Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Message-ID: <cbbdb23f-4261-4f48-4143-c5fb6c78da06@intel.com>
Date:   Thu, 29 Dec 2022 15:02:55 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.6.1
Subject: Re: [RFC PATCH 6/9] kvm/x86: Add ARCH_CAP_VIRTUAL_ENUM for guest
 MSR_IA32_ARCH_CAPABILITIES
To:     "Zhang, Chen" <chen.zhang@intel.com>
CC:     "Gao, Chao" <chao.gao@intel.com>,
        Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        "Christopherson,, Sean" <seanjc@google.com>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Borislav Petkov <bp@alien8.de>, Ingo Molnar <mingo@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        "x86@kernel.org" <x86@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "kvm@vger.kernel.org" <kvm@vger.kernel.org>
References: <20221210160046.2608762-1-chen.zhang@intel.com>
 <20221210160046.2608762-7-chen.zhang@intel.com>
 <d4dec151-553f-e762-7fcc-81ae82b5c211@intel.com>
 <MWHPR11MB0031EEA971FDA614271C22449BF39@MWHPR11MB0031.namprd11.prod.outlook.com>
Content-Language: en-US
From:   "Yang, Weijiang" <weijiang.yang@intel.com>
In-Reply-To: <MWHPR11MB0031EEA971FDA614271C22449BF39@MWHPR11MB0031.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?VWFFdTR2ZEd5SW12VUNQK2M2Uzl5MEFHc2RPUEx3V1ZlNWs0SEIvVmNTL3hP?=
 =?utf-8?B?TFJGbmhrWHg0TFdlb1g1NFliSEZDalIvVW9WMEtrcGg3aVpmYW0vMkhWckNX?=
 =?utf-8?B?eStWUFVqVWQvSUxQMzE3L1dDSFBQdUprMEFqcDVVbktZWHR6OHAwN3QvK09Y?=
 =?utf-8?B?dWkwd01mZUs1V3lKekh1R2RCUnVjU3NxR0Uzd1IxYnZCZ25WTjlUNVNKRHl5?=
 =?utf-8?B?KzhOcDUrSjN0RERQV2wyVTZyRWxpZ3d6azJ2MmtucFFPWkNkQ0ZrTTRHZjgw?=
 =?utf-8?B?S2pOeXFuU1hNYVBsKzB1Q2N0VVUrLzhPdm5LOW1KejQ2ZlNUTWZDOCtRWWRp?=
 =?utf-8?B?NHloRWVvZnRQQStScVErT2dMVW1ZWjFUakwyL0MxOENQdEllOE5ZRzJKaWE1?=
 =?utf-8?B?R2FpRDRPMGc5enA3ejh4S0NiRWlra2pZa0F5MHJwZXIwVjBzOVU0UzVKYTZz?=
 =?utf-8?B?a0U0cXBCbW1lbEg3ZW1qQmFRQzlyZXBYcnFBZXk4eFRWWjljem1SYlQ0RlZY?=
 =?utf-8?B?R2lMMFNvbTlYRVJ0UWgzd0l3Mm1lVVNNcmtlUUdCdS90SXBoakpEQXpMdjli?=
 =?utf-8?B?VjgzNk4yTEFCZHlBMUxjVDltaFlHcng0aWdLSUhtK29Sbk9UZ2FKdm9SeWhy?=
 =?utf-8?B?UllmNVJGenU1NjJvZ1JIeVVwODEvQXNHMjVNR3h5QmNXMGNRSEp0VkZRRUNC?=
 =?utf-8?B?ekQwMklCdHdXeTlNSW5ON3h0elBrd2l4UzV0VzZtUm0wK0x3T0ZxcVlla0dV?=
 =?utf-8?B?dThpVWdvZlV3NUxlNjd3ZXpPUlM0alMzbjNsbzloenY0Q0hxU21BQmMzUVNS?=
 =?utf-8?B?THc1YnphbWl0ejVvMmc1R3dyL1BOQW9vcElyS0taTk5wNE5GeDdPSlRyQlgz?=
 =?utf-8?B?ekMybmcvK0N5T20rNDRidlVmbEkxN3UxM2VndWlxS3haTVFtMGMxQW40Nys2?=
 =?utf-8?B?dElCbk9nSkh0SUorUHY1UW9DaCsvVFkxeFVaQldaMC9xUjI2U244TTRobXYw?=
 =?utf-8?B?VWt6c2ZBYzNWNHdsZ0RjeE0xRHdZZ0ZhQ1ZBb1lUYllkWS83TjhhZlAzK01E?=
 =?utf-8?B?UVJVKzA0WVNjY21MRTJGcTlPZFlKRnZhalNTRnRUelZKSzRxSmk2RWcvNHpV?=
 =?utf-8?B?SHM5b3dkclRoM1d3WmFCdjJ0NFErWnZBQ2Viai9SYUVzampVWnJrb1diVFBn?=
 =?utf-8?B?V0tMcTBRNDJZWDRCMFVncVhKRkl2SS9xYnJ6Yk9ObDhZbFZnWXMvVC9CVzRw?=
 =?utf-8?B?T0U2aTJJZDZEcFN5Tm5VdjlaRkZ4aDlyd1hkR2FqVGR6eUFwVXhMNlI5ZTZI?=
 =?utf-8?B?MUZDdWN5UUtaS2hJaXNweDVmMXgvNmp5WERlS0VBeVAzUCs1VFE3dEFCeUtl?=
 =?utf-8?B?b3l3ZzhZZzZONDI1SUJBVUFyOWxWREY4S1FOeW1mdUJNRlpKZFpjUG94OVB2?=
 =?utf-8?B?dXpHZHBUSlBvUHlTdzAwQ3Y0Y2sxc0RMcGx1RDBGU0R6Wnh5MTlDQnV5Mm9k?=
 =?utf-8?B?KzR5ZWtYcEsxSWVOcXpraDFBTm5mZjNOQ29yOGZsc05rUUI0bll5VFMvYWg2?=
 =?utf-8?B?WGQyTFpYL2hEL1hIb2ZUMVRHTEhRaXNTUUpTaGloN0pNa2w1RXE3bjFmVGtq?=
 =?utf-8?B?a2dpRklzdVFrNWU4b2V6Vkx3Wmh6RUdHNGhOcVJ6b1REbnc3ZmRvYW82dkE0?=
 =?utf-8?B?RUtDNFovRWo4Skh1aDJxa1FMTXFuZUc1TVp2THRxblJldVVsWjhlM2VPeHNq?=
 =?utf-8?B?VklseDlRSDY4bVFhT0JtV1Zpb2piUXRwSGFZMjBiMXlDaTRmWmtxSUxrSFl4?=
 =?utf-8?B?dkY1QXByOVgyRHZHdFhJcWtkenNxM3lIQkdBL1RoTVkyUW5nckJsVWM2U05B?=
 =?utf-8?B?L1A3U1RmZzE3STdPWHN4WTdpWmlyUGZFaTA5RGpsMmJRMXMxM1JVWDE4ZUpO?=
 =?utf-8?B?Rmp5eWtnYkczcE4yVEtRdmJUR1F3MGtTOUxvRmtPdGhwby9QUURsN2lueCtT?=
 =?utf-8?B?eWlDaE01VWVXMTkxeFZsL3U0QW9zZ2tNdWNuZVllMDdUMDRoVXRVdDlEM2FF?=
 =?utf-8?B?Tko4a09lZGt5YkFXVFJHRjdVRkhXU0ovQnpHNldvWEVVMFNoMlVXVjVWdHRQ?=
 =?utf-8?B?Y00rcUc1T2RNT0FqWFpXb05td3dTQjNDV3JuOVRxOHVEakdIbHZSMkNibjRC?=
 =?utf-8?B?QWc9PQ==?=
X-MS-Exchange-CrossTenant-Network-Message-Id: b0cce66c-c025-44ec-ee47-08dae96abd22
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4965.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Dec 2022 07:03:07.7991
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: X41wTZg0SEQ62HVUipXr3c+fDmI+4PquiKgVEocmNzxt2XnSYCEIlln2ibjFXtbkYCYrSTmfkgmyM1R9gH6EHA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB6355
X-OriginatorOrg: intel.com
X-Spam-Status: No, score=-5.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,
        RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
        SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


