Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp417254imw; Thu, 14 Jul 2022 04:03:16 -0700 (PDT) X-Google-Smtp-Source: AGRyM1u+Xh4KEJg+BzXpYWdPRRKRk+u5+HA1XxB5twj/2DxUTky94l5AyzRtyVPP0UITmSeNxSIw X-Received: by 2002:a17:906:98ca:b0:72b:7bb4:4ebc with SMTP id zd10-20020a17090698ca00b0072b7bb44ebcmr8064101ejb.585.1657796596661; Thu, 14 Jul 2022 04:03:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657796596; cv=none; d=google.com; s=arc-20160816; b=JpryksCdMB+uRYmGEx0A8tF6OejJ3WAaXdxoESRLAj1NtzZuoIEe/9PQue9V9KIxlL wHz7rSctq5zduchJpkTiwxHCUYVa77s9wSdydDhe2OetYOWICVb+xmORZ0VSzRki9BNN HAtQNhX60OkOoa1VflZciVi+O3B4+5XEUlaq88AvhEg4t8DCBK3fJYd99jK9knstzc4R /ENMnwyS6RxznSZg7MqZeT1TKyGHhGaIoDb5FQ+jRqTguak33A7g8CXAHRr5j4w7IRru iSyT6U2Cxmaax8qA9QEfJkdD1JOMgIfDmUKVsRn3Eomlymy++kDDPiz5/OZq1xKRli+v PnQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=nM5yVanzRJTIfs3jtPwCWDlU85jtUwSjBS8/j3385bI=; b=T/A+WoVNlXEP6AdwIiSIrgGThwaDOP3vG/XhiSCFoQ8CjbI4h8fI0C+m2AiP3x60dU ozrrRid2dKqBmxi5D/uNvgz0Af5i+we+zzv0ZzD7CEHdcOVx9OMxEbA8C2S9saRZ5jVy hoiS+tnbnsBNFJb4OwUVOEOvax94VRjaWxHBaEFwMCcl61jJgwaIZP/apKbruM5cTYC3 Q25oOiFDZwUTQyaZapnx0i9fsQnn5rlqU7ownIAcrQQmR5TATksIRqZNXXixJ6WZww7P 0MFZwIMroLORF96l3/08dRE59BK5UgGCUd4hUkwP3e4MqzAS4rPpgzSBAb/ugJy96/Ka Szcw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ZKq1Of6M; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l19-20020a056402231300b0043a71e0c8d4si1622159eda.256.2022.07.14.04.02.47; Thu, 14 Jul 2022 04:03:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ZKq1Of6M; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230190AbiGNK6Z (ORCPT + 99 others); Thu, 14 Jul 2022 06:58:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38376 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230158AbiGNK6X (ORCPT ); Thu, 14 Jul 2022 06:58:23 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 92F2A558F7 for ; Thu, 14 Jul 2022 03:58:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1657796301; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nM5yVanzRJTIfs3jtPwCWDlU85jtUwSjBS8/j3385bI=; b=ZKq1Of6Mpec9NSGo7VabF21JWTRy/CkKeAx5Wi411faPjdwFa6XENFQV1J0LLk2ITG8SZM MHNZF5bLz/16cn5upjISBLwHXGd9VvAKvH3391kgrgTgXGlzl/cRsHVxTsMMQA6B8a77UT otoy4NbuY5Kj5HMN66dhIu5r1sbztFQ= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-408-s5Uixfw4PvS4MMA8CYjL7w-1; Thu, 14 Jul 2022 06:58:20 -0400 X-MC-Unique: s5Uixfw4PvS4MMA8CYjL7w-1 Received: by mail-wm1-f69.google.com with SMTP id c126-20020a1c3584000000b003a02fa133ceso501239wma.2 for ; Thu, 14 Jul 2022 03:58:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=nM5yVanzRJTIfs3jtPwCWDlU85jtUwSjBS8/j3385bI=; b=Goc7xLCAQ79Wx97ETbMYqbJvEfrKP+KHdwEe+xHWVmjimvG1CdpycFzT4BYZK9NrfF XMXQ874Bmy4CELs2nhIZJLP7BDv9rEzLkqGnoubFvM7Dw7L83fz4fq2QM/OVp1j0IqeF TmAodllSwMJVzm/Fi/QlEjoJHdm34SwcL1ukwwrBErI5B1WC58bHe2PRL+5LzPUfOlXe TBpDnU9zDdnlgf7pkYQaiiBsQguf//wyLv1+qIOMwbaNftD2lSYgRxuRGSYL39qqG6fj Ec2MTSxyi+0in2I/qI3jq9kZSOAZFGOCkKCPpLxg8RfhkHtZaTNUc5tg0M5qhdwNXekZ mFMA== X-Gm-Message-State: AJIora/tB9tBXQ0mAh/a5osjtD/6LYJW/opmLQ5T5WoTbzVhXVz0QdSy U8LMorzC9erVJ2DlxofXPq/o0ZmWWrd0SBj2TA1KIUIcrR38KU8f+VNcCOD4GxmrOYqttq1UtCg 4oGgLlbZVILCs3WUgpGeNS7DN X-Received: by 2002:a5d:5985:0:b0:21d:b6b6:4434 with SMTP id n5-20020a5d5985000000b0021db6b64434mr7579275wri.111.1657796299362; Thu, 14 Jul 2022 03:58:19 -0700 (PDT) X-Received: by 2002:a5d:5985:0:b0:21d:b6b6:4434 with SMTP id n5-20020a5d5985000000b0021db6b64434mr7579253wri.111.1657796299087; Thu, 14 Jul 2022 03:58:19 -0700 (PDT) Received: from [10.35.4.238] (bzq-82-81-161-50.red.bezeqint.net. [82.81.161.50]) by smtp.gmail.com with ESMTPSA id d13-20020adffbcd000000b0021d9591c64fsm1212994wrs.33.2022.07.14.03.58.