Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp385037iog; Wed, 29 Jun 2022 02:11:29 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sMF4AigNNMOrxrm48wHNVl4+Bz7SKBpnr2cdlWoNo77pZfnYZvLPCHXA073lO6VnmvLkFV X-Received: by 2002:a05:6402:2708:b0:435:da6f:3272 with SMTP id y8-20020a056402270800b00435da6f3272mr2770065edd.160.1656493889568; Wed, 29 Jun 2022 02:11:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656493889; cv=none; d=google.com; s=arc-20160816; b=glcNiOMH9aq82WkREEvp5oSHRUCx3hKFwRt8cjIGR+VgiqZgB4d8CmwmPHIgdciJaU gK0jE8U9GafG7wGrc+Xo5YQlCfjnx1sMaUTjAWEoioxi/3r+tPlAADAngOPVCZZeYaFI SQWZrlgNTEhE52jtaRxfGLN65eOKMWTD3PoaOavjYY9SSpjZP2/CN4dZ6pHv4cXj68Xn xYbJR/LwqUmwrXOiSuJw5IbeZEbhI9ojCLyplTwpZTNL760nun52okvkCJtrukIMtu45 4d8xvlDJLIkgCOniB8r48kyN1Nw+CL6ASh/J7GeQWdkM2+gnJnQglLQCsFUKm80efytN vjsw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:dkim-signature; bh=HvWzvzdAUmdish1ZjSGH2vHCDmFvOStbYvaW/KwyrXg=; b=WL/hCtwNVOmiEjGltIlyT/xm+wPx/cw32FvBMoDLSqYb902s7APmSin3AaDpErte/0 UsF7RHMmMNvUgK7GiS+84jC5FPfGasjOe/WCyfJI1rjQ9l55hvciZBB+Ns+hyGx/upeA cJJirwQpRBe4zFuNPRcjkaHiEadg+CguNOyJ0DeUpiV9DusGc+yPTd4c/JrynKCI/gJy vQlENSwamWYz5ctT4q6K7N4Q0ZCFQvLxZvx1Ab18onCFJZGrC7n73TlclgGUAoLmo3rS gyYpuMfZquEl4HyKvJWkNmb6OWx3xTupgG8rziTy+5sATUl9SJjdbwBAQgtsSllagmc7 1tOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=i9xJvqZ0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id sh6-20020a1709076e8600b00726a0367124si275907ejc.783.2022.06.29.02.11.03; Wed, 29 Jun 2022 02:11:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=i9xJvqZ0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232512AbiF2JGx (ORCPT + 99 others); Wed, 29 Jun 2022 05:06:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47272 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231401AbiF2JGw (ORCPT ); Wed, 29 Jun 2022 05:06:52 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 3C49F27CF1 for ; Wed, 29 Jun 2022 02:06:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656493610; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=HvWzvzdAUmdish1ZjSGH2vHCDmFvOStbYvaW/KwyrXg=; b=i9xJvqZ0dB8X4DW+xmyB6djIMiyLqJdQ8egMleHFIOMVYL41kvP517I+PaXJ9pohIhac7/ t5TA8uNgxwqqn89EB2+psmEy4yFTKAVrkGGs15rhUFbH90iivjoOHBQpOEOOofF5MQ+I0R ZLkhY41FkiKIb8PbPfhaTzU+XcgNMOA= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-567-e5w7inMtN3iAWbWXOXg0vw-1; Wed, 29 Jun 2022 05:06:49 -0400 X-MC-Unique: e5w7inMtN3iAWbWXOXg0vw-1 Received: by mail-wm1-f69.google.com with SMTP id 6-20020a1c0206000000b003a02cd754d1so6321735wmc.9 for ; Wed, 29 Jun 2022 02:06:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=HvWzvzdAUmdish1ZjSGH2vHCDmFvOStbYvaW/KwyrXg=; b=K47LEbLk3dsbEf5QzedI1sgx3Bj2o5YDkjPnk/lxgfcGSmDmCarVdWDL3Mz9sUUHsH W3U8RFvNOfblWld1vLGAoVnOM1YOG5V3e7P/lTg2TFGAZMvi6lKaAkpOdm3PSvREsX9Y KCqfwjwJAk14X6UNK3sbk95zJVN4TN8wpLZx6PFT+phXdSNTohdtTGajOQN4ZlEyw+qp inQRf+vW9Wu6k7xapELT+Xsz9SEHmEXi8B33sjZclKHzMROdtUHM448eXL7kjpv5vi5W QAqPEbldAgkqAX2S/UTonhDKA7aVO3QF2tG0mJdSQKhBUQAdAFII9osoMBoKfwW+P0XL YyLw== X-Gm-Message-State: AJIora/oldYP8ixwq2sDKK7GnEaRLeCpdu1BQWjCcqjR1uKENQtPLHWL