Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp1367pxk; Wed, 2 Sep 2020 12:39:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw8PhPAhxhJYZzUB6gwzv4l3bkkr0QFDKCHVNAQCmEex/NfpXUGqDdr7cj/RDQ7oZwc38dE X-Received: by 2002:a17:907:94c3:: with SMTP id dn3mr1609551ejc.186.1599075551017; Wed, 02 Sep 2020 12:39:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1599075551; cv=none; d=google.com; s=arc-20160816; b=TUs9lvXZHAGPxobXKOkjaryBNdDzBjAqoq2N4obvhmzyWajqnGXgladSKAD8Wy0SLq l+IXV57iw6/e/mQ990BdESTuboMeQN1D1OWo9ByfKrO6pKmhawhOsQzIyN5DnJUzq06J sLEONdF+AQbZXyKjTTkw+AIxk01Cswe9yPrY0id8FEs/sCGTIdB7Z+FULh1uWpiJQu5Z kGCXYHvU0GpogiuERjqoLIUYL5rjRJDu1tTPY7FQhebOmEkBoYG04N+hTzdCArZk+zs6 qVzCcqugZ3WBc4sjuthQT3HIqZ5tezLdcA87UHKYJ+Ha8Zx2EWXfU3eq2oww6xMHoOgn zi9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=GVlNlS2k5mluzHkbh+REDKZGmZjyzZPFj0vaaSFv3+8=; b=SEyxQC9dib85h198u59WzzLPiK6cZar96C0z0grn6sHcE0qjln1bwQ60dquyiDQWSZ GMGlHk/t3fl7j1l+k6YYFceZOPZcFMvFUVqDtiF+yXy7lYCRORQirbTmJWSS9NkVGzDa C3ny2GnhUX5JMUJqLgg2rfRB5JSFjrNZTfMHfJoUbUDJuYEuFLlLpMU0Mjcbd+K0qcbN q1RLIgDYSp8coXiVfh5UAtNBMFnFWRQbHPgC3fgZEjwgCfrNEj7Jd8+3Toi8IW2sLh0A gES4F94AAcFOlCt7rqMB3UnOjoHEvXwwWX+RjFwOmnKffCDjrgmvx22G1ZWIFLGMnORF 2m6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=oB2TnGM1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u17si138817edx.501.2020.09.02.12.38.47; Wed, 02 Sep 2020 12:39:11 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=oB2TnGM1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728015AbgIBSca (ORCPT + 99 others); Wed, 2 Sep 2020 14:32:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49980 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726948AbgIBScW (ORCPT ); Wed, 2 Sep 2020 14:32:22 -0400 Received: from mail-ot1-x343.google.com (mail-ot1-x343.google.com [IPv6:2607:f8b0:4864:20::343]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5A00BC061245 for ; Wed, 2 Sep 2020 11:32:22 -0700 (PDT) Received: by mail-ot1-x343.google.com with SMTP id g10so140898otq.9 for ; Wed, 02 Sep 2020 11:32:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=GVlNlS2k5mluzHkbh+REDKZGmZjyzZPFj0vaaSFv3+8=; b=oB2TnGM1k26yck6CO7tZVUPBu1aJgr9CU5aRqsnY5enWd9YByRurbRRuj3xsheWdyH wWzG8GHbn7q/fUwCgV7zsqEpG20sgX4ypFqRsiKt83CyqNAYVhvRLZ1kYvcciOXwmD/M B4q0QSljkTKGTHuIt1hiFwS+8e6ct/8G2rBgxp4Otedd/92I+OtwuYoVh72jgwR5UCpg D46scCPp8a0fYralg4n0BP4tlo77WivvJTkNT1GeDS+spvPwVvOSlHoKSIA2KUVJX2hi 7hKezmcn/9Y7YH625YATD4DCfro3YkdDT16V8XW03sPmw370l+lSlqXgjbbIuEOVyvYc X+Zw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=GVlNlS2k5mluzHkbh+REDKZGmZjyzZPFj0vaaSFv3+8=; b=t9NoLPNfn5MR67z44nB0EtjSNx+dSHjwV5KSQcMB29LlchnyfzJKg47RM8ZUfkImXf Pckm4MRwV65X0pAU2dBmVNq4THMxeSIGWUoirxmZ2TkUoqlj8Pgqpo+9Ajza5tNLi75U 3DMhVFA/Sh27K49nlPdjtdph6Bx9xvqNk4f5/hKATIqupbJ4jVwXXSxR2qI2wozUuHJf rZthUbxRv4GkfZ5V8CSH21mLmAgVzJqQj0epGxDeToY5sQwb2nPHj6w9qS3Qhfmg3ypM NQVujUSELN8AY7xNoq3QxwqNl1kVJFgTWbFsQM++NS85TcYLiv3uQE2zpN9xdFh05KLZ tEKQ== X-Gm-Message-State: AOAM531mCiG23gRI+OCmaQpfilKC18iRPYcF3GBQwi4qnWhauNX4yvaH 4wlwHBb9tLBRua5XOzi/eakYMBgSW1uY/Kkl8vcRRw== X-Received: by 2002:a05:6830:18ca:: with SMTP id v10mr6508725ote.295.1599071541040; Wed, 02 Sep 2020 11:32:21 -0700 (PDT) MIME-Version: 1.0 References: <20200828085622.8365-1-chenyi.qiang@intel.com> <20200828085622.8365-4-chenyi.qiang@intel.com> <20200902181654.GH11695@sjchrist-ice> In-Reply-To: <20200902181654.GH11695@sjchrist-ice> From: Jim Mattson Date: Wed, 2 Sep 2020 11:32:09 -0700 Message-ID: Subject: Re: [PATCH 3/5] KVM: nVMX: Update VMX controls MSR according to guest CPUID after setting VMX MSRs To: Sean Christopherson Cc: Chenyi Qiang , Paolo Bonzini , Vitaly Kuznetsov , Wanpeng Li , Joerg Roedel , Xiaoyao Li , kvm list , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Sep 2, 2020 at 11:16 AM Sean Christopherson wrote: > > On Fri, Aug 28, 2020 at 01:39:39PM -0700, Jim Mattson wrote: > > On Fri, Aug 28, 2020 at 1:54 AM Chenyi Qiang wrote: > > > > > > Update the fields (i.e. VM_{ENTRY_LOAD, EXIT_CLEAR}_BNDCFGS and > > > VM_{ENTRY, EXIT}_LOAD_IA32_PERF_GLOBAL_CTRL) in > > > nested MSR_IA32_VMX_TRUE_{ENTRY, EXIT}_CTLS according to guest CPUID > > > when user space initializes the features MSRs. Regardless of the order > > > of SET_CPUID and SET_MSRS from the user space, do the update to avoid > > > MSR values overriding. > > > > > > Signed-off-by: Chenyi Qiang > > > --- > > > arch/x86/kvm/vmx/vmx.c | 6 +++++- > > > 1 file changed, 5 insertions(+), 1 deletion(-) > > > > > > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > > > index 819c185adf09..f9664ccc003b 100644 > > > --- a/arch/x86/kvm/vmx/vmx.c > > > +++ b/arch/x86/kvm/vmx/vmx.c > > > @@ -345,6 +345,7 @@ static bool guest_state_valid(struct kvm_vcpu *vcpu); > > > static u32 vmx_segment_access_rights(struct kvm_segment *var); > > > static __always_inline void vmx_disable_intercept_for_msr(unsigned long *msr_bitmap, > > > u32 msr, int type); > > > +static void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu); > > > > > > void vmx_vmexit(void); > > > > > > @@ -2161,7 +2162,10 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > > > return 1; /* they are read-only */ > > > if (!nested_vmx_allowed(vcpu)) > > > return 1; > > > - return vmx_set_vmx_msr(vcpu, msr_index, data); > > > + ret = vmx_set_vmx_msr(vcpu, msr_index, data); > > > + nested_vmx_pmu_entry_exit_ctls_update(vcpu); > > > + nested_vmx_entry_exit_ctls_update(vcpu); > > > + break; > > > > Now I see what you're doing. This commit should probably come before > > the previous commit, so that at no point in the series can userspace > > set VMX MSR bits that should be cleared based on the guest CPUID. > > > > There's an ABI change here: userspace may no longer get -EINVAL if it > > tries to set an illegal VMX MSR bit. Instead, some illegal bits are > > silently cleared. Moreover, these functions will potentially set VMX > > MSR bits that userspace has just asked to clear. > > Can we simply remove nested_vmx_entry_exit_ctls_update() and > nested_vmx_pmu_entry_exit_ctls_update()? It's userspace's responsibility > to present a valid vCPU model to the guest, I don't see any reason to > silently tweak the VMX MSRs unless allowing the bogus config breaks KVM. > E.g. there are many more controls that are non-sensical without "native" > support for the associated feature. We might need a test for kvm_mpx_supported() here: /* If not VM_EXIT_CLEAR_BNDCFGS, the L2 value propagates to L1. */ if (vmcs12->vm_exit_controls & VM_EXIT_CLEAR_BNDCFGS) vmcs_write64(GUEST_BNDCFGS, 0); BTW, where does the L2 value propagate to L1 if not VM_EXIT_CLEAR_BNDCFGS?