Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Message-ID: <2af0d399-727e-ae24-ef7c-7064240c735a@intel.com>
Date:   Wed, 24 May 2023 14:35:20 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Firefox/102.0 Thunderbird/102.11.0
Subject: Re: [PATCH v3 18/21] KVM:x86: Enable CET virtualization for VMX and
 advertise to userspace
To:     Yang Weijiang <weijiang.yang@intel.com>, <seanjc@google.com>,
        <pbonzini@redhat.com>, <kvm@vger.kernel.org>,
        <linux-kernel@vger.kernel.org>
CC:     <peterz@infradead.org>, <rppt@kernel.org>,
        <binbin.wu@linux.intel.com>, <rick.p.edgecombe@intel.com>,
        <john.allen@amd.com>,
        Sean Christopherson <sean.j.christopherson@intel.com>
References: <20230511040857.6094-1-weijiang.yang@intel.com>
 <20230511040857.6094-19-weijiang.yang@intel.com>
Content-Language: en-US
From:   Chenyi Qiang <chenyi.qiang@intel.com>
In-Reply-To: <20230511040857.6094-19-weijiang.yang@intel.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MkJJNEsrN2FhNmFMLzBaRVpZdXpEa2pjbkV4cXdmYUNOZFNTZENJdU1Ca1Zq?=
 =?utf-8?B?RU5keGNTNGZrOEREMkFFbmpUektOMVVyTXlsRU5IUnI1TXY1b3lJZTlEM21F?=
 =?utf-8?B?dEUxQ3VQQmY1QlpyU25nWkZrZmpKMkIvdWlMNkhyNHFIazB0SFFGRzBLeG8v?=
 =?utf-8?B?ZS9IaGpxTEhSZGZxTHlmejBqSTZPaGF5UUdGYm5iOE0xTUJ3azFoandmZ0o2?=
 =?utf-8?B?TmN6MjZWSlU2RVJER3BrcUxDMzRKeTBZeVB3alR4RHd1ZHhQRkpJTC9VVlBY?=
 =?utf-8?B?NFhhSmo1ekF1VkJXY1VlcGFtMnhrOXRWb3Nvd0grK3haTlI4ZE5saXdYNHR4?=
 =?utf-8?B?M1U1bVpzaUtZeVArZGtVaHhVR09OOTNIRU9UUnZ3L0sxbHlsa1ZlbU9EWmV1?=
 =?utf-8?B?MGdRbjgzT0crc2o0dzZCWGlQU3o3WHdHREhHQ3FUTVVsa3Iwb2ZCencvMVht?=
 =?utf-8?B?alpsM0ZWV2FTeTdkUkIvR0pUdW1GK1FHTnJlWSt6bzdUU1l5dzc5Mk9nN0xU?=
 =?utf-8?B?TjNxTTY2ZXh5OStjRlFLUnRRM3ZtM1NHdjUveXRXWmJkaTZ5RkF5NDFBc1FV?=
 =?utf-8?B?ZTZRbEpOM3JyNDZFMy9hbE5pL3UreGd0KzZjb0tOcm9raXZWeGdFVXkrVDFj?=
 =?utf-8?B?dXppSzVTMVl0VytyNGxBMkdWZjI1di9hM09hb2xiUW03RzhDM3M4bFRTU016?=
 =?utf-8?B?eTJTNCt3WVM0MTFHNzUrS3F3aEpiUmkvY3dNa1dJU3ViYmdGek1IZ3E0U1li?=
 =?utf-8?B?UVFvRXhqaURnUVc3Y09uT1ZtL1NwSEhHMEdZNlN1RjhWcWFiV2dqZ0xqMDdn?=
 =?utf-8?B?MGhmWk56N0M2dUdBRmlFckpBaGo5SENhajl4VW00Y0ZjVWNneDNCeURVWjNS?=
 =?utf-8?B?NWJ6NStsQkU1VmhkUU45cG4xTkVuUmRDdUZ6QjNDVGVZbFdFVVJnN0d2MDRm?=
 =?utf-8?B?T2QxdkF1dXg3aEVQOWN3V3RYMFZEbVpmSDY2N3JqV3JEVy9pUkR3ZWFTU01k?=
 =?utf-8?B?TStKZ29Wa1l0d1dESXNrd1V5M1pJOWlpdnZqa3FGOFBQd1NEZEhRTnJpU3VK?=
 =?utf-8?B?RUhrc3NpRXpsb1NRbXZCeHRhTnN6SFJ4YzRUa25vbWtHMUUyUkZUZGcxMmNL?=
 =?utf-8?B?WjNqNXNsQnA2QmUrL3QzT09sWkNQUjNaaTg3NWhLNDBCbU5vejZHWWgzUk5X?=
 =?utf-8?B?WkdsZDhkZHA2cFF3NUtCWE9BMFA0eHY4SXliZzlwZktaNWhGY0I3eHNEYkVZ?=
 =?utf-8?B?ZnZCTjBwTjZ1eUpLNlVlcXJVM0hZME5CRFZ2ekFFMmwrdlBDaDEyZ2xXL3B6?=
 =?utf-8?B?T1ZmYTh6OGdSa0JmZ1loS09UVjk3VEh1dFVVbHJ2OWZGOWhYcUVUV21laldG?=
 =?utf-8?B?YlNDUXBQcWtzU0tmWDdFcG9pSndIWm5SQVpyM21lZWN2R1h6QjQ3MmlXejNB?=
 =?utf-8?B?N1NJTkZlZE1OcVQzejVrbVpyTEczS1Z4OENYd1lNa2VmQTBSUXA3eXVzckZJ?=
 =?utf-8?B?V2szdUhQOHhCbGFlWmFlOVVPWS9nTkM4MVNDbVZaaHdLZFhnWmRpMDNCSmZl?=
 =?utf-8?B?K01JSXRjM3pkaXM2ZXEzbDhpVlNjMG9iTm94TXJ3bEhVSUhXNVlEMysvdmJH?=
 =?utf-8?B?TDU3NEFMMmQ0R21nV2ljc25VZS9EbVRKTldnY2JrQ1RMazVCSHJnbUtCdSsy?=
 =?utf-8?B?K3J2RG4zZlNqWFNHQU1EZjFtMVJ6SFpvRnZVemdPUmNicENMRFhrZkRJNmY0?=
 =?utf-8?B?RDZIU01YQkJjeHRnWktWcS9qaVlvOXpJY0dyRWR5YWZaV0tZRm4yd3B2SVZB?=
 =?utf-8?B?YjhBWEl2ZmxCVHM1aGl1OFBka0FqOUE3bzBsdkV2Z0VqVm5CT3RPUHF0ZW9n?=
 =?utf-8?B?YklncVljMWxxV2N3T3pYbzNFM2RIMTMwdktUVHRnQmlzMXBNMCs2dU5GYmd5?=
 =?utf-8?B?d0dSbUd1S3RQVTRFU2J0MTlCYWRJSDR5U1d6UnVPZjRmKzQ5N05mQy83enVz?=
 =?utf-8?B?aytPd0NUclRvTUcxbzBMckRTanRKTnFmREEvYS9kUUJhZzRCU2NkbFkzY3pQ?=
 =?utf-8?B?eWRDbDlWT01NcXQ1MUt3V3ZzYitMQTJwTVdiY0YxSm1HNDdvT0pFMS9veDBO?=
 =?utf-8?Q?8brDGZRUqbLTPdW5wNZpH9IMu?=
X-MS-Exchange-CrossTenant-Network-Message-Id: 4ec899b4-2fb0-4675-eb8e-08db5c21122a
X-MS-Exchange-CrossTenant-AuthSource: SA2PR11MB5052.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 May 2023 06:35:31.6317
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 9fj2o8mtmgiHJVBxgYMx39uYCU2NZY4Xb8n1d9XEhUcIDHW4t1kDzwHsXc1UV1vmF0fzv/1i4SZR0CCm+2W9zw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB8600
X-OriginatorOrg: intel.com
X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,
        RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