scxlWwhLjc0gF1xGmAmwwSrnpLuRLt9kIM6Wny5ToGZLH00PgP14qg/6wiRC2KaLKm/ghiFNBIs o1eHb5//lPsp1YhHmzXhhxob86oUjM7ZKYLS9v79VEGu7n2DNeH6kborlP0Vw82MFfSKUpWdqkI oT X-Received: by 2002:a5d:53ca:0:b0:21b:940f:8e29 with SMTP id a10-20020a5d53ca000000b0021b940f8e29mr2024209wrw.490.1656493607839; Wed, 29 Jun 2022 02:06:47 -0700 (PDT) X-Received: by 2002:a5d:53ca:0:b0:21b:940f:8e29 with SMTP id a10-20020a5d53ca000000b0021b940f8e29mr2024164wrw.490.1656493607451; Wed, 29 Jun 2022 02:06:47 -0700 (PDT) Received: from fedora (nat-2.ign.cz. [91.219.240.2]) by smtp.gmail.com with ESMTPSA id i206-20020a1c3bd7000000b003a03ae64f57sm2609957wma.8.2022.06.29.02.06.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 Jun 2022 02:06:46 -0700 (PDT) From: Vitaly Kuznetsov To: Sean Christopherson , Paolo Bonzini , Jim Mattson Cc: Anirudh Rayabharam , kvm@vger.kernel.org, Wanpeng Li , Maxim Levitsky , linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 00/14] KVM: nVMX: Use vmcs_config for setting up nested VMX MSRs In-Reply-To: References: <20220627160440.31857-1-vkuznets@redhat.com> <87y1xgubot.fsf@redhat.com> <87letgu68x.fsf@redhat.com> Date: Wed, 29 Jun 2022 11:06:46 +0200 Message-ID: <87czeru9cp.fsf@redhat.com> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Status: No, score=-3.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Jim Mattson writes: > On Tue, Jun 28, 2022 at 9:01 AM Vitaly Kuznetsov wrote: >> ... > > Read-only MSRs cannot be changed after their values may have been > observed by the guest. > >> Anirudh, the same concern applies to your 'intermediate' patch too. >> >> Smart ideas on what can be done are more than welcome) > > You could define a bunch of "quirks," and userspace could use > KVM_CAP_DISABLE_QUIRKS2 to ask that the broken bits be cleared. This sounds correct, but awful :-) I, however, think we can avoid this. For the KVM-on-eVMCS case: - When combined with "[PATCH 00/11] KVM: VMX: Support TscScaling and EnclsExitingBitmap whith eVMCS" series (https://lore.kernel.org/kvm/20220621155830.60115-1-vkuznets@redhat.com/), the filtering we do in setup_vmcs_config() is no longer needed. I need to check various available Hyper-V versions but my initial investigation shows that we were only filtering out TSC Scaling and 'Load IA32_PERF_GLOBAL_CTRL' vmexit/vmentry, the rest were never present in VMX control MSRs (as presented by Hyper-V) in the first place. For PERF_GLOBAL_CTRL errata: - We can move the filtering to vmx_vmexit_ctrl()/vmx_vmentry_ctrl() preserving the status quo: KVM doesn't use the feature but it is exposed to L1 hypervisor (and L1 hypervisor presumably has the same check and doesn't use the feature. FWIW, the workaround was added in 2011 and the erratas it references appeared in 2010, this means that the affected CPUs are quite old, modern proprietary hypervisors won't likely boot there). If we do the above, there's going to be no changes to VMX control MSRs generated by nested_vmx_setup_ctls_msrs(). I, however, need to work on a combined series. -- Vitaly