Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp6059500rwb; Tue, 1 Aug 2023 11:37:37 -0700 (PDT) X-Google-Smtp-Source: APBJJlHgIEu0OLQdbB50+1GR+11tMW51ha/YAZakpDG+rtDFuvspodvrj7QjDH6YUgqShIS4mcTU X-Received: by 2002:a17:906:cc18:b0:99b:ff9d:93f3 with SMTP id ml24-20020a170906cc1800b0099bff9d93f3mr3484822ejb.40.1690915057511; Tue, 01 Aug 2023 11:37:37 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1690915057; cv=pass; d=google.com; s=arc-20160816; b=PdzovsLz/6UhIGUHherTbhfWv6qUYLVro9eZdIJzIy1gKyJpog/IRd8EFHHYlUJJIg 1gnrj7LdSeRhxr6FpRni+4jgVInc78VDqFXSbUvsJ1J8TdmdwvzGKtV0raUN8S66LzGJ ZqtiHyEMfGQwEAC203zygBQNyUgiq7Jsfms5UE9XPfy0hYncGVnYQISOTuPjYWL0hbg5 HhYnXGxSGJD495FmIWN+MAP1ObFCPTwnWuM45TgdSIzmoXDxr1MuTb+RRzZNS0gaqYcp AxsTpM/rDU8PNxRZFr6O0J5nmXplt3/KV4rLCQGcfdBDmvDT8DL5iZ0wkfc6ZKQJdcjW l5HQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:in-reply-to:content-disposition :references:message-id:subject:cc:to:from:date:dkim-signature; bh=EjagZb2b4z4W/WapoanDUZksz+Xl37aTScUqt7n0EH8=; fh=YLXzDdftgFtpolCY2S/yyGtrMxNDoUi9I6T7C9+zpHE=; b=iuyp5CxTZR3knUOgtfdjhfq/II7Du87WBMZzbfATJ5lBxTnxiO71OwjHg6kKSYL2NY sjPtFUqMbfwb71bhWitxICDhrYHEeo5M0dekPFd9UgBYwkHWu3/gt14nZfkVOAAbSnLh 8taSLsGf5Ox1bL/zApj8u/C/BAPR0RctMtyYMIuwnfiAYETjLbBHqotJV8Bl1+Iaa9bT Mvm2OFhttWY6/Kv++XHYwpUpwWQD4rrvdYa/kdCl3UCuNVA2oIURazSCgC9xZlRRH0fj Vx+s3RpswUy53D33DVWAusoroIboXNVp1gWjNTuYPzoaO8I1tXa5YhGYPpgjPtRmdHS9 1ICw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=XLbopf9K; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cf15-20020a170906b2cf00b009930ef7f05dsi5170655ejb.908.2023.08.01.11.37.12; Tue, 01 Aug 2023 11:37:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=XLbopf9K; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233995AbjHARD3 (ORCPT + 99 others); Tue, 1 Aug 2023 13:03:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45970 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233948AbjHARDT (ORCPT ); Tue, 1 Aug 2023 13:03:19 -0400 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0F8EB2139; Tue, 1 Aug 2023 10:03:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h1WPP3znSXD0LZMbXUOq+Sh8Uer08BkCrmvmJkYqfPwLhO1tLr3BzmpM9/Jpc8vrq3spS4iAthyXW/MRqdb1P0wO5bAdb79nolds0TIXhM+/62YmhB5PfD0KP73xPimSMIHGICKYe6Bx+1ORaCPGV/etXL3JXf791NUFLhjKlNm+jLdOlD27J/ojsJygacaqubs71edPDi8lj5dvFwfeFI+WVpV+C8Hi38DHAdmuKkUzlxdTBUFVXD3PtHx8i+5dmtVyue4Ifld+tmpu8zg0NeACS3s4JRy2H9gnn/GcNyZPC3t3NuGILbbXmj+mUXdBRb5MpxJsJlYX3W7W9U5omA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EjagZb2b4z4W/WapoanDUZksz+