Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp8795491rwb; Tue, 13 Dec 2022 10:29:33 -0800 (PST) X-Google-Smtp-Source: AA0mqf7ZU+r0SbZtXWRTSTzmI0inVPMy6yfgMw23yIeHrQXOFQ8zFy7YWf8Sy6nLdagNNiFi2sPT X-Received: by 2002:a17:903:26c7:b0:189:b2b8:dbeb with SMTP id jg7-20020a17090326c700b00189b2b8dbebmr21475496plb.61.1670956173751; Tue, 13 Dec 2022 10:29:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670956173; cv=none; d=google.com; s=arc-20160816; b=b9FT749UEodqPOnmCT2bfA085He+bi6DCrK/HbhUaZcwfXt6ImTnWm2lh7WXJVmvUL 7zstFhdiw6RnrBo0P0k1lC/R5wGnCK7I6TjDAuccf/51fbajvhjggfj4Amr885dBHSfG OCwcAsU6Dm49t82uPZPH+qq800TJGgGnvvpeeR1TIKVOb768sIoi0iwyX4+5knj6TXOX PyBDO5c//BwqD3KFivOuKtIOjOwc0fe7vKRAAsf+7uGFUxDHBiwlxBvwsrvFYXbSUxir HHRw5eJmdhawk8w7RMmyArINwIbtv7qNsl6klQeOoxE3X2FQsRI8LA7OShLlV4OhNJ0y t/Eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=RVv2lGS1QtPOv9VnNMYzD4yPosTBNSmpDviAz4kDLPY=; b=hnNeqPi5yBR+xt7JTdG/BaM+/Ii19dqwlbrLRMBUYVycaQXreNnByJOp15FxgA+Scu CE2ImnZ0mo3awO6jRu+yNkhuCDQXxrE5HZ0XQc+L3wtX1coJ2UniRypg8ysWdkQnbbSf mxmx7vQ3NYoSYLpA0aVb9+skOgqppTkWkbHJ0juWO9lgc4t3gsiNXRfimQjAjc2ASi2W 006cgR3mTQOaXzV0KDg3lQcDlRio3A8Fg8I0ch00vdtJzvJAUu2A1CO6olM2xo18vLjK qXWe4QGKGzcNjbPZVAgeH/uTi65K8HfpTwL9KdUI5NRQk/dgaLfdp1xpPvszHHCEKUV9 J58Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=peLCiPoJ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a2-20020a170902900200b001897bfe1ec1si377117plp.345.2022.12.13.10.29.24; Tue, 13 Dec 2022 10:29:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=peLCiPoJ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236476AbiLMSJD (ORCPT + 73 others); Tue, 13 Dec 2022 13:09:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44116 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236487AbiLMSIr (ORCPT ); Tue, 13 Dec 2022 13:08:47 -0500 Received: from mail-ej1-x630.google.com (mail-ej1-x630.google.com [IPv6:2a00:1450:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EDC852495A for ; Tue, 13 Dec 2022 10:08:45 -0800 (PST) Received: by mail-ej1-x630.google.com with SMTP id m18so38501554eji.5 for ; Tue, 13 Dec 2022 10:08:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=RVv2lGS1QtPOv9VnNMYzD4yPosTBNSmpDviAz4kDLPY=; b=peLCiPoJN8N8Tb1p6aW0ZcLLW9eQVYFHieGIH+/soE2mJmhBOAE8pgEhFeJerRRajT V87AYez/AJLPfiPnujhTZ6JT06R8VkU/8lZyIjK6d9NDWFT3lpIGHW2TCsE3ze/vTjLu pMiH3eIoOVedW9v4FHFVP4gg2sTTF+UooGVpFrzyGYMok6+ySeT5WjIQUw2VHAZTUuEH waXdjO1JuWmBiMIvNz7yf/SCMzj7UMx6Qom2F3K6hY8D/6ayk5k5aYT4K0CMGnXoWvsK 96A3S5HXcN/MM3KDlycAfKI09fQ44Ht7hZnUNSOse/gKkpXLXhypMfMbM0q7yESWnyj8 FxkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RVv2lGS1QtPOv9VnNMYzD4yPosTBNSmpDviAz4kDLPY=; b=QtU8ifFHcS+v5luKvL/PbPuzQJFnYiST/2kwOaNPSkMGSJZiY4hoSUCI9mHY7lEJ0F lIXCfbIMFF2ZZfv8n1iciE01IG6eiOIwawIjt/y93XRlv1LhUtWVpprwbFlTwj6Hpoqj rZcfxgoB5g+MLpQSz+9holUjgtE5JHObfn+7HlxVmXiYN7LmpsmRAu9iTvz+spRDUTsX