Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp2131983ybl; Thu, 15 Aug 2019 07:04:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqwRN4VZjXwRz14kvucxuipVh8Jo0FfiCmQvqne75VGb4Zml1mZvKKNxXPmXNJ/YjSNrCVrZ X-Received: by 2002:a62:8281:: with SMTP id w123mr5560987pfd.36.1565877895058; Thu, 15 Aug 2019 07:04:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565877895; cv=none; d=google.com; s=arc-20160816; b=cBAfd6KolOS3QUTbaCFL1MNkH5A2nzYbA7IIltsrXcpnqjCuFv7+jyrKFj04OgK1yL 4Jaz2Lw+dK5IxP7i5D/uRvN/3H/8XLN4uqsEmV1LfFSBeCyU2jLqbTJVadhYu00ay/Ah IRly8rHC6zbNPy4ORrC8kntk9TxnSJaEb8v7qmiAdpqiuVQ0OqCDEk8Jy3as/wq5UEQU YQz8aR1Jpvc1UENmqdqHk/RWHxcYUGfrJL0mFTPDqR2TLaorMFSlsEBuOuEPAZBj2cb2 YTpIhZ8rbGd95fWcz/lwM/6E7X0qbCi+y9P1wgjaDwQC4HlbOz8icriT1J53IwXKG/Kv wz+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from; bh=P6jtmJQJAOxQmjY3PzD+zR33iq9AQ8OzIHihVYNbvtU=; b=panwWPBHEXLMbFWWTP3ha4O/xP8Medxn5GK/VOrcXbWkUnNhW8BqX0ElPJamcGEkz4 aIgmfXi2TJdhgJ0oHPLCVisdRjc/lOG1jhKZQXQJlRm18f2+ofy28/GONNYfcIITvdrx ix5GKXmI+8g2FKeBRKQCvh7+QP/0oEDpiMRG3Vfsf9kphMrk+yBJeZd1vut8v7ewBbhK bvplrq+2DLWr9JaW6EwvJvy/GmQnQuTr4Oeyv4hys2H1O28cWOARJHu9qC/gYYckdJ1A kR2EZzz3eLHMHT+LgSegqYqAGU4IPjK3Texo+krH1fLqyJP1SgWhVGJZ0qlN9tA4FLPf FouQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o61si2107856pld.21.2019.08.15.07.04.38; Thu, 15 Aug 2019 07:04:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732694AbfHOODf (ORCPT + 99 others); Thu, 15 Aug 2019 10:03:35 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:33563 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732334AbfHOODf (ORCPT ); Thu, 15 Aug 2019 10:03:35 -0400 Received: by mail-wr1-f65.google.com with SMTP id u16so2353246wrr.0 for ; Thu, 15 Aug 2019 07:03:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=P6jtmJQJAOxQmjY3PzD+zR33iq9AQ8OzIHihVYNbvtU=; b=ifl6rCnO2Dv/9auJxn5GlKeaWTvupWDKCJYlwQChNBDy6wSKENrKCAHZH20F40XTlj szPFLA8RwXitFKGe7K3KzLVW2HITw/17MliS4niZO28mlAstc8h+6O/4TTHtX51mvg27 a5hf2MjhYxAZeDoFAlc69KM2mC0wwzmhj/kw3wtJ0D55Cpmrnk3Ikg9xGxhRNxV4BQe7 tPeGtIizcdxsDTmTkPwy1bZWO4/HUhopHMHAj0ltFcnCPUdfwuZMfXYyT/Vcv0GVocv0 08LNdYQufZPn6gAAs/XiFNz6yNQyr02rCwCVUkH1DxehzZjisUb0vGptWYqnZYCCuGyl p97w== X-Gm-Message-State: APjAAAU1ypWkZa+NVZGIvrnsC+uSYg+Nh7xvIHEH+Td4Pc7fudI/WQtZ xmhm01Q3MiUi3k61V0uef9ECHA== X-Received: by 2002:adf:f204:: with SMTP id p4mr5874439wro.317.1565877813345; Thu, 15 Aug 2019 07:03:33 -0700 (PDT) Received: from vitty.brq.redhat.com (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.gmail.com with ESMTPSA id t198sm2803371wmt.39.2019.08.15.07.03.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2019 07:03:32 -0700 (PDT) From: Vitaly Kuznetsov To: Yang Weijiang Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, mst@redhat.com, rkrcmar@redhat.com, jmattson@google.com, yu.c.zhang@intel.com, alazar@bitdefender.com, pbonzini@redhat.com, sean.j.christopherson@intel.com Subject: Re: [PATCH RESEND v4 5/9] KVM: VMX: Add init/set/get functions for SPP In-Reply-To: <20190815134329.GA11449@local-michael-cet-test> References: <20190814070403.6588-1-weijiang.yang@intel.com> <20190814070403.6588-6-weijiang.yang@intel.com> <87a7cbapdw.fsf@vitty.brq.redhat.com> <20190815134329.GA11449@local-michael-cet-test> Date: Thu, 15 Aug 2019 16:03:31 +0200 Message-ID: <87o90q8r0s.fsf@vitty.brq.redhat.com> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Yang Weijiang writes: > After looked into the issue and others, I feel to make SPP co-existing > with nested VM is not good, the major reason is, L1 pages protected by > SPP are transparent to L1 VM, if it launches L2 VM, probably the > pages would be allocated to L2 VM, and that will bother to L1 and L2. > Given the feature is new and I don't see nested VM can benefit > from it right now, I would like to make SPP and nested feature mutually > exclusive, i.e., detecting if the other part is active before activate one > feature,what do you think of it? I was mostly worried about creating a loophole (if I understand correctly) for guests to defeat SPP protection: just launching a nested guest and giving it a protected page. I don't see a problem if we limit SPP to non-nested guests as step 1: we, however, need to document this side-effect of the ioctl. Also, if you decide to do this enforecement, I'd suggest you forbid VMLAUCH/VMRESUME and not VMXON as kvm module loads in linux guests automatically when the hardware is suitable. Thanks, -- Vitaly