Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp4193897imu; Mon, 28 Jan 2019 19:42:07 -0800 (PST) X-Google-Smtp-Source: ALg8bN6SexOa4m9ibMlGSRtEE60i7rIb2e9l0hlvuHHByqvOoxbixub7We6vo4Env5+U7LhzFuBy X-Received: by 2002:a62:8a51:: with SMTP id y78mr24251623pfd.35.1548733327460; Mon, 28 Jan 2019 19:42:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1548733327; cv=none; d=google.com; s=arc-20160816; b=wmyD49LiHDaZZRLqDYjAeCKUuOsf/cBZvtt0q8V8nZwhGMH139v5lwYTsUYKfIy0E+ Z7WgdkjNqBnEmLGmOCJUfxftlTJMiGOxDvs3Zc67Em+bdvUaGQHo8WWowL5upsafsBTQ 6tYyopNpn/2kckXZknNYOPZlK0t/CjjdcA9n1FLvaPMI+Lfigz7yfQ4A+Ck9JCI0jKCr K/9Y9A5jFBlDw+WyERa+y8npQaRiPX/cO1GHaowX1x53Mogo/DpPHqLMYMjMjKwSO1Fo kPUNymPT+VbpbYa0oTPrYu+DpXivpXUFKPeuJO7EIk1wdSPZ924pJL/1Imj1vDfSorT1 FrNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=yALNpIpp0v3ibTd70lmz48o6BtlulTHBqyN5aBnW2Kw=; b=b2V3JCsm4YswAQZX4qH+iC3g0DjsCBybPZYf7wr4chTFtl6rjzoR6LhosYk6hbBDDq MA0rXEdPgh/2lUurHNAUTjCjoYtPIEKJZCnjpOV06bybjPAD7oy5Dl7ElbGhsWJLycSe P4Gqe2LWnMatuv7wIZxnkMg7KjM05IlgXkqg+towWzZayp80mwOpUj++58/Kx8hJwPmF dNrRGUH7l/PCsytnTZtWSDyScZNXcgNl417yGBSlole4DrGvdGpyahYAuBuKQmSm7NHF cS2BnCV9ac2qtHLetK/Vw0YKAoelN43tJiz0MCSLPd74m5yxWeB3n40CKfFV89wo0ekv MV6Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d39si34105572pla.278.2019.01.28.19.41.51; Mon, 28 Jan 2019 19:42:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727521AbfA2Dj6 (ORCPT + 99 others); Mon, 28 Jan 2019 22:39:58 -0500 Received: from mga07.intel.com ([134.134.136.100]:37683 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726887AbfA2Dj5 (ORCPT ); Mon, 28 Jan 2019 22:39:57 -0500 X-Amp-Result: UNSCANNABLE X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Jan 2019 19:39:56 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,535,1539673200"; d="scan'208";a="138698371" Received: from local-michael-cet-test.sh.intel.com (HELO localhost) ([10.239.159.128]) by fmsmga002.fm.intel.com with ESMTP; 28 Jan 2019 19:39:54 -0800 Date: Mon, 28 Jan 2019 18:33:45 +0800 From: Yang Weijiang To: Paolo Bonzini Cc: rkrcmar@redhat.com, sean.j.christopherson@intel.com, jmattson@google.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, mst@redhat.com, yu-cheng.yu@intel.com, yi.z.zhang@intel.com, hjl.tools@gmail.com, Zhang Yi Z Subject: Re: [PATCH v2 1/7] KVM:VMX: Define CET VMCS fields and bits Message-ID: <20190128103345.GA29895@local-michael-cet-test.sh.intel.com> References: <20190122205909.24165-1-weijiang.yang@intel.com> <20190122205909.24165-2-weijiang.yang@intel.com> <5a31eef0-2b6c-bdc2-c54b-5dc4cecf084d@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5a31eef0-2b6c-bdc2-c54b-5dc4cecf084d@redhat.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 25, 2019 at 07:02:37PM +0100, Paolo Bonzini wrote: > On 22/01/19 21:59, Yang Weijiang wrote: > > On processors that support CET, VMX saves/restores > > the states of IA32_S_CET, SSP and IA32_INTERRUPT_SSP_TABLE_ADDR MSR > > to the VMCS area for Guest/Host unconditionally. > > > > If VM_EXIT_LOAD_HOST_CET_STATE = 1, the host CET MSRs are > > restored from VMCS host-state area at VM exit as follows: > > > > - HOST_IA32_S_CET: Host supervisor mode IA32_S_CET MSR is loaded > > from this field. > > > > - HOST_SSP : Host SSP is loaded from this field. > > > > - HOST_INTR_SSP_TABLE_ADDR : Host IA32_INTERRUPT_SSP_TABLE_ADDR > > MSR is loaded from this field. > > > > If VM_ENTRY_LOAD_GUEST_CET_STATE = 1, the guest CET MSRs are loaded > > from VMCS guest-state area at VM entry as follows: > > > > - GUEST_IA32_S_CET : Guest supervisor mode IA32_S_CET MSR is loaded > > from this field. > > > > - GUEST_SSP : Guest SSP is loaded from this field. > > > > - GUEST_INTR_SSP_TABL_ADDR : Guest IA32_INTERRUPT_SSP_TABLE_ADDR > > MSR is loaded from this field. > Thanks for review. > There is no code in this series to pass these fields to and from > userspace, and also to save/restore U_CET, INT_SSP_TAB, PL0_SSP and > PL3_SSP across context switches. > The kernel consumes these MSRs, please see kernel CET patch: https://lkml.org/lkml/fancy/2018/11/20/225 > In addition, PL1_SSP and PL2_SSP should be supported even if the guest > doesn't use them. It makes sense to avoid intercepting them, but they > should still be supported and switched (possibly only if nonzero). > > Am I missing something, for example a dependency on host CET support? > If not, how was this series tested? > The guest CET feature is tested with kernel CET patches on internal virtual platform. > Paolo