Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp1478563ybg; Thu, 11 Jun 2020 10:52:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz8E/qStiAkvOFbrDKrb+owq2RcTJFF2fZlicZtbATrU84x87hhxD+/i/ROA/0EnCQ6vfYC X-Received: by 2002:a05:6402:a42:: with SMTP id bt2mr7824265edb.42.1591897970297; Thu, 11 Jun 2020 10:52:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591897970; cv=none; d=google.com; s=arc-20160816; b=i+SPJOBnuov4P4YIVtD1KkV/+EQDc1Tkcml6gUBESKCfybi2SGuBhiP1/K1O/h6QLL LUvGK7zEOOQLL9ZGaUfCxcPAMSyYlTzvHBw4lMt8Jq40CtwQ5lECKB+vDI6EdUu4Yz21 OIE0xrY/iHPjONQG2AynO6/0kkd4SvjyDiAjKsSuq1c9gyleGNWApSLhjMEuRANAbq3h ax/wRQXqxV7kq1r8J6Fb84j4CwOdiRbdto3RmVcFPwt9CRIAGi0+xzkdBZ0zPPmI7yam EWhHYZh62KaWZZpjLVueYTM5Ljo90Hn463U1QGMM/VeGGI1pk8rWtOeN2Q8niDMlubQ8 mtXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:ironport-sdr:ironport-sdr; bh=8zPMCBQfmEDNK6Spkhy+ZX+iyZc+zaFNLCN+ihO4I4k=; b=XMIgqwCpVA90lB/Lt69f0zJWzR3uAohnEZxB9Vn/dQBSP2OLofXLFdVCXj9rYfTEet bPJEmayw0u25iDwVIAel9D9mb6nyO96j/SSwgo9v7HJdmJ3d1me+d8RRB37Ad2IOD3ay D3fv73ZgV9j/BrsBkIPWilx+y4rK9bpr88ms6yfPBazacbt+Xo/oIc+nF7zIshMwrGzz aSNyVc8x6C+KvscxCgGFHSSjsSMiCCnu+KuMjjXH0pE8f9zPYeKLb6d3D5o4F26vCIE7 uBzln3LCRn5JSbcpqV8S/UB+nk2PG4lHnNRHFg3Afxo7M+QfuDo6kIVbUDjXrpFPW+5g A2eQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id yd28si2214724ejb.580.2020.06.11.10.52.25; Thu, 11 Jun 2020 10:52:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726785AbgFKRNJ (ORCPT + 99 others); Thu, 11 Jun 2020 13:13:09 -0400 Received: from mga09.intel.com ([134.134.136.24]:32446 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726706AbgFKRNG (ORCPT ); Thu, 11 Jun 2020 13:13:06 -0400 IronPort-SDR: fFV/p75+fKUzqj6GVauaKbinxcL4Ye3v980/NCgSgdk0ZUa4h6CRp3bN3hbpZ+KA2svvPT3W9Q I8WppaaDsh0A== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Jun 2020 10:13:06 -0700 IronPort-SDR: UZoHgxH1K0kmvbsR3quVSUfb5dJ2vORoRNzZEJplCkiftUSWTB6T7ceZFD8nPxuEoI/m555enE L9gf56ueCkOA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,500,1583222400"; d="scan'208";a="380448734" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.152]) by fmsmga001.fm.intel.com with ESMTP; 11 Jun 2020 10:13:05 -0700 Date: Thu, 11 Jun 2020 10:13:05 -0700 From: Sean Christopherson To: Joerg Roedel Cc: x86@kernel.org, hpa@zytor.com, Andy Lutomirski , Dave Hansen , Peter Zijlstra , Thomas Hellstrom , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , Kees Cook , David Rientjes , Cfir Cohen , Erdem Aktas , Masami Hiramatsu , Mike Stunes , Joerg Roedel , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: Re: [PATCH v3 59/75] x86/sev-es: Handle MONITOR/MONITORX Events Message-ID: <20200611171305.GJ29918@linux.intel.com> References: <20200428151725.31091-1-joro@8bytes.org> <20200428151725.31091-60-joro@8bytes.org> <20200520063845.GC17090@linux.intel.com> <20200611131045.GE11924@8bytes.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200611131045.GE11924@8bytes.org> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 11, 2020 at 03:10:45PM +0200, Joerg Roedel wrote: > On Tue, May 19, 2020 at 11:38:45PM -0700, Sean Christopherson wrote: > > On Tue, Apr 28, 2020 at 05:17:09PM +0200, Joerg Roedel wrote: > > > +static enum es_result vc_handle_monitor(struct ghcb *ghcb, > > > + struct es_em_ctxt *ctxt) > > > +{ > > > + phys_addr_t monitor_pa; > > > + pgd_t *pgd; > > > + > > > + pgd = __va(read_cr3_pa()); > > > + monitor_pa = vc_slow_virt_to_phys(ghcb, ctxt->regs->ax); > > > + > > > + ghcb_set_rax(ghcb, monitor_pa); > > > + ghcb_set_rcx(ghcb, ctxt->regs->cx); > > > + ghcb_set_rdx(ghcb, ctxt->regs->dx); > > > + > > > + return sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_MONITOR, 0, 0); > > > > Why? If SVM has the same behavior as VMX, the MONITOR will be disarmed on > > VM-Enter, i.e. the VMM can't do anything useful for MONITOR/MWAIT. I > > assume that's the case given that KVM emulates MONITOR/MWAIT as NOPs on > > SVM. > > Not sure if it is disarmed on VMRUN, but the MONITOR/MWAIT instructions > are part of the GHCB spec, so they are implemented here. Even if MONITOR/MWAIT somehow works across VMRUN I'm not sure it's something the guest should enable by default as it leaks GPAs to the untrusted host, with no benefit to the guest except in specific configurations. Yeah, the VMM can muck with page tables to trace guest to the some extent, but the guest shouldn't be unnecessarily volunteering information to the host. If MONITOR/MWAIT is effectively a NOP then removing this code is a no brainer. Can someone from AMD chime in?