Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Date:   Thu, 27 Jul 2023 15:41:08 +0800
From:   Chao Gao <chao.gao@intel.com>
To:     "Yang, Weijiang" <weijiang.yang@intel.com>
CC:     <seanjc@google.com>, <pbonzini@redhat.com>, <peterz@infradead.org>,
        <john.allen@amd.com>, <kvm@vger.kernel.org>,
        <linux-kernel@vger.kernel.org>, <rick.p.edgecombe@intel.com>,
        <binbin.wu@linux.intel.com>
Subject: Re: [PATCH v4 09/20] KVM:x86: Add common code of CET MSR access
Message-ID: <ZMIflGq2i3m3bNLU@chao-email>
References: <20230721030352.72414-1-weijiang.yang@intel.com>
 <20230721030352.72414-10-weijiang.yang@intel.com>
 <ZMDMQHwlj9m7C39s@chao-email>
 <67250373-c5f4-d1d7-9334-4c9e6a43ab63@intel.com>
 <ZMEjudsdr8WEiw3b@chao-email>
 <4565ab4b-f386-7b70-4634-627e92acbb45@intel.com>
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <4565ab4b-f386-7b70-4634-627e92acbb45@intel.com>
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?fVHissIjJrSWLxY4UOJEmhger7zOM2ySwo2mjssubi6ulYgXnd+1TvvcMsgf?=
 =?us-ascii?Q?Hjq5ZoFrvW3Zlq9sa32Y4AKq1ihgOy+d/cCrrPU8u1cWJy1ep+ZxU9qgqc7f?=
 =?us-ascii?Q?SBWnoclBqS9xamDcUEZHC+n0m6DFNrfxJSslpitKp3yZs/9ZEnftSnRILfnD?=
 =?us-ascii?Q?f57pYePckJGLpMzbMJYhSnP2Lx0Yho+aoDlC3fsmq4sZc0xipDLhw16lO8bD?=
 =?us-ascii?Q?iK/tW55CSLNZUy6AlauaSQJTImuQ+YCdQfVmd8UJr4+bwgoAF+6sgjmv4vo0?=
 =?us-ascii?Q?GAkCfKkPDD+Jbkb/sAUuJEZmwLmSQtk1Ff5Huz57A7pNU9rBonQ0EoWO4PUm?=
 =?us-ascii?Q?oVnx51b6j5CX/RCY1YG9ycg9x4l3af0Onljlex9StoHc0rbkkYFBSjlq6wp6?=
 =?us-ascii?Q?PAzuIsH9FZqCgCVWi/8hjNVV3jHmHBQ3oBCRFMTuqMLPJT90rQIoOfgNBtv1?=
 =?us-ascii?Q?VtZAn8CbR5948IdqOIc4+iwPHA0IIyqNa5rOcxFmL9strks2jQs0pQbtfO3C?=
 =?us-ascii?Q?aZZVDmvrkjp0A6vbtg4w2jJ4G93S7WngGOvRYqJ/HfDQlXA9ni1IzX3ic4BN?=
 =?us-ascii?Q?I7DLeL07N5jol/wXflajZMK+3DYD13ZsAGD82T8ZdcHWX0bpUtZdQur3jPO+?=
 =?us-ascii?Q?hvDzE2YY/gBwzb2YWbQeggOzrRhCt6pNydFJcYpQl70ynDcVJk7RX0cX/mWX?=
 =?us-ascii?Q?8FURQht3hu0/zinzinlDHmWqFe8ehFCGII4Uqjji1jNGXfI9UVmqf2fMZqfI?=
 =?us-ascii?Q?/vYcwgsOvhOCTP9ScF9qwxGko2+JQ1m7zdOIx8hmisyTunJ9VaNBNJIMqkIe?=
 =?us-ascii?Q?ZpEIyZ/taxsheoMTVxQFEDQGCW2TT7VEnTFeSRAbIRkU8v8Gg8Ib9q90PFQi?=
 =?us-ascii?Q?SkpfOy9nP8tX3Y+YAvugQwSM8q/rKBswObWsXCLmHSmzgr27sA7aLmGcIKSb?=
 =?us-ascii?Q?PrbbSteLnAcnpKtqUZtGWhHtldnIslzGQHdWl/oxaMgP3Gj282fwIIHDiIjL?=
 =?us-ascii?Q?52biLyJfjvo04A4iVxfvKPgoNOKvQC96zCYMgeLkwYQry/CKsLuJACnnN0Fe?=
 =?us-ascii?Q?JjcXWD0NdBtIjaI26gBfkL/e1L6Sk19WtdWwivaNRXlCqhgCPLBAe+GnLp09?=
 =?us-ascii?Q?DqqegKJyx7OH2vfQ8e7GL9Mie+meDIlVvW64uM8EuiV2F1knGjn22blzIjzT?=
 =?us-ascii?Q?Ee51g4mPhG45J18XPsuKK5GPWx7O7Majy7aAUu0Ou7qXh3sASgQjRIQsXwS6?=
 =?us-ascii?Q?dtSHkL6IiWKHWhp3Yvj60uZvQoZuHXyf7ayJZObVTMCBVXX/tesu0LWBWuI8?=
 =?us-ascii?Q?OkpuzogmAA54pUmIH210kGsBrqqDtApuGaL7ylWqqXbSb6vl8DwEDf2cqj04?=
 =?us-ascii?Q?lKNLKEHDpf5tjKtJy0IlqAIHuaqtI4W6b3jAROGeTjInIENgD2HtP9hifvfc?=
 =?us-ascii?Q?x4bL/VG9IxEmMYNdwfFXEt2wHO1aMR+m3A3w4tCCMISC3aghWa2N3LoNc+ll?=
 =?us-ascii?Q?6fjyeST2DqzdVzhzg8v+waYsqHmcW6G6dX4FSSxZMNI/8GPHyL6xCJH9gGkQ?=
 =?us-ascii?Q?6H1GaWIUkHS/RbbmsxKk7pEU9qRxUcuOyDHHCrA6?=
X-MS-Exchange-CrossTenant-Network-Message-Id: 2b52b8d2-9b1c-4878-2fc2-08db8e74dd40
X-MS-Exchange-CrossTenant-AuthSource: PH8PR11MB6780.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jul 2023 07:41:18.3569
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: K8USNfhHRA98JzrRRXL6PD/SAamLjUNXgxij0Lqt5TeOTqBBARkRGVJJmzf3oYCnECsJdWLcal8xDgEx7CgEvA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5816
X-OriginatorOrg: intel.com
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

