Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp7297279rwb; Mon, 12 Dec 2022 12:45:03 -0800 (PST) X-Google-Smtp-Source: AA0mqf5heTRZh+6emR2PvyWMt5ToE3yOGFtN9ofswrjn3tpYAfvleFiYLvS8JLJQkrQuDMinPv17 X-Received: by 2002:a17:90a:ff04:b0:219:eeb9:943f with SMTP id ce4-20020a17090aff0400b00219eeb9943fmr17871273pjb.49.1670877903404; Mon, 12 Dec 2022 12:45:03 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670877903; cv=none; d=google.com; s=arc-20160816; b=fti3qb3xXtn35oVvrktrC3OdszLGhYka8MbiyYw6oQIWtmwB+rowVfpZWd4eb+/gcW WbfpJJGP5RZjfCLWZB//j1pRGKXbFHyI3kAnJV4XVcSEdCqcSm1KaO1ialrlh1VoIL23 BLXUQaxFlWEskr8a1wWcm4jAePklj+F8zqZFhZrT+LPdDX07CIdkmmYvraI7gW618TRw q9JgVOktrYZM5ahFjjVdhVnjKB6t62e/cecy95+2m91Tb9jYTLUzlADDLaKfJXGYbW35 dsO7olzBkfVRzBCka6OWepqEb6308KgWdlDx6rVJ1/MauXtEGaVTFJ7nU0hUSM2Ccv1f m6eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=oy+4FihSHjth6yISvIlDnqTLDkovmrndmhYuJLXfrM4=; b=j8vs19J7t77C6A7Tm1XAoAO8EwrRKqZO0lA8RRT+A40YMZSSPwMceTswYAA9yjjx+P cpwwVF14L+5+KTXQXqYLPreCFmJbqd3KslxT31yUQ25T8WoJZWGRvV9vajXfAB1p5/bV D8DZXERMvONogbXg076beBS9WW+7qUjC30JBn28V/WqqPmZMVF0fys/9tvplxKOJpzBa a8hWAfPZ8squVRV9RYP1wUpHSI+eAsuoyW6hUrwlUPiPCnhxUdxxawdTPVn58Gjx6MBg jIwTxlBFo+epztyGC7/7FEoJUxosJFf0KioaAKhyEJSYXCoQVoQLJMZD5Q4j0rSosiIY PRPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=V4HZRrSI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y23-20020a17090abd1700b00212d06b4743si9840232pjr.34.2022.12.12.12.44.53; Mon, 12 Dec 2022 12:45:03 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=V4HZRrSI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233648AbiLLUXl (ORCPT + 75 others); Mon, 12 Dec 2022 15:23:41 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59674 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232180AbiLLUXi (ORCPT ); Mon, 12 Dec 2022 15:23:38 -0500 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D507B26DF; Mon, 12 Dec 2022 12:23:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670876617; x=1702412617; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=cwt1okdWNlX5OjC33VLxJ95ouJ4xQF1dorpCph53eH8=; b=V4HZRrSIuKOFtZPTVRiDVVLsGFNJLRZCsPQU61Z7ZljEIOWOiZbLIdR1 wMvdC0J3w3coxrlmz5rHSfdIRtN43LIS/GToX/2z8mLtKIxGtajjb7Dzh b8xIAIJX94chyQIK5T7tS99s4uOuWXtaqFkK3G4CnOXxGVmLrgekAZhqQ K+dpSRdbanoBzlbY7Yh+3bhJt9mSM6sa88qzLthTyHhvXz04aCcebJHTv Vn5W+iRKQ1lazqn45gbSvbEkjrTbPePXN9hcMmtnVQJY42z52B0lsj6pJ /oK468ep8zNsUui1dhRvPJbapvg9HJholWMcVUVwGSanzxWXdrKNZUO5a w==; X-IronPort-AV: E=McAfee;i="6500,9779,10559"; a="316655491" X-IronPort-AV: E=Sophos;i="5.96,239,1665471600"; d="scan'208";a="316655491" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Dec 2022 12:23:37 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10559"; a="650471643" X-IronPort-AV: E=Sophos;i="5.96,239,1665471600"; d="scan'208";a="650471643" Received: from cwholzwa-mobl.amr.corp.intel.com (HELO desk) ([10.209.108.80]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Dec 2022 12:23:36 -0800 Date: Mon, 12 Dec 2022 12:23:34 -0800 From: Pawan Gupta To: Zhang Chen Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Chao Gao , Paolo Bonzini , Sean Christopherson , "H. Peter Anvin" , Dave Hansen , Borislav Petkov , Ingo Molnar , Thomas Gleixner Subject: Re: [RFC PATCH 5/9] x86/bugs: Use Virtual MSRs to request hardware mitigations Message-ID: <20221212202334.ldrgv7fnkgjtsogg@desk> References: <20221210160046.2608762-1-chen.zhang@intel.com> <20221210160046.2608762-6-chen.zhang@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20221210160046.2608762-6-chen.zhang@intel.com> X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Dec 11, 2022 at 