Xl37aTScUqt7n0EH8=; b=ky9S1FEPRcaaE3suSMrZFqiDgDsTpo7AuL3Ov9FgkXv8+C29pma2rZn/Nm7O6C5L5AWsG6F3Yvnfa0AkIU66dvTLhmQSfu8u0mT0WCuPlUowanjUe5RACmCAkGs3kamaXP/khNOJnHSB6TmrEmrQM9z6VypMUyeVeEjZ+BPECGQlrGdg10sHqLoYTipKu+J7giy6TYUM4gdpGYH9sGZptp6Ylku0vmPnF/X9dxi/nblVUBYL6f50HLn/x8gLRd47m6+pj9dyh5VZFH3BXZdApll8/nNNMqNmPT4jmqOn2SPN34BwjyfNnq9XAxKyzhVO2La6zj+N9Pq7cPBbIqJe0A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EjagZb2b4z4W/WapoanDUZksz+Xl37aTScUqt7n0EH8=; b=XLbopf9KTXsE4P/5zYsFvfESS5gcEN5quoCIGBJon2ycif4cMLQ0EhrZG+u3BIhrCbM6kSk30MBquaTO7ozJAMT5UOiKUm5LLEWqOSSAorQp2bTi3RU2qCn09X292QOFdwABkIiPy75QI3mHf2IByCfmImBrmUX1z2fj0mPoapk= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from BL1PR12MB5995.namprd12.prod.outlook.com (2603:10b6:208:39b::20) by CYYPR12MB8890.namprd12.prod.outlook.com (2603:10b6:930:c7::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6609.31; Tue, 1 Aug 2023 17:03:14 +0000 Received: from BL1PR12MB5995.namprd12.prod.outlook.com ([fe80::1be:2aa7:e47c:e73e]) by BL1PR12MB5995.namprd12.prod.outlook.com ([fe80::1be:2aa7:e47c:e73e%4]) with mapi id 15.20.6631.042; Tue, 1 Aug 2023 17:03:14 +0000 Date: Tue, 1 Aug 2023 12:03:03 -0500 From: John Allen To: Sean Christopherson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, pbonzini@redhat.com, weijiang.yang@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, thomas.lendacky@amd.com, bp@alien8.de Subject: Re: [RFC PATCH v2 4/6] KVM: SVM: Save shadow stack host state on VMRUN Message-ID: References: <20230524155339.415820-1-john.allen@amd.com> <20230524155339.415820-5-john.allen@amd.com> Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-ClientProxiedBy: YQBPR0101CA0347.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c01:6b::8) To BL1PR12MB5995.namprd12.prod.outlook.com (2603:10b6:208:39b::20) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL1PR12MB5995:EE_|CYYPR12MB8890:EE_ X-MS-Office365-Filtering-Correlation-Id: 2dae8b73-4060-4fa7-a520-08db92b131da X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qXjwxtLRyUJy3m13/2i+U6UzHPSWfR3L0FtrTgphwSzAgqdewHE0vXCEvPqsBSWitbO3SOxbT1kCtGTUok9S9JgkIqH5FAKUA4y2aJWNuwQzXxhDq3SNqbDuwupuyAK6k9Z3vtpsNYD0v8ncyW7ynEp+3g9G00av2BLP4MHrk1r1mfcjGvLys+d8Ngj90Nm+UUum8Y5l32CCnwHHQIZhk634a0wnfTR7ickILQemLp4Oigi53Qk9tVdIw61TmlnlbW5ilSSI1FlFRy5bKfkvFckSDAdzZ3i4fh7hV0pOtK/4ZcwfWAgVTwpHtgPRfyLPggpdyPD56TaCw2PuYgoFvwbQ9zZpj9+pjOhQC/r3uWJ349h2tGar1yaahxE5ObCSaLSXQGXr9KDPzj/9enc9Z/D83cAJSN6t3/WnVYIGAFOHkZBtLIQPAwcYXF4sAW4JGOpBIboKNULeRaJJ8l6xXFERbDB3G3KkT7MuFo2vMhK/fjTctXNGZteDtof7D+ZZf1dqOxuPtdL+J1XXwlnGGjobN7T+yDyt52mOyi30U9DcYeF8I0UEd4YpmbzbE/4Roe5B3Z3k1M/RuYw7iDuUfEweGuCReG7O+gHtnuGuTHs= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL1PR12MB5995.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(7916004)(4636009)(396003)(376002)(366004)(136003)(39860400002)(346002)(451199021)(86362001)(38100700002)(2906002)(6506007)(26005)(186003)(44832011)(8676002)(8936002)(5660300002)(41300700001)(83380400001)(33716001)(4326008)(316002)(66476007)(66556008)(66946007)(6916009)(6666004)(6486002)(478600001)(6512007)(9686003)(67856001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?9nHCfEseC9creXYF8ujSBmp531syf8mUZUi7lSWuOzBOXi1BkLUeoRTt+DCM?= =?us-ascii?Q?gwXBL5Qbowou3QvuKu2JXbV3B+6dkIBozgJOTql7PXwXluEBbrTdGm8tyJe3?= =?us-ascii?Q?mtxZjYwyy3mOwLJZlZyQqtyJR7Wta5WhMUA9euTXolw9/9gJJQcfLXjdypqc?= =?us-ascii?Q?cxmeCsVtH3qL0aHBr1kxtrjfGrgx5aig7yejXW+fWWlvuJpx1JHWg9Aotf8A?= =?us-ascii?Q?1Q2aLtN3sLfz81DfSVKGTH43oN1m/ogZPpmRGrs2vPCUFHHkFfRpR4DROfuA?= =?us-ascii?Q?LoIEd2C/R0cuSqUy5u+hHsLcPlpV/todm6vw6GyINXY7nkW/COGm70hyBhmE?= =?us-ascii?Q?hr83zklmwNKt1CCGcmW0p1LzRgkzaRFaV5zrS+uPta2c1NuQW7CdeTdQ2rIF?= =?us-ascii?Q?cKI9HloymZC8XMPZ5bSPsmPnloa7if5wxVr6g3MatY809AnkGi+z9h2JzaS+?= =?us-ascii?Q?FwvRaZD4A3IrJimk5w2RPF+bIoB4hCCGsA6X/512XDBj2dWfgvTETT64p13m?= =?us-ascii?Q?Bq/iPHYI8MDFPLi6FecjAJt1Xhxrv70P8nWH71cszpO3hcZ1acVLBRzb48nI?= =?us-ascii?Q?qhCwV/OdfRRTqZislpWSK7l052WZbKzHAblVdspZjLg1ClDKdIDSOIiAgVmZ?= =?us-ascii?Q?AbpDMoccmdWNltOPy7tWWOKH5ps0re5+tK08Y/zTsxma+9RzwVsWwMlDj2Na?= =?us-ascii?Q?XYxrJ1hcTVLIVuB/uqtRzZjfFqh6WLEbGGhntpzonau5mUTtLH786lfBzE0A?= =?us-ascii?Q?X0Cw7Fk8Hu27OOdypNzvEZbRCTUsGMuckGXD/fh31g2CnF3iMD3g0VZ+Dbl3?= =?us-ascii?Q?MI3KU8eRS2n+NYYu6M91AB8+U813xdaklaFNxmRHsJF00GsLEZF5y1z091Cn?= =?us-ascii?Q?zNzdeuY/iSvJAR3rxsi6QR61+1YpFzOXIIOF+kPEPDBZmH05aiZLQW/7B3Sw?= =?us-ascii?Q?SyrBrxFe+yoBHwTNBt1jX5mF5c2RjBVO+809TVzEz3e1JRKCJ9UDROUAx6lu?= =?us-ascii?Q?wtn5H1A5j4C4Bh0GLI+HI4E/xJqVHWAI7qVDwd/QcD/wrk+mrogbu07xKjyX?= =?us-ascii?Q?f/3ZyFgvaekhWYBGpzMif0//AqwJpWlysfzsD6j2XrWVtfc7EZkpPCsfcllT?= =?us-ascii?Q?jeqbkt6ng2yuKD4h7DEgackUQMRQKw+uc/lCizbz2aUwAFQnR20P9o72k4Ld?= =?us-ascii?Q?gPx7moBwKF+yYaUkL6g7sjLbTLvyc3K3PlAHdGRYoC2z/S3DyCLCNmayVkU6?= =?us-ascii?Q?35mswI/plVX6GDTkMbO87GqjhTtQVKn7nb9e1Jqea0WSLV0eI9LuBx4fAGFk?= =?us-ascii?Q?45nD17X/tq6dZY6zL6ixt1EISJzBgtG/0MYoOQ5jjXSd7RNe0r3zF8NJ46Uc?= =?us-ascii?Q?YGoMtG2CiJzQavctXzp4BU4AiQVs58UV3gPrvOafRs15rE41g4eLnjxZupf9?= =?us-ascii?Q?l4Y/MArbIy2GCQ/89ehgesTLE/Ywy9CkfYWFE1ONmBQtBUmMOpZWi02mTZt1?