Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp1351452ybn; Wed, 2 Oct 2019 14:53:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqy08Ty081E4gRR/XpLwouJi2gL/koqCNb7g0kWpbLvfBpowg2qBvbhHM4+LoeEKFqC1sUMr X-Received: by 2002:a50:fb16:: with SMTP id d22mr6290614edq.30.1570053200115; Wed, 02 Oct 2019 14:53:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1570053200; cv=none; d=google.com; s=arc-20160816; b=gSKv1G5qXMNCcZnzkNdJ72W3ZEiLEmfrS+byFl7EPyL+EIJkKXpPCIY99qI540UBHe gbhyx2Ym0/WLfXp+OQQZQEjqmId78o/s1cgl5VWi1VKtWqF9g7nSdZ6Kq5VKL5pL4oX9 2onjG39HqbKgtRXcJMHESuZoJBjUleoA/EzfVHmi5xaITHRPtF+Sq4qtVT5rBUbDupzt piSzaTXhUs8QUxodqx4V/MQNtosojDA3A78KgYWOUiuQrrXwfVkb3EKe4/bKmhP0v10a UxYZJADjN943BPiEVNID+b2BFCVrkaWZf3dtCWKgGz8lsa1YR7drDK3s03pQacZb4INR UHAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=mxH4ymsGMb4jOpypYiX3Ngcl2ReJUcFD+OtXu9cpO30=; b=HYOappcpQlzvjlCQtCbIStPIbD/pAmRUh+6A2PK7ZBdEpV1LrgOPpz9Kco69yzgOg7 gs1FMCt9Nriq4skoHySpm09Rcxc0wSztdvwEPQNEkzUEBy0tPLw0G9+wTuv4NDkw3USu bbLlrf/L5W6BdMYb26WF1F0NXWaKo+OLHElIn3O0I+jRTXLyZJ07DHdm3JK4cun9LYil 9C7SK4d/byBRfGkQAhCkXJnQw/dDMqipWMUxRJm9K+dOKeAzZKWEigf44u7x4jlU+zaL As2FerVAvLNrQL3TUeCZO1vS9IHxavvyOuQo4wvOgulgj730JapFr81SYJ+orxZ4t08R ZSTw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Zb7ukMZD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x47si254186eda.396.2019.10.02.14.52.56; Wed, 02 Oct 2019 14:53:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Zb7ukMZD; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728850AbfJBU6D (ORCPT + 99 others); Wed, 2 Oct 2019 16:58:03 -0400 Received: from mail-io1-f68.google.com ([209.85.166.68]:41572 "EHLO mail-io1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728900AbfJBU6D (ORCPT ); Wed, 2 Oct 2019 16:58:03 -0400 Received: by mail-io1-f68.google.com with SMTP id n26so510744ioj.8 for ; Wed, 02 Oct 2019 13:58:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mxH4ymsGMb4jOpypYiX3Ngcl2ReJUcFD+OtXu9cpO30=; b=Zb7ukMZDW3GVvpTCDpYW5lmOKDSHHWjljNPsTm+oq5S0HxsYLJcaqMCDnQlb/twjub 7QRJWuVWopM4Q9UWBp/G+dGWBByImCUEarWQYpMH2N0GyPAEmeVnmq8M3APWN0rNbIA7 OqzIA74SRLchR5auxdp0tZeBvOqKbw7sVmrM12w1FkUgv89vQkuUlav91g9qLzIC6wke yWmYYPAMJESjpwdfALypK03bjosTQV08LeSXMhcZjj/OTbVIqkLHX7OMiGYlD3WSAZtf KvDyqKWeGp8mp2N4uOh83Bzh9CvjP7MqUWC1Vf57Mclaly/Dycb4aqy8ptYzjvIqJ4zc mRqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mxH4ymsGMb4jOpypYiX3Ngcl2ReJUcFD+OtXu9cpO30=; b=oZZsvkKtf/C7jUPOJSGOqEYZ8CC0JOmFCUD0C7QXSor3I0Zusvq8vMGSuf8DwTkk+f YxqN/+Q1NvgaHJVkwbWGOKQQKi3afg2XPRCeELDx4Xd9+Tym+W9DJjC5Wa8qUWGHpXDW ykld50SiETOvRuvHao1mWVVsgKc20Z/pTr3EWzCpz2LZ4xqk4f6Bs7Ox8mSxkPWwM/Ta TLK2u7uVjU9HDqWE27xKfS0wDY1jcZb92seZd8ZZvmXxsVeL0q6tXerT8bThhfbKGPqf 6Ao9Zd++GZxNBfDI8Qy3SFlLT4bpFZIOxH2cZCtRFeiBbhTdg3QSsk/0RG6jqnV2Li9m JluQ== X-Gm-Message-State: APjAAAVxlXeaUHeYrFuCTeMigyFmCoD/1hAMgeKwAGUkDrFNDkhUXhtZ 6tPUHiy/wLUP3bqsNJCXf2UCstasz16faWOiIXa0Jg== X-Received: by 2002:a6b:9085:: with SMTP id s127mr5338252iod.26.1570049882086; Wed, 02 Oct 2019 13:58:02 -0700 (PDT) MIME-Version: 1.0 References: <20190927021927.23057-1-weijiang.yang@intel.com> <20190927021927.23057-8-weijiang.yang@intel.com> In-Reply-To: <20190927021927.23057-8-weijiang.yang@intel.com> From: Jim Mattson Date: Wed, 2 Oct 2019 13:57:50 -0700 Message-ID: Subject: Re: [PATCH v7 7/7] KVM: x86: Add user-space access interface for CET MSRs To: Yang Weijiang Cc: kvm list , LKML , Paolo Bonzini , Sean Christopherson , "Michael S. Tsirkin" , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 26, 2019 at 7:17 PM Yang Weijiang wrote: > > There're two different places storing Guest CET states, the states > managed with XSAVES/XRSTORS, as restored/saved > in previous patch, can be read/write directly from/to the MSRs. > For those stored in VMCS fields, they're access via vmcs_read/ > vmcs_write. > > Signed-off-by: Yang Weijiang > --- > arch/x86/kvm/vmx/vmx.c | 83 ++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 83 insertions(+) > > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > index 44913e4ab558..5265db7cd2af 100644 > --- a/arch/x86/kvm/vmx/vmx.c > +++ b/arch/x86/kvm/vmx/vmx.c > @@ -1671,6 +1671,49 @@ static int vmx_get_msr_feature(struct kvm_msr_entry *msr) > return 0; > } > > +static int check_cet_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) I'd suggest changing return type to bool, since you are essentially returning true or false. > +{ > + u64 kvm_xss = kvm_supported_xss(); > + > + switch (msr_info->index) { > + case MSR_IA32_PL0_SSP ... MSR_IA32_PL2_SSP: > + if (!(kvm_xss | XFEATURE_MASK_CET_KERNEL)) '|' should be '&' > + return 1; > + if (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) > + return 1; > + break; > + case MSR_IA32_PL3_SSP: > + if (!(kvm_xss | XFEATURE_MASK_CET_USER)) '|' should be '&' > + return 1; > + if (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) > + return 1; > + break; > + case MSR_IA32_U_CET: > + if (!(kvm_xss | XFEATURE_MASK_CET_USER)) '|' should be '&' > + return 1; > + if (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) && > + !guest_cpuid_has(vcpu, X86_FEATURE_IBT)) > + return 1; > + break; > + case MSR_IA32_S_CET: > + if (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) && > + !guest_cpuid_has(vcpu, X86_FEATURE_IBT)) > + return 1; > + break; > + case MSR_IA32_INT_SSP_TAB: > + if (!msr_info->host_initiated && > + !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) > + return 1; > + break; > + default: > + return 1; > + } > + return 0; > +} > /* > * Reads an msr value (of 'msr_index') into 'pdata'. > * Returns 0 on success, non-0 otherwise. > @@ -1788,6 +1831,26 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > else > msr_info->data = vmx->pt_desc.guest.addr_a[index / 2]; > break; > + case MSR_IA32_S_CET: > + if (check_cet_msr(vcpu, msr_info)) > + return 1; > + msr_info->data = vmcs_readl(GUEST_S_CET); Have we ensured that this VMCS field exists? > + break; > + case MSR_IA32_INT_SSP_TAB: > + if (check_cet_msr(vcpu, msr_info)) > + return 1; > + msr_info->data = vmcs_readl(GUEST_INTR_SSP_TABLE); Have we ensured that this VMCS field exists? > + break; > + case MSR_IA32_U_CET: Can this be lumped together with MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP, below? > + if (check_cet_msr(vcpu, msr_info)) > + return 1; > + rdmsrl(MSR_IA32_U_CET, msr_info->data); > + break; > + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > + if (check_cet_msr(vcpu, msr_info)) > + return 1; > + rdmsrl(msr_info->index, msr_info->data); > + break; > case MSR_TSC_AUX: > if (!msr_info->host_initiated && > !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) > @@ -2039,6 +2102,26 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > else > vmx->pt_desc.guest.addr_a[index / 2] = data; > break; > + case MSR_IA32_S_CET: > + if (check_cet_msr(vcpu, msr_info)) > + return 1; Bits 9:6 must be zero. > + vmcs_writel(GUEST_S_CET, data); Have we ensured that this VMCS field exists? > + break; > + case MSR_IA32_INT_SSP_TAB: > + if (check_cet_msr(vcpu, msr_info)) > + return 1; Must be canonical. vCPU must support longmode. > + vmcs_writel(GUEST_INTR_SSP_TABLE, data); Have we ensured that this VMCS field exists? > + break; > + case MSR_IA32_U_CET: > + if (check_cet_msr(vcpu, msr_info)) > + return 1; Bits 9:6 must be zero. > + wrmsrl(MSR_IA32_U_CET, data); > + break; > + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > + if (check_cet_msr(vcpu, msr_info)) > + return 1; 'Data' must be canonical and 4-byte aligned. High dword must be zero on vCPUs that don't support longmode. > + wrmsrl(msr_info->index, data); > + break; > case MSR_TSC_AUX: > if (!msr_info->host_initiated && > !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) > -- > 2.17.2 >