Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp3808145pxy; Tue, 4 May 2021 10:20:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxWGa0whMAfcSAebhSWaidUQZsVlxMeWyx/lgO3HcwlmZhvqGt0MPD4Q8xSw9xZ5T5lq/Tg X-Received: by 2002:a17:902:e74d:b029:ee:205b:a9f5 with SMTP id p13-20020a170902e74db02900ee205ba9f5mr27059049plf.13.1620148810688; Tue, 04 May 2021 10:20:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620148810; cv=none; d=google.com; s=arc-20160816; b=TvDyYWse45/9eqrK8LEfbruX5E2y+gLX+j5JPWXZ3haCMo6QzXmPqSaXKeVhJnVfjD CAvMy13c+j+xPHhbUP16ryiH1/nHh7kVEWAnhYRlZPXUD2XXZ218ckS1YrDyLkcoYu3Q yL5JhG9My0w2Fo3WemFj7SoA1DLxMIxw1UV88LKfSu9VBGX0m2eacIhrMWfHmTV1WCG2 z4G/hLN3RIUMQM7LTRbs3t8lMLiebEpSLrVt53Ey9MAoHBW2HhGVNrc1vG1zwES4huSw 7BJfS6TTnx8JvKe07N6f/YtvFCoKNn4D+g+hAHA6eab2WkF0TAaSblsKGkb1d7jThe5i fvpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:dkim-signature; bh=BGCQSILYAU01VvgA8TaO/AwM6Dcj3M5kpkKiJ9GwIVo=; b=CGYd0A+VihPZPXYXgZuwFlXpEi91s4nFAGnYFx85fVzsoXDRd0v5IXnbC/LzpGpMUm 1FpJVNWV/DS/6szNmjLPNhlrmWatZ9lJccrMNJmizIBt4WN6HH0ZYO8pAaG9mN5Eq5vX vkGxiRNgCXpr2/LVPAbLJRCMtwglTKYh/Glx7aksfuhC4e7vJTrVO1y7c776qLWS/GEP LTKiCtnAWJXEvVdW3FiRO110V1BkvFkgUpt9/TvhYQXPvW/tyHFAAPV83rLWCyYbPhRC UPHO/w1R1OXcELLPSfIOWA42FKGKYfLePOrs8UkbsTxbN9q0Nze6Sf4ry1QhrRj2h1bE p2Pw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VoB1ZQZU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 30si3977051pgp.121.2021.05.04.10.19.58; Tue, 04 May 2021 10:20:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=VoB1ZQZU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232316AbhEDRTK (ORCPT + 99 others); Tue, 4 May 2021 13:19:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39646 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232172AbhEDRSz (ORCPT ); Tue, 4 May 2021 13:18:55 -0400 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1048EC061761 for ; Tue, 4 May 2021 10:18:00 -0700 (PDT) Received: by mail-qv1-xf49.google.com with SMTP id t1-20020a0ca6810000b029019e892416e6so8160781qva.9 for ; Tue, 04 May 2021 10:18:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=BGCQSILYAU01VvgA8TaO/AwM6Dcj3M5kpkKiJ9GwIVo=; b=VoB1ZQZUQTZDbAWIb7z6YLsP1EcMmTZaJ21TOhoo/VBB8DHbA/WYo7YmRUtOh+XWCL JHH+uUsd40UADuqDaFksTVfYQXRNeuI4xpnKVKdCjrsCWjSuUczwY6PkZMyaLmFMJt4p r9AXFSCo3QBnt2KcWe/W6aHmzAKDQl/I3vDLGVJT/HxrAwj5sgyIP2ptWLQWgXHQGU3E IZX8NGOJp4EBjwcMDGh964qDz/CTANPH1FckHRPrhLRkchsqqXBoWKAhbisk7iqXuUFC NtGAe0bVUIP024/Lo487nX7s+aMm0dtH3OVvl7VW6NKxgP/fNmzSOLn+VYLYU1ZxX+Cf fVjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=BGCQSILYAU01VvgA8TaO/AwM6Dcj3M5kpkKiJ9GwIVo=; b=g2kslwnICLaTaekpby8YNB+4ncUYAhArZA9Aj+1ktxpV6/tS1IF9zcl2P+R0gO/qXS RH5jufjznAO3tphoFsK8ESqLeQ9c+C+tfZpIA33S+wTO2ZSkg6QNIv8x8UYq0nYOGmLC owlnRBZOdDeese5rMw367FENykXZaZWFK/imArFGQ12Idm7Hs7n4p8l0HhYNlQL/G+4M pebm6GFO63KBB5TnEoPnLUIbfqR/5+fugx/P4eQ46RSxyxGYYfI7q9McvVtY4J4+nmLF +fg0EMqzrkA7MepcbcBu+iEVC/6HOBCt6Zb7izycQZgVITJa8aqKZKxZuHVeFn5V6ArZ ftsQ== X-Gm-Message-State: AOAM530bqfAYxIM303Tofzd/9EMHLDF95bL1t7Om5fQzOpa5ChG61Vax NiTA3ZY9C4a2d/Ok+UHeRRtEmkMqhLI= X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:df57:48cb:ea33:a156]) (user=seanjc job=sendgmr) by 2002:ad4:5fc6:: with SMTP id jq6mr5885999qvb.43.1620148679153; Tue, 04 May 2021 10:17:59 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 4 May 2021 10:17:26 -0700 In-Reply-To: <20210504171734.1434054-1-seanjc@google.com> Message-Id: <20210504171734.1434054-8-seanjc@google.com> Mime-Version: 1.0 References: <20210504171734.1434054-1-seanjc@google.com> X-Mailer: git-send-email 2.31.1.527.g47e6f16901-goog Subject: [PATCH 07/15] KVM: x86: Add support for RDPID without RDTSCP From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Xiaoyao Li , Reiji Watanabe Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Allow userspace to enable RDPID for a guest without also enabling RDTSCP. Aside from checking for RDPID support in the obvious flows, VMX also needs to set ENABLE_RDTSCP=1 when RDPID is exposed. For the record, there is no known scenario where enabling RDPID without RDTSCP is desirable. But, both AMD and Intel architectures allow for the condition, i.e. this is purely to make KVM more architecturally accurate. Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID") Cc: stable@vger.kernel.org Reported-by: Reiji Watanabe Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 6 ++++-- arch/x86/kvm/vmx/vmx.c | 27 +++++++++++++++++++++++---- arch/x86/kvm/x86.c | 3 ++- 3 files changed, 29 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b3153d40cc4d..231b9650d864 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2669,7 +2669,8 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) if (tsc_aux_uret_slot < 0) return 1; if (!msr_info->host_initiated && - !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) + !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) && + !guest_cpuid_has(vcpu, X86_FEATURE_RDPID)) return 1; msr_info->data = svm->tsc_aux; break; @@ -2891,7 +2892,8 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) return 1; if (!msr->host_initiated && - !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) + !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) && + !guest_cpuid_has(vcpu, X86_FEATURE_RDPID)) return 1; /* diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 990ee339a05f..42e4bbaa299a 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1788,7 +1788,8 @@ static void setup_msrs(struct vcpu_vmx *vmx) if (update_transition_efer(vmx)) vmx_setup_uret_msr(vmx, MSR_EFER); - if (guest_cpuid_has(&vmx->vcpu, X86_FEATURE_RDTSCP)) + if (guest_cpuid_has(&vmx->vcpu, X86_FEATURE_RDTSCP) || + guest_cpuid_has(&vmx->vcpu, X86_FEATURE_RDPID)) vmx_setup_uret_msr(vmx, MSR_TSC_AUX); vmx_setup_uret_msr(vmx, MSR_IA32_TSX_CTRL); @@ -1994,7 +1995,8 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) break; case MSR_TSC_AUX: if (!msr_info->host_initiated && - !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) + !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) && + !guest_cpuid_has(vcpu, X86_FEATURE_RDPID)) return 1; goto find_uret_msr; case MSR_IA32_DEBUGCTLMSR: @@ -2314,7 +2316,8 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) break; case MSR_TSC_AUX: if (!msr_info->host_initiated && - !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) + !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) && + !guest_cpuid_has(vcpu, X86_FEATURE_RDPID)) return 1; /* Check reserved bit, higher 32 bits should be zero */ if ((data >> 32) != 0) @@ -4368,7 +4371,23 @@ static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx) xsaves_enabled, false); } - vmx_adjust_sec_exec_feature(vmx, &exec_control, rdtscp, RDTSCP); + /* + * RDPID is also gated by ENABLE_RDTSCP, turn on the control if either + * feature is exposed to the guest. This creates a virtualization hole + * if both are supported in hardware but only one is exposed to the + * guest, but letting the guest execute RDTSCP or RDPID when either one + * is advertised is preferable to emulating the advertised instruction + * in KVM on #UD, and obviously better than incorrectly injecting #UD. + */ + if (cpu_has_vmx_rdtscp()) { + bool rdpid_or_rdtscp_enabled = + guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) || + guest_cpuid_has(vcpu, X86_FEATURE_RDPID); + + vmx_adjust_secondary_exec_control(vmx, &exec_control, + SECONDARY_EXEC_ENABLE_RDTSCP, + rdpid_or_rdtscp_enabled, false); + } vmx_adjust_sec_exec_feature(vmx, &exec_control, invpcid, INVPCID); vmx_adjust_sec_exec_exiting(vmx, &exec_control, rdrand, RDRAND); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index e304447be42d..b4516d303413 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5978,7 +5978,8 @@ static void kvm_init_msr_list(void) continue; break; case MSR_TSC_AUX: - if (!kvm_cpu_cap_has(X86_FEATURE_RDTSCP)) + if (!kvm_cpu_cap_has(X86_FEATURE_RDTSCP) && + !kvm_cpu_cap_has(X86_FEATURE_RDPID)) continue; break; case MSR_IA32_UMWAIT_CONTROL: -- 2.31.1.527.g47e6f16901-goog