On 12/29/2022 10:58 AM, Zhang, Chen wrote:

[...]

>> \
>>> +	 ARCH_CAP_VIRTUAL_ENUM)
>>>
>>>    static u64 kvm_get_arch_capabilities(void)
>>>    {
>>> @@ -1607,6 +1611,13 @@ static u64 kvm_get_arch_capabilities(void)
>>>    	 */
>>>    	data |= ARCH_CAP_PSCHANGE_MC_NO;
>>>
>>> +	/*
>>> +	 * Virtual MSRs can allow guests to notify VMM whether or not
>>> +	 * they are using specific software mitigation, allowing a VMM
>>> +	 * to enable there hardware control only where necessary.
>>> +	 */
>>> +	data |= ARCH_CAP_VIRTUAL_ENUM;
>>
>> IMO, this is:  data &= ARCH_CAP_VIRTUAL_ENUM; because it requires
>> platform support.
> Intel defined the virtual MSRs for software mitigations for all platforms.
> KVM should be unconditionally opened it for the software mitigation in migration pools.
> For example migration from the old platform to the new platform.
> Please check the Software Mitigations in Migration Pools section in documents:
> https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html

If this series running on old platforms, how VMM can set specific vmcs 
fields,

e.g., “virtualize IA32_SPEC_CTRL” VM-execution control, to mitigate 
guest issues?


>
>>
>>> +
>>>    	/*
>>>    	 * If we're doing cache flushes (either "always" or "cond")
>>>    	 * we will do one whenever the guest does a vmlaunch/vmresume.
>>> @@ -1657,6 +1668,9 @@ static int kvm_get_msr_feature(struct
>> kvm_msr_entry *msr)
>>>    	case MSR_IA32_UCODE_REV:
>>>    		rdmsrl_safe(msr->index, &msr->data);
>>>    		break;
>>> +	case MSR_VIRTUAL_ENUMERATION:
>>> +		msr->data = VIRT_ENUM_MITIGATION_CTRL_SUPPORT;
>>
>> Need to check bit 63 of host MSR_ARCH_CAPABILITIES before expose the
>> feature.
> Refer to the above comments.
>
> Thanks
> Chen
>
>>
>>> +		break;
>>>    	default:
>>>    		return static_call(kvm_x86_get_msr_feature)(msr);
>>>    	}