Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp30295imi;
        Thu, 21 Jul 2022 15:15:47 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1uQwIoQd9m7Ws6GLenH1Ni17kRHny4ECAILvAO0ZlJVB6768030V1FVHh/9qcdNLpkgXqhs
X-Received: by 2002:a05:6402:294f:b0:43a:ba61:18ed with SMTP id ed15-20020a056402294f00b0043aba6118edmr554493edb.180.1658441746905;
        Thu, 21 Jul 2022 15:15:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1658441746; cv=none;
        d=google.com; s=arc-20160816;
        b=nNk7RBH0UT6qFR91g2Suj4D5R1HM1cAeeswZd7xAWCazEj/GTdaXO0CznQg9WDWJVB
         dQ0Qcltyduxs7Z5+8wCo6hYPsVeE/BYLC+xuWJLwuCLtMtJkV3vpjRDq6bLkFkapxdud
         AMjwzzysHyCjRXRUnsMuv0Fv7NIzIYASDVT7hYVQyMUDq52fjPOdWP1nPjJFUjnxCGyB
         N0LgmxXB/OyA84mRdoOQcFXnPUgzXna8SphYrBQqAF+O3xqPgCnVy9WigWz9shLA9FH6
         MryO0u2GyKb7Jk/WRqwGC+iayZLvsA32uuilKBHWqkmgUorj0io1SAZKnkY0SW+WEkAm
         QYcA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date:dkim-signature;
        bh=1OMkxya64oLFn01YsoSOjcmTybRrudoA8KE9EVfRHwc=;
        b=aXyilXD7VfIcyVRhe+ifGYe/imm3FkhdAanBuy3DCDYC/t7RvV8RHjy3btah8e90Ei
         brk0dhpzkLZ7ziyMEjINWjg0Nn5M9PRMenAefiT4a44BzpzLhmBMa2Ehioj1RDaBqIgK
         68kQDEKJeLWW6fmV1yn5lkuCH6nqVTxM+kx6uJFKYVyrgFuHLtaaxDOd0MyTPaw2K2u6
         2U+8YDuRSkAuXgJ/JEhlso/fZKLFL4mrFB7abi6VbTgaMtqtoVsaJDWFFb0qvH/QnnUz
         M2RwakXa1AIWAKPxP4i54GaNEN11qhWB/QDchfQHNeAcOH7AgT+M9jcpssfwtGWlZgcE
         AVPw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=oyjmQuK5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id hb33-20020a170907162100b0072b4a6fd638si4444026ejc.543.2022.07.21.15.15.20;
        Thu, 21 Jul 2022 15:15:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=oyjmQuK5;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234097AbiGUWLg (ORCPT <rfc822;algowarbles@gmail.com>
        + 99 others); Thu, 21 Jul 2022 18:11:36 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50686 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229739AbiGUWLf (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 21 Jul 2022 18:11:35 -0400
Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 29CE5951D7
        for <linux-kernel@vger.kernel.org>; Thu, 21 Jul 2022 15:11:34 -0700 (PDT)
Received: by mail-pl1-x634.google.com with SMTP id x1so1316318plb.3
        for <linux-kernel@vger.kernel.org>; Thu, 21 Jul 2022 15:11:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to;
        bh=1OMkxya64oLFn01YsoSOjcmTybRrudoA8KE9EVfRHwc=;
        b=oyjmQuK5WI+t2c0GxZAPtBvzMNHu/Z/KeDL9GqgRO3tmBPVIsqiXHcAibWz5jnjVWL
         XdSIEmIEAlYVAjQDGDO19Tnqv5BMW8ji9yOLZoHJfIOSzCmpLPkNJpKBYvW+KKZbLZfj
         4Je0qcSW9wunx/X4pvh/U3ikvMn09tDDCxysGI3/Pm278rJAnhsuEr6dkNYR7de7INVb
         UBQkxo0qK1U7/lEY1qNYC9FGWsGvALnp9ZViAnZdayortTCazYsEBMhGlVBjIspAKLmV
         h1PaocP2AT97MfQgVENxuRgteEFmH3f0Z+gcuQBEX79k1hXzArapWLYOSHyZ8xmub+CE
         Eiyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=1OMkxya64oLFn01YsoSOjcmTybRrudoA8KE9EVfRHwc=;
        b=ioniVybZTjoOwLQs52hLq9Orrl6jnKEnq73sx0EeH6g7u+6Whxt3/FrsA3p4DWjjoV
         Y1gSpmmcx7IMV4OQ6eDPPGVCJjwk33teSLKJGSSM6trRIlm8I65TypCGPrZ09qez0jk2
         wmCJgZJ3swSWbvEM2AVlDLboB3kveuBPqiuKgmahadUr2KPsmQybP7GdTeMlVIMhSt+F
         SJmfcAuoGBNW2k1Cfxfscbl+HodvtvvqRbSrcoUuS6IID3UJK0mFQjdipcEDXJfunQPQ
         J+zEd9SZtktXRMyNT+20O2LciIvtX8kdV9mudanPkdbKQl73OQLHLjEDbQEY776o8EuA
         2Veg==
X-Gm-Message-State: AJIora9jxRT0/PwU7TZQ9i9+rzGSzW386oC+smnuTVSJVGky6vCt5Br4
        Uj9bSlKPTwJ3Iv5e2tm3DvplYg==
X-Received: by 2002:a17:90b:1d0d:b0:1ef:afd1:9f25 with SMTP id on13-20020a17090b1d0d00b001efafd19f25mr13381230pjb.200.1658441493539;
        Thu, 21 Jul 2022 15:11:33 -0700 (PDT)
Received: from google.com (123.65.230.35.bc.googleusercontent.com. [35.230.65.123])
        by smtp.gmail.com with ESMTPSA id a6-20020a170902ecc600b0016be527753bsm2227073plh.264.2022.07.21.15.11.33
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 21 Jul 2022 15:11:33 -0700 (PDT)
Date:   Thu, 21 Jul 2022 22:11:29 +0000
From:   Sean Christopherson <seanjc@google.com>
To:     Vitaly Kuznetsov <vkuznets@redhat.com>
Cc:     kvm@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
        Anirudh Rayabharam <anrayabh@linux.microsoft.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Jim Mattson <jmattson@google.com>,
        Maxim Levitsky <mlevitsk@redhat.com>,
        linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v4 14/25] KVM: VMX: Tweak the special handling of
 SECONDARY_EXEC_ENCLS_EXITING in setup_vmcs_config()
Message-ID: <YtnPEem7q1i+4VBN@google.com>
References: <20220714091327.1085353-1-vkuznets@redhat.com>
 <20220714091327.1085353-15-vkuznets@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20220714091327.1085353-15-vkuznets@redhat.com>
X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Jul 14, 2022, Vitaly Kuznetsov wrote:
> SECONDARY_EXEC_ENCLS_EXITING is conditionally added to the 'optional'
> checklist in setup_vmcs_config() but there's little value in doing so.
> First, as the control is optional, we can always check for its
> presence, no harm done. Second, the only real value cpu_has_sgx() check
> gives is that on the CPUs which support SECONDARY_EXEC_ENCLS_EXITING but
> don't support SGX, the control is not getting enabled. It's highly unlikely
> such CPUs exist but it's possible that some hypervisors expose broken vCPU
> models.

