Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp26610rwd; Mon, 15 May 2023 19:21:34 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7Rr7U0Ee7Y1z9zYfVmqL/ljgPgVxKpcvMZJOHJw25Hm5mnaIkKQPXQc2ZVt/8uoWrQES0L X-Received: by 2002:a17:90a:ec01:b0:24e:1ca6:2206 with SMTP id l1-20020a17090aec0100b0024e1ca62206mr47604742pjy.8.1684203694390; Mon, 15 May 2023 19:21:34 -0700 (PDT) Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j76-20020a636e4f000000b00524f1f0d020si18151774pgc.465.2023.05.15.19.21.22; Mon, 15 May 2023 19:21:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=XK3UYvQf; arc=fail (signature failed); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229772AbjEPCFF (ORCPT + 99 others); Mon, 15 May 2023 22:05:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38788 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229493AbjEPCFD (ORCPT ); Mon, 15 May 2023 22:05:03 -0400 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0903013E; Mon, 15 May 2023 19:05:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1684202701; x=1715738701; h=date:from:to:cc:subject:message-id:references: in-reply-to:mime-version; bh=p5Eyjtlbclyy4h+KSg2uP9ztkhhmRogTHiO1qm5s1bE=; b=XK3UYvQf5pzvtvXKncZvKWtSci+omMxEQGPabbtINx5MYCZ8BEFhbfN1 irfFTb7Ny62hLoUuFy94ns6PGEy23NltrdyQ9EJFcoP7Jtqj+2ZG3EDI5 u0mZamXZObAT1frf/nS1ZI3qfvh/f+tc0aygOJkT8NJCK7Xo94/OJSekl g6HWNIImTgYjVdbLMkMUNWQcueTs0vkP5+ItDPatgZoIF8TTj42Na+AaO McsdDt6QqyAB39ogYxX4V/LUsAC8CN2wVDHEu25swx6wyKKeCa6LafN6e NOHs6ZICWBfZvzFXzYVf7vrUUzEaB6Kf1+HJQPKEms5dQGppD6m9qVCCR A==; X-IronPort-AV: E=McAfee;i="6600,9927,10711"; a="330974709" X-IronPort-AV: E=Sophos;i="5.99,277,1677571200"; d="scan'208";a="330974709" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 May 2023 19:05:01 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10711"; a="845508613" X-IronPort-AV: E=Sophos;i="5.99,277,1677571200"; d="scan'208";a="845508613" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by fmsmga001.fm.intel.com with ESMTP; 15 May 2023 19:05:01 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Mon, 15 May 2023 19:05:01 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Mon, 15 May 2023 19:05:01 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Mon, 15 May 2023 19:05:01 -0700 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.43) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Mon, 15 May 2023 19:05:00 