Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp950419rdh; Fri, 24 Nov 2023 01:43:25 -0800 (PST) X-Google-Smtp-Source: AGHT+IFFbRqFZGuwJ4P9H6F5L8dn+SpPHhb7qncdUheAoAMFa/8J6eeX8hJ+fxuyuGzJmq7i2+5v X-Received: by 2002:a17:902:eccd:b0:1cc:52b5:8df8 with SMTP id a13-20020a170902eccd00b001cc52b58df8mr7488269plh.26.1700819005380; Fri, 24 Nov 2023 01:43:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700819005; cv=none; d=google.com; s=arc-20160816; b=rFGIuxQNmDetHxWk/oY/ToBZPz7zQsSDPQQZdE0nuzGv1BoJkp9mcoox/cLehiP0+2 LltV8yAZyGlgSaA6MIeyKlmRFqoOWwREQY5BvI7Vc0HIZ5/kjsRRuUkgzoITL+w7Ve0g BO2vJsK0kRjTnak+MYz1dGTgkpAi6Lt++WOdoqmYWtEj6FUzt/X7YHaJKQ04+tujyWFK /PU5gZzrnodaoPH6cwd8FB7qStcrInTQ3llIeHLha/8X7YCZeAZjDWG1QnLA93nZ85gl gpXWZSdl5Si3ytCtK0BzIpKxGR5xPMTmYrCFrRjfsLHtOcqpHTCE7dQSyxVu+8zijL4q 6YZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=4ImK8ZKf78iSxa2f5LHktOGbisjfNwWDxqqa3/kmr4s=; fh=lYT2i0F76MPI6vHSclh0hZcdRpmGWP4CWBD2Lo7Nroo=; b=eBEINCkzkWoJmzXupdh/8Y7Y1qIyBV409JAUWUnFj6S+L1tiW2G+6KsY1ODYBe3dic WBP3vomGSd1Kg9Fk7HKITrkvhDxD5kg/M1yH1cftj1ppfV2mKEeDaUBmx22T71hJP20x fSOH5GjdA8uuZPRxzGWADTMJ2ONBzyv2/q+WE9WQjLzsiSjlMrM5/1rkZ/4QwZtly3fG wA5uEnaME5aRAspYPfwqum466XiQR9HHhhvwi5DcmeJL8WZLj017IW4WkgG7HXoNkvME AXispMyZwtGjW+d4ZibUMKH1dgLrqz/UHCPvI0g8sobAuSsK9hZORRQ6isg9TdapUPf6 efig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=ONuzufwT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id x4-20020a170902820400b001ce078b233fsi2928985pln.609.2023.11.24.01.43.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Nov 2023 01:43:25 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=desiato.20200630 header.b=ONuzufwT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 67CC980DD84D; Fri, 24 Nov 2023 01:43:20 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235401AbjKXJnF (ORCPT + 99 others); Fri, 24 Nov 2023 04:43:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51444 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345376AbjKXJmn (ORCPT ); Fri, 24 Nov 2023 04:42:43 -0500 Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6B0B010F7; Fri, 24 Nov 2023 01:42:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=4ImK8ZKf78iSxa2f5LHktOGbisjfNwWDxqqa3/kmr4s=; b=ONuzufwTHtkvCQAW4DtB+RrfFr EQ0LsWwjDM3e03aVWmdppi37DHTj4eop+PdXeonJclwq3cNj6Pq6mAM0WJ71AAyiIgfNupl8fBuYW 9WWsm0+pbvX3YYec/NIlvTgSP0haxwRmnZ50TP0OVIJ1BsAgxed3wDtb/EzypBSf2mlKwk5972cXH WMt0G//XSqCJNvTth39+8i89Qwz3WkI6kwPooQN2vHtRxhDzwLdgrRKgXFqobS3cea+OXVYKvoYt/ OGWxQeGgB5m8hqcBkN8FL/u5IVCaYKg7+ByPlO4lbxK9D0I6ASkcSycrI263I/7Ot9J/qDmrjt1s5 +22o8F7g==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by desiato.infradead.org with esmtpsa (Exim 4.96 #2 (Red Hat Linux)) id 1r6Sfm-00DpiA-0b; Fri, 24 Nov 2023 09:42:33 +0000 Received: by noisy.programming.kicks-ass.net (Postfix, from userid 1000) id D3CDB3002BE; Fri, 24 Nov 2023 10:40:29 +0100 (CET) Date: Fri, 24 Nov 2023 10:40:29 +0100 From: Peter Zijlstra To: Yang Weijiang Cc: seanjc@google.com, pbonzini@redhat.com, dave.hansen@intel.