Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp78866imm; Mon, 4 Jun 2018 13:21:50 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJWoZD8WSIJJFTrAzgcO40sVYaje/DFttHA8i/QairKk9V6rcn55M/7MxyEReeNKN4tgw6X X-Received: by 2002:a17:902:7248:: with SMTP id c8-v6mr16650980pll.128.1528143710791; Mon, 04 Jun 2018 13:21:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528143710; cv=none; d=google.com; s=arc-20160816; b=D1XZmMco6OuD3DDTFnC6KiLMRAE6gCd5mcoNx/gaJqLKB4aTO/gB/QtqbVenX2E2Ii EQjqDGjB2Zo4C6jON+SiaHoSc0T2Hc8EGNVaLn0rQ9AywUVCzzmkpoaslI0whathFYhI 9qoZrElRca/Z/+6jsS4hF62vTJzIsqxQp2C+gHownQfQLOlLA4D2qWCBWMrSS/sjJsY/ ug93hKhyo3Sq8dGvBqP6tZofATvyl7dZZp8xyr/3NmkweD4/uHQHL3W3909fjjiI95UN UhwNQKoHku5B9z7WPYG+WY1U6ii4C+NFP9S6NpR5vM9/ajlNtDdhM4x70kLy6Yt2SUcH dRGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=HBhXOTWgY5ynppQkGmqUI/8KgOap8xXTyh8fyXuKQR8=; b=yoRITxSvAj6zXVYUxzNVt+6IsD9g/6TpD1Cv7OSgDP5VAeMlHFWMbZRJrzHzFDNXIo cKC1nltAreERioZPfWBnMekpjQvG/frdjZaegTsralwP8mV9yud22Mp67zhnVRhQRDP0 MOLmVnExy35NsumqoKB8M2+jCuMD/+mRgWUJ0nWEzr2i2Ugxvy+QohY3fnskho3KHUrE RnEohWUPJSUo74crboaifcxRmtLCxC6TQDk9Lb6S+zkPE2PKXEAbJi7AugSHnTcsW4Z6 L5pjnFd6N0KlHJ5o0g1moXdzKgaA9Taw2XT+sD6RiI6q5mFY7QRguQv1K0fNSv261v6d vhEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=VvbziwC9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b66-v6si22046401pgc.319.2018.06.04.13.21.36; Mon, 04 Jun 2018 13:21:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=VvbziwC9; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751368AbeFDUVK (ORCPT + 99 others); Mon, 4 Jun 2018 16:21:10 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:37416 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751058AbeFDUVH (ORCPT ); Mon, 4 Jun 2018 16:21:07 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w54KGfSk041523; Mon, 4 Jun 2018 20:20:29 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=corp-2017-10-26; bh=HBhXOTWgY5ynppQkGmqUI/8KgOap8xXTyh8fyXuKQR8=; b=VvbziwC9+2ollrZdIV/WDIStb+tL9gYFTj9M3nnX8HXENrmHC6JbtCQlUOcNquxUEYDl CNQdT8xxBSW+HtdJgSJieorDYkINE+qTkCmPzTt3A/anylh6CK/nRM9S5OkSUGXJ42I3 SEzb8Q5tRMwbRV+4d1vEkuGkouiAhYPbD6eOGrRs2z+KvJK4oG2SQk/ynHva7cj4DV+D tPXSsVUEx2aOwEWUJBs3OiDT815S6hgdYXKkumb5W01WNg//RA6ENIOaEg/fCV8QSUKy 5DyET0/0+SEXeYvfQk9NXnXLTbFL0Rk56U+kS54aSRHL422NBphJnvOS1Yhzfmb0/Xzx 8Q== Received: from userv0022.oracle.com (userv0022.oracle.com [156.151.31.74]) by aserp2120.oracle.com with ESMTP id 2jbvypd4bg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 04 Jun 2018 20:20:28 +0000 Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by userv0022.oracle.com (8.14.4/8.14.4) with ESMTP id w54KKRdr024449 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 4 Jun 2018 20:20:28 GMT Received: from abhmp0003.oracle.com (abhmp0003.oracle.com [141.146.116.9]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w54KKQwI022062; Mon, 4 Jun 2018 20:20:26 GMT Received: from char.us.oracle.com (/10.137.176.158) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 04 Jun 2018 13:20:25 -0700 Received: by char.us.oracle.com (Postfix, from userid 1000) id 3FFC36A00D0; Mon, 4 Jun 2018 16:20:24 -0400 (EDT) Date: Mon, 4 Jun 2018 16:20:24 -0400 From: Konrad Rzeszutek Wilk To: Tom Lendacky Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, x86@kernel.org, tglx@linutronix.de, andrew.cooper3@citrix.com, Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , Radim =?utf-8?B?S3LEjW3DocWZ?