Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp286266pxb; Mon, 2 Nov 2020 22:29:44 -0800 (PST) X-Google-Smtp-Source: ABdhPJy+CDtrFqG33eX9luiiOTMMXGWAv8eiZ0N6XkhjYw1R/zvw6y6vLdaasPegP7gtFXJ1WwYQ X-Received: by 2002:aa7:cacd:: with SMTP id l13mr19935174edt.177.1604384984471; Mon, 02 Nov 2020 22:29:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604384984; cv=none; d=google.com; s=arc-20160816; b=us1sKsMLRegF9CAxhnJBn/VlC8pWsXKTVGWb1ryTMUVfqKldZt8ZL7n21oueaMCu7k xOLNsMO2wCqfX++Wqdul3/ryzHE/bQYfBB/1zDPYcv28lW0QfdH3yKliQvRhrHJPVfYR hp6LGdl/X5KRuq4MUecqCtDNTEvsc7IKKvDKE/XDgrkIR3JfP0k3durgQG1oiKsXCOWZ DV2I/bTKjhU57YBSXVJoNv4aiGo6lzGuhvHhMwQWRo8BhtfuKxBZf0LA/V2mcUpdPt/n J8ho77KhZ/j5ki9KPh+1rz18UlI6xx71nmqJv5bYHw12bc9Zl/apbfAOVr3XbUVc07E/ t3Hg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :ironport-sdr:ironport-sdr; bh=K/1wGXu5Bi5iWOiuL3xE5KK2m7DnerWsXNNbisjIFFk=; b=RxQtVBO1/MkwVzzpARbKGkC3VUQ7XMPRnYJV73fEjH5iKrtCDqQgtaTXlfTUseK2a3 i9Hke9bwM5QB2MFHVbQhWcqD7Qc335wYFwklskRi5FlL9yuzk4lr7DY13guFwqjBqTJC 4dVQ4/z4XCQP0/H4sSNuBx3ahAAEa88E8qb9a2rY6O+YsNqbjDF+lX9u/Mrb+WLDcIi7 7fGY46lhnwF5Mm+y1cuJzPXHuJunUu11/Sx/O64TyGxYmOnMkQ4OhJX8tHOrcl+ne4Yw wj49C9tzrwllJV4haapsKHE+KngQso1zCEm0qj62tBgFtE60y0C92GsyODyQ8o3fVKxR UA/Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p23si14759606edw.241.2020.11.02.22.29.21; Mon, 02 Nov 2020 22:29:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725993AbgKCG1Y (ORCPT + 99 others); Tue, 3 Nov 2020 01:27:24 -0500 Received: from mga06.intel.com ([134.134.136.31]:15383 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725958AbgKCG1Y (ORCPT ); Tue, 3 Nov 2020 01:27:24 -0500 IronPort-SDR: wsUM/cWouavsJxsdYGckKAczmVY9w9UXWw0G3+e56VHnTBmuj6KloM/gv6KUFYZvZUkaySB7FD WKKTbw5P1r+Q== X-IronPort-AV: E=McAfee;i="6000,8403,9793"; a="230635754" X-IronPort-AV: E=Sophos;i="5.77,447,1596524400"; d="scan'208";a="230635754" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2020 22:27:23 -0800 IronPort-SDR: rRNqDHkbbWSfJZ+Q8GJgxohO1GjU5Gw1DoIgCmDOHq0SErQy85b9F+P0wzg9u/3gfq6e63QFFF rHI6neLJu11w== X-IronPort-AV: E=Sophos;i="5.77,447,1596524400"; d="scan'208";a="470670550" Received: from shuo-intel.sh.intel.com (HELO localhost) ([10.239.154.30]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2020 22:27:20 -0800 Date: Tue, 3 Nov 2020 14:27:18 +0800 From: Shuo A Liu To: Borislav Petkov Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Greg Kroah-Hartman , "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar , Sean Christopherson , Yu Wang , Reinette Chatre , Yin Fengwei , Dave Hansen , Dan Williams , Zhi Wang , Zhenyu Wang Subject: Re: [PATCH v5 03/17] x86/acrn: Introduce an API to check if a VM is privileged Message-ID: <20201103062718.GD12408@shuo-intel.sh.intel.com> References: <20201019061803.13298-1-shuo.a.liu@intel.com> <20201019061803.13298-4-shuo.a.liu@intel.com> <20201102143707.GC15392@zn.tnic> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20201102143707.GC15392@zn.tnic> User-Agent: Mutt/1.8.3 (2017-05-23) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Boris, On Mon 2.Nov'20 at 15:37:07 +0100, Borislav Petkov wrote: >On Mon, Oct 19, 2020 at 02:17:49PM +0800, shuo.a.liu@intel.com wrote: >> +bool acrn_is_privileged_vm(void) >> +{ >> + return cpuid_eax(acrn_cpuid_base() | ACRN_CPUID_FEATURES) & >> + ACRN_FEATURE_PRIVILEGED_VM; > >I asked in the previous review why that acrn_cpuid_base() is used here, >you said that the base might vary. Looking at hypervisor_cpuid_base(), >it searches in the range [0x40000000, 0x40010000] with an 0x100 offset. > >So you're saying that ACRN_CPUID_FEATURES is the first leaf beyond the >base. Close? Yes. > >If so, why isn't the code doing this? > > return cpuid_eax(acrn_cpuid_base() + 1)... > >and why doesn't it have a comment above it explaining that the base can >change and it needs to be discovered each time? The code just followed KVM style (see kvm_arch_para_features()). I can change to use cpuid_eax(acrn_cpuid_base() + 1)... If you prefer to. hypervisor_cpuid_base() implies the base is variable, no? We use this function to detect the base. > >> +EXPORT_SYMBOL_GPL(acrn_is_privileged_vm); > >Also, that acrn_is_privileged_vm() silly helper is used only once and >I don't like the exported symbols pollution we're doing. So make that >function give you the eax of ACRN_CPUID_FEATURES and callers can do >their testing themselves. OK. Then i will define acrn_cpuid_base() as a static inline function in asm/acrn.h for callers. > >When it turns out that code patterns get repeated, you can then >aggregate stuff into a helper. Got it. Thanks. Thanks shuo