Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp713309pxa; Wed, 12 Aug 2020 11:34:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxNA2Ze6wNEyqGiqfpa4wjIH/dA4dzSbhZ5G6h1or0Q4JTXYb/9KwlZxdMt5PgRHU2LdTBh X-Received: by 2002:a17:906:f8c3:: with SMTP id lh3mr1134895ejb.263.1597257275084; Wed, 12 Aug 2020 11:34:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1597257275; cv=none; d=google.com; s=arc-20160816; b=FNZVPs2WnwlHa+SrMjXde/VV0zuWJKg9YYEftNQhYZqTXyxCXxgEG86DA7ZlVrIv93 vHR1qlHx9y9XHM+RV8w/QypSqj5EIoA7YswEhssD5Q/fDyw+WJjZH1L8KHjfLCgIt4Wg YupHygp8RtlWFCqhzBwLuUz443RfeOzqcvMyksEQkp/oOEWXe/4Z8XyQNmMeQUf3MuE/ wK7EKC0RKGvQeliOn4+/jSyoFfyb7fyp4iX8kC7j9i69UQwCG8UZR1/C254sHbD7EGxe NfhF7j3fFrziJ4FqL4UGo7QmiPzCf9Ajh957vFJ7fJzw+1BRA+8ayuNU499ohi099JPO lCFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=Iq5zcoPvcN7T8KSX0uQQrVJaYxTlpMSMBxtNsvh1wuM=; b=ZwzwgGwJyldd1BNtXoQw8Sz8uSAkN9R0dqB16VFcXiT6R+dJab2NJlmC4avyZXTx24 In5/miHm9zOxkDsm2Z+giA8rQ0yIO8d2oo3PvMj8xB616mUEUUNzJMPje2SdIWFcHyrc d35yVScS+/JkdakTN/7zkr6kLF1H9TH8l/2UZx6qsF9OitpKOZMfA2NuZRPaTw3P353Q WcRuIKzMaWqn3NPf/XXRXzUVxZXPnlkolgLE+an2a35tn5gs1c3gpADHyRrUgoxW5E3d LWUkLvYEkW4VBZeVwrCFQLCzKMbKW60GejyfMWArfKRbSL8zynDbHtE9Nl+IRjGvlVQj bxXQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=QM7a50tw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h23si1745436ejq.149.2020.08.12.11.34.10; Wed, 12 Aug 2020 11:34:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=QM7a50tw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726540AbgHLScy (ORCPT + 99 others); Wed, 12 Aug 2020 14:32:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55722 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726456AbgHLScx (ORCPT ); Wed, 12 Aug 2020 14:32:53 -0400 Received: from mail-ot1-x342.google.com (mail-ot1-x342.google.com [IPv6:2607:f8b0:4864:20::342]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DCBFEC061383 for ; Wed, 12 Aug 2020 11:32:52 -0700 (PDT) Received: by mail-ot1-x342.google.com with SMTP id r21so2735179ota.10 for ; Wed, 12 Aug 2020 11:32:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Iq5zcoPvcN7T8KSX0uQQrVJaYxTlpMSMBxtNsvh1wuM=; b=QM7a50twcijnq4/3ZW/O+9xjvW93ebFFEyQqVRJLyIZ1P87M+G7Is4tYI1VD0ikr6u 0mA8d7XC8wnH+xFw6v9UgSTx6AFTQ6x+Cj0HVkaFzv1gMKXdZD/UtV/qIhPQMljzkyib r3+JIXdmwd0Ii9KO7oHfZWDxU40LNTbU8dIRmN49HnESDLoEHeGphhMZz2a628D21ah+ WtyTpWSDy8tRo5VWoi6aAcTbDWBqBTVDiDu+5yVSC3o8utQb08yOAmDEKl1NiIVD81uC 3yaWwt2pGL3Exg+IJUwVHKZ41zPInA3Jj0/c1/smWfrWzTh3n8OB6be1rdzqp1HnCCbp M0GQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Iq5zcoPvcN7T8KSX0uQQrVJaYxTlpMSMBxtNsvh1wuM=; b=dOk9y6gVdyK4dt69BCyD6XmI5mBibbqFGHumdkcSsJ8UuhG2BRmIlYJ9fpQIOk/DN3 