Received: by 10.223.185.116 with SMTP id b49csp3584331wrg; Mon, 26 Feb 2018 02:32:43 -0800 (PST) X-Google-Smtp-Source: AH8x225lTkpLmfzcf59LI1F04tX2Ppt4mOpXmi9QkmJAU+SYKklezHEyL8yipiv6YGfkKBfU67aa X-Received: by 2002:a17:902:8605:: with SMTP id f5-v6mr10012582plo.120.1519641163879; Mon, 26 Feb 2018 02:32:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519641163; cv=none; d=google.com; s=arc-20160816; b=N468KNbCGUBHhLZVwGCmFEmL8U85txQlm62BoQLamoj/ej2T83ppLceWtNd1QP3vex F8HLr1OlQmfkN3llJPM5du2L/Slbd4oqb4g4iOl0/cU1G4yWx40Q4o2RAfsfoZ9LOSaD YDimJiErSYtdlI/eGslU90QFy4KksOCy6vpGZJTownaSG++A3AxToMWSF8DvVyfcxlZV 3sXSnnFgB3EgxHwSqbLsVaQAeUoIDI9YfpZXTwGUEGimHZEjnPJPUCPklmeIRn0jX5p2 T/Yw3ofWc1VvhKjJHVYMUuqK6taolqdVpwkXBvk0MO3D93bYYDtc4GKL4wsbAFKDkLGP /vYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:subject:cc:to:from:date:message-id :mime-version:dkim-signature:arc-authentication-results; bh=7KmYRDxG/vrVhg0hItsgMScMOGtlCtjiwQvnepQ59vQ=; b=PFVPsM75WX2CUHR9uYGwQFJjd7F9015pSbO8FJsuiyYmteHZkPDSgwWHapihd6KUm+ rL2ZKfEHh1g62PoYyza+03dWwVLidSDFrF2zcy5oY1c0vC1+O+ckCdHCuVbFBlQLl87O uJLo75uLiycK6wqON78BUqR+y8nINInPHvPYVrGfLiM6SCs+7afDq+g2vPAuvZr8/5/J HsaHdWAl5qf2ph672TsVstIF2INgb0BuAxhRPFzHcqj2+bsMs3LjDd1lIX+MemKoWDOg n/iLnxSiDItGShR6h0NFaJFkg+Tk05NW3QUB6sBMLB2/hroTieepZjOTttoPGyHCd6v7 7Hhw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=iFtW3/bT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c66si6518596pfc.416.2018.02.26.02.32.29; Mon, 26 Feb 2018 02:32:43 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=iFtW3/bT; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752560AbeBZKbt (ORCPT + 99 others); Mon, 26 Feb 2018 05:31:49 -0500 Received: from userp2130.oracle.com ([156.151.31.86]:58670 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752512AbeBZKbp (ORCPT ); Mon, 26 Feb 2018 05:31:45 -0500 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w1QALdcw019115; Mon, 26 Feb 2018 10:31:25 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=mime-version : message-id : date : from : to : cc : subject : content-type : content-transfer-encoding; s=corp-2017-10-26; bh=7KmYRDxG/vrVhg0hItsgMScMOGtlCtjiwQvnepQ59vQ=; b=iFtW3/bTB2VbYHWysYstoiL/W6DbweSwNQQO0bv/J7Z3QN73dwuoOxVfUkBe2dHOFV0n 3sLB4WZhJQ/JwJtbeQWcGJ73uehw5QAHIQOagx7ZRTWKh7P8j2747phCyrIyI5Hf3Sa2 wzmrSOTvt/X320b3XVlB5TlvG3ArC9qf25A9pjqt2uFVlmUw3EE5vgyplDU48Ogsovl7 HdZr9GoEcjKtJCw4Ksn4oZrJ6hcHpImz5OVOUxO8wfLial1ki8MXaJmwV9OSwLMs8AW/ wQJUIKhb2R4MaA+Ov37csuRArwt9DhwKbmE50xZ/ANuPg9bH9hsyDSccHjypf7xkombv +g== Received: from userv0021.oracle.com (userv0021.oracle.com [156.151.31.71]) by userp2130.oracle.com with ESMTP id 2gcgaqr4e1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 26 Feb 2018 10:31:25 +0000 Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by userv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w1QAVOFb017460 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 26 Feb 2018 10:31:24 GMT Received: from abhmp0016.oracle.com (abhmp0016.oracle.com [141.146.116.22]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w1QAVO5X002792; Mon, 26 Feb 2018 10:31:24 GMT MIME-Version: 1.0 Message-ID: <0e0d4ea1-a246-4d6d-ad24-d2d00561a27f@default> Date: Mon, 26 Feb 2018 02:31:24 -0800 (PST) From: Liran