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, mlevitsk@redhat.com, john.allen@amd.com Subject: Re: [PATCH v7 02/26] x86/fpu/xstate: Refine CET user xstate bit enabling Message-ID: <20231124094029.GK3818@noisy.programming.kicks-ass.net> References: <20231124055330.138870-1-weijiang.yang@intel.com> <20231124055330.138870-3-weijiang.yang@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231124055330.138870-3-weijiang.yang@intel.com> X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Fri, 24 Nov 2023 01:43:20 -0800 (PST) On Fri, Nov 24, 2023 at 12:53:06AM -0500, Yang Weijiang wrote: > Remove XFEATURE_CET_USER entry from dependency array as the entry doesn't > reflect true dependency between CET features and the user xstate bit. > Enable the bit in fpu_kernel_cfg.max_features when either SHSTK or IBT is > available. > > Both user mode shadow stack and indirect branch tracking features depend > on XFEATURE_CET_USER bit in XSS to automatically save/restore user mode > xstate registers, i.e., IA32_U_CET and IA32_PL3_SSP whenever necessary. > > Note, the issue, i.e., CPUID only enumerates IBT but no SHSTK is resulted > from CET KVM series which synthesizes guest CPUIDs based on userspace > settings,in real world the case is rare. In other words, the exitings > dependency check is correct when only user mode SHSTK is available. > > Signed-off-by: Yang Weijiang > Reviewed-by: Rick Edgecombe > Tested-by: Rick Edgecombe > --- > arch/x86/kernel/fpu/xstate.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c > index 73f6bc00d178..6e50a4251e2b 100644 > --- a/arch/x86/kernel/fpu/xstate.c > +++ b/arch/x86/kernel/fpu/xstate.c > @@ -73,7 +73,6 @@ static unsigned short xsave_cpuid_features[] __initdata = { > [XFEATURE_PT_UNIMPLEMENTED_SO_FAR] = X86_FEATURE_INTEL_PT, > [XFEATURE_PKRU] = X86_FEATURE_OSPKE, > [XFEATURE_PASID] = X86_FEATURE_ENQCMD, > - [XFEATURE_CET_USER] = X86_FEATURE_SHSTK, > [XFEATURE_XTILE_CFG] = X86_FEATURE_AMX_TILE, > [XFEATURE_XTILE_DATA] = X86_FEATURE_AMX_TILE, > }; > @@ -798,6 +797,14 @@ void __init fpu__init_system_xstate(unsigned int legacy_size) > fpu_kernel_cfg.max_features &= ~BIT_ULL(i); > } > > + /* > + * CET user mode xstate bit has been cleared by above sanity check. > + * Now pick it up if either SHSTK or IBT is available. Either feature > + * depends on the xstate bit to save/restore user mode states. > + */ > + if (boot_cpu_has(X86_FEATURE_SHSTK) || boot_cpu_has(X86_FEATURE_IBT)) > + fpu_kernel_cfg.max_features |= BIT_ULL(XFEATURE_CET_USER); So booting a host with "ibt=off" will clear the FEATURE_IBT, this was fine before this patch-set, but possibly not with. That kernel argument really only wants to tell the kernel not to use IBT itself, but not inhibit IBT from being used by guests.