Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp109367pxa;
        Fri, 21 Aug 2020 02:32:13 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwYDMRne3QOHLzquPM81adfwvGp22O3Dcg2lrcto662OXGmZAIGc8hsKYC9o67dFUJWTADL
X-Received: by 2002:a50:ef09:: with SMTP id m9mr580374eds.230.1598002332992;
        Fri, 21 Aug 2020 02:32:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1598002332; cv=none;
        d=google.com; s=arc-20160816;
        b=NgVION3gIpkFdgPS+wzWR4pBKdcKbK/7JdUzhorOrebww4E55TB+ZJaOv58vXlEMOt
         OXh8g2TfQfo81MFkn/R5b/QeUzF2ftdUuOKAnYFz896qAlHVCob8klaAegZNb9tFh6qc
         10KP9z2JXOu8aYDQjdl15fbIcRoLnc5ZcYggDST8weLUMjF62aLW3WyNQJPqkkdIHca9
         PIHTmDRTcC/MVrzefwiFv5zdjG2xaYpU0E/+MDU2lc9IKxn3CvT2NvnLOcUmuscKl3Oi
         Bi9Y5Nkcg2iA3LE6kFcOH+evQmCFeLhQAjaquB2utMUwlM/qbN51df6lXOkMZ5f9Wlom
         An6g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:message-id:date:references
         :in-reply-to:subject:cc:to:dkim-signature:dkim-signature:from;
        bh=VU2HxPgLNLazukFoPOzD00O9Xl1vG0JgE6354eT+dVU=;
        b=we9LQF359PbX4RkBieyPR0+a181tPVvHmE2E1fR/f/hoVXkmkWoRna04azru6MVLfJ
         DAKin9X4D5NuJKQ4joaw0LQmPEaqdlgJyZlROWkMNsj1k5oF1lvpRQtxUTbcGHQWt3h9
         +EG3IyKEZ8Oocv3qLON2PFqAZkwwubhy/nBUdvHUxMM9aErzpBC1I9+WeyzceICRSlxT
         mkr+UZCUBfg1qywF2o566N7a9q5Ob/RzGIDmQY8/mwgbmSGKyUR/nbgFp2FsExwt9X23
         +ja1hIqKq/XqSrUq3MnE5JZKFWhwwT6dtp5+qYhzkZvec7XUZ/MMuIXYn3t5nyp79Puc
         87Cw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b="QJOfX/Y6";
       dkim=neutral (no key) header.i=@linutronix.de;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id p19si788046edx.304.2020.08.21.02.31.49;
        Fri, 21 Aug 2020 02:32:12 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b="QJOfX/Y6";
       dkim=neutral (no key) header.i=@linutronix.de;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728449AbgHUJ2g (ORCPT <rfc822;uzarths@gmail.com> + 99 others);
        Fri, 21 Aug 2020 05:28:36 -0400
Received: from Galois.linutronix.de ([193.142.43.55]:55596 "EHLO
        galois.linutronix.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728423AbgHUJ2e (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 21 Aug 2020 05:28:34 -0400
From:   Thomas Gleixner <tglx@linutronix.de>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020; t=1598002112;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=VU2HxPgLNLazukFoPOzD00O9Xl1vG0JgE6354eT+dVU=;
        b=QJOfX/Y6wXrHej6IcmnqxUyPMKZwipi+Xyftmz4lK2aD3g7bG1juDXdgGKzPq7dSSKOBb/
        ssYMMYJzJcs0p+Dt3HVBXnkIc3psWtjrTBhzlA3Iprqy7alQorOGSs+u1UbzF3UVMjR2qz
        tkKaw+4khq2l3aHWmFGYN4nDWjyCd6EB0W8YEAkcmSfuefo71OkMXu5sUFWQHrJhnNjKkG
        K5Rkxf7G/dYyteCM488T2Okxy27aatHvOrAmC5fSlyQldDGCn9HL4kxIFcqT949przTCHw
        EJ+4jVKy28pHAAxB8+IS8kmt4SfZihamvMCbj7P9eo1MlB4JH56745dW12Erog==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020e; t=1598002112;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         in-reply-to:in-reply-to:references:references;
        bh=VU2HxPgLNLazukFoPOzD00O9Xl1vG0JgE6354eT+dVU=;
        b=voT2OdXpJOLurUTBKVhdXgyagX/vUxVwvyPvxG0AEg7NKcs9BVoP/kLLId2AntIxI1k3Oq
        sd9gY9jeYgvgrlBQ==
To:     Paolo Bonzini <pbonzini@redhat.com>,
        Borislav Petkov <bp@alien8.de>,
        Sean Christopherson <sean.j.christopherson@intel.com>
Cc:     Andy Lutomirski <luto@kernel.org>, Ingo Molnar <mingo@redhat.com>,
        x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
        linux-kernel@vger.kernel.org, Dave Hansen <dave.hansen@intel.com>,
        Chang Seok Bae <chang.seok.bae@intel.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Sasha Levin <sashal@kernel.org>, kvm@vger.kernel.org,
        Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [PATCH] x86/entry/64: Disallow RDPID in paranoid entry if KVM is enabled
In-Reply-To: <3eb94913-662d-5423-21b1-eaf75635142a@redhat.com>
References: <20200821025050.32573-1-sean.j.christopherson@intel.com> <20200821074743.GB12181@zn.tnic> <3eb94913-662d-5423-21b1-eaf75635142a@redhat.com>
Date:   Fri, 21 Aug 2020 11:28:32 +0200
Message-ID: <87r1s0gxfj.fsf@nanos.tec.linutronix.de>
MIME-Version: 1.0
Content-Type: text/plain
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Aug 21 2020 at 10:09, Paolo Bonzini wrote:
> On 21/08/20 09:47, Borislav Petkov wrote:
>> On Thu, Aug 20, 2020 at 07:50:50PM -0700, Sean Christopherson wrote:
>>> +	 * Disallow RDPID if KVM is enabled as it may consume a guest's TSC_AUX
>>> +	 * if an NMI arrives in KVM's run loop.  KVM loads guest's TSC_AUX on
>>> +	 * VM-Enter and may not restore the host's value until the CPU returns
>>> +	 * to userspace, i.e. KVM depends on the kernel not using TSC_AUX.
>>>  	 */
>> And frankly, this is really unfair. The kernel should be able to use any
>> MSR. IOW, KVM needs to be fixed here. I'm sure it context-switches other
>> MSRs so one more MSR is not a big deal.
>
> The only MSR that KVM needs to context-switch manually are XSS and
> SPEC_CTRL.  They tend to be the same on host and guest in which case
> they can be optimized away.
>
> All the other MSRs (EFER and PAT are those that come to mind) are
> handled by the microcode and thus they don't have the slowness of
> RDMSR/WRMSR
>
> One more MSR *is* a big deal: KVM's vmentry+vmexit cost is around 1000
> cycles, adding 100 clock cycles for 2 WRMSRs is a 10% increase.

We all know that MSRs are slow, but as a general rule I have to make it
entirely clear that the kernel has precedence over KVM.

If the kernel wants to use an MSR for it's own purposes then KVM has to
deal with that and not the other way round. Preventing the kernel from
using a facility freely is not an option ever.

The insanities of KVM performance optimizations have bitten us more than
once.

For this particular case at hand I don't care much and we should just
rip the whole RDPID thing out unconditionally. We still have zero
numbers about the performance difference vs. LSL.

Thanks,

        tglx