= , Joerg Roedel , Borislav Petkov , David Woodhouse , Janakarajan Natarajan , Kees Cook , KarimAllah Ahmed , Andy Lutomirski Subject: Re: [PATCH v1 2/3] x86/bugs: Add AMD's SPEC_CTRL MSR usage Message-ID: <20180604202024.GF5867@char.us.oracle.com> References: <20180601145921.9500-1-konrad.wilk@oracle.com> <20180601145921.9500-3-konrad.wilk@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.8.3 (2017-05-23) X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8914 signatures=668702 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1805220000 definitions=main-1806040233 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c > > index 26110c202b19..950ec50f77c3 100644 > > --- a/arch/x86/kvm/svm.c > > +++ b/arch/x86/kvm/svm.c > > @@ -4115,7 +4115,8 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > > break; > > case MSR_IA32_SPEC_CTRL: > > if (!msr_info->host_initiated && > > - !guest_cpuid_has(vcpu, X86_FEATURE_AMD_IBRS)) > > + !guest_cpuid_has(vcpu, X86_FEATURE_AMD_IBRS) && > > + !guest_cpuid_has(vcpu, X86_FEATURE_AMD_SSBD)) > > Shouldn't the IBRS/SSBD check be an "or" check? I don't think it's > necessarily true that IBRS and SSBD have to both be set. Maybe something > like: > > if (!msr_info->host_initiated && > !(guest_cpuid_has(vcpu, X86_FEATURE_AMD_IBRS) || > guest_cpuid_has(vcpu, X86_FEATURE_AMD_SSBD)) > > Does that make sense? The '!' on each of the CPUID and '&&' make this the same. See: AMD_IBRS set | AMD_SSBD set | !AMD_IBRS && !AMD_SSBD | !(AMD_IBRS || AMD_SSBD) 0 | 0 | 1 && 1 -> return 1 | !(0) -> 1 -> return 1 1 | 0 | 0 && 1, continue | !(1 || 0) -> continue 1 | 1 | 0 && 0, continue | !(1 || 1) -> continue 0 | 1 | 1 && 0, continue | !(0 || 1) -> continue Meaning we will return 1 if: the host has not initiator it or, the guest CPUID does not have AMD_IBRS flag or, the guest CPUID does not have AMD SSBD flag I am fine modifying it the way you had in mind, but in the past the logic was to use ! and &&, hence stuck to that. > > > return 1; > > > > msr_info->data = svm->spec_ctrl; > > @@ -4217,11 +4218,12 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) > > break; > > case MSR_IA32_SPEC_CTRL: > > if (!msr->host_initiated && > > - !guest_cpuid_has(vcpu, X86_FEATURE_AMD_IBRS)) > > + !guest_cpuid_has(vcpu, X86_FEATURE_AMD_IBRS) && > > + !guest_cpuid_has(vcpu, X86_FEATURE_AMD_SSBD)) > > Same question as above. > > Thanks, > Tom > > > return 1; > > > > /* The STIBP bit doesn't fault even if it's not advertised */ > > - if (data & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP)) > > + if (data & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_SSBD)) > > return 1; > > > > svm->spec_ctrl = data; > >