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Nd/BiMmVXTy1/mCsuv8YbQBYVJbcZeMCv7JOGdFAyDNBw6K/mbjyx93ZE/DYFyxEowE07z0EwAbfIxV/WIKA7gg6P6T7xvXPd5CbwciiavU703W40qsJ67hxAmqpyORvk038CfYwniZg2rG7l90bJ2SRCQjVPvx+/i+p904giOKTteJDsTcXGv0scx76EgA8iVYT8f4Bp17yzNAPvqIamQ23/86eoWIJmhvV2b36H34u1uOIW4euaUcMa+YPvzU+kVJlXJfmGtahpDmDhbJzzg8KZVj5qOjwkZUMuLRB752lMM18/R+ohjV0BcBpY5IYtHDa7zICgABZKgWSipjQFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=y4Ss9VnId/oJs1TX9RLXO72pTQ/AJnxvbpU3mROcaJM=; b=MHsQIN/Yb9J6GCO9sG29tWO/fhEuWPbHbumoTLf3HgjpyQWgMVgkN4wGDgTkLyEqBP5busfdAoKT/p0LzvaoTmvYQu1n7ziMZVXbR1H3Lh12e6wl1DQjnJKLo/MpSK26mXJElgfl+jJ6GcEeqGcpRzy5rj1YsI99nc4BAz2QfcUzV7L0T63EN7KP6xPE/y87bFVZ2Zh+pt25PZ25r9pg4WiEimBtQMVd78kyGrlGpFb069hbu6QKDtYJ598biQaqIhoYQyvmY7EMQsM0uRvo4CiNMtWskkcWK5Hwxe/2SmW7Djw4yUB0cjkZGWoLClZFuFv9xzr9/Nx2xixenqIH4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; Received: from PH8PR11MB6780.namprd11.prod.outlook.com (2603:10b6:510:1cb::11) by DS0PR11MB7407.namprd11.prod.outlook.com (2603:10b6:8:136::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.30; Tue, 16 May 2023 02:04:58 +0000 Received: from PH8PR11MB6780.namprd11.prod.outlook.com ([fe80::b4cb:1f70:7e2a:c4f5]) by PH8PR11MB6780.namprd11.prod.outlook.com ([fe80::b4cb:1f70:7e2a:c4f5%2]) with mapi id 15.20.6387.030; Tue, 16 May 2023 02:04:58 +0000 Date: Tue, 16 May 2023 10:04:46 +0800 From: Chao Gao To: Xiaoyao Li CC: , Jiaan Lu , Zhang Chen , Sean Christopherson , "Paolo Bonzini" , Thomas Gleixner , "Ingo Molnar" , Borislav Petkov , Dave Hansen , , "H. Peter Anvin" , Subject: Re: [RFC PATCH v2 02/11] KVM: x86: Advertise CPUID.7.2.EDX and RRSBA_CTRL support Message-ID: References: <20230414062545.270178-1-chao.gao@intel.com> <20230414062545.270178-3-chao.gao@intel.com> Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: X-ClientProxiedBy: SG2P153CA0021.APCP153.PROD.OUTLOOK.COM (2603:1096:4:c7::8) To PH8PR11MB6780.namprd11.prod.outlook.com (2603:10b6:510:1cb::11) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH8PR11MB6780:EE_|DS0PR11MB7407:EE_ X-MS-Office365-Filtering-Correlation-Id: 44f32495-279a-439d-b73a-08db55b1f2c1 X-LD-Processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ccIoX/rkZRDI0MypHe9+nv7LjyOat01i45zCEqigAA8O2u6TNYYJpCGzKW4908ZaKVlfDQyR1J3DLMQ1v5bb3STlV+ieym8lsuwMAFHvyvl66WuaS9oxXjAMCUU9j0fsqZy/18JhS2W7VMNWrL5xY1r/cmo/FxQWE9G67J4jAoeJMBSURyA9DJhCuaEmI36Dg/u62KLmVgktHsMnVWItjh5mvpgdSTjngQzuRxcXuB1t1/dcN9Tvzsl/lc6Hp8JaDvtaLe71XJGkelpCv4++bwp2Q+QCQ5fuTI1yWbKDwWrNPgTYZLWklrTJ3vhLYd5PVsq9aa0RYuNg+d3OhmXuwuFRFAm3KF6rj0hAxqLc/+ELwlOdem37F6o27v/FrlCPCcNEch85WKfP3GMcw655SQTW3IAZRIgIZAgLmrwDwhNa0qLWYWDdvpTylWbG85m1GHe7lfZHKThLHb53dlEn4KC7DO30T1uRLO+6+tICnccdY4YuD1wgIrgQLwEB89HWjXf6u9SNBSeG28iWzfM0gjAwLmhGa+848zALd3OFcgvaT4c6tBYrv6JlgHiE6oU5 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH8PR11MB6780.