Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp2856614ybn; Thu, 26 Sep 2019 19:19:49 -0700 (PDT) X-Google-Smtp-Source: APXvYqxHP9tTpDIGz69Uj851MX9lOFHRnuyrcnoO9Kfdfg0T9KxU8xrgSoTXBqT2R9uVGyYqpQow X-Received: by 2002:a17:906:8308:: with SMTP id j8mr5709757ejx.142.1569550789129; Thu, 26 Sep 2019 19:19:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569550789; cv=none; d=google.com; s=arc-20160816; b=GYZma+MyO0TjzTItuZnJF+SHv7tXgZp/sG8KlJwrv98RgrqCUGH5CU5JInOMxWWUlO zcGHmE0EllZZE0zrwgZ1cwoZvM0NoQ+Cab/ZcQTgLx0T43E4PXd7uVbA/dKmpPefgqbm 93nJwC59YpE6zqEsqpGrqpZbEEtTLoOKXAl1rC/pcHBGEzqbQhRa9i68aFTQjsmJB6q2 7Klwrp5UF1HkTw9Eft+MseLF/xlH4a8QUYFPVmg6i/yigDWWRixorzyI2d35+QiIvjHL XkNoJCPyb0zdeT86dq2Ek2Wx1GhyV7fSyU+euOUFmIOir6y2vArEdMHeYcWbDjqlPhbM 3qeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=03lEw72VZCw+T+Qi6kzAscA11px3lww/YDfev1DRFoU=; b=btWSlLW6cYRy/Wr3fuEUn28UPRjjzEf9dDqww5oYbYGKxANQRrr0nYVEymi2T8dvig bjBu7TnC156uzDsWEUovP7YwEM/p2y1R6y6l9Ma0HYsuBGU2J1c1Y5EcuvpRVjFVQTIt Od/hgpsemL3UfEfcFkGo4P2Hg2lb9tF6/giql41tI0k1+xdT9jb78pwWO5YQoYhC0XTB z9dtz9yqpt6/jXECzJC6jaTDpVUdQckWbf4Eak+FV4iazRd2M6ClArE71YPbDanCe49D ZOIL+q/BLcLOnZXCsWRkrjDEDIb4vydzw2x2DUmUewbzcHJv69f+Hh9vkXUPSql4iNHc 7Xvg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i13si655821edv.182.2019.09.26.19.19.25; Thu, 26 Sep 2019 19:19:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728943AbfI0CRY (ORCPT + 99 others); Thu, 26 Sep 2019 22:17:24 -0400 Received: from mga17.intel.com ([192.55.52.151]:25572 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728898AbfI0CRV (ORCPT ); Thu, 26 Sep 2019 22:17:21 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 19:17:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,553,1559545200"; d="scan'208";a="193020705" Received: from unknown (HELO local-michael-cet-test.sh.intel.com) ([10.239.159.128]) by orsmga003.jf.intel.com with ESMTP; 26 Sep 2019 19:17:19 -0700 From: Yang Weijiang To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, pbonzini@redhat.com, sean.j.christopherson@intel.com Cc: mst@redhat.com, rkrcmar@redhat.com, jmattson@google.com, Yang Weijiang Subject: [PATCH v7 6/7] KVM: x86: Load Guest fpu state when accessing MSRs managed by XSAVES Date: Fri, 27 Sep 2019 10:19:26 +0800 Message-Id: <20190927021927.23057-7-weijiang.yang@intel.com> X-Mailer: git-send-email 2.17.2 In-Reply-To: <20190927021927.23057-1-weijiang.yang@intel.com> References: <20190927021927.23057-1-weijiang.yang@intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sean Christopherson A handful of CET MSRs are not context switched through "traditional" methods, e.g. VMCS or manual switching, but rather are passed through to the guest and are saved and restored by XSAVES/XRSTORS, i.e. the guest's FPU state. Load the guest's FPU state if userspace is accessing MSRs whose values are managed by XSAVES so that the MSR helper, e.g. vmx_{get,set}_msr(), can simply do {RD,WR}MSR to access the guest's value. Note that guest_cpuid_has() is not queried as host userspace is allowed to access MSRs that have not been exposed to the guest, e.g. it might do KVM_SET_MSRS prior to KVM_SET_CPUID2. Signed-off-by: Sean Christopherson Co-developed-by: Yang Weijiang Signed-off-by: Yang Weijiang --- arch/x86/kvm/x86.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 290c3c3efb87..5b8116028a59 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -104,6 +104,8 @@ static void enter_smm(struct kvm_vcpu *vcpu); static void __kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags); static void store_regs(struct kvm_vcpu *vcpu); static int sync_regs(struct kvm_vcpu *vcpu); +static void kvm_load_guest_fpu(struct kvm_vcpu *vcpu); +static void kvm_put_guest_fpu(struct kvm_vcpu *vcpu); struct kvm_x86_ops *kvm_x86_ops __read_mostly; EXPORT_SYMBOL_GPL(kvm_x86_ops); @@ -2999,6 +3001,12 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) } EXPORT_SYMBOL_GPL(kvm_get_msr_common); +static bool is_xsaves_msr(u32 index) +{ + return index == MSR_IA32_U_CET || + (index >= MSR_IA32_PL0_SSP && index <= MSR_IA32_PL3_SSP); +} + /* * Read or write a bunch of msrs. All parameters are kernel addresses. * @@ -3009,11 +3017,23 @@ static int __msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs *msrs, int (*do_msr)(struct kvm_vcpu *vcpu, unsigned index, u64 *data)) { + bool fpu_loaded = false; int i; + const u64 cet_bits = XFEATURE_MASK_CET_USER | XFEATURE_MASK_CET_KERNEL; + bool cet_xss = kvm_x86_ops->xsaves_supported() && + (kvm_supported_xss() & cet_bits); - for (i = 0; i < msrs->nmsrs; ++i) + for (i = 0; i < msrs->nmsrs; ++i) { + if (!fpu_loaded && cet_xss && + is_xsaves_msr(entries[i].index)) { + kvm_load_guest_fpu(vcpu); + fpu_loaded = true; + } if (do_msr(vcpu, entries[i].index, &entries[i].data)) break; + } + if (fpu_loaded) + kvm_put_guest_fpu(vcpu); return i; } -- 2.17.2