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Jul 2022 03:58:18 -0700 (PDT) Message-ID: <087db845684c18af112e396172598172c7cc9980.camel@redhat.com> Subject: Re: [PATCH v2] KVM: x86: Add dedicated helper to get CPUID entry with significant index From: Maxim Levitsky To: Sean Christopherson Cc: Paolo Bonzini , Vitaly Kuznetsov , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Date: Thu, 14 Jul 2022 13:58:17 +0300 In-Reply-To: References: <20220712000645.1144186-1-seanjc@google.com> <8a1ff7338f1252d75ff96c3518f16742919f92d7.camel@redhat.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.40.4 (3.40.4-5.fc34) MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 2022-07-12 at 17:09 +0000, Sean Christopherson wrote: > On Tue, Jul 12, 2022, Sean Christopherson wrote: > > On Tue, Jul 12, 2022, Maxim Levitsky wrote: > > > On Tue, 2022-07-12 at 00:06 +0000, Sean Christopherson wrote: > > > > +               /* > > > > +                * Function matches and index is significant; not specifying an > > > > +                * exact index in this case is a KVM bug. > > > > +                */ > > > Nitpick: Why KVM bug? Bad userspace can also provide a index-significant entry for cpuid > > > leaf for which index is not significant in the x86 spec. > > > > Ugh, you're right. > > > > > We could arrange a table of all known leaves and for each leaf if it has an index > > > in the x86 spec, and warn/reject the userspace CPUID info if it doesn't match. > > > > We have such a table, cpuid_function_is_indexed().  The alternative would be to > > do: > > > >                 WARN_ON_ONCE(index == KVM_CPUID_INDEX_NOT_SIGNIFICANT && > >                              cpuid_function_is_indexed(function)); > > > > The problem with rejecting userspace CPUID on mismatch is that it could break > > userspace :-/  Of course, this entire patch would also break userspace to some > > extent, e.g. if userspace is relying on an exact match on index==0.  The only > > difference being the guest lookups with an exact index would still work. > > > > I think the restriction we could put in place would be that userspace can make > > a leaf more relaxed, e.g. to play nice if userspace forgets to set the SIGNFICANT > > flag, but rejects attempts to make guest CPUID more restrictive, i.e. disallow > > setting the SIGNFICANT flag on leafs that KVM doesn't enumerate as significant. > > > > > > +               WARN_ON_ONCE(index == KVM_CPUID_INDEX_NOT_SIGNIFICANT); > > Actually, better idea.  Let userspace do whatever, and have direct KVM lookups > for functions that architecturally don't have a significant index use the first > entry even if userspace set the SIGNIFICANT flag.  That will mostly maintain > backwards compatibility, the only thing that would break is if userspace set the > SIGNIFICANT flag _and_ provided a non-zero index _and_ relied on KVM to not match > the entry. Makes sense as well. Best regards, Maxim Levitsky > > We could still enforce matching in the future, but it wouldn't be a prerequisite > for this cleanup. > >                 /* >                  * Similarly, use the first matching entry if KVM is doing a >                  * lookup (as opposed to emulating CPUID) for a function that's >                  * architecturally defined as not having a significant index. >                  */ >                 if (index == KVM_CPUID_INDEX_NOT_SIGNIFICANT) { >                         /* >                          * Direct lookups from KVM should not diverge from what >                          * KVM defines internally (the architectural behavior). >                          */ >                         WARN_ON_ONCE(cpuid_function_is_indexed(function)); >                         return e; >                 } >