Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp1825998rwd; Thu, 15 Jun 2023 16:44:26 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7qX2RL7ln+HsmQzgpqSQdHkIBjYPD7zMFDDbVg+JsjuMIZLNGDOjnmGQXnHvE/fn3klibh X-Received: by 2002:a05:6358:5157:b0:12b:d09f:221e with SMTP id 23-20020a056358515700b0012bd09f221emr210925rwj.13.1686872666378; Thu, 15 Jun 2023 16:44:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686872666; cv=none; d=google.com; s=arc-20160816; b=sTLk26fH3w2MOgO48ecMdGBE0m6hBTEJjOVb/LeVeQHBAHGkojKg/hKGrHqpoirwup wcjiqbod+GNcspDliPU2FJe1Ea6l21Sqoe2ZqzlonhltM6gBUpGeos/XYxm0PN0CPszT dGp2i2O8N1AEWQY7ZgMLIVv6THpeLZoNykPhVPvd0KVpFJb80+QRpccBAZ/DI8+3HIQa u4r3hzMDIlQ1/ju4LS36x7Z+zdnZjUdLeB2ZiFJkXG3EgYLViVLvpTLMKvxQFS8Z9qLV Y9GcmJ6PFmy8WrO2oTYv4BR+/9KXDlBqBLMOZ+1kEA3zuFCQxZNiTvEwaXmxQwaxboLe +ntQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:from:subject :message-id:references:mime-version:in-reply-to:date:dkim-signature; bh=vyL+qgKJrcKsdTc3WR8O7KWE3ZdhseNke0mLmEAF7qY=; b=v5aUp5DZ/EzyFGuJUf/ItoYJkg1dqapgDXuNan/SnYJSe6soKx4ED3RGC5ykVcHg0Y wCaB46hvquFAQOi/gM8ML/MRAquPRFEVnOX8O+Wrfum47qS8el2mt7Ic7aKx91E2Ioei GPaCvGQJHIqJLnHzN76Ymmp4wpeqgR+diMojbuXwXS1LAd2nEFc3nva8Bc/Q9J4tX6P9 3svgo430Omrp4P7QtL4WWt7izT4crsaTTUaTLCjHqOYfuBpTq0zcExDq89Oc1Oq+eknC ZzklN6K9hI8gl69IvmG/Syr5aJsm8CyrNRyq1MplpwihM+Aop2fo8++BeBpRURqDbatA t0fQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=GcNnMG4g; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u70-20020a638549000000b0053439c1712esi1784112pgd.713.2023.06.15.16.44.12; Thu, 15 Jun 2023 16:44:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=GcNnMG4g; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231192AbjFOXbA (ORCPT + 99 others); Thu, 15 Jun 2023 19:31:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53838 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229588AbjFOXa6 (ORCPT ); Thu, 15 Jun 2023 19:30:58 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8006C171F for ; Thu, 15 Jun 2023 16:30:57 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id 98e67ed59e1d1-25ea8fb138fso147360a91.1 for ; Thu, 15 Jun 2023 16:30:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1686871857; x=1689463857; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=vyL+qgKJrcKsdTc3WR8O7KWE3ZdhseNke0mLmEAF7qY=; b=GcNnMG4gLuWH2DzhqEsZ69wits+33+UN7SvejxrIqgg/c2BTzmlx5wx+ZDiyj+UcJi YcGr7b8cseUjr+AJqUqP+fautL1pmEdxqVjop/kzh/wWnRMexTz4nDKnhATbltXw0bO6 RPNByW+psGHEvmmSVAPSeceAqArTPJ3m2kFtux1NSRQTOty5MXhMgq+gMjDj16PUTwYv v93cjHFn3xB2DJb1Fixja117EYkNx4PmnF8iZmSbG0dxmC4YpwzuDJilhTrPVfvj2Gq3 ZT94rD+97BmgmG/89s0bsW+byYQGI7NChbbOz4Gh8gBO740udK+Mrh1Mt+Hy9VXDnr5f TEng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686871857; x=1689463857; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=vyL+qgKJrcKsdTc3WR8O7KWE3ZdhseNke0mLmEAF7qY=; b=IuCzTpcMSr6yharFt0cpy2OrgTnpuI0HhK0i5tgmv+lc9L6tn3Fjvfd+pu+2eB0rJr aj+ei5MCN1HjZK12TqygXKoxsqdjrqlghkWorsKAa6IPI2u5yK0lzVchc3ulmmz0UpxD CtifB6R/sliwktcmVfys2rYSdmSiOSrvkD3O+daKnt72F/QXFeuDt3o2JTDQxjtyJKhe