= =?us-ascii?Q?eS0/nD1Xo0q01Z07xydkAqhY2m3VtenUY7uC+ue2g2ndPIBL4EO1jW+M0psU?= =?us-ascii?Q?meoWCrmKl2asim23nxv8dgwdqZCg2cSdnEzl9T7u?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2dae8b73-4060-4fa7-a520-08db92b131da X-MS-Exchange-CrossTenant-AuthSource: BL1PR12MB5995.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Aug 2023 17:03:14.7630 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: jhyQ3wUdwSPAsE0su2HhPvqX4gdC6d+mMAdIBTBAnYNhQrcbcFI/NwdOWRPUjC4w/pZYJuE78wFBq+zsLYcztA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR12MB8890 X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FORGED_SPF_HELO, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Aug 01, 2023 at 09:28:11AM -0700, Sean Christopherson wrote: > On Tue, Aug 01, 2023, John Allen wrote: > > On Fri, Jun 23, 2023 at 02:11:46PM -0700, Sean Christopherson wrote: > > > On Wed, May 24, 2023, John Allen wrote: > > > As for the values themselves, the kernel doesn't support Supervisor Shadow Stacks > > > (SSS), so PL0-2_SSP are guaranteed to be zero. And if/when SSS support is added, > > > I doubt the kernel will ever use PL1_SSP or PL2_SSP, so those can probably be > > > ignored entirely, and PL0_SSP might be constant per task? In other words, I don't > > > see any reason to try and track the host values for support that doesn't exist, > > > just do what VMX does for BNDCFGS and yell if the MSRs are non-zero. Though for > > > SSS it probably makes sense for KVM to refuse to load (KVM continues on for BNDCFGS > > > because it's a pretty safe assumption that the kernel won't regain MPX supported). > > > > > > E.g. in rough pseudocode > > > > > > if (boot_cpu_has(X86_FEATURE_SHSTK)) { > > > rdmsrl(MSR_IA32_PLx_SSP, host_plx_ssp); > > > > > > if (WARN_ON_ONCE(host_pl0_ssp || host_pl1_ssp || host_pl2_ssp)) > > > return -EIO; > > > } > > > > The function in question returns void and wouldn't be able to return a > > failure code to callers. We would have to rework this path in order to > > fail in this way. Is it sufficient to just WARN_ON_ONCE here or is there > > some other way we can cause KVM to fail to load here? > > Sorry, I should have been more explicit than "it probably make sense for KVM to > refuse to load". The above would go somewhere in __kvm_x86_vendor_init(). I see, in that case that change should probably go up with: "KVM:x86: Enable CET virtualization for VMX and advertise to userspace" in Weijiang Yang's series with the rest of the changes to __kvm_x86_vendor_init(). Though I can tack it on in my series if needed.