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(7916004)(376002)(396003)(346002)(366004)(39860400002)(136003)(451199021)(4326008)(66946007)(6636002)(66556008)(66476007)(478600001)(6486002)(86362001)(316002)(54906003)(83380400001)(26005)(186003)(6512007)(9686003)(6506007)(6862004)(5660300002)(8936002)(7416002)(8676002)(44832011)(6666004)(2906002)(33716001)(82960400001)(41300700001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?5I+Uc/y4sjN2qNrWQq7vfAYiOB4f6amE9GKSc3Q/virjzHdFeKrFwOwNdTQQ?= =?us-ascii?Q?YkNa6qd/qIkS+nUNDSdoiVDUamhzqkp5cvh0ND3i2uDUQ3nuCmI1eOYfX0iT?= =?us-ascii?Q?ujOHkLu0wrsCytYCC5Xr0Qd9NHo8/Lv2edvVSPoEbeXvohjVgfH2ay7TgeO7?= =?us-ascii?Q?1jdIInr/0gN/97nlvJn+vd7nBKBHrrw3nRE/30uPlG0ATFLD1a8WHYtxpxUj?= =?us-ascii?Q?dx7HnoycUBqjQ0LcND3Mpoml61TusfR9Rda9BahxLrQze2RUsJkRtjNlydjJ?= =?us-ascii?Q?K2Dpjy6Uv0yWJ/CtLpdAjPywjVt8p8G5o37rQpXpLvLqBZzdL7BfXdBTdO/F?= =?us-ascii?Q?Vx9epFRxuXK9qZwR/6457bjbAfxYMjYOt9hfq1bpcBL0qYs+Q8q6fQbv4WTD?= =?us-ascii?Q?8Kpnz81SSXpNBt8d/yWfxdjltdvU3zdwo94tfjoxwXONi8GYX6L8B39Bg6XW?= =?us-ascii?Q?wWoJPCLnOTzte2TnmaWUjMce/Dl2Slv+HTaLtDxryG2gYnyGJiT+wkwKwTpV?= =?us-ascii?Q?dK6Qd2eGtAacwWCYR1+kkKT+oafi6GtPjujGkltvWJ7btAXlAeVdcKXRSiBP?= =?us-ascii?Q?inBgftn3Dx3Uj15Mr+tBllbk1iwt/ZKYz2Zq6JA2bTJqQ3wTMG2lfFqgBMUT?= =?us-ascii?Q?LyenBh52MqdnWVamGQ1/rcP74/4oKyXKoif1PVuVS4iSxDXvyzSuN2dOCRnA?= =?us-ascii?Q?tKxlhIkfZlgLemtQU1uVb4DkGqXAFI5J6HpsLhkGZ9IJlV7IB+0I9roI0QqQ?= =?us-ascii?Q?4Sewou9of7ft4HbQMol6fmUSD7g+Oiyah5k1u4HfkwdHJUH491O6Q7t4GpsZ?= =?us-ascii?Q?d7EAADoXmRDFlpu+vzaSpR1/XBypwUzde4aKfu/nZ0CBoxIjwp1/odpIEIBb?= =?us-ascii?Q?wb2L8YgG3ZJ/DkuUMwcKuE5tKdZ050gplTa4S124CNp7XKQ7+HJcHrs47QJq?= =?us-ascii?Q?zw3ovGv/muueIgD2/19Xy5V7zL+B/i3s1zvE4FV7oOPWe+G95it4+RHeSOK0?= =?us-ascii?Q?GhrFHUSX4bSzw51jdE5XBj5ZbBaRVQo/TmrwV3EYAjIMEnOpv9PVW1B1mj9B?= =?us-ascii?Q?2I+SwUcA2wPNZa+fO8FB8oYxrgv4JKwH8bduAumwhHD8N7RE6sXhrKDJFPFf?= =?us-ascii?Q?VRkz2z7onv9qkU3Byk6XqGkgqOT2+VCbdNe/rZiPmxzqzQAROIMnwm0Pa2Zs?= =?us-ascii?Q?cgcjts8qUDcuWzy79jCj6ntKCIDBISRaCxHxWVELYj75KtsFB13mS0ODJrNC?= =?us-ascii?Q?YZ4OBp5Lnlc2MrGPR8u3wwLm0Uok6/VubHmiVCufioNK/1qY2c+9KxODWyr6?= =?us-ascii?Q?vhxseapkq6PIxo9mf+P3zcCTZt+jHRIKbp4KyhGy9+FX5jWD00wmefQ4tT25?= =?us-ascii?Q?v13zVCimW+cUSw8PfH7mgecejXwBGxHY3eXQldQ7FJytMAy8IuYRGmMORVau?= =?us-ascii?Q?dxt0X4tTLFODoRGEIIl2PWQixH9Zgkm/3Eu/cB5hIBP6KH/sFIvshic9RIdn?= =?us-ascii?Q?cgzNY+TNQtAlwoJ0Z6Xd7ndSElSo5vzffaP6Kll+KqwD3rBE68mXcLh4NVm8?= =?us-ascii?Q?b0IZpTP2UBnB69gJ5Ff/Sfa8inkOeRndTNQUTd3b?= X-MS-Exchange-CrossTenant-Network-Message-Id: 44f32495-279a-439d-b73a-08db55b1f2c1 X-MS-Exchange-CrossTenant-AuthSource: PH8PR11MB6780.