Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp1594974pxa;
        Thu, 13 Aug 2020 12:06:26 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwqxGPiRqZ5lhOEM2jhMdzJm7r5s1ehp2b19AStqN+FGfTfrIcuhIObitulusfVYQF/jVJc
X-Received: by 2002:aa7:cd07:: with SMTP id b7mr6392242edw.172.1597345585825;
        Thu, 13 Aug 2020 12:06:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1597345585; cv=none;
        d=google.com; s=arc-20160816;
        b=asqztlbOaQw3MPvT7zeRIZEX2WRZlwfdGvYLvfzHeIvsFVOFbJ+6iy2nsU7PuKcMjW
         r2BZ+Pu8Hw7UCQ/jfOgu9kfLuCIu0/NHSM2vu0uMK7NIWL8xJnwEohpK+sp9meChmAvx
         v2ZlTCI2+77GfLwoz8pc67s9DX8QnjVt8wSc7xOhbI7shOgcyORczXfITjnRBDJ41j1M
         NC0BAXU11qLIk9gwRaNcVxZ5iFJZYBv+B2dEgxqvrkNDfo1uh1joasRPz8nIE+K6v4xR
         PGAU5snhwXNLSMiEU38kW3V8CzhpjShNBLJmwpe03XjNM4nAn/eZOr47MxxWN3vHk/yR
         kcTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=HuU3ViDe278lSw17ntg5nYTRmQsPcKzMV9Ui8nZNn08=;
        b=J4XywoAICaSP2/jC/kbulRT5Xeo1vLBCdhg7asLPnQ+bphis+sQC/JQTpLGrG1M9VL
         2w8I+3YaB26DyceHz37kfTO8+I/F4EbaDZm6Hw9CX+8KBE4g4fJjC4BGGl06/CW2vDVr
         E3UAl20TtNis/NlLAmrymGLSjVP9mJ3bgQ1FxSReZ6d1GHtigRuQi9GzbPuAlqTfEPJf
         UM96SOA2xlA4n/SrHTF8uqoRDz8eWw/H3sKQBEk8JBWQJQYX7fmn3gIymJnUICG8KBeQ
         OdvsplE9wcHbAMOwecJYmaJSOnj7s1PWx3cW0DaglAfYzNkaW6R4UF4q2SpR3o25XS6T
         L+Wg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=qvaTnGMy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id w12si4477361edl.141.2020.08.13.12.06.01;
        Thu, 13 Aug 2020 12:06:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=qvaTnGMy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726591AbgHMTFH (ORCPT <rfc822;rajatbajpailinux@gmail.com>
        + 99 others); Thu, 13 Aug 2020 15:05:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56726 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726292AbgHMTFG (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 13 Aug 2020 15:05:06 -0400
Received: from mail-oi1-x244.google.com (mail-oi1-x244.google.com [IPv6:2607:f8b0:4864:20::244])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B344BC061757
        for <linux-kernel@vger.kernel.org>; Thu, 13 Aug 2020 12:05:06 -0700 (PDT)
Received: by mail-oi1-x244.google.com with SMTP id b22so5994749oic.8
        for <linux-kernel@vger.kernel.org>; Thu, 13 Aug 2020 12:05:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=HuU3ViDe278lSw17ntg5nYTRmQsPcKzMV9Ui8nZNn08=;
        b=qvaTnGMy76pjktYEEGGOjwXIxyF2kIjefRgdP+5JsqhJredrqmgG7skH2KAZVGTbvD
         z5SdDkFCim3I4rnr+fbmjxB6H2bLvTgDt49fkIHsrxbfOq6GKLIjdbXBs41nBCA5Jknt
         wy+JHUbBYqzKHlS0u96hvD22PQ8nVP/Ncx4R8r3KDyHp4OxyPLhcPcQCgSKIFFNkM9bX
         g0KzOa6EiX7NGGUTrufTxlWTWED7H7KueZLP0PM6Qn8wi3okUzROr5WZfymEUO5g/+cD
         XkFYwzcdwMnWaXq5nrtgY0ipfOE07HHR2L84EDV84QVFPRogQpzl+r0Tgis/jvszYiLQ
         YAeA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=HuU3ViDe278lSw17ntg5nYTRmQsPcKzMV9Ui8nZNn08=;
        b=dY3j8QHr3UfdyEqwXcaZAZEEpt1ajTCI7jR3eCPDUZygQ1uTEjSg7u8laE9nNQ7EI8
         gNxc25LShcreaAEHEiWS8ImZnHsHJ6r8EFFb4HvftvzSPmD8v2XZeOazVmuoh0LwxfRo
         9eo9LgqVYjTkN4qdx2udfurcoIibVCqkb5FBbuZkwrZRmMIHeEsGBLeyO6AnCmR8HeR7
         MN45Da6Ykk2Hv9ubT1n9XTarH4+MSbVvZM0I9yX6fDONJACgFItb9lEBHRCAPxJtbH3c
         I1vXMZXvQ+cfEuybzkj+BLBjlE4qmk3zetSKa8PRTj5/2M4XmAIxY7TVCNv6hoqkOWjh
         zL4Q==
X-Gm-Message-State: AOAM530ToOy2XCgKCv5sXCdzqmQrXOspRmPIatow5Pmp6XLuNtV/eo5H
        by1PmZPykmtwDGAUm9xpdsujKAaG6nbTFqnG+fxK6Q==
X-Received: by 2002:aca:b942:: with SMTP id j63mr4518741oif.28.1597345505789;
 Thu, 13 Aug 2020 12:05:05 -0700 (PDT)
MIME-Version: 1.0
References: <20200807084841.7112-1-chenyi.qiang@intel.com> <20200807084841.7112-7-chenyi.qiang@intel.com>
In-Reply-To: <20200807084841.7112-7-chenyi.qiang@intel.com>
From:   Jim Mattson <jmattson@google.com>
Date:   Thu, 13 Aug 2020 12:04:54 -0700
Message-ID: <CALMp9eQ=QUZ04_26eXBGHqvQYnsN6JEgiV=ZSSrE395KLX-atA@mail.gmail.com>
Subject: Re: [RFC 6/7] KVM: X86: Expose PKS to guest and userspace
To:     Chenyi Qiang <chenyi.qiang@intel.com>
Cc:     Paolo Bonzini <pbonzini@redhat.com>,
        Sean Christopherson <sean.j.christopherson@intel.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Joerg Roedel <joro@8bytes.org>,
        Xiaoyao Li <xiaoyao.li@intel.com>,
        kvm list <kvm@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Aug 7, 2020 at 1:47 AM Chenyi Qiang <chenyi.qiang@intel.com> wrote:
>
> Existence of PKS is enumerated via CPUID.(EAX=7H,ECX=0):ECX[31]. It is
> enabled by setting CR4.PKS when long mode is active. PKS is only
> implemented when EPT is enabled and requires the support of VM_{ENTRY,
> EXIT}_LOAD_IA32_PKRS currently.
>
> Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>