On 5/11/2023 12:08 PM, Yang Weijiang wrote:
> Set the feature bits so that CET capabilities can be seen in guest via
> CPUID enumeration. Add CR4.CET bit support in order to allow guest set
> CET master control bit(CR4.CET).
> 
> Disable KVM CET feature if unrestricted_guest is unsupported/disabled as
> KVM does not support emulating CET.
> 
> Don't expose CET feature if dependent CET bits are cleared in host XSS,
> or if XSAVES isn't supported.
> 
> Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
> ---
>  arch/x86/include/asm/kvm_host.h |  3 ++-
>  arch/x86/kvm/cpuid.c            | 12 ++++++++++--
>  arch/x86/kvm/vmx/capabilities.h |  4 ++++
>  arch/x86/kvm/vmx/vmx.c          | 19 +++++++++++++++++++
>  arch/x86/kvm/vmx/vmx.h          |  6 ++++--
>  arch/x86/kvm/x86.c              | 21 ++++++++++++++++++++-
>  arch/x86/kvm/x86.h              |  3 +++
>  7 files changed, 62 insertions(+), 6 deletions(-)

...

> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 50026557fb2a..858cb68e781a 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -226,7 +226,7 @@ static struct kvm_user_return_msrs __percpu *user_return_msrs;
>  				| XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 \
>  				| XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE)
>  
> -#define KVM_SUPPORTED_XSS     0
> +#define KVM_SUPPORTED_XSS	(XFEATURE_MASK_CET_USER)
>  
>  u64 __read_mostly host_efer;
>  EXPORT_SYMBOL_GPL(host_efer);
> @@ -9525,6 +9525,25 @@ static int __kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
>  
>  	kvm_ops_update(ops);
>  
> +	/*
> +	 * Check CET user bit is still set in kvm_caps.supported_xss,
> +	 * if not, clear the cap bits as the user parts depends on
> +	 * XSAVES support.
> +	 */
> +	if (!kvm_cet_user_supported()) {
> +		kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
> +		kvm_cpu_cap_clear(X86_FEATURE_IBT);
> +	}
> +
> +	/*
> +	 * If SHSTK and IBT are available in KVM, clear CET user bit in

Should it be "If SHSTK and IBT are *not* available ..."?

> +	 * kvm_caps.supported_xss so that kvm_cet_user_supported() returns
> +	 * false when called.
> +	 */
> +	if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) &&
> +	    !kvm_cpu_cap_has(X86_FEATURE_IBT))
> +		kvm_caps.supported_xss &= ~XFEATURE_MASK_CET_USER;
> +
>  	for_each_online_cpu(cpu) {
>  		smp_call_function_single(cpu, kvm_x86_check_cpu_compat, &r, 1);
>  		if (r < 0)