Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp1150484pxf; Fri, 9 Apr 2021 00:59:12 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzxasoJYJPHv/KsgzrdlCmTURT7qDiwk9gHzwBwM3AZWEjUkfDnFArJXK2aoH5otCLuVVkk X-Received: by 2002:a05:6402:4407:: with SMTP id y7mr16286560eda.247.1617955152601; Fri, 09 Apr 2021 00:59:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617955152; cv=none; d=google.com; s=arc-20160816; b=cSWR/RtZjk2DzDz405e07JfP24EgzJv1znRG1cURXAdEzMFSz4A8j20O4NykF/lZii ZWkqgM5tloUjxjj7lTfTR1matgFmBeB/17D/XG81wzwt1zyHUjRAPRufqnYVvw2O/VNr kvcZSkqdvNMu/ky64mRNc3QtVs2wghAjX2OO4JMpCn6qJZqNO8hM3EQ2icgRlQAKt/H8 6PNV3Y1i2CtsRhSkwnPQ7w64hXzteEUo7MkJhJpVNuhvOnuG5EtFkEjW15MG7SvSMlJs KbEt1IjGzruZgPujj7rdq505/st+KtbkmEyaEYQiXbT55hNvDa4gR1nJ596TBzBo6sKP 9XVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:cc:to:from:date:subject :dkim-signature; bh=BJxY6uzNd1eqL/AmYQtKHlFqsRdbG/hESPW6+LfJYVU=; b=in2Q7ku9u88xcIDL+hXZ6fBTlYa40kWzVKdlZ9dHBq8BPCs1ZMNG1iTC4DYYL3IT0t GkC9EKhhCYBfxCVBPXA3dE/HbH49afIQceknRQ41QeZuisTHH0gWpIPO4XWACcv4mVNb olaEIsuchnnKXl+2UvrljM5XTJiJjtUKrmxrTeKzVffLiuXq71iBLgg8e69VxLQQnD4g XcDdCk6eqcFb96Kbct3zBxvcxL36wGUbAgpZqztPMjirvBryQ3OWPFSbgZ5TilUaGzkE jEX5RoQ3NaVoMW472f40QLd5YSG02FHg8mkPG6i+7R8sJFdMPZr1yCyHWs4DUhk59+GV +s4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.de header.s=amazon201209 header.b="W/765iYj"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o4si1782657edc.426.2021.04.09.00.58.49; Fri, 09 Apr 2021 00:59:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.de header.s=amazon201209 header.b="W/765iYj"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232372AbhDIH4F (ORCPT + 99 others); Fri, 9 Apr 2021 03:56:05 -0400 Received: from smtp-fw-6001.amazon.com ([52.95.48.154]:15228 "EHLO smtp-fw-6001.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231127AbhDIH4F (ORCPT ); Fri, 9 Apr 2021 03:56:05 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1617954953; x=1649490953; h=date:from:to:cc:message-id:references:mime-version: in-reply-to:subject; bh=BJxY6uzNd1eqL/AmYQtKHlFqsRdbG/hESPW6+LfJYVU=; b=W/765iYj1um90S53kp6bWWzQgpncOnxV6H9LDyVBab/zUVcJoQlVv+JA 1kUXm3PTWhdrslEEdMI+mhX2AFj4c76WJ4gKGyfURtGX4cy8Nanpz9+7F 1I1piw1GxFMr1ITE+frmZz7Ry/WMaUf2kLxs/e3JdgqYQLRWbVWS6ovmo o=; X-IronPort-AV: E=Sophos;i="5.82,208,1613433600"; d="scan'208";a="106476224" Subject: Re: [PATCH 4/4] KVM: hyper-v: Advertise support for fast XMM hypercalls Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-1d-37fd6b3d.us-east-1.amazon.com) ([10.43.8.2]) by smtp-border-fw-out-6001.iad6.amazon.com with ESMTP; 09 Apr 2021 07:55:46 +0000 Received: from EX13D28EUC003.ant.amazon.com (iad12-ws-svc-p26-lb9-vlan2.iad.amazon.com [10.40.163.34]) by email-inbound-relay-1d-37fd6b3d.us-east-1.amazon.com (Postfix) with ESMTPS id 1317C28BCBD; Fri, 9 Apr 2021 07:55:39 +0000 (UTC) Received: from uc8bbc9586ea454.ant.amazon.com (10.43.162.207) by EX13D28EUC003.ant.amazon.com (10.43.164.43) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 9 Apr 2021 07:55:32 +0000 Date: Fri, 9 Apr 2021 09:55:28 +0200 From: Siddharth Chandrasekaran To: Vitaly Kuznetsov CC: Alexander Graf , Evgeny Iakovlev , , , , "K. Y. Srinivasan" , Haiyang Zhang , Stephen Hemminger , Wei Liu , Thomas Gleixner , Ingo Molnar , Borislav Petkov , , "H. Peter Anvin" , Paolo Bonzini , "Sean Christopherson" , Wanpeng Li , "Jim Mattson" , Joerg Roedel Message-ID: <20210409075335.GA26597@uc8bbc9586ea454.ant.amazon.com> References: <20210407211954.32755-1-sidcha@amazon.de> <20210407211954.32755-5-sidcha@amazon.de> <87blap7zha.fsf@vitty.brq.redhat.com> <20210408142053.GA10636@u366d62d47e3651.ant.amazon.com> <8735w096pk.fsf@vitty.brq.redhat.com> <20210408155220.GB32315@u366d62d47e3651.ant.amazon.com> <87zgy77vs4.fsf@vitty.brq.