Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Date:   Wed, 26 Jul 2023 15:33:20 +0800
From:   Chao Gao <chao.gao@intel.com>
To:     Yang Weijiang <weijiang.yang@intel.com>
CC:     <seanjc@google.com>, <pbonzini@redhat.com>, <peterz@infradead.org>,
        <john.allen@amd.com>, <kvm@vger.kernel.org>,
        <linux-kernel@vger.kernel.org>, <rick.p.edgecombe@intel.com>,
        <binbin.wu@linux.intel.com>
Subject: Re: [PATCH v4 09/20] KVM:x86: Add common code of CET MSR access
Message-ID: <ZMDMQHwlj9m7C39s@chao-email>
References: <20230721030352.72414-1-weijiang.yang@intel.com>
 <20230721030352.72414-10-weijiang.yang@intel.com>
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20230721030352.72414-10-weijiang.yang@intel.com>
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?g548oib88JMz/herhejNYWCMRio2HLVlUEYTI+x+rY4z8YkVR3OHxcW0IJbj?=
 =?us-ascii?Q?SSNRriZxYOwxjW8AvTzRFDVkpsDvcRntSelLiXeKa0OWOukMvtdRY3aCQr5V?=
 =?us-ascii?Q?NiRVXy2bWBafptNYQrgtVGRY385NfoligvMggVm3qpfTuJHamFlkI0lj5oPf?=
 =?us-ascii?Q?mBttt7NDuvmF1o5GDQZy06RXHI3r4JlUqEgFhCOxl0LhpRN2u1vFLJdvVoH5?=
 =?us-ascii?Q?o/ndAclayOMgXrf7uopRnshxTdjbgqlL0DoReT6wyg1leLkTwEKalua5Zrki?=
 =?us-ascii?Q?fcHQ7HrAeERB5B4WwsxHWYbhkZBglQvjthVk6LxIDIaqXxSUMQJlR5lijMSb?=
 =?us-ascii?Q?4Lh5+0xPB5/V9nwVVh+IG6PViE6426A0oDXefJlp978HTeJvstQZbttJaJFg?=
 =?us-ascii?Q?r/GmYc6TANobFAF7Vy/c1sTXAfi8PY6qemqyIQhmf9mM+RQj2xHqNwHnhN0g?=
 =?us-ascii?Q?DPb/ref+AWfLx2tnXlL/GlyF0L84pPi6re0YJ+g+NQvPn0w3GSPfsvWN3+f5?=
 =?us-ascii?Q?F21UrWdozotU7FA8p8U3v03LM2k9tfB5AKD9nspZSvI6AcoR7UOwV6CCVTC/?=
 =?us-ascii?Q?UHIoKMzZhWJwuoffYMETDvvJQd8RTg7NsLFXXr+kw4048aWHN6Rrog8dDeX7?=
 =?us-ascii?Q?qORQqsHe3ZTaOvpH6mnVQ7eLowRMj0gQCBhPRc0KM38OZEThRvnkJJUh4e7F?=
 =?us-ascii?Q?y6JDorQzpdjtnePsGLBQxyEqXtmAIZoPF0/YLynw3iUiQ5+rNtg52dSFLn6t?=
 =?us-ascii?Q?WYP4B874u50vdlXxHEFBoeTU4fXWvdhTdryO3wp6lsNpw8UmVYuQe7NrGC9U?=
 =?us-ascii?Q?wWD1cCA+BNH8rznPLO+QK9UAfRfM7uExeAv5ZI+Q3oJ3QJQ8RVZyOXdTtSRI?=
 =?us-ascii?Q?lc4L50agdMOMQbQHjXQLoWLqmsRTGg4KH8ai7PDkVlBLqbgDm0UwfT8qNDW+?=
 =?us-ascii?Q?MqOt4Pj6rQILKB8UHTtxg4zCDOqc37TOyz4yZYolFpJWbThq4AtPZ5oJ55z+?=
 =?us-ascii?Q?dx2RQbJSpKl+jUf+L/ucMLSPOiHBw/fnEKXg2Pke+h0xRzylVaFVKGCLycMO?=
 =?us-ascii?Q?IZTCgRm56B7JvG7zHNUoTYf9ZymXix6y8zIP5PswQbi73e22/d6UfH/uEUgG?=
 =?us-ascii?Q?PbQR3nE15MDvTvqSDXgZagT3PUHUaxr4VARWOhbjKFGnZWs4V0hRdWYFWviH?=
 =?us-ascii?Q?UmXzTYQM3+tjxcZJnNcNvM8cduz0gG1v+ebw6beB2Idz0gWdIdNsfO0gG3A3?=
 =?us-ascii?Q?ehCVJLpsqR9t0+ruspulRvGd12/v2AvY3FNqj5YepxgBzUUbRWPuBD76QRgf?=
 =?us-ascii?Q?NX60lX50Za5rsd7aFtLQr8rw9OF16WRSrpM17f+k8Ty4aut5/zOKbtxbRYIx?=
 =?us-ascii?Q?tT8MXlBLw4nx7p1Gx+G5pzEPgD7EOxd0xgOunWeJwt9jsN8MVNU7rn+GtbGO?=
 =?us-ascii?Q?hATmj17RFTEr5cuG55jqfOe2gn/Uw6VLgUBKIkcl6sbbni1RLPebwpI/MqXS?=
 =?us-ascii?Q?JzlsqlOQVnKvpOonf6VwqAD5WlSsFfODZ0m01M2scQdp/Jyer8feUwUM8MBa?=
 =?us-ascii?Q?Nsxn+PYGu5NMM0AiB+AmJSzb+u4L6dTcKTArZ3sJ?=
X-MS-Exchange-CrossTenant-Network-Message-Id: c2fb50b5-6879-416f-7841-08db8daa9bf8
X-MS-Exchange-CrossTenant-AuthSource: PH8PR11MB6780.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jul 2023 07:33:30.5036
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: WmxXw3v7aIB56XnilS3AiTp0SY6+qZbGNf1kyDJlVCeFl4V/Z4JMaA2YBafk634kU7fb60umIFlqOUF62IY0hw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR11MB8748
X-OriginatorOrg: intel.com
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,
        T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Jul 20, 2023 at 11:03:41PM -0400, Yang Weijiang wrote:
>+static inline bool is_shadow_stack_msr(struct kvm_vcpu *vcpu,