nNEtTmffEdp7dz8hwGQo50uTNk6WSQvcIwgV6tnfx2C6ipsYHl/wY3J3NZ3Iyj4+8Rbx ShGTgwriDVC/jDE206R1VyJbsCWgugou/Jo3DFlQ9FPMLoQHN2LfSs5kn06RCaVDh+2/ alQA== X-Gm-Message-State: ANoB5plBk0Mk9v+P7nW/DKk6I5ykoRxsNCB6nPvb1wO7WhZX33ZjE7z8 unnPaszv4VZvqAo6rj1c10YquIsc0w+l281r702prg== X-Received: by 2002:a17:906:c250:b0:7c0:9bc2:a7f0 with SMTP id bl16-20020a170906c25000b007c09bc2a7f0mr31409306ejb.59.1670954924310; Tue, 13 Dec 2022 10:08:44 -0800 (PST) MIME-Version: 1.0 References: <20221213062306.667649-1-seanjc@google.com> <20221213062306.667649-2-seanjc@google.com> In-Reply-To: <20221213062306.667649-2-seanjc@google.com> From: Jim Mattson Date: Tue, 13 Dec 2022 10:08:33 -0800 Message-ID: Subject: Re: [PATCH v2 1/4] KVM: nVMX: Properly expose ENABLE_USR_WAIT_PAUSE control to L1 To: Sean Christopherson Cc: Paolo Bonzini , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Aaron Lewis , Yu Zhang Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Dec 12, 2022 at 10:23 PM Sean Christopherson wrote: > > Set ENABLE_USR_WAIT_PAUSE in KVM's supported VMX MSR configuration if the > feature is supported in hardware and enabled in KVM's base, non-nested > configuration, i.e. expose ENABLE_USR_WAIT_PAUSE to L1 if it's supported. > This fixes a bug where saving/restoring, i.e. migrating, a vCPU will fail > if WAITPKG (the associated CPUID feature) is enabled for the vCPU, and > obviously allows L1 to enable the feature for L2. > > KVM already effectively exposes ENABLE_USR_WAIT_PAUSE to L1 by stuffing > the allowed-1 control ina vCPU's virtual MSR_IA32_VMX_PROCBASED_CTLS2 when > updating secondary controls in response to KVM_SET_CPUID(2), but (a) that > depends on flawed code (KVM shouldn't touch VMX MSRs in response to CPUID > updates) and (b) runs afoul of vmx_restore_control_msr()'s restriction > that the guest value must be a strict subset of the supported host value. > > Although no past commit explicitly enabled nested support for WAITPKG, > doing so is safe and functionally correct from an architectural > perspective as no additional KVM support is needed to virtualize TPAUSE, > UMONITOR, and UMWAIT for L2 relative to L1, and KVM already forwards > VM-Exits to L1 as necessary (commit bf653b78f960, "KVM: vmx: Introduce > handle_unexpected_vmexit and handle WAITPKG vmexit"). > > Note, KVM always keeps the hosts MSR_IA32_UMWAIT_CONTROL resident in > hardware, i.e. always runs both L1 and L2 with the host's power management > settings for TPAUSE and UMWAIT. See commit bf09fb6cba4f ("KVM: VMX: Stop > context switching MSR_IA32_UMWAIT_CONTROL") for more details. > > Fixes: e69e72faa3a0 ("KVM: x86: Add support for user wait instructions") > Cc: stable@vger.kernel.org > Reported-by: Aaron Lewis > Reported-by: Yu Zhang > Signed-off-by: Sean Christopherson Reviewed-by: Jim Mattson