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <87zgy77vs4.fsf@vitty.brq.redhat.com> User-Agent: Mutt/1.9.4 (2018-02-28) X-Originating-IP: [10.43.162.207] X-ClientProxiedBy: EX13D20UWC002.ant.amazon.com (10.43.162.163) To EX13D28EUC003.ant.amazon.com (10.43.164.43) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Apr 09, 2021 at 09:38:03AM +0200, Vitaly Kuznetsov wrote: > Siddharth Chandrasekaran writes: > > On Thu, Apr 08, 2021 at 04:44:23PM +0200, Vitaly Kuznetsov wrote: > >> Siddharth Chandrasekaran writes: > >> > On Thu, Apr 08, 2021 at 02:05:53PM +0200, Vitaly Kuznetsov wrote: > >> >> Siddharth Chandrasekaran writes: > >> >> > >> >> > Now that all extant hypercalls that can use XMM registers (based on > >> >> > spec) for input/outputs are patched to support them, we can start > >> >> > advertising this feature to guests. > >> >> > > >> >> > Cc: Alexander Graf > >> >> > Cc: Evgeny Iakovlev > >> >> > Signed-off-by: Siddharth Chandrasekaran > >> >> > --- > >> >> > arch/x86/include/asm/hyperv-tlfs.h | 4 ++-- > >> >> > arch/x86/kvm/hyperv.c | 1 + > >> >> > 2 files changed, 3 insertions(+), 2 deletions(-) > >> >> > > >> >> > diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hyperv-tlfs.h > >> >> > index e6cd3fee562b..1f160ef60509 100644 > >> >> > --- a/arch/x86/include/asm/hyperv-tlfs.h > >> >> > +++ b/arch/x86/include/asm/hyperv-tlfs.h > >> >> > @@ -49,10 +49,10 @@ > >> >> > /* Support for physical CPU dynamic partitioning events is available*/ > >> >> > #define HV_X64_CPU_DYNAMIC_PARTITIONING_AVAILABLE BIT(3) > >> >> > /* > >> >> > - * Support for passing hypercall input parameter block via XMM > >> >> > + * Support for passing hypercall input and output parameter block via XMM > >> >> > * registers is available > >> >> > */ > >> >> > -#define HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE BIT(4) > >> >> > +#define HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE BIT(4) | BIT(15) > >> >> > >> >> TLFS 6.0b states that there are two distinct bits for input and output: > >> >> > >> >> CPUID Leaf 0x40000003.EDX: > >> >> Bit 4: support for passing hypercall input via XMM registers is available. > >> >> Bit 15: support for returning hypercall output via XMM registers is available. > >> >> > >> >> and HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE is not currently used > >> >> anywhere, I'd suggest we just rename > >> >> > >> >> HV_X64_HYPERCALL_PARAMS_XMM_AVAILABLE to HV_X64_HYPERCALL_XMM_INPUT_AVAILABLE > >> >> and add HV_X64_HYPERCALL_XMM_OUTPUT_AVAILABLE (bit 15). > >> > > >> > That is how I had it initially; but then noticed that we would never > >> > need to use either of them separately. So it seemed like a reasonable > >> > abstraction to put them together. > >> > > >> > >> Actually, we may. In theory, KVM userspace may decide to expose just > >> one of these two to the guest as it is not obliged to copy everything > >> from KVM_GET_SUPPORTED_HV_CPUID so we will need separate > >> guest_cpuid_has() checks. > > > > Makes sense. I'll split them and add the checks. > > > >> (This reminds me of something I didn't see in your series: > >> we need to check that XMM hypercall parameters support was actually > >> exposed to the guest as it is illegal for a guest to use it otherwise -- > >> and we will likely need two checks, for input and output). > > > > We observed that Windows expects Hyper-V to support XMM params even if > > we don't advertise this feature but if userspace wants to hide this > > feature and the guest does it anyway, then it makes sense to treat it as > > an illegal OP. > > > > Out of pure curiosity, which Windows version behaves like that? And how > does this work with KVM without your patches? The guest is a Windows Server 2016 on which we are trying to enable VBS and handle it through the VSM API. When VBS is enabled on the guest, it starts using many other (new) hypercalls and some of them don't honor the CPUID bits (4, 15) that indicate the presence of XMM params support. > Sane KVM userspaces will certainly expose both XMM input and output > capabilities together but having an ability to hide one or both of them > may come handy while debugging. > > Also, we weren't enforcing the rule that enlightenments not exposed to > the guest don't work, even the whole Hyper-V emulation interface was > available to all guests who were smart enough to know how to enable it! > I don't like this for two reasons: security (large attack surface) and > the fact that someone 'smart' may decide to use Hyper-V emulation > features on KVM as 'general purpose' features saying 'they're always > available anyway', this risks becoming an ABI. > > Let's at least properly check if the feature was exposed to the guest > for all new enlightenments. Agreed. ~ Sid. Amazon Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B Sitz: Berlin Ust-ID: DE 289 237 879