gs9gpNIc9+eVcCUWpeZ/ZqOk7MIJgcIc4sT5KEK3BHVGYPFOAh6Re4vH9qcCjhw+i7Fl ZRVePOx3mng5U2t8HA9TxvRpHmzsbEWGj81y/kgT2z6cZqqATAb/8d/jQEjiMTVT/vOM EU+w== X-Gm-Message-State: AC+VfDwoc1tKKP0HUhfsa5mEQOier9r5c4oVAMrquQ//0bp+2KOxkA3z uUgqrfdejUADXbT5vr+FOR4rT/NJlsM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:2f43:b0:253:3b5f:fde1 with SMTP id s61-20020a17090a2f4300b002533b5ffde1mr1036267pjd.1.1686871856868; Thu, 15 Jun 2023 16:30:56 -0700 (PDT) Date: Thu, 15 Jun 2023 16:30:55 -0700 In-Reply-To: <20230511040857.6094-1-weijiang.yang@intel.com> Mime-Version: 1.0 References: <20230511040857.6094-1-weijiang.yang@intel.com> Message-ID: Subject: Re: [PATCH v3 00/21] Enable CET Virtualization From: Sean Christopherson To: Yang Weijiang Cc: pbonzini@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, peterz@infradead.org, rppt@kernel.org, binbin.wu@linux.intel.com, rick.p.edgecombe@intel.com, john.allen@amd.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 11, 2023, Yang Weijiang wrote: > The last patch is introduced to support supervisor SHSTK but the feature = is > not enabled on Intel platform for now, the main purpose of this patch is = to > facilitate AMD folks to enable the feature. I am beyond confused by the SDM's wording of CET_SSS. First, it says that CET_SSS says the CPU isn't buggy (or maybe "less buggy"= is more appropriate phrasing). Bit 18: CET_SSS. If 1, indicates that an operating system can enable supe= rvisor shadow stacks as long as it ensures that certain supervisor shadow-stack = pushes will not cause page faults (see Section 17.2.3 of the Intel=C2=AE 64 and = IA-32 Architectures Software Developer=E2=80=99s Manual, Volume 1). But then it says says VMMs shouldn't set the bit. When emulating the CPUID instruction, a virtual-machine monitor should re= turn this bit as 0 if those pushes can cause VM exits. Based on the Xen code (which is sadly a far better source of information th= an the SDM), I *think* that what the SDM is trying to say is that VMMs should not = set CET_SS if VM-Exits can occur ***and*** the bit is not set in the host CPU. = Because if the SDM really means "VMMs should never set the bit", then what on earth= is the point of the bit. > In summary, this new series enables CET user SHSTK/IBT and kernel IBT, bu= t > doesn't fully support CET supervisor SHSTK, the enabling work is left for > the future. Why? If my interpretation of the SDM is correct, then all the pieces are t= here. > Executed all KVM-unit-test cases and KVM selftests against this series, a= ll > test cases passed except the vmx test, the failure is due to CR4_CET bit > testing in test_vmxon_bad_cr(). After add CR4_CET bit to skip list, the t= est > passed. I'll send a patch to fix this issue later. Your cover letter from v2 back in April said the same thing. Why hasn't th= e patch been posted? And what exactly is the issue? IIUC, setting CR4.CET with MSR_IA32_S_CET=3D0 and MSR_IA32_U_CET=3D0 should be a nop, which suggests t= hat there's a KVM bug. And if that's the case, the next obvious questions is, why are = you posting known buggy code?