Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Message-ID: <67250373-c5f4-d1d7-9334-4c9e6a43ab63@intel.com>
Date:   Wed, 26 Jul 2023 16:26:06 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.13.0
Subject: Re: [PATCH v4 09/20] KVM:x86: Add common code of CET MSR access
Content-Language: en-US
To:     Chao Gao <chao.gao@intel.com>
CC:     <seanjc@google.com>, <pbonzini@redhat.com>, <peterz@infradead.org>,
        <john.allen@amd.com>, <kvm@vger.kernel.org>,
        <linux-kernel@vger.kernel.org>, <rick.p.edgecombe@intel.com>,
        <binbin.wu@linux.intel.com>
References: <20230721030352.72414-1-weijiang.yang@intel.com>
 <20230721030352.72414-10-weijiang.yang@intel.com>
 <ZMDMQHwlj9m7C39s@chao-email>
From:   "Yang, Weijiang" <weijiang.yang@intel.com>
In-Reply-To: <ZMDMQHwlj9m7C39s@chao-email>
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?UFlra2JhL3p0eDRrR3VscDVrQzZxQkJGSTNjYWFBeGZ5NnhZNFh4eklyU0xZ?=
 =?utf-8?B?eGh2bEJSbzVKang1czhUV1kwK3lKc0JPNk1wRlY4bXdQb3FDOGFDNXN0djBH?=
 =?utf-8?B?blNlaERxYnV2ZCtSY2lKZEZPQW9OUjZXS2JlNEplY3QvZUx2ZURyTURybEdN?=
 =?utf-8?B?WmpKb0l0emFsMjh0UXVZL3FVR3N1RFFoMXRpSHo0dDR4NmY3V2k0ajd6eUhp?=
 =?utf-8?B?TnMwRUlPWFdRNUdjS2tCUE4vZGczazNDTUlOcEo3WDY5U2llNFZXRUNneHdD?=
 =?utf-8?B?aktoOEJIRUUzTDN6UDVqSi9XYTA1RHU4MWdPd1VoZlc0M1VxZmJoQThtV0hy?=
 =?utf-8?B?b08yOXAxMmdOT0xXNExXUytMNElGWjYyOEJVWWlKSGtKM3BwWE1ja1pmRjNH?=
 =?utf-8?B?NlJyakVuQVZseVpJbjVackhUODJQZktyQjhRQWZiVUZkQWdYYlFlR1F2bURH?=
 =?utf-8?B?Nmlvd3JoTmp0UEpYeTB6SjdNeTUzU2FmRzVxTUYvTlR4QXAyT0lRc0JMTjBM?=
 =?utf-8?B?OTROWElrZFVaR01SY3o1SUxybllDUHRJQlEvcjBXOTJpa1lUM2k1VVNBS1U0?=
 =?utf-8?B?VnFkcVBrZ2w0bVZEcjIrQnFGNDNNWGMzV3RxMkJ6Q1laVWdhRTZFc0Jmc2Z4?=
 =?utf-8?B?TkF2Z25NVnNWTWgyMFh6UFZubVNHMERGQWN5M3c0QTRQZHlySWtXeDhMaEc2?=
 =?utf-8?B?RXV6UksrZkNCdHlxR1ArK0tBOWdweHJpRld6V2QzUkgwS25GQWp0NGlzeFg1?=
 =?utf-8?B?ZHZiU2QyMTFXdnpMMmc2SW9Ub01iL0hPU1FyMUhITGRBR0d4VXNFcHJVMnIx?=
 =?utf-8?B?M3BOWlMxeU8vY0lneVJFUXlHUU8xM0dPUWZTU3pGaWV6N0VCNnRHRmxKZmpk?=
 =?utf-8?B?S0FSZHFHaFB5Y1dxRTJJNWpldVBoeVUvSmRnWnpjbEpEeWozMTl6N0dHeWdh?=
 =?utf-8?B?dHlzdkl5OGpaT25uL043SEJSdlAxTnNrZ0dGRXMvK0pCeE1wMWdsc0VqYlhl?=
 =?utf-8?B?NW1VVU1NTFdYK3dlaFZGa1BNK0h0cHd3enZ2S2dIZUFqb2J0VERGbVUvcEZD?=
 =?utf-8?B?WlkrNEptT1VaOVFoKzdqUWZUWWdmOGRUdldUTG96MUFmSUpENEcvVjNpeFZY?=
 =?utf-8?B?dEVJc1dUdHVaOEMxSUg3aHdPeEpEK0RrdGVjMjFIWVIycmVZZklMS0VXWUdk?=
 =?utf-8?B?SUN1dkJPY1VhbjBVRy9CMDJCUmVlbmtlSGY5U0hjRG9odW95TnhnM3VRcGZC?=
 =?utf-8?B?c1FDR2JIL21makx3bytVbEo5UHZaL2xwaUt3eVFTcXFkTW8rVnJ5bkhZL1FG?=
 =?utf-8?B?ZjZLcXY0c2lGTFdUQ1IvaE40ZjNXWGtPK050TmF3WVRLZmhlQlJ1ZUFCZ094?=
 =?utf-8?B?VkFSdWQ0Q2R3WmlIby9JZVNMK0laa0NSc3NOTnlXK0l5bzZKVGw0ZXNBcVJM?=
 =?utf-8?B?N2FHV3gzek84cWlxemw2b1ErYk9UcHFpeEdOY1RJSlhPc3RqbXJoS3doNEpr?=
 =?utf-8?B?WG9YVTZxSVRUQ1lteXBGY1M4MXlQd1ZaL2VNNFAxNHZxMVJtSDRuNmRiOEJt?=
 =?utf-8?B?MVAvTDNyQXNOazZ2UG5XR3RkNStNVVBWS0FDTlZmOElQOXZmdEhQOWxvUkNX?=
 =?utf-8?B?SkFBT215OS9pbjlFNVorVWZ0U2hsbFZlV2hrQ0ptYUlmejZhU090Tyt0Tjg3?=
 =?utf-8?B?UnJQLzRHYjk1QTZCY3NYb0tHWGtSR0VXM1B0KzhIV1NGWG40OHd1N0lZUUNL?=
 =?utf-8?B?eVE2ZDBneURZNjdCb1lCbi9xYTMrWm1rWjExcmdkQ2RjcjUyWlk1VE1NaXU2?=
 =?utf-8?B?QWtMSHU0cDVFSFFFOVkwWDlTcXFFZ1FHWUVoMWxxVHZlNUd4ZXJsYVZqeUpu?=
 =?utf-8?B?NmZKaW9LdWEwWHk1d2J1ZVA3VzZmeFRYSFVsZUI2VzBNcklRTkZtRTBqVzFP?=
 =?utf-8?B?VS9GOFgrSlZkQnZIcHQ0aFBSZGUrUWp4WnhocHFhaHh0MGxRMk9manRrNWRp?=
 =?utf-8?B?SXMvVlloUDQrTTVibEprKy9Kb2xtYkhYRFpWUitqeC90RzJHQlk0cVR1V2ph?=
 =?utf-8?B?Qkx2eXM1dGpGL1NRZm8wd0xCMmdyZVVRZXpOY0lZSDZjcklhODkxNkR5VkVa?=
 =?utf-8?B?WW5vSzRNRk9Sd2N1Tmkwdld0RTY0cEhFaE9RbjZyUThIQlAvZ0NTRzZ6U21i?=
 =?utf-8?B?Z2c9PQ==?=
X-MS-Exchange-CrossTenant-Network-Message-Id: 4844bf55-52ac-4e06-e1fe-08db8db1fc7b
X-MS-Exchange-CrossTenant-AuthSource: SA2PR11MB4972.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jul 2023 08:26:19.2030
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: gRTIyUA6QN+1v+v1jIzxCOSZoGmaA4YeGyI0pzInW5GFQiseoS32Bx1iKaFoYJmav0yWfVpKfKg1/eIrDX9pkw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR11MB6532
X-OriginatorOrg: intel.com
X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,
        RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,
        URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


