Received: by 2002:a05:6359:6284:b0:131:369:b2a3 with SMTP id se4csp496002rwb; Fri, 4 Aug 2023 16:58:19 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEDJb+SRERzLgfWVWPG+9EQEs2yPJflAX+CZdSwNjlMVrSfLroX4lEfWqH/bEnM3K04PI1m X-Received: by 2002:a05:6a00:1306:b0:682:713e:e510 with SMTP id j6-20020a056a00130600b00682713ee510mr3751562pfu.27.1691193499237; Fri, 04 Aug 2023 16:58:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691193499; cv=none; d=google.com; s=arc-20160816; b=IPNhNNQv1ZW8AWs2EHw/wRUfIVfjZOlXiyywuuxe+dsMwmgdZWpjseNlC9H4JJ9YZA c8n26kNomCx4QgGwK9UXbquOdKtIrN9EanaAdXyMv5pRKn0LnLxpiDtjg58uHzSVqTZe qemVFRt0Pj0ADvPDC7q5Cge7PPfmbQgWwZq3cnsXcbGWHZwlyOhhHeHJvHeHTk1gIjfu B5xIGL+vvXxAKQ+TA2c4lKdaL38ZbwYl+IuRxdDO00fLAkUuGd5vFAncA4WqsBTCOed5 rVMmz3fhnkFqMcHqBsbZgz0z0iHQ77vDX/NxK8u8ySRGnyFdPE0feWqMMLi4jhkUv+U4 bhFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=/b75SsC9scGnF35935tzcOT5yZXu5YqOH3IvVYTIO2M=; fh=0lbqxz6t4CyfmYik2ZSN2xGpa8Qfusz0u0JFID+mRHM=; b=dYjW4BV5/bWab11Wgp5TM5Bu4ULfd74tIbgoFaya0SHw8GNEWtIzloyfSqhzQxM5eN D2t2cxnfrqtYCn+b+d6ijwptRgY2QJfJQNdqVyvVuxGW9D84v4gOEn5qjbw7doVdmYLE fypply4FVmrGBhlqdfG9tuHNk01ZrbiilLkXz3XKto8I2thuIWezcBgsxLkq8v1Bal3G vTyHMw6nLcoaswwe0sqnlqsLpHcL+MnX6MXTSuLrajDE4jlN8vNPhqeLqA19s28DqgA/ DdPU7Qv02R23BLa+2R0jNiQZCHhDQAVCXQPxsIelQHTMBWi/wfo22tkCgkENZnPdGhaf 0h4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=6FIcWAdA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h71-20020a63834a000000b0056387b40590si2307260pge.798.2023.08.04.16.58.07; Fri, 04 Aug 2023 16:58:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=6FIcWAdA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230430AbjHDWVF (ORCPT + 99 others); Fri, 4 Aug 2023 18:21:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37914 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230343AbjHDWVE (ORCPT ); Fri, 4 Aug 2023 18:21:04 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 94D7DE70 for ; Fri, 4 Aug 2023 15:21:03 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-d064a458dd5so2578735276.1 for ; Fri, 04 Aug 2023 15:21:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1691187663; x=1691792463; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=/b75SsC9scGnF35935tzcOT5yZXu5YqOH3IvVYTIO2M=; b=6FIcWAdAD/y19QrMG96QEM8qoHmJvas1148syfBbX+sRjRgF3cTEEPXcRYJ18kwrhR wY1q1+67C0HpeIGox5P8r/KCkTFi3U9liXADQWiM+qrM2aKtTpLGMlaHBY/cwEmHqDag 55NBesv7opvqVSXeMQ/XhCcEiQaob/XbWgJuO9P9NPREzbwde2YtLaKx/LIR1bU4bSGA vKED5hykI3YzHz6tuRxWQPNfi782TDdzjvwHcwH00mR7PMQQCUUaimJi9vrPA4nwsUPK fw33ZNAR45xNkwbyPFD1Jm5kDJJa0yX39n9UidMVMX27yXlJSZZi9LYWSjpFc1ENr2bv rW3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691187663; x=1691792463; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=/b75SsC9scGnF35935tzcOT5yZXu5YqOH3IvVYTIO2M=; b=edGoM6dDhUm4b0F+eynBTblg9Ok2ahwBemf3UTKrgAAwjpy40G/BqSUwkw8BnBdeyM SHi5CwUewgpvnoeFZqgzZ3sIvXNA67+Z/HS98PzXHgcb7NPnEHoxL0MjA7+YS2Og9lP/ 8Y2UIOzDIHm6Ucnt34fT1KZQESQkky8Mw9IJgTb6kEBIr9tFtIUJkEMKlXIq34Ngamiv BSZl6INjUWoQ+xZNQg+ELsSiMCJS649ecvzuAstqDPHAO7Z2+6eA6l7FHJsw56xB/rsB ZAE8KAJzEHy5+zp8rPbLp+BWZV8EdoPUFVzOKf69GC/oUmp9JMbcrgeMzcibW5EHz/aA VQZQ== X-Gm-Message-State: AOJu0YxhGmShki4PBDs61ess2KZ/uJzUPmql6PCyukXeqppgMgaMku4g TNVNKNeqvGUll3j6f92YWthQJHfiQms= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:dbcf:0:b0:d01:60ec:d0e with SMTP id g198-20020a25dbcf000000b00d0160ec0d0emr17435ybf.9.1691187662858; Fri, 04 Aug 2023 15:21:02 -0700 (PDT) Date: Fri, 4 Aug 2023 15:21:01 -0700 In-Reply-To: Mime-Version: 1.0 References: <20230803042732.88515-1-weijiang.yang@intel.com> <20230803042732.88515-12-weijiang.yang@intel.com> Message-ID: Subject: Re: [PATCH v5 11/19] KVM:VMX: Emulate read and write to CET MSRs From: Sean Christopherson To: Paolo Bonzini Cc: Chao Gao , Yang Weijiang , peterz@infradead.org, john.allen@amd.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, rick.p.edgecombe@intel.com, binbin.wu@linux.intel.com Content-Type: text/plain; charset="us-ascii" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 04, 2023, Paolo Bonzini wrote: > On 8/4/23 23:27, Sean Christopherson wrote: > > > > + > > > > + if (!kvm_cpu_cap_has(X86_FEATURE_SHSTK) && > > > > + !kvm_cpu_cap_has(X86_FEATURE_IBT)) > > > > + return false; > > > > + > > > > + return msr->host_initiated || > > > > + guest_cpuid_has(vcpu, X86_FEATURE_IBT) || > > > > + guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); > > > > Similar to my suggestsion for XSS, I think we drop the waiver for host_initiated > > accesses, i.e. require the feature to be enabled and exposed to the guest, even > > for the host. > > No, please don't. Allowing host-initiated accesses is what makes it > possible to take the list of MSR indices and pass it blindly to KVM_GET_MSR > and KVM_SET_MSR. I don't see how that can work today. Oooh, the MSRs that don't exempt host_initiated are added to the list of MSRs to save/restore, i.e. KVM "silently" supports MSR_AMD64_OSVW_ID_LENGTH and MSR_AMD64_OSVW_STATUS. And guest_pv_has() returns true unless userspace has opted in to enforcement. Sad panda. That means we need to figure out a solution for KVM stuffing GUEST_SSP on RSM, which is a "host" write but a guest controlled value.