>> -	case MSR_KVM_GUEST_SSP:
>> -	case MSR_IA32_PL0_SSP ... MSR_IA32_INT_SSP_TAB:
>> 	case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP:
>> 		if (!kvm_cet_is_msr_accessible(vcpu, msr_info))
>> 			return 1;
>> 		if (is_noncanonical_address(data, vcpu))
>> 			return 1;
>> 		if (!IS_ALIGNED(data, 4))
>> 			return 1;
>> 		if (msr == MSR_IA32_PL0_SSP || msr == MSR_IA32_PL1_SSP ||
>> 		    msr == MSR_IA32_PL2_SSP) {
>> 			vcpu->arch.cet_s_ssp[msr - MSR_IA32_PL0_SSP] = data;
>> 		} else if (msr == MSR_IA32_PL3_SSP) {
>> 			kvm_set_xsave_msr(msr_info);
>> 		}
>> 		break;
>> 
>> 
>> 
>> BTW, shouldn't bit2:0 of MSR_KVM_GUEST_SSP be 0? i.e., for MSR_KVM_GUEST_SSP,
>> the alignment check should be IS_ALIGNED(data, 8).
>
>The check for GUEST_SSP should be consistent with that of PLx_SSPs, otherwise
>there would be issues

OK. I had the question because Gil said in a previous email:

	IDT event delivery, when changing to rings 0-2 will load SSP from the
	MSR corresponding to the new ring.  These transitions check that bits
	2:0 of the new value are all zero and will generate a nested fault if
	any of those bits are set.  (Far CALL using a call gate also checks this
	if changing CPL.)

it sounds to me, at least for CPL0-2, SSP (or the synethic
MSR_KVM_GUEST_SSP) should be 8-byte aligned. Otherwise, there will be a
nested fault when trying to load SSP.

I might be overly cautious. No objection to do IS_ALIGNED(data, 4) for SSP.