remove @vcpu since it isn't used. And I think it is better to accept
an MSR index than struct msr_data because whether a MSR is a shadow
stack MSR is entirely decided by the MSR index; other fields in the
struct msr_data are irrelevant.

>+				       struct msr_data *msr)
>+{
>+	return msr->index == MSR_IA32_PL0_SSP ||
>+		msr->index == MSR_IA32_PL1_SSP ||
>+		msr->index == MSR_IA32_PL2_SSP ||
>+		msr->index == MSR_IA32_PL3_SSP ||
>+		msr->index == MSR_IA32_INT_SSP_TAB ||
>+		msr->index == MSR_KVM_GUEST_SSP;
>+}
>+
>+static bool kvm_cet_is_msr_accessible(struct kvm_vcpu *vcpu,
>+				      struct msr_data *msr)
>+{
>+
>+	/*
>+	 * This function cannot work without later CET MSR read/write
>+	 * emulation patch.

Probably you should consider merging the "later" patch into this one.
Then you can get rid of this comment and make this patch easier for
review ...

> int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
> {
> 	u32 msr = msr_info->index;
>@@ -3982,6 +4023,35 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
> 		vcpu->arch.guest_fpu.xfd_err = data;
> 		break;
> #endif
>+#define CET_IBT_MASK_BITS	GENMASK_ULL(63, 2)

bit9:6 are reserved even if IBT is supported.

>@@ -12131,6 +12217,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
> 
> 	vcpu->arch.cr3 = 0;
> 	kvm_register_mark_dirty(vcpu, VCPU_EXREG_CR3);
>+	memset(vcpu->arch.cet_s_ssp, 0, sizeof(vcpu->arch.cet_s_ssp));

... this begs the question: where other MSRs are reset. I suppose
U_CET/PL3_SSP are handled when resetting guest FPU. But how about S_CET
and INT_SSP_TAB? there is no answer in this patch.