Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp756609iog; Mon, 13 Jun 2022 12:14:43 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vxN7K6l0NkBTbFcs1Wpj5xMCOeeY3rPHehpPkvadJueSO+1NufDrYhm00GZ1x/GFiC4tGk X-Received: by 2002:a17:90a:c283:b0:1e3:7d6:8806 with SMTP id f3-20020a17090ac28300b001e307d68806mr240067pjt.190.1655147683101; Mon, 13 Jun 2022 12:14:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1655147683; cv=none; d=google.com; s=arc-20160816; b=zTHns3+OpzYtmRkyc09XgHVGTQyfWSqtV24etICuxWTC8euYyDnApAc0/5L9rliXjT 96yePXQR89R6xHMvp0uWWDnWHxkxIU/1NInFTp83/pHs3XNdxws5a7ZOJ4M1qhR9RUFo kuhcwLB+PR3mr8xJSZBV5NvW2rpxY8CpqhzG3Gce59MKDxt4dU1/vqvB658+1y0m2Gsf UZA8RbpWRiWRBB/7P7u1d5wibUdV1Qqf9sgCvIkUhMH3bOIBfrtBZM/WJvLIMnomujJ5 XoxwO+8NHYNKo9m3TdgGKWfjt/Tt/vhOZjOr+gnUd4H3J/6JGaeKI1G2SVhs7HdsJGA2 3EJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=6WnBXAP3VJw9uo1dqMEWnA7hq53QXaDQK+ygpUYK+m8=; b=gFLJqJoUc3HQ3+5aknl8X6TIsTVg11zNxMi3By2xh4rimUGQ6T6+ho6pJLMO0RO5rI vtpLP+LM+bdMirMfCCOfgS8QsLZHJjIiD/4IFgJSJzxzdR1b8pa2ugRRxhmT3wa9GhpZ mWwHvvAFeMG/nCF24kuM2ab6eAwFbCGYxLXiLw0Agk4qU8ptEWibrDNdjD6T+vCM4mUQ /9a3LqCwaELYTkxB8HQ+FHX0JCr65AEKfEdxT8LVcEehotoOekOzXpJ8OnZUQURKXw8R hxH5KmSDtSdaFQlQkSejBrb7S0lOLM2SMNIUpQDGdyY5TG+6DrLRMr1OFfNlQo97azWM caQg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=bbkJ8UyY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h4-20020a056a00170400b0051872773159si630881pfc.228.2022.06.13.12.14.31; Mon, 13 Jun 2022 12:14:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=bbkJ8UyY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346242AbiFMTGt (ORCPT + 99 others); Mon, 13 Jun 2022 15:06:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55448 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1347724AbiFMTGh (ORCPT ); Mon, 13 Jun 2022 15:06:37 -0400 Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E6D20BA540 for ; Mon, 13 Jun 2022 09:57:53 -0700 (PDT) Received: by mail-pj1-x1033.google.com with SMTP id k12-20020a17090a404c00b001eaabc1fe5dso3487290pjg.1 for ; Mon, 13 Jun 2022 09:57:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=6WnBXAP3VJw9uo1dqMEWnA7hq53QXaDQK+ygpUYK+m8=; b=bbkJ8UyYSGZYDx5BMTxVXton0rczQTlxOhqDSn42p8Is+DZniRdmnS2EkoAaSN45A8 r7Rhb122NbGhNB+JA21XegJj5Nq2k/cGbBuRIYTDeSoJairL8lvjO+FfAx/jtANPKzbK FlG7i1dPB4lI4A40XFGmFKaadrh2PDtyEP5VqDVnAS8EblnN3I8LVzsVNE8JE8w/fpyX xO58AmRGoaWRiXOMVD1xVpWHPyKHLqLGof0XMigMIuloGIJkRXAzIubhkvVcZiib+dOj kygUxV93Sn4xDBlNFlemRFtOGksWtrl9K14NHZv785eoaJwzt2N6FoNFQWAay72XQwDi nHSA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=6WnBXAP3VJw9uo1dqMEWnA7hq53QXaDQK+ygpUYK+m8=; b=g9IHLTcOSJWfdlU8Gq3bEUzTmUB6iAR2sNBQSzpHDCrYONvmBRkbkyQNeJnauiOZJE fUvluMgBuBHhQcGkJbQUD4XdjvPDwMgyB1mGCeqYNm+Mcg7VV5T7JSgiP+0EKmhzDkr4 LaZRXhUB3DDmmvabysvQ/Xx4viWesuGgndVPHjjzjQisf72q3G75PcHd1yX2iJR69zTQ 0f9ENILk4LJoM+YQ8k1z1tySj1DF823GO6i7FZ0k4DPRXUK48msH/OiCmefsrSPZ5LgJ NxbWhzVfloGJKY+tELNTrKaOaSxtSkmXNSQglVQUH8/fbiy+c+f1XZZk1efI728FP5jh 1w6Q== X-Gm-Message-State: AJIora+ThR348lnvu8XdWQu3esrTzbVjLVI7w3VH2k2+KNX19wgC2OLa AOH57jysNy9tP/Q/f32b8BiGHg== X-Received: by 2002:a17:90a:bb92:b0:1e2:f8a0:b0cf with SMTP id v18-20020a17090abb9200b001e2f8a0b0cfmr783062pjr.28.1655139473236; Mon, 13 Jun 2022 09:57:53 -0700 (PDT) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id jg21-20020a17090326d500b001679a4711d9sm5369338plb.162.2022.06.13.09.57.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 13 Jun 2022 09:57:52 -0700 (PDT) Date: Mon, 13 Jun 2022 16:57:49 +0000 From: Sean Christopherson To: Paolo Bonzini Cc: Anirudh Rayabharam , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Ilias Stamatis , Maxim Levitsky , mail@anirudhrb.com, kumarpraveen@linux.microsoft.com, wei.liu@kernel.org, robert.bradford@intel.com, liuwe@microsoft.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] KVM: nVMX: Don't expose TSC scaling to L1 when on Hyper-V Message-ID: References: <20220613161611.3567556-1-anrayabh@linux.microsoft.com> <592ab920-51f3-4794-331f-8737e1f5b20a@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <592ab920-51f3-4794-331f-8737e1f5b20a@redhat.com> X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 13, 2022, Paolo Bonzini wrote: > On 6/13/22 18:16, Anirudh Rayabharam wrote: > > + if (!kvm_has_tsc_control) > > + msrs->secondary_ctls_high &= ~SECONDARY_EXEC_TSC_SCALING; > > + > > msrs->secondary_ctls_low = 0; > > msrs->secondary_ctls_high &= > > SECONDARY_EXEC_DESC | > > @@ -6667,8 +6670,7 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, u32 ept_caps) > > SECONDARY_EXEC_RDRAND_EXITING | > > SECONDARY_EXEC_ENABLE_INVPCID | > > SECONDARY_EXEC_RDSEED_EXITING | > > - SECONDARY_EXEC_XSAVES | > > - SECONDARY_EXEC_TSC_SCALING; > > + SECONDARY_EXEC_XSAVES; > > /* > > This is wrong because it _always_ disables SECONDARY_EXEC_TSC_SCALING, > even if kvm_has_tsc_control == true. > > That said, I think a better implementation of this patch is to just add > a version of evmcs_sanitize_exec_ctrls that takes a struct > nested_vmx_msrs *, and call it at the end of nested_vmx_setup_ctl_msrs like > > evmcs_sanitize_nested_vmx_vsrs(msrs); Any reason not to use the already sanitized vmcs_config? I can't think of any reason why the nested path should blindly use the raw MSR values from hardware.