It's not just broken vCPU models, SGX can be "soft-disabled" on bare metal, e.g. if
software writes MCE control MSRs or there's an uncorrectable #MC (may not be the
case on all platforms).  This is architectural behavior and needs to be handled in
KVM.  Obviously if SGX gets disabled after KVM is loaded then we're out of luck, but
having the ENCL-exiting control without SGX being enabled is 100% valid.

As for why KVM bothers with the check, it's to work around a suspected hardware
or XuCode bug (I'm still a bit shocked that's public now :-) ) where SGX got
_hard_ disabled across S3 on some CPUs and made the fields magically disappear.
The workaround was to soft-disable SGX in BIOS so that KVM wouldn't attempt to
enable the ENCLS-exiting control

> Preserve cpu_has_sgx() check but filter the result of adjust_vmx_controls()
> instead of the input.
> 
> Reviewed-by: Jim Mattson <jmattson@google.com>
> Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
> ---
>  arch/x86/kvm/vmx/vmx.c | 9 ++++++---
>  1 file changed, 6 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index ce54f13d8da1..566be73c6509 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -2528,9 +2528,9 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf,
>  			SECONDARY_EXEC_PT_CONCEAL_VMX |
>  			SECONDARY_EXEC_ENABLE_VMFUNC |
>  			SECONDARY_EXEC_BUS_LOCK_DETECTION |
> -			SECONDARY_EXEC_NOTIFY_VM_EXITING;
> -		if (cpu_has_sgx())
> -			opt2 |= SECONDARY_EXEC_ENCLS_EXITING;
> +			SECONDARY_EXEC_NOTIFY_VM_EXITING |
> +			SECONDARY_EXEC_ENCLS_EXITING;
> +
>  		if (adjust_vmx_controls(min2, opt2,
>  					MSR_IA32_VMX_PROCBASED_CTLS2,
>  					&_cpu_based_2nd_exec_control) < 0)
> @@ -2577,6 +2577,9 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf,
>  		vmx_cap->vpid = 0;
>  	}
>  
> +	if (!cpu_has_sgx())
> +		_cpu_based_2nd_exec_control &= ~SECONDARY_EXEC_ENCLS_EXITING;
> +
>  	if (_cpu_based_exec_control & CPU_BASED_ACTIVATE_TERTIARY_CONTROLS) {
>  		u64 opt3 = TERTIARY_EXEC_IPI_VIRT;
>  
> -- 
> 2.35.3
>