12:00:42AM +0800, Zhang Chen wrote: > From: Pawan Gupta > > Guests that have different family/model than the host may not be aware > of hardware mitigations(such as RRSBA_DIS_S) available on host. This is > particularly true when guests migrate. To solve this problem Intel > processors have added a virtual MSR interface through which guests can > report their mitigation status and request VMM to deploy relevant > hardware mitigations. > > Use this virtualized MSR interface to request relevant hardware controls > for retpoline mitigation. > > Signed-off-by: Pawan Gupta > --- > arch/x86/include/asm/msr-index.h | 23 +++++++++++++++++++++++ > arch/x86/kernel/cpu/bugs.c | 24 ++++++++++++++++++++++++ > 2 files changed, 47 insertions(+) > > diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h > index 1143ac9400c3..1166b472377c 100644 > --- a/arch/x86/include/asm/msr-index.h > +++ b/arch/x86/include/asm/msr-index.h > @@ -165,6 +165,7 @@ > * IA32_XAPIC_DISABLE_STATUS MSR > * supported > */ > +#define ARCH_CAP_VIRTUAL_ENUM BIT(63) /* MSR_VIRTUAL_ENUMERATION supported */ > > #define MSR_IA32_FLUSH_CMD 0x0000010b > #define L1D_FLUSH BIT(0) /* > @@ -1062,6 +1063,28 @@ > #define MSR_IA32_VMX_MISC_INTEL_PT (1ULL << 14) > #define MSR_IA32_VMX_MISC_VMWRITE_SHADOW_RO_FIELDS (1ULL << 29) > #define MSR_IA32_VMX_MISC_PREEMPTION_TIMER_SCALE 0x1F > + > +/* Intel virtual MSRs */ > +#define MSR_VIRTUAL_ENUMERATION 0x50000000 > +#define VIRT_ENUM_MITIGATION_CTRL_SUPPORT BIT(0) /* > + * Mitigation ctrl via virtual > + * MSRs supported > + */ > + > +#define MSR_VIRTUAL_MITIGATION_ENUM 0x50000001 > +#define MITI_ENUM_BHB_CLEAR_SEQ_S_SUPPORT BIT(0) /* VMM supports BHI_DIS_S */ > +#define MITI_ENUM_RETPOLINE_S_SUPPORT BIT(1) /* VMM supports RRSBA_DIS_S */ > + > +#define MSR_VIRTUAL_MITIGATION_CTRL 0x50000002 > +#define MITI_CTRL_BHB_CLEAR_SEQ_S_USED BIT(0) /* > + * Request VMM to deploy > + * BHI_DIS_S mitigation > + */ > +#define MITI_CTRL_RETPOLINE_S_USED BIT(1) /* > + * Request VMM to deploy > + * RRSBA_DIS_S mitigation > + */ > + > /* AMD-V MSRs */ > > #define MSR_VM_CR 0xc0010114 > diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c > index 3e3230cccaa7..a9e869f568ee 100644 > --- a/arch/x86/kernel/cpu/bugs.c > +++ b/arch/x86/kernel/cpu/bugs.c > @@ -1379,6 +1379,28 @@ static void __init spectre_v2_determine_rsb_fill_type_at_vmexit(enum spectre_v2_ > dump_stack(); > } > > +/* Speculation control using virtualized MSRs */ > +static void __init spec_ctrl_setup_virtualized_msr(void) > +{ > + u64 msr_virt_enum, msr_mitigation_enum, msr_mitigation_ctrl; > + > + if (!(x86_read_arch_cap_msr() & ARCH_CAP_VIRTUAL_ENUM)) > + return; > + > + rdmsrl(MSR_VIRTUAL_ENUMERATION, msr_virt_enum); > + if (!(msr_virt_enum & VIRT_ENUM_MITIGATION_CTRL_SUPPORT)) > + return; > + > + rdmsrl(MSR_VIRTUAL_MITIGATION_ENUM, msr_mitigation_enum); > + /* When retpoline is being used, request relevant hardware controls */ > + if (boot_cpu_has(X86_FEATURE_RETPOLINE) && > + msr_mitigation_enum & MITI_ENUM_RETPOLINE_S_SUPPORT) { > + rdmsrl(MSR_VIRTUAL_MITIGATION_CTRL, msr_mitigation_ctrl); > + msr_mitigation_ctrl |= MITI_CTRL_RETPOLINE_S_USED; > + wrmsrl(MSR_VIRTUAL_MITIGATION_CTRL, msr_mitigation_ctrl); > + } > +} > + > static void __init spectre_v2_select_mitigation(void) > { > enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); > @@ -1485,6 +1507,8 @@ static void __init spectre_v2_select_mitigation(void) > mode == SPECTRE_V2_RETPOLINE) > spec_ctrl_disable_kernel_rrsba(); > > + spec_ctrl_setup_virtualized_msr(); I think this also needs to be called during secondary CPU initialization.