> @@ -967,7 +969,8 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
>  {
>         unsigned long old_cr4 = kvm_read_cr4(vcpu);
>         unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | X86_CR4_PAE |
> -                                  X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_PKE;
> +                                  X86_CR4_SMEP | X86_CR4_SMAP | X86_CR4_PKE |
> +                                  X86_CR4_PKS;

This list already seems overly long, but I don't think CR4.PKS belongs
here. In volume 3 of the SDM, section 4.4.1, it says:

- If PAE paging would be in use following an execution of MOV to CR0
or MOV to CR4 (see Section 4.1.1) and the instruction is modifying any
of CR0.CD, CR0.NW, CR0.PG, CR4.PAE, CR4.PGE, CR4.PSE, or CR4.SMEP;
then the PDPTEs are loaded from the address in CR3.

CR4.PKS is not in the list of CR4 bits that result in a PDPTE load.
Since it has no effect on PAE paging, I would be surprised if it did
result in a PDPTE load.

>         if (kvm_valid_cr4(vcpu, cr4))
>                 return 1;
> @@ -1202,7 +1205,7 @@ static const u32 msrs_to_save_all[] = {
>         MSR_IA32_RTIT_ADDR1_A, MSR_IA32_RTIT_ADDR1_B,
>         MSR_IA32_RTIT_ADDR2_A, MSR_IA32_RTIT_ADDR2_B,
>         MSR_IA32_RTIT_ADDR3_A, MSR_IA32_RTIT_ADDR3_B,
> -       MSR_IA32_UMWAIT_CONTROL,
> +       MSR_IA32_UMWAIT_CONTROL, MSR_IA32_PKRS,

Should MSR_IA32_PKRS be added to the switch statement in
kvm_init_msr_list()? Something like...

case MSR_IA32_PKRS:
        if (!kvm_cpu_cap_has(X86_FEATURE_PKRS))
                continue;
        break;