Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp1142001pxf; Fri, 9 Apr 2021 00:40:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw6udU0aWfeD8o3TWm0QYx+UR2m1HiqsWwVE5SYxsHR7HQBdHOHelUJPWKp5//bx2EDZUcP X-Received: by 2002:a17:902:d645:b029:e8:ec90:d097 with SMTP id y5-20020a170902d645b02900e8ec90d097mr11709808plh.47.1617954016971; Fri, 09 Apr 2021 00:40:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617954016; cv=none; d=google.com; s=arc-20160816; b=VEG4AxcChFfYDwxBXVYiKQxxn6aoDE7Gnbbw/RtJk+UwOcJHZ75tz/XWIjgyg+BAtv wQ3g0ZCf35+aa1ccNwEg5utMeMwUN5MNU77HElUTnKz8yQWMk8/6fFTi4rZnK4PaaKTc jzgGPtdEkwP8twD9C4kUYpaWNXFE4TizH2Hfi+gBLC8ytEh8vUF93hcx6DKg8dYJuf/P xfQcyItY2Oy+O2qSSLlZ3zVlaol7bK2PoE2Zc75Z+oNw23qNTZcNYYdef+peveuo7Ela 2S4LDrXpIjM1qJX5iGDsMlXLh3kR8c60QmS30PvCdWMWq3mFdOxbKbZmuqAWwSAKg7uo 6iZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:dkim-signature; bh=fkrozLMJPACVkdmHi98evbnJXUcRYylIKOGu+prd3Vg=; b=MjNHFZndHah51BjmGyGskxw5SEbAvziWm8tAMEeCI9RfH6ud3nZNsRVCk2AdOGwv8k z9WH0omTD+VLhJ4tm5/DtkuHsqgi1raKlkkmZhKJmgSvOj4//qs9AYeocSJsH7ckaEHz 6TsaEu2/EPJIIAllyWrBRZTB0gt71MoMaeGARR+zfKqO8r/5dO6EX/jXtkCjVUV3k4bi Y67DTlWbU2FFwTTyEO+/D7hkGFtYcFSpp7P0GuFvg1CAIQ4UgRFtJjD3F21idLvDsCCR MFOCXzP/4nZK873Smo9HIc4jdHEKyWjAO1eO3yYT2aXsznzi1ct5gSiMhnR7wdvTf7aa g6LQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=dnINYkrb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 63si2410666pfg.83.2021.04.09.00.40.05; Fri, 09 Apr 2021 00:40:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=dnINYkrb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231817AbhDIHiX (ORCPT + 99 others); Fri, 9 Apr 2021 03:38:23 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:21440 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229621AbhDIHiW (ORCPT ); Fri, 9 Apr 2021 03:38:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1617953889; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=fkrozLMJPACVkdmHi98evbnJXUcRYylIKOGu+prd3Vg=; b=dnINYkrb25nmnE74uLH864arDVMKclN8dEdqySCzGxPiI1L9gp+HX4dsrWiSDEHQ56V8+0 vLTEhXvuvFsPXgmiiNDZajZOITudA6QzLC167GzdCnHrXZ9Q1t5GhDG86kFGVgetHNGtBb jBYoR7pVHOUSu9bRZ+h/z7m8aaGffJA= Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-511-dZqQAs4FMnSCTzjYqmYRZg-1; Fri, 09 Apr 2021 03:38:06 -0400 X-MC-Unique: dZqQAs4FMnSCTzjYqmYRZg-1 Received: by mail-ed1-f71.google.com with SMTP id r19so2260574edv.3 for ; Fri, 09 Apr 2021 00:38:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=fkrozLMJPACVkdmHi98evbnJXUcRYylIKOGu+prd3Vg=; b=aNNnaM+v7WaGe2LfuZqUUnPMvb2wEbVyM7MTnNrHZN1WXl07wS4Vizzyqhy0euGuPo LN6e5/6uzoLBXRCQYUXFa+Cgi1LgnB2461Sx3cNVLbmFuq7XfVUuFprCfuOlMWmiVWGa S9alzOm7A36cfOdAQabyCcLB0Uj7yebdY35GDxGfZH7/BvFHbFQKhnIWDaFN7Bz6t+5T /Zrdx3o1gQdY0BHhUAWgCtfP1AJi0b69zonZ5IEtW+Hq6px/SltCIxoDUQVAr1oO3vYm QOireP72I10+ej/wzhQbNc5Op+9DRDnU0XMuiIFl6wgHuYS/IrTuddijgu/Ln6awTPNk xdWA== X-Gm-Message-State: AOAM530hbJiRsGpkhoTBZkDcxVbm5R3s19ckuUqdMyhtaiIIf1NxbuWF /AiO7R4QPqM94U+dlGob1CEJZrlVYCQqPgrj4fan8AW2hRME7Ji/6HKyFDAukfImEwuMjZ+nPQY QWloxW/E0anRLAhTlqH/VBq7d X-Received: by 2002:a17:906:170d:: with SMTP id c13mr14557531eje.491.1617953884853; Fri, 09 Apr 2021 00:38:04 -0700 (PDT) X-Received: by 2002:a17:906:170d:: with SMTP id c13mr14557510eje.491.1617953884680; Fri, 09 Apr 2021 00:38:04 -0700 (PDT) Received: from vitty.brq.redhat.com (g-server-2.ign.cz. [91.219.240.2]) by smtp.gmail.com with ESMTPSA id q18sm920852edr.26.2021.04.09.00.38.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 09 Apr 2021 00:38:04 -0700 (PDT) From: Vitaly Kuznetsov To: Siddharth Chandrasekaran Cc: Alexander Graf , Evgeny Iakovlev , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, "K. Y. Srinivasan" , Haiyang Zhang , Stephen Hemminger , Wei Liu , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H. Peter Anvin" , Paolo Bonzini , Sean Christopherson , Wanpeng Li , Jim Mattson , Joerg Roedel Subject: Re: [PATCH 4/4] KVM: hyper-v: Advertise support for fast XMM hypercalls In-Reply-To: <20210408155220.GB32315@u366d62d47e3651.ant.amazon.com> References: <20210407211954.32755-1-sidcha@amazon.de> <20210407211954.32755-5-sidcha@amazon.de> <87blap7zha.fsf@vitty.brq.redhat.com> <20210408142053.GA10636@u366d62d47e3651.ant.amazon.com> <8735w096pk.fsf@vitty.brq.redhat.com> <20210408155220.GB32315@u366d62d47e3651.ant.amazon.com> Date: Fri, 09 Apr 2021 09:38:03 +0200 Message-ID: <87zgy77vs4.fsf@vitty.brq.redhat.com> MIME-Version: 1.0 Content-Type: text/plain Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Siddharth Chandrasekaran writes: > On Thu, Apr 08, 2021 at 04:44:23PM +0200, Vitaly Kuznetsov wrote: >> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. >> >> >> >> Siddharth Chandrasekaran writes: >> >> > On Thu, Apr 08, 2021 at 02:05:53PM +0200, Vitaly Kuznetsov wrote: >> >> Siddharth Chandrasekaran writes: >> >> >> >> > Now that all extant hypercalls that can use XMM registers (based on >> >> > spec) for input/outputs are patched to support them, we can start >> >> > advertising this feature to guests. >> >> > >> >> > Cc: Alexander Graf >> >> > Cc: Evgeny Iakovlev >> >> > Signed-off-by: Siddharth Chandrasekaran >> >> > --- >> >> > arch/x86/include/asm/hyperv-tlfs.h | 4 ++-- >> >> > arch/x86/kvm/hyperv.c | 1 + >> >> > 2 files changed, 3 insertions(+), 2 deletions(-) >> >> > >> >> > diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hyperv-tlfs.h >> >> > index e6cd3fee562b..1f160ef60509 100644 >> >> > --- a/arch/x86/include/asm/hyperv-tlfs.h >> >> > +++ b/arch/x86/include/asm/hyperv-tlfs.h >> >> > @@ -49,10 +49,10 @@ >> >> > /* Support for physical CPU dynamic partitioning events is available*/ >> >> > #define HV_X64_CPU_DYNAMIC_PARTITIONING_AVAILABLE BIT(3) >> >> > /* >> >> > - * Support for passing hypercall input parameter block via XMM >> >> > + * Support for passing hypercall input and output parameter block via XMM >> >> > * registers is available >> >> > */ >> >> > -#define HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE BIT(4) >> >> > +#define HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE BIT(4) | BIT(15) >> >> >> >> TLFS 6.0b states that there are two distinct bits for input and output: >> >> >> >> CPUID Leaf 0x40000003.EDX: >> >> Bit 4: support for passing hypercall input via XMM registers is available. >> >> Bit 15: support for returning hypercall output via XMM registers is available. >> >> >> >> and HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE is not currently used >> >> anywhere, I'd suggest we just rename >> >> >> >> HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE to HV_X64_HYPERCALL_XMM_INPUT_AVAILABLE >> >> and add HV_X64_HYPERCALL_XMM_OUTPUT_AVAILABLE (bit 15). >> > >> > That is how I had it initially; but then noticed that we would never >> > need to use either of them separately. So it seemed like a reasonable >> > abstraction to put them together. >> > >> >> Actually, we may. In theory, KVM userspace may decide to expose just >> one of these two to the guest as it is not obliged to copy everything >> from KVM_GET_SUPPORTED_HV_CPUID so we will need separate >> guest_cpuid_has() checks. > > Makes sense. I'll split them and add the checks. > >> (This reminds me of something I didn't see in your series: >> we need to check that XMM hypercall parameters support was actually >> exposed to the guest as it is illegal for a guest to use it otherwise -- >> and we will likely need two checks, for input and output). > > We observed that Windows expects Hyper-V to support XMM params even if > we don't advertise this feature but if userspace wants to hide this > feature and the guest does it anyway, then it makes sense to treat it as > an illegal OP. > Out of pure curiosity, which Windows version behaves like that? And how does this work with KVM without your patches? Sane KVM userspaces will certainly expose both XMM input and output capabilities together but having an ability to hide one or both of them may come handy while debugging. Also, we weren't enforcing the rule that enlightenments not exposed to the guest don't work, even the whole Hyper-V emulation interface was available to all guests who were smart enough to know how to enable it! I don't like this for two reasons: security (large attack surface) and the fact that someone 'smart' may decide to use Hyper-V emulation features on KVM as 'general purpose' features saying 'they're always available anyway', this risks becoming an ABI. Let's at least properly check if the feature was exposed to the guest for all new enlightenments. -- Vitaly