Alon To: Cc: , , , Subject: Re: [PATCH v2] KVM: X86: Allow userspace to define the microcode version X-Mailer: Zimbra on Oracle Beehive Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8815 signatures=668680 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802260142 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org ----- kernellwp@gmail.com wrote: > From: Wanpeng Li >=20 > Linux (among the others) has checks to make sure that certain features >=20 > aren't enabled on a certain family/model/stepping if the microcode > version=20 > isn't greater than or equal to a known good version. >=20 > By exposing the real microcode version, we're preventing buggy guests > that > don't check that they are running virtualized (i.e., they should trust > the > hypervisor) from disabling features that are effectively not buggy. >=20 > Suggested-by: Filippo Sironi > Cc: Paolo Bonzini > Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 > Cc: Liran Alon > Signed-off-by: Wanpeng Li > --- > v1 -> v2: > * add MSR_IA32_UCODE_REV to emulated_msrs >=20 > arch/x86/include/asm/kvm_host.h | 1 + > arch/x86/kvm/x86.c | 9 +++++++-- > 2 files changed, 8 insertions(+), 2 deletions(-) >=20 > diff --git a/arch/x86/include/asm/kvm_host.h > b/arch/x86/include/asm/kvm_host.h > index 938d453..6e13f2f 100644 > --- a/arch/x86/include/asm/kvm_host.h > +++ b/arch/x86/include/asm/kvm_host.h > @@ -507,6 +507,7 @@ struct kvm_vcpu_arch { > =09u64 smi_count; > =09bool tpr_access_reporting; > =09u64 ia32_xss; > +=09u32 microcode_version; > =20 > =09/* > =09 * Paging state of the vcpu > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 1a3ed81..4ae9517 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -1047,6 +1047,7 @@ static u32 emulated_msrs[] =3D { > =09MSR_SMI_COUNT, > =09MSR_PLATFORM_INFO, > =09MSR_MISC_FEATURES_ENABLES, > +=09MSR_IA32_UCODE_REV, > }; > =20 > static unsigned num_emulated_msrs; > @@ -2247,7 +2248,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, > struct msr_data *msr_info) > =20 > =09switch (msr) { > =09case MSR_AMD64_NB_CFG: > -=09case MSR_IA32_UCODE_REV: > =09case MSR_IA32_UCODE_WRITE: > =09case MSR_VM_HSAVE_PA: > =09case MSR_AMD64_PATCH_LOADER: > @@ -2255,6 +2255,10 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, > struct msr_data *msr_info) > =09case MSR_AMD64_DC_CFG: > =09=09break; > =20 > +=09case MSR_IA32_UCODE_REV: > +=09=09if (msr_info->host_initiated) > +=09=09=09vcpu->arch.microcode_version =3D data >> 32; > +=09=09break; > =09case MSR_EFER: > =09=09return set_efer(vcpu, data); > =09case MSR_K7_HWCR: > @@ -2550,7 +2554,7 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, > struct msr_data *msr_info) > =09=09msr_info->data =3D 0; > =09=09break; > =09case MSR_IA32_UCODE_REV: > -=09=09msr_info->data =3D 0x100000000ULL; > +=09=09msr_info->data =3D (u64)vcpu->arch.microcode_version << 32; > =09=09break; > =09case MSR_MTRRcap: > =09case 0x200 ... 0x2ff: > @@ -8232,6 +8236,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool > init_event) > =09vcpu->arch.regs_dirty =3D ~0; > =20 > =09vcpu->arch.ia32_xss =3D 0; > +=09vcpu->arch.microcode_version =3D 0x1; > =20 > =09kvm_x86_ops->vcpu_reset(vcpu, init_event); > } > --=20 > 2.7.4 Reviewed-by: Liran Alon