aTTZY1ISuLyuNYICnJVkanVmGGsDlmvKFFPXljuzkkner0wOEupSu8Kv9BuJKTcQVCej jkQxkDEp0JSgZczRXm2nkDdZtBp6N6xIm0rhBbW1qK3n+bi0lqlqyhQVavJ73uGeCoMW zp8vhCn8d0we+zSWspXQmKcenD98GJjCNoTZZ+uJC6WQ2FkiUWOxHt3vi1Cppa1j0s9U vDYd4uwLb5c9qhhwHlXDqX1+7AHoGE+hxGWlgWCoH6QLCuv2rRYSXZ0yPtgN8koxStDB Y3IQ== X-Gm-Message-State: AOAM530VpUX4YBxbbX2TfiKdmlej8LvD8JUGv5POUTj5sQq57qBHXIav cBJeEoDwRVTu6IOw1VZO8Xpmh1jzzrerv03tc8HJSQ== X-Received: by 2002:a9d:ae9:: with SMTP id 96mr889573otq.241.1597257169977; Wed, 12 Aug 2020 11:32:49 -0700 (PDT) MIME-Version: 1.0 References: <20200807084841.7112-1-chenyi.qiang@intel.com> <20200807084841.7112-8-chenyi.qiang@intel.com> <20200812150017.GB6602@linux.intel.com> In-Reply-To: <20200812150017.GB6602@linux.intel.com> From: Jim Mattson Date: Wed, 12 Aug 2020 11:32:38 -0700 Message-ID: Subject: Re: [RFC 7/7] KVM: VMX: Enable PKS for nested VM To: Sean Christopherson Cc: Chenyi Qiang , Paolo Bonzini , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , Xiaoyao Li , kvm list , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Aug 12, 2020 at 8:00 AM Sean Christopherson wrote: > > On Mon, Aug 10, 2020 at 05:05:36PM -0700, Jim Mattson wrote: > > On Fri, Aug 7, 2020 at 1:47 AM Chenyi Qiang wrote: > > > > > > PKS MSR passes through guest directly. Configure the MSR to match the > > > L0/L1 settings so that nested VM runs PKS properly. > > > > > > Signed-off-by: Chenyi Qiang > > > --- > > > arch/x86/kvm/vmx/nested.c | 32 ++++++++++++++++++++++++++++++++ > > > arch/x86/kvm/vmx/vmcs12.c | 2 ++ > > > arch/x86/kvm/vmx/vmcs12.h | 6 +++++- > > > arch/x86/kvm/vmx/vmx.c | 10 ++++++++++ > > > arch/x86/kvm/vmx/vmx.h | 1 + > > > 5 files changed, 50 insertions(+), 1 deletion(-) > > > > > > diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c > > > index df2c2e733549..1f9823d21ecd 100644 > > > --- a/arch/x86/kvm/vmx/nested.c > > > +++ b/arch/x86/kvm/vmx/nested.c > > > @@ -647,6 +647,12 @@ static inline bool nested_vmx_prepare_msr_bitmap(struct kvm_vcpu *vcpu, > > > MSR_IA32_PRED_CMD, > > > MSR_TYPE_W); > > > > > > + if (!msr_write_intercepted_l01(vcpu, MSR_IA32_PKRS)) > > > + nested_vmx_disable_intercept_for_msr( > > > + msr_bitmap_l1, msr_bitmap_l0, > > > + MSR_IA32_PKRS, > > > + MSR_TYPE_R | MSR_TYPE_W); > > > > What if L1 intercepts only *reads* of MSR_IA32_PKRS? > > nested_vmx_disable_intercept_for_msr() handles merging L1's desires, the > (MSR_TYPE_R | MSR_TYPE_W) param is effectively L0's desire for L2. I should know better than to assume that a function in kvm actually does anything like what its name implies, but I never seem to learn. :-( Thanks!