Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp541646rdb; Thu, 30 Nov 2023 11:15:51 -0800 (PST) X-Google-Smtp-Source: AGHT+IFC8JKg/438/daCfuAPyt7EhsqAwLKQBgy7YCeqdWBz5TN6j8lYZz/dvwCacX/2B1IFHDSY X-Received: by 2002:a17:902:e88f:b0:1cf:6832:46c with SMTP id w15-20020a170902e88f00b001cf6832046cmr30618582plg.6.1701371750934; Thu, 30 Nov 2023 11:15:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701371750; cv=none; d=google.com; s=arc-20160816; b=LS5A2eR5eYWeIF52hHa/1+spi1uUZ0N1pSWPedHAS+ocKAYD8UwretPuq2yVZGD5F1 jIqXUpGmPKuDw6p3j3vWT2AX6s9XlYqFoVIdOGL/gaY9brnlxK2CK1OUbl7KKCvhVN/p eR3QIDRb2cc2hT4kSG43WnHtWsl7wDxKGiY02Gw/vz+TMjYl8LG5M2ZsV5JspFuW1A8t GA2VlSD6d4qJvDhQzES9DCrXzJiF05IEsD6V0kk3QBdV6gfVkDp3y3jqgNuq6jsXq0Rq G+sh6EJsPKTkC2z/W/443SbA9Ri4ZvtnA6xefiDTpJ3T+n0JAfjcyeG3bQnm3mnl3ywc Nigw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=QaDt2NWj0VcEPGAu3rPNwrwu8X8kzCzHOAGmxbpNQlU=; fh=Q9OV6Qe/6Wy2/MuGo9M96sYRJ+72+HGVKssnCaNKWFY=; b=TwFm6bed9mpBd/oCyUO6K1Sp4Yh3Drhot0ksz5NFweKmmkWnjheFQiL+JaaXCxgUKE a/FtRangp8l8LIVRHTWAWbBBpUG++7lxx1mbmfEop/am4x4XwK66/bsydodGcaptya/f ZMAsmR29cwHhELoKwhzzyU2wNFjm7mMgtXqa9TAk1pYvVk8N0++sUvY3eYIHI985kXha e1oczam3tvBrPTe+xHfnZDGT63h4oNV0goS9JB7h4cElZMEZjbMcscy+Zs3RA2jU3RQU K691Jq4ZxdaA1berDSlrwWI3q3zclPi9juE4lZPNJCTWtsV5Q8nf4MxNDxsqimVr8oK6 YNkw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Zxpev+He; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id x18-20020a170902ec9200b001cfb7645406si1869067plg.436.2023.11.30.11.15.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Nov 2023 11:15:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Zxpev+He; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 4EB3F8083E6C; Thu, 30 Nov 2023 11:15:28 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232317AbjK3TPL (ORCPT + 99 others); Thu, 30 Nov 2023 14:15:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42828 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232135AbjK3TPK (ORCPT ); Thu, 30 Nov 2023 14:15:10 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 95062106 for ; Thu, 30 Nov 2023 11:15:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1701371715; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QaDt2NWj0VcEPGAu3rPNwrwu8X8kzCzHOAGmxbpNQlU=; b=Zxpev+He6rD70/8+nJpxCw99NosEwLhGzY6MynCT+skP5xkFVmX8fyR8pNZU/5tih/NUhX Y74xRzP6nCuwqaEiVjfLxXC9qD80cXDiwaDTZceV8cbSAHMddGCnozwuuQ/VwC91nigceL jHM0tQOOtkVGm0A607W6vWzCVibMwRo= Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-136-oOPv6GZUM4-liMzxmp4snA-1; Thu, 30 Nov 2023 14:15:13 -0500 X-MC-Unique: oOPv6GZUM4-liMzxmp4snA-1 Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-54bc66b3726so1002371a12.3 for ; Thu, 30 Nov 2023 11:15:13 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701371711; x=1701976511; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=QaDt2NWj0VcEPGAu3rPNwrwu8X8kzCzHOAGmxbpNQlU=; b=rXBQkLPIXKlpC2+zgkc5apnfu0dyWiW+dds8ZsOoCRstlrXjE4rNKJZsIRHmusYREo HOEqCo7UAEXxxwRIM6W43ezaz9LWogOzyop3yv8cTp0DF3H51DGH8MMLIgavkDeD89Zr /rkCQT9SS4mSB5SsIQdOzWZ8yTahJoFzCsBOWQYKfGKVKyh6oAgWciFjSQI+2js4qq5r N7EFDOFUvj9+y4PqzI3P7iyzNxgIR+0yhC1jgfRmp6Tw0A/ldk1OC4l4pDiXla6xrSFM LbQ4tXUaS55/R5dxNhFjFpQR+yLkZQQ15gqM5eMl3qUDMrFUuxhT678tPbCrAAGZFs5S AhuQ== X-Gm-Message-State: AOJu0YyL166FtIhwQ6wST7GO5xpb/GyKXYYpcIRXOKrSEdAP+RrY/dIT 3H4vYEzXIPxpiby4P1tpQk3icqmWmcTkxPQ27cXy/D2ZJb997hZE9XFsj8pRXIzawacbqFIC23s oCOghT4Z1pcR3EdNbIiPLK0HrnoAbzf9i X-Received: by 2002:a50:d6c9:0:b0:54b:a7b:8198 with SMTP id l9-20020a50d6c9000000b0054b0a7b8198mr25787edj.17.1701371709600; Thu, 30 Nov 2023 11:15:09 -0800 (PST) X-Received: by 2002:a2e:a445:0:b0:2b9:412a:111d with SMTP id v5-20020a2ea445000000b002b9412a111dmr21246ljn.42.1701365088186; Thu, 30 Nov 2023 09:24:48 -0800 (PST) Received: from starship ([5.28.147.32]) by smtp.gmail.com with ESMTPSA id e20-20020a2e8ed4000000b002c9c5dd4921sm189164ljl.67.2023.11.30.09.24.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 30 Nov 2023 09:24:47 -0800 (PST) Message-ID: <9a8e3cb95f3e1a69092746668f9643a25723c522.camel@redhat.com> Subject: Re: [PATCH] KVM: x86: Allow XSAVES on CPUs where host doesn't use it due to an errata From: Maxim Levitsky To: Sean Christopherson , "Maciej S. Szmigiero" Cc: Paolo Bonzini , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Date: Thu, 30 Nov 2023 19:24:45 +0200 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.36.5 (3.36.5-2.fc32) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 30 Nov 2023 11:15:28 -0800 (PST) On Mon, 2023-11-27 at 09:24 -0800, Sean Christopherson wrote: > On Thu, Nov 23, 2023, Maciej S. Szmigiero wