Received: by 10.223.185.116 with SMTP id b49csp4405703wrg;
        Mon, 26 Feb 2018 17:32:23 -0800 (PST)
X-Google-Smtp-Source: AH8x225jooPh3eMZkmjVEWKquwKcOuAO1+gtcCfv6+2uOQd/iP31JjGV/lkXqngyVYsm7KcAIDrD
X-Received: by 2002:a17:902:328:: with SMTP id 37-v6mr12726756pld.398.1519695143181;
        Mon, 26 Feb 2018 17:32:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519695143; cv=none;
        d=google.com; s=arc-20160816;
        b=PtaiYSoCc8HuU97MynagtaE5VGO6EJs/TsZUb46K3opmx24s9Llk6LgpkSe9tv6oJJ
         dGMHoPQq4ckNx2fdDWiLMMp1mtMS/6LLLA6YNJXbH23MRVpTZFdtWKu9ydIVDnPl8StV
         i7U0r7RTaWaLTUKCfFkMXmHkJG0ERLeVj7w0wJo3yi/U1SH7YofnZ/PDN5Ew/K7sgd2c
         zHkVv6oqq1ikKV89P2Nca1VFpYe+LGKWujwIIj+NeyJ1uX56qR/KM3GLZnD66JP5MeWw
         2phVEjwhSkTYcJ3C/UJOS65a6kW9VdnSZbczWYy65EONmZYxsX/LnZKUrqyFzXTw/KPd
         Tzbw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:to:references:message-id
         :content-transfer-encoding:cc:date:in-reply-to:from:subject
         :mime-version:dkim-signature:arc-authentication-results;
        bh=puMXh8wzmRr7vVT8NOWfFkZFXlYy1eJftY3qYXvCcU0=;
        b=EG4WmJLl6j7KtAo72WaM9Q9COO4qu7kTidDZhF0Jwh1vYKiRn+yqmZ/eROOdry/p+9
         UK+KaRuXuBjqehsgYHwI0QjijkrKqJzvd+zNYlMceDXaB0yHZjVMhCGTBG0e/NSHT4lG
         ZaD4lk4hZT6qNlx4BjMCXKSckxsvTFa74qHfPYaxjIKPyHgngKuxMgPWRpaHLLWeAIce
         xWlpPJ+Vfz4F5+feCZmB6xR0hSDCuBLJfzhbFUfNyOaBSqeC3r6SfuHbAwvsGvHm5hjy
         gJfyDkNaMgNRTu2GAGA3lhL33elq3us1iqsazx9GJOIbxPKoFY06v9GxuB6OA1ig2B5B
         j7Rg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=T4wLvQF6;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w3-v6si7745405pll.663.2018.02.26.17.32.08;
        Mon, 26 Feb 2018 17:32:23 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=T4wLvQF6;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751608AbeB0BbE (ORCPT <rfc822;tanxianhu@gmail.com> + 99 others);
        Mon, 26 Feb 2018 20:31:04 -0500
Received: from mail-pl0-f66.google.com ([209.85.160.66]:45230 "EHLO
        mail-pl0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751455AbeB0BbC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 26 Feb 2018 20:31:02 -0500
Received: by mail-pl0-f66.google.com with SMTP id v9-v6so8399136plp.12;
        Mon, 26 Feb 2018 17:31:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=puMXh8wzmRr7vVT8NOWfFkZFXlYy1eJftY3qYXvCcU0=;
        b=T4wLvQF69AHszOgaTVR5CWp8GPENJbBafc+D64LmOLZyLZmFJury3R3T0n8F1a40Pi
         Q9pI52nOm9X/1BDxX0vpBV+Ujf4gaoC55kWVo4Q75YFiQrsE6nBnYhmm8TlVN1xrLVaI
         g/qgcbEZibT6SCfyqiDNfGHbveZ46yw0U5DCvNDKpzay11st0rS/2ep0o6X96s7rFLVb
         htrPcov44Dbfbrn+OEoKYWohbp1dF93ICgpin5nKIPPzruLGEmXx7fqAU8la8eZPmumb
         M0u7HL9UymJC+3j4KC0SQaHQstFICHzTnnG82RKeGNNmT5VltMq/1C69/N+9iRS0+S9w
         lhVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=puMXh8wzmRr7vVT8NOWfFkZFXlYy1eJftY3qYXvCcU0=;
        b=NOsISBw1Z8h4RNJ3fz/dhhq1beCysSgzTR8r/S7cPhovFe08yopbb0qsGvKXsJLjRs
         L9qDVmrGCFJckw+ad9NveadDKXuou7wtof5MjLfL9x5SPL8FK1POm8zDBU+/tRV58XSm
         87wpBEI9hZ2DPtodDtbG/qyx4/DcJx3ooMxQgqit8Q5bO8pWPUypG4a+GzSZzYxTfeKY
         wufSJ41fh32/HAzBgDA4mctUFWzL2/vQ0iZM+Led7IHXL8MMhv3eGlcrVnD1dbSB9ygh
         OuM3uy4efuyPHni/AnS+aErHxwNo4lafWX0nKSu2rOv236AColXRgO6fvSm4Tcr+f8ng
         Omyg==
X-Gm-Message-State: APf1xPDrFHY0fRQa4Lzizg6fmo942f3hqPp6wsmOLdpolYqsO073Cm6g
        M2xJzbega7uH8IKRhvr6Sc0=
X-Received: by 2002:a17:902:7046:: with SMTP id h6-v6mr11983522plt.301.1519695061705;
        Mon, 26 Feb 2018 17:31:01 -0800 (PST)
Received: from [10.2.101.129] ([208.91.2.2])
        by smtp.gmail.com with ESMTPSA id a138sm21205578pfd.47.2018.02.26.17.31.00
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 26 Feb 2018 17:31:00 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Subject: Re: [PATCH v3] KVM: X86: Allow userspace to define the microcode
 version
From:   Nadav Amit <nadav.amit@gmail.com>
In-Reply-To: <1519694331-16368-1-git-send-email-wanpengli@tencent.com>
Date:   Mon, 26 Feb 2018 17:30:59 -0800
Cc:     linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
        Paolo Bonzini <pbonzini@redhat.com>,
        =?utf-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Liran Alon <liran.alon@oracle.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <F68C9207-03D2-437F-981D-63FE9D5AA61A@gmail.com>
References: <1519694331-16368-1-git-send-email-wanpengli@tencent.com>
To:     Wanpeng Li <kernellwp@gmail.com>
X-Mailer: Apple Mail (2.3273)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Wanpeng Li <kernellwp@gmail.com> wrote:

> From: Wanpeng Li <wanpengli@tencent.com>
>=20
> Linux (among the others) has checks to make sure that certain features=20=

> aren't enabled on a certain family/model/stepping if the microcode =
version=20
> isn't greater than or equal to a known good version.
>=20
> By exposing the real microcode version, we're preventing buggy guests =
that
> don't check that they are running virtualized (i.e., they should trust =
the
> hypervisor) from disabling features that are effectively not buggy.
>=20
> Suggested-by: Filippo Sironi <sironi@amazon.de>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>
> Cc: Liran Alon <liran.alon@oracle.com>
> Signed-off-by: Wanpeng Li <wanpengli@tencent.com>
> ---
> v2 -> v3:
> * remove the shifts
> * add the MSR_IA32_UCODE_REV version to the "feature MSRs"
> v1 -> v2:
> * add MSR_IA32_UCODE_REV to emulated_msrs
>=20
> arch/x86/include/asm/kvm_host.h |  1 +
> arch/x86/kvm/x86.c              | 19 +++++++++++++++----
> 2 files changed, 16 insertions(+), 4 deletions(-)
>=20
> diff --git a/arch/x86/include/asm/kvm_host.h =
b/arch/x86/include/asm/kvm_host.h
> index 938d453..6e13f2f 100644
> --- a/arch/x86/include/asm/kvm_host.h
> +++ b/arch/x86/include/asm/kvm_host.h
> @@ -507,6 +507,7 @@ struct kvm_vcpu_arch {
> 	u64 smi_count;
> 	bool tpr_access_reporting;
> 	u64 ia32_xss;
> +	u32 microcode_version;
>=20
> 	/*
> 	 * Paging state of the vcpu
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index d4985a9..00af28e 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -1058,6 +1058,7 @@ static unsigned num_emulated_msrs;
> static u32 msr_based_features[] =3D {
> 	MSR_IA32_ARCH_CAPABILITIES,
> 	MSR_F10H_DECFG,
> +	MSR_IA32_UCODE_REV,
> };
>=20
> static unsigned int num_msr_based_features;
> @@ -1067,8 +1068,14 @@ static int do_get_msr_feature(struct kvm_vcpu =
*vcpu, unsigned index, u64 *data)
> 	struct kvm_msr_entry msr;
>=20
> 	msr.index =3D index;
> -	if (kvm_x86_ops->get_msr_feature(&msr))
> -		return 1;
> +	switch (msr.index) {
> +	case MSR_IA32_UCODE_REV:
> +		rdmsrl(msr.index, msr.data);
> +		break;
> +	default:
> +		if (kvm_x86_ops->get_msr_feature(&msr))
> +			return 1;
> +	}
>=20
> 	*data =3D msr.data;
>=20
> @@ -2248,7 +2255,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, =
struct msr_data *msr_info)
>=20
> 	switch (msr) {
> 	case MSR_AMD64_NB_CFG:
> -	case MSR_IA32_UCODE_REV:
> 	case MSR_IA32_UCODE_WRITE:
> 	case MSR_VM_HSAVE_PA:
> 	case MSR_AMD64_PATCH_LOADER:
> @@ -2256,6 +2262,10 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, =
struct msr_data *msr_info)
> 	case MSR_AMD64_DC_CFG:
> 		break;
>=20
> +	case MSR_IA32_UCODE_REV:
> +		if (msr_info->host_initiated)
> +			vcpu->arch.microcode_version =3D data;
> +		break;
> 	case MSR_EFER:
> 		return set_efer(vcpu, data);
> 	case MSR_K7_HWCR:
> @@ -2551,7 +2561,7 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, =
struct msr_data *msr_info)
> 		msr_info->data =3D 0;
> 		break;
> 	case MSR_IA32_UCODE_REV:
> -		msr_info->data =3D 0x100000000ULL;
> +		msr_info->data =3D (u64)vcpu->arch.microcode_version;

I think that the shifts are missing here (the version should be on the =
high
bits according to intel_get_microcode_revision() ).