Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp3150876ybc; Mon, 18 Nov 2019 10:19:34 -0800 (PST) X-Google-Smtp-Source: APXvYqzXHNd+MATR2FgGQOKUZvu3peGVi79NvQ56L8ZW0X6LVOj88BZenPKF3o7kSj2f5AsR96eV X-Received: by 2002:adf:e70f:: with SMTP id c15mr12371354wrm.292.1574101174642; Mon, 18 Nov 2019 10:19:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574101174; cv=none; d=google.com; s=arc-20160816; b=AUIcYz0VwXp//C9Zw2ViZ1DxgmC23U0QgEj5LngP/BvVlNUgRdzUBQcuBnvz2lR/Re g9aTeq58cJMJNsJmzLY6kbk+vqwzXgt0xtQ8/qlIHq3XDOmyIclX7bQyjt5bFTmv1u4F GjxR8NCNBDD927Z01THGfRq1T6i5nH7suuaBqXXxYApEKBoxvd6mVdr921TQvgInL+CG x+imTOlrtEUs2/fgq1q79MsYlCUAxNIJvMd1b7h9E3AmTUtCjB/NbkXlK8J5lprz+yyr yNqIrRW+5ywfHYls8Gr9WNmMNr7zsK15sn89Bd6Jti7m8tSxIlqLwa8kmo/yN+zt+paF Q6qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=jpG2kEyEJHc8/CbQPiWfOD/+xRzsS5WNXU8AFKfy8Cg=; b=SxtptWIo6eQ+TDqacKqVQiYurFK/dznf+Fn7XQlGGL8AnYyf/Fb5yk/PRhg274Iz2h PhotAEHA4H0GXxvVmYOjXq4KfRX2bYkdwsY9AaQO657yuBw+yUebtP4SizKpD99WLYmc V3mMPXytwjOEI7iZN1+xQU6d+rKul9De6kTYzhaR3V6p0KFIOzK6pW9j4eZqnFPH/Pmk m8PeWK6eC8328iFf2UvxM7YjXBAAu4zJWqPuaEh9F1+QpKVC4xLsqgV3XR/VJjP1yxPf p5Lr8smLOhd5cL5nNYjA8HWuG+/jgBOLhHYstE7hz4IpOmAiuOarPV4CvPVRXkaR0orN iwyA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=EMsOtal5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q6si1548324edt.301.2019.11.18.10.19.10; Mon, 18 Nov 2019 10:19:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=EMsOtal5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726887AbfKRSSC (ORCPT + 99 others); Mon, 18 Nov 2019 13:18:02 -0500 Received: from mail-wr1-f66.google.com ([209.85.221.66]:33552 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726761AbfKRSR7 (ORCPT ); Mon, 18 Nov 2019 13:17:59 -0500 Received: by mail-wr1-f66.google.com with SMTP id w9so20714454wrr.0; Mon, 18 Nov 2019 10:17:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=jpG2kEyEJHc8/CbQPiWfOD/+xRzsS5WNXU8AFKfy8Cg=; b=EMsOtal5IxuXRR6Ovh9l1jsckcRu6ANKKAO4xosjmjDrrOT5p1sN4prnJYcTztqv20 6jdjXPjqdT1deIscnpJeu5rIgUQ7ARgpvbI0jUwKDRw0xFaQoGA52n6lHGu0wN4DHJqS uCQFu/du47+++EaynzJ/qMUpl0+kK0FSW1PqwTDu9MgtU/54v8HyCp94AHUqSaNcYz8T z4d4vaascf+LHRW2vVrQR6cGRDCeI7dIomeSDy1B5x1dkstq1Qq6J2PTQSMEm1J+Hp7A ZhB/UgBM2/VqrB2ygn7T8qWnZmpFweWAmy6bVkmWq4vqO8ByG/f/vbgdii3tHTVgrwao JyWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:cc:subject:date:message-id :in-reply-to:references; bh=jpG2kEyEJHc8/CbQPiWfOD/+xRzsS5WNXU8AFKfy8Cg=; b=QwKOGHYbETGJCXRmXKLEHWr/mx/gHh7s6Sy05cSwkRNu4IpxoTXaG+5umcVYTevgsF h6awhhvklewSoiNtojo0I5UnEsYjzcVrvM6aYSVlS4vSuFqwX6RNQh3U1J/saMePZ9Wh yb1gxapFkJlpdWGKlUOW0rqgTRCC/vUjpN68ZDllPFv3/maauWjfpiwsn6vVKPF1GPyk 7iEvs4JxWql7UeQLt0dj0ISuR19TdTjBsuRJVNkuGuTBy1hCqVMVrmis1WqrijjmVXid r9sT5hgpznBNT8xWGRC94MYXn2Kd1ScyLN0m1po4t0kGcI1uEa8gsMamh5pKscfyYiRN Ayfg== X-Gm-Message-State: APjAAAXnBXE0hNaAxDsglQzFvBPXTEtwKEr7e7GiS+Tu+X2N/bBcmjp4 BbhNsA6mteiRREQK1CPg0wWtAmrc X-Received: by 2002:a5d:5686:: with SMTP id f6mr32984073wrv.231.1574101076166; Mon, 18 Nov 2019 10:17:56 -0800 (PST) Received: from 640k.localdomain.com ([93.56.166.5]) by smtp.gmail.com with ESMTPSA id v81sm233794wmg.4.2019.11.18.10.17.