Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp540553rdb; Thu, 30 Nov 2023 11:14:16 -0800 (PST) X-Google-Smtp-Source: AGHT+IGjVK9P8RYVljSzAlaSDRP8SFpPK9wM4zAGJ9zZ7EKYd1OCQemCNhYPMqbSAcqz3K+LavIA X-Received: by 2002:a17:903:32c8:b0:1cf:73ff:b196 with SMTP id i8-20020a17090332c800b001cf73ffb196mr30957447plr.8.1701371656689; Thu, 30 Nov 2023 11:14:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701371656; cv=none; d=google.com; s=arc-20160816; b=khQ2Nrj4pkUlKq9EAwoMnL8B+E4dtKygAmcaKzNi4an7NkRDqCNKGoNy1egEtarEmG fgMZbMgfUcXBjfGjx265NWLE3V5kJ83nwuDyd6lhE6Mn/43vJfU4E2D6hPe8uZKwk2rD F3xtaTIAseOQ1b+arRdUUv3JZU1rWD3i2Pk64kW60IrnBP2/GzJ5nzgsRyLoA4iEi+D+ 6cAFITSgCBVbOVatnF6siMQ+tfXbPZhLsi3v56fnrIxbfY6QZpDaYgow6irk40okJ3D8 Lt01e29H2FWoG32S1XgYIF3mRcEkUryHj0lML0sjELCRWcMgpYeR+8iVjd64N0HsKeEO HgIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=EkCMhFpiP/sdJl9nslDpr6bpl6B4gQB+ldegoyD9sYM=; fh=qm/3G+Adpj/B7TaijAEJbs/udoUfJHgp4MqQlWOh7ts=; b=lr2yHJJFx2FvBKwQ8yicEBHhV8wmmnVQ/ks3PUIvp43tOIKCBVwJDjsbFqQ/INVuxz /riK0Ug39ZASNxlssQtbM3wvL4MmO7HO6+WVXsoouRmTxJo9kkN9W61eDyEcj7iojsiV C4yxeMKskqJZjxMGf2aXGdQ2zgkUil+ay6AfK5oKDNOrd4Lk/yTzH5jeHH1XRumRakeT k6PeAvXH9yb6ffGt0soRZkkRiXv7XkuY9cCDUljUxSgnfq78EPrQbKY275mafpHwGrFv Btsbda3QVlU7AJONyJYRbqPiGLFIJXNufH8hHnR0pI5ysvhR5TtiZOb8BTU+eqXqaU2u CH3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=YY3Vo4J9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id a4-20020a170902ecc400b001cff638ae2esi1937762plh.239.2023.11.30.11.14.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Nov 2023 11:14:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=YY3Vo4J9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 057AE82E2973; Thu, 30 Nov 2023 11:14:13 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376269AbjK3TNw (ORCPT + 99 others); Thu, 30 Nov 2023 14:13:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235220AbjK3TNu (ORCPT ); Thu, 30 Nov 2023 14:13:50 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3C7DC10F1 for ; Thu, 30 Nov 2023 11:13:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1701371635; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EkCMhFpiP/sdJl9nslDpr6bpl6B4gQB+ldegoyD9sYM=; b=YY3Vo4J9zX1jfXB4z3nzvPYWLDOdCrdWEhlAEoi//o3HDM3H87UyeJPBH7U2zW3q3HGDBa pNIs0W+SpTODWLOb6GswmJjCcB7wvJWNFtd45X6+K0NTcAgqVKFDOpgqg1VXrUEdlMlXB+ rDGcTwo7qacBCSh3KJmv9rtbrHgi3Kw= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-365-OkgcqvxhPr6E-D3pu9pebQ-1; Thu, 30 Nov 2023 14:13:54 -0500 X-MC-Unique: OkgcqvxhPr6E-D3pu9pebQ-1 Received: by mail-wr1-f70.google.com with SMTP id ffacd0b85a97d-333120f8976so1053544f8f.3 for ; Thu, 30 Nov 2023 11:13:53 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701371632; x=1701976432; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=EkCMhFpiP/sdJl9nslDpr6bpl6B4gQB+ldegoyD9sYM=; b=E+omENF2Ww3x6Fw0gRJTMNDc1cLJUO0/6Krcnazt0HCabn6z6gN2ckw4i2dys7WgMe bbB4X7wKJUsWfmoz8JJ2rLL64GkLjeAM5Q6NRY8yuz4kQoFTHNQZDCZVSgB05Nnw1BcI ts5TkPHixyhLLg6UX6l0XjnOy9KQhOSAUtEAm0fi0rXMRBZ4LAfgHuW8mdoDh5y7IfTr pbdey9ZzgaJHJJfiDktXc2CBFzVRVMMsACFjW+DDwUSWrwkcU2qxgOkTOsd7zpJXnwY3 +jxcltDW+2A0kB5LUtANh0abz2BHYkj29xDjw50PbvI7TQpVtrGqh9UsW7kROvcw4nGx Z1KA== X-Gm-Message-State: AOJu0YxcR+7OIRH2eUrM4glnmrpSRrU0D5YcBFYhpcNOwc2zlhNvh75c vXQN3pch8wJ7AsvB38SlH8fEw9eKu5itsXYhcBWq7Rktnx8+N5LqJ3BZnCb8SG9gMJMVXWg6JM3 dCezg5rikuz6Ivi0wTEgGfzxKM+DIvJ7t X-Received: by 2002:adf:f00a:0:b0:333:2fd2:3c04 with SMTP id j10-20020adff00a000000b003332fd23c04mr1021wro.189.1701371632089; Thu, 30 Nov 2023 11:13:52 -0800 (PST) X-Received: by 2002:ac2:5397:0:b0:50a:40b6:2d37 with SMTP id g23-20020ac25397000000b0050a40b62d37mr2940lfh.40.1701365203737; Thu, 30 Nov 2023 09:26:43 -0800 (PST) Received: from starship ([5.28.147.32]) by smtp.gmail.com with ESMTPSA id v10-20020a19740a000000b00507977e9a38sm209487lfe.35.2023.11.30.09.26.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Nov 2023 09:26:43 -0800 (PST) Message-ID: Subject: Re: [PATCH v7 02/26] x86/fpu/xstate: Refine CET user xstate bit enabling From: Maxim Levitsky To: Yang Weijiang , seanjc@google.com, pbonzini@redhat.com, dave.hansen@intel.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: peterz@infradead.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, john.allen@amd.com Date: Thu, 30 Nov 2023 19:26:40 +0200 In-Reply-To: <20231124055330.138870-3-weijiang.yang@intel.com> References: <20231124055330.138870-1-weijiang.yang@intel.com> <20231124055330.138870-3-weijiang.yang@intel.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.36.5 (3.36.5-2.fc32) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Thu, 30 Nov 2023 11:14:13 -0800 (PST) On Fri, 2023-11-24 at 00:53 -0500, Yang Weijiang wrote: > Remove XFEATURE_CET_USER entry from dependency array as the entry doesn't > reflect true dependency between CET features and the user xstate bit. > Enable the bit in fpu_kernel_cfg.max_features when either SHSTK or IBT is > available. > > Both user mode shadow stack and indirect branch tracking features depend > on XFEATURE_CET_USER bit in XSS to automatically save/restore user mode > xstate registers, i.e., IA32_U_CET and IA32_PL3_SSP whenever necessary. > > Note, the issue, i.e., CPUID only enumerates IBT but no SHSTK is resulted > from CET KVM series which synthesizes guest CPUIDs based on userspace > settings,in real world the case is rare. In other words, the exitings > dependency check is correct when only user mode SHSTK is available. > > Signed-off-by: Yang Weijiang > Reviewed-by: Rick Edgecombe > Tested-by: Rick Edgecombe > --- > arch/x86/kernel/fpu/xstate.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c > index 73f6bc00d178..6e50a4251e2b 100644 > --- a/arch/x86/kernel/fpu/xstate.c > +++ b/arch/x86/kernel/fpu/xstate.c > @@ -73,7 +73,6 @@ static unsigned short xsave_cpuid_features[] __initdata = { > [XFEATURE_PT_UNIMPLEMENTED_SO_FAR] = X86_FEATURE_INTEL_PT, > [XFEATURE_PKRU] = X86_FEATURE_OSPKE, > [XFEATURE_PASID] = X86_FEATURE_ENQCMD, > - [XFEATURE_CET_USER] = X86_FEATURE_SHSTK, > [XFEATURE_XTILE_CFG] = X86_FEATURE_AMX_TILE, > [XFEATURE_XTILE_DATA] = X86_FEATURE_AMX_TILE, > }; > @@ -798,6 +797,14 @@ void __init fpu__init_system_xstate(unsigned int legacy_size) > fpu_kernel_cfg.max_features &= ~BIT_ULL(i); > } > > + /* > + * CET user mode xstate bit has been cleared by above sanity check. > + * Now pick it up if either SHSTK or IBT is available. Either feature > + * depends on the xstate bit to save/restore user mode states. > + */ > + if (boot_cpu_has(X86_FEATURE_SHSTK) || boot_cpu_has(X86_FEATURE_IBT)) > + fpu_kernel_cfg.max_features |= BIT_ULL(XFEATURE_CET_USER); > + > if (!cpu_feature_enabled(X86_FEATURE_XFD)) > fpu_kernel_cfg.max_features &= ~XFEATURE_MASK_USER_DYNAMIC; > I am curious: Any reason why my review feedback was not applied even though you did agree that it is reasonable? https://lore.kernel.org/lkml/c72dfaac-1622-94cf-a81d-9d7ed81b2f55@intel.com/ Best regards, Maxim Levitsky