On 7/26/2023 3:33 PM, Chao Gao wrote:
> On Thu, Jul 20, 2023 at 11:03:41PM -0400, Yang Weijiang wrote:
>> +static inline bool is_shadow_stack_msr(struct kvm_vcpu *vcpu,
> remove @vcpu since it isn't used. And I think it is better to accept
> an MSR index than struct msr_data because whether a MSR is a shadow
> stack MSR is entirely decided by the MSR index; other fields in the
> struct msr_data are irrelevant.

Yes, I should have removed it, thanks!

>
>> +				       struct msr_data *msr)
>> +{
>> +	return msr->index == MSR_IA32_PL0_SSP ||
>> +		msr->index == MSR_IA32_PL1_SSP ||
>> +		msr->index == MSR_IA32_PL2_SSP ||
>> +		msr->index == MSR_IA32_PL3_SSP ||
>> +		msr->index == MSR_IA32_INT_SSP_TAB ||
>> +		msr->index == MSR_KVM_GUEST_SSP;
>> +}
>> +
>> +static bool kvm_cet_is_msr_accessible(struct kvm_vcpu *vcpu,
>> +				      struct msr_data *msr)
>> +{
>> +
>> +	/*
>> +	 * This function cannot work without later CET MSR read/write
>> +	 * emulation patch.
> Probably you should consider merging the "later" patch into this one.
> Then you can get rid of this comment and make this patch easier for
> review ...

Which later patch you mean? If you mean [13/20] KVM:VMX: Emulate read 
and write to CET MSRs,

then I intentionally separate these two, this one is for CET MSR common 
checks and operations,

the latter is specific to VMX, and add the above comments in case 
someone is bisecting

the patches and happens to split at this patch, then it would faulted 
and take some actions.

>> int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
>> {
>> 	u32 msr = msr_info->index;
>> @@ -3982,6 +4023,35 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
>> 		vcpu->arch.guest_fpu.xfd_err = data;
>> 		break;
>> #endif
>> +#define CET_IBT_MASK_BITS	GENMASK_ULL(63, 2)
> bit9:6 are reserved even if IBT is supported.

Yes, as IBT is only available on Intel platforms, I move the handling of 
bit 9:6 to VMX  related patch.

Here's the common check in case IBT is not available.

>
>> @@ -12131,6 +12217,7 @@ void kvm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
>>
>> 	vcpu->arch.cr3 = 0;
>> 	kvm_register_mark_dirty(vcpu, VCPU_EXREG_CR3);
>> +	memset(vcpu->arch.cet_s_ssp, 0, sizeof(vcpu->arch.cet_s_ssp));
> ... this begs the question: where other MSRs are reset. I suppose
> U_CET/PL3_SSP are handled when resetting guest FPU. But how about S_CET
> and INT_SSP_TAB? there is no answer in this patch.

I think the related guest VMCS fields(S_CET/INT_SSP_TAB/SSP) should be 
reset to 0 in vmx_vcpu_reset(),

do you think so?