MJWM169127; Mon, 26 Feb 2018 09:26:21 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=mime-version : message-id : date : from : to : cc : subject : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=1eUiKuOZcdgVHlMeV5/05xHWiTFRcV9M+5719ejr+3Y=; b=ui96MZjMji14GBtnTn7LRUxDljuQGII+CQUJOSmTRNuntgUBdIKDP3C2T1bssyECqwU6 aFjjlHEBy/UxVDNag+wdfr8SfhmI8jYNgTAdoWfVbpuox9G3afLnsybnm0jnjtUSunjW WR6GvN2NhVEFAE3xXZExpPJbwPg8rN41sGWAVoSKhZTO+yRc9AkelOcJYEjg8ryPOrYh a3DPvnzqvXg37kbjmPNUOG0taMr1skVxxHGsIZCqlcPaj1kLN+XaVp0JfzsSIyK66P5/ jAlurR5oERgf+7IYcM/4k+DPiVSF7lvXgEoPsERrNxnTb9tRzsARlkYZM+RSTapTWZ/C hw== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by userp2130.oracle.com with ESMTP id 2gcdywrdst-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 26 Feb 2018 09:26:21 +0000 Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w1Q9QKpM023801 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 26 Feb 2018 09:26:20 GMT Received: from abhmp0016.oracle.com (abhmp0016.oracle.com [141.146.116.22]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w1Q9QKcQ008564; Mon, 26 Feb 2018 09:26:20 GMT MIME-Version: 1.0 Message-ID: <1f6d0e8e-6d76-4262-9e8b-f8b1f23d8248@default> Date: Mon, 26 Feb 2018 01:26:19 -0800 (PST) From: Liran Alon To: Cc: , , , Subject: Re: [PATCH] KVM: X86: Allow userspace to define the microcode version X-Mailer: Zimbra on Oracle Beehive Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8815 signatures=668680 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802260128 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org ----- kernellwp@gmail.com wrote: > From: Wanpeng Li >=20 > Linux (among the others) has checks to make sure that certain features >=20 > aren't enabled on a certain family/model/stepping if the microcode > version=20 > isn't greater than or equal to a known good version. >=20 > By exposing the real microcode version, we're preventing buggy guests > that > don't check that they are running virtualized (i.e., they should trust > the > hypervisor) from disabling features that are effectively not buggy. >=20 > Suggested-by: Filippo Sironi > Cc: Paolo Bonzini > Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 > Signed-off-by: Wanpeng Li > --- > arch/x86/include/asm/kvm_host.h | 1 + > arch/x86/kvm/x86.c | 8 ++++++-- > 2 files changed, 7 insertions(+), 2 deletions(-) >=20 > diff --git a/arch/x86/include/asm/kvm_host.h > b/arch/x86/include/asm/kvm_host.h > index 938d453..6e13f2f 100644 > --- a/arch/x86/include/asm/kvm_host.h > +++ b/arch/x86/include/asm/kvm_host.h > @@ -507,6 +507,7 @@ struct kvm_vcpu_arch { > =09u64 smi_count; > =09bool tpr_access_reporting; > =09u64 ia32_xss; > +=09u32 microcode_version; > =20 > =09/* > =09 * Paging state of the vcpu > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 1a3ed81..cc51c61 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -2247,7 +2247,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, > struct msr_data *msr_info) > =20 > =09switch (msr) { > =09case MSR_AMD64_NB_CFG: > -=09case MSR_IA32_UCODE_REV: > =09case MSR_IA32_UCODE_WRITE: > =09case MSR_VM_HSAVE_PA: > =09case MSR_AMD64_PATCH_LOADER: > @@ -2255,6 +2254,10 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, > struct msr_data *msr_info) > =09case MSR_AMD64_DC_CFG: > =09=09break; > =20 > +=09case MSR_IA32_UCODE_REV: > +=09=09if (msr_info->host_initiated) > +=09=09=09vcpu->arch.microcode_version =3D data >> 32; > +=09=09break; > =09case MSR_EFER: > =09=09return set_efer(vcpu, data); > =09case MSR_K7_HWCR: > @@ -2550,7 +2553,7 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, > struct msr_data *msr_info) > =09=09msr_info->data =3D 0; > =09=09break; > =09case MSR_IA32_UCODE_REV: > -=09=09msr_info->data =3D 0x100000000ULL; > +=09=09msr_info->data =3D (u64)vcpu->arch.microcode_version << 32; > =09=09break; > =09case MSR_MTRRcap: > =09case 0x200 ... 0x2ff: > @@ -8232,6 +8235,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool > init_event) > =09vcpu->arch.regs_dirty =3D ~0; > =20 > =09vcpu->arch.ia32_xss =3D 0; > +=09vcpu->arch.microcode_version =3D 0x1; > =20 > =09kvm_x86_ops->vcpu_reset(vcpu, init_event); > } > --=20 > 2.7.4 I think you need to add MSR_IA32_UCODE_REV to emulated_msrs[] to allow for proper live-migration of this MSR value. The rest seems fine to me. :) Regards, -Liran