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Nov 2019 10:17:55 -0800 (PST) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: jmattson@google.com, Sean Christopherson Subject: [PATCH 5/5] KVM: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it Date: Mon, 18 Nov 2019 19:17:47 +0100 Message-Id: <1574101067-5638-6-git-send-email-pbonzini@redhat.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1574101067-5638-1-git-send-email-pbonzini@redhat.com> References: <1574101067-5638-1-git-send-email-pbonzini@redhat.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If X86_FEATURE_RTM is disabled, the guest should not be able to access MSR_IA32_TSX_CTRL. We can therefore use it in KVM to force all transactions from the guest to abort. Signed-off-by: Paolo Bonzini --- arch/x86/kvm/vmx/vmx.c | 44 ++++++++++++++++++++++++++++++-------------- 1 file changed, 30 insertions(+), 14 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index ed25fe7d5234..8cba65eec0d3 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -639,6 +639,23 @@ struct shared_msr_entry *find_msr_entry(struct vcpu_vmx *vmx, u32 msr) return NULL; } +static int vmx_set_guest_msr(struct vcpu_vmx *vmx, struct shared_msr_entry *msr, u64 data) +{ + int ret = 0; + + u64 old_msr_data = msr->data; + msr->data = data; + if (msr - vmx->guest_msrs < vmx->save_nmsrs) { + preempt_disable(); + ret = kvm_set_shared_msr(msr->index, msr->data, + msr->mask); + preempt_enable(); + if (ret) + msr->data = old_msr_data; + } + return ret; +} + void loaded_vmcs_init(struct loaded_vmcs *loaded_vmcs) { vmcs_clear(loaded_vmcs->vmcs); @@ -2174,20 +2191,10 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) default: find_shared_msr: msr = find_msr_entry(vmx, msr_index); - if (msr) { - u64 old_msr_data = msr->data; - msr->data = data; - if (msr - vmx->guest_msrs < vmx->save_nmsrs) { - preempt_disable(); - ret = kvm_set_shared_msr(msr->index, msr->data, - msr->mask); - preempt_enable(); - if (ret) - msr->data = old_msr_data; - } - break; - } - ret = kvm_set_msr_common(vcpu, msr_info); + if (msr) + ret = vmx_set_guest_msr(vmx, msr, data); + else + ret = kvm_set_msr_common(vcpu, msr_info); } return ret; @@ -7138,6 +7145,15 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu) if (boot_cpu_has(X86_FEATURE_INTEL_PT) && guest_cpuid_has(vcpu, X86_FEATURE_INTEL_PT)) update_intel_pt_cfg(vcpu); + + if (boot_cpu_has(X86_FEATURE_RTM)) { + struct shared_msr_entry *msr; + msr = find_msr_entry(vmx, MSR_IA32_TSX_CTRL); + if (msr) { + bool enabled = guest_cpuid_has(vcpu, X86_FEATURE_RTM); + vmx_set_guest_msr(vmx, msr, enabled ? 0 : TSX_CTRL_RTM_DISABLE); + } + } } static void vmx_set_supported_cpuid(u32 func, struct kvm_cpuid_entry2 *entry) -- 1.8.3.1