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 May 2023 02:04:57.6993 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: YC4+rJJTDnAUeVnQSrpV4AZyAHIcFK8/wcSx8O5XRs0axo5/vBjj3VrFMdkuaP9ZOaHSU8oMmSnbdMr0SIFL9g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR11MB7407 X-OriginatorOrg: intel.com X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_PASS,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, May 15, 2023 at 02:53:07PM +0800, Xiaoyao Li wrote: >On 4/14/2023 2:25 PM, Chao Gao wrote: >> From: Zhang Chen >> >> Add a kvm-only CPUID feature leaf for CPUID.7.2.EDX and RRSBA_CTRL >> as the first feature in the leaf. >> >> RRSBA_CTRL is enumerated by CPUID.7.2.EDX[2]. If supported, RRSBA_DIS_U >> (bit 5) and RRSBA_DIS_S (bit 6) of IA32_SPEC_CTRL MSR can be used to >> disable RRSBA behavior for CPL3 and CPL0/1/2 respectively. >> >> Note that KVM does not intercept guests' IA32_SPEC_CTRL MSR accesses >> after a non-zero is written to the MSR. Therefore, guests can already >> toggle the two bits if the host supports RRSBA_CTRL, and no extra code >> is needed to allow guests to toggle the two bits. > >This is a bug that also matters with other bits in MSR_IA32_SPEC_CTRL which >has a dedicated enumeration CPUID bit and no support in KVM yet. Do you mean passing through the MSR is a bug? guest can write any hardware supported value to the MSR if the MSR isn't intercepted. I guess this is intentional and a trade-off for performance (note that context-switch may cause writes to the MSR). And see commit 841c2be09fe4 ("kvm: x86: replace kvm_spec_ctrl_test_value with runtime test on the host") it appears that this behavior is widely recognized. > >I think we need to fix this bug at first. I have no idea how to fix the "bug" without intercepting the MSR. The performance penalty makes me think intercepting the MSR is not a viable solution. > >> Signed-off-by: Zhang Chen >> Signed-off-by: Chao Gao >> Tested-by: Jiaan Lu >> --- >> arch/x86/kvm/cpuid.c | 22 +++++++++++++++++++--- >> arch/x86/kvm/reverse_cpuid.h | 7 +++++++ >> 2 files changed, 26 insertions(+), 3 deletions(-) >> >> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c >> index 9583a110cf5f..f024c3ac2203 100644 >> --- a/arch/x86/kvm/cpuid.c >> +++ b/arch/x86/kvm/cpuid.c >> @@ -685,6 +685,10 @@ void kvm_set_cpu_caps(void) >> SF(SGX1) | SF(SGX2) | SF(SGX_EDECCSSA) >> ); >> + kvm_cpu_cap_init_kvm_defined(CPUID_7_2_EDX, >> + SF(RRSBA_CTRL) >> + ); >> + > >Please move this hook up to right follow the leaf CPUID_7_1_EAX. sure. will do.