Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3136331pxk;
        Mon, 28 Sep 2020 09:11:18 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxn2KzVwbVWFpseTI9C5qCsBFvXnaa/hJCFOJNf7N2ktCIm+n6oAfSqSVq6oo8w9uucS3zc
X-Received: by 2002:a17:906:9491:: with SMTP id t17mr2466805ejx.253.1601309471987;
        Mon, 28 Sep 2020 09:11:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1601309471; cv=none;
        d=google.com; s=arc-20160816;
        b=DjoBjsUcYN0owiwINv8sknvfabexnxi3juyP1bTkfUYDKGlNuSz7WJqrEEqKde65Fn
         Sv6Gabe8N1UmB6u/i3CdhgURIPSZ66Ay+ihIctz3iFeM4tclYPDX05mYou6hZrUyLFZo
         ufpN7Uv0K3EF/AJzHCHRZYTWQepbltTkGwF1sjcDu9CJEDyU6PjToFBIpsEDiiu9nkVZ
         SP5sfwUu66JW0WqJPXxJIpmKzUA33LzZ/Q+DzmOJ9DXhhqfk6KJgRK9vaIXL+VkQxk/4
         u5/2pIno/OIB00a0asUZYgitm3SFdsj3jzKuHQuIwxPi7BynPmVs2qXTDY2UIcfM8Z+r
         GM6w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=Up1q7Lh5lzvjFc9/cxHyzghr4+aFRynRiUu3dMieLtc=;
        b=TBu6Sk+hzE8FOMKQaw9g5oordBOnbdanZA3FCel7NInBuumHh+NVl8M1ws/BXgwUuQ
         aGnlz691IAHkATyI+15cJv0iL0IGihaXvHcEerbR9AAJbVzE4x+DdAClmr7v2djRHs/L
         0mHhnOhs6aQC8UiL6a7aMZCpJ9Hft6yM+CqvEKV5UcN2TrUE1y2JTwNJ9AbMG55Bbjy9
         Quyi23IYLchlhy1p/cMca4j/L26k2FA3mV0+pEzjnbAFwqubMzImVTwdEEPtDW2NQK2x
         1eEXvVuAGJENhJ4HAYCJFz4bB06an5vv4Cu5BYCqZH2myesVSpB2+wAI6KArLM4FdMmq
         VvaA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=Uk8bicKc;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id pk25si928086ejb.746.2020.09.28.09.10.48;
        Mon, 28 Sep 2020 09:11:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=Uk8bicKc;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726460AbgI1QJi (ORCPT <rfc822;xc.haze2010@gmail.com>
        + 99 others); Mon, 28 Sep 2020 12:09:38 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55538 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726526AbgI1QJh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 28 Sep 2020 12:09:37 -0400
Received: from mail-ej1-x643.google.com (mail-ej1-x643.google.com [IPv6:2a00:1450:4864:20::643])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85DC2C0613CF
        for <linux-kernel@vger.kernel.org>; Mon, 28 Sep 2020 09:09:37 -0700 (PDT)
Received: by mail-ej1-x643.google.com with SMTP id q13so9288585ejo.9
        for <linux-kernel@vger.kernel.org>; Mon, 28 Sep 2020 09:09:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=Up1q7Lh5lzvjFc9/cxHyzghr4+aFRynRiUu3dMieLtc=;
        b=Uk8bicKc4zth43BPspUYEp5dLDqrP9I6O6GUTRzrQdgvFiowxRu+Qpum0iEH89lrzV
         ActGx9oUnCYKSYEjzDdx6Fyw7ldZw9CjocNllVmDeKAhd4jl9TCZevDPCbZ2KVG9LAfS
         +l//B7TziMzVX3fnYFKx4JcSUVtoF0aG8lxnf78lyBDDp0eXgP4zKY00gyVEWsm3TwNH
         xZUtRXPvC1TXOtn4imVjVYKAUMNC5WIjKha7GLRg65lPknrirrpy7CxHqMVC+N09b67m
         gxREQXfrzX1wk5/oL2SRozU4OquNrNYY76K4OUPqs0kMeI92VH0Qe8PKJwuFtReA/WPP
         xBMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=Up1q7Lh5lzvjFc9/cxHyzghr4+aFRynRiUu3dMieLtc=;
        b=r+wCE/Bq98qq/3/JqUq/vpHwVeq4a6IH65PZ/WZev9645m3ZffJajHDKj2XaJladZM
         WT+NXpuqaupYrETIpowtyIVfCvFTWPdbTb3H+Em9h0cbXnNVzsDCGe2/Gl1xKaOyZ+60
         F+1MrlTjMqGXBDKEc8IhOhAPd+sKqJRgL1y6Bd6U2BHkDQS+iDQ/Bl2/VQtQXy0p8ObM
         fOr64J1/kD8t4Hi5BOudCcqrsDqf1n4OT3mqXC74YEpmxQnsEp6oHoVrl+CfZ547uxS8
         y3lGIsAAcQl21yy68IR4/yYZT52aqY9SZCq5Xp4BOimdgBgHyubSq81kf4c1+aRIRo7A
         oNpw==
X-Gm-Message-State: AOAM5311QfPDdzHWPPSMSwLUIj8G+T4nS6exXv/ULDLZngN8LyXNoDop
        QqM9aNC9+6qb4ucOxYP4UHGWLRAtCBX9FAvZP6HTRw==
X-Received: by 2002:a17:906:2655:: with SMTP id i21mr2279494ejc.511.1601309376000;
 Mon, 28 Sep 2020 09:09:36 -0700 (PDT)
MIME-Version: 1.0
References: <20200925143422.21718-1-graf@amazon.com> <20200925143422.21718-8-graf@amazon.com>
In-Reply-To: <20200925143422.21718-8-graf@amazon.com>
From:   Aaron Lewis <aaronlewis@google.com>
Date:   Mon, 28 Sep 2020 09:09:24 -0700
Message-ID: <CAAAPnDGt8nk+wPyr-j+j713atv+xXoO0BjpMSFB+2NgWHPv6PQ@mail.gmail.com>
Subject: Re: [PATCH v8 7/8] KVM: x86: Introduce MSR filtering
To:     Alexander Graf <graf@amazon.com>
Cc:     kvm list <kvm@vger.kernel.org>,
        Sean Christopherson <sean.j.christopherson@intel.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Jonathan Corbet <corbet@lwn.net>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Jim Mattson <jmattson@google.com>,
        Joerg Roedel <joro@8bytes.org>,
        KarimAllah Raslan <karahmed@amazon.de>,
        Dan Carpenter <dan.carpenter@oracle.com>,
        Maxim Levitsky <mlevitsk@redhat.com>,
        linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Sep 25, 2020 at 7:35 AM Alexander Graf <graf@amazon.com> wrote:
>
> It's not desireable to have all MSRs always handled by KVM kernel space. Some
> MSRs would be useful to handle in user space to either emulate behavior (like
> uCode updates) or differentiate whether they are valid based on the CPU model.
>
> To allow user space to specify which MSRs it wants to see handled by KVM,
> this patch introduces a new ioctl to push filter rules with bitmaps into
> KVM. Based on these bitmaps, KVM can then decide whether to reject MSR access.
> With the addition of KVM_CAP_X86_USER_SPACE_MSR it can also deflect the
> denied MSR events to user space to operate on.
>
> If no filter is populated, MSR handling stays identical to before.
>
> Signed-off-by: Alexander Graf <graf@amazon.com>

Reviewed-by: Aaron Lewis <aaronlewis@google.com>

>
> ---
>
> v2 -> v3:
>
>   - document flags for KVM_X86_ADD_MSR_ALLOWLIST
>   - generalize exit path, always unlock when returning
>   - s/KVM_CAP_ADD_MSR_ALLOWLIST/KVM_CAP_X86_MSR_ALLOWLIST/g
>   - Add KVM_X86_CLEAR_MSR_ALLOWLIST
>
> v3 -> v4:
>   - lock allow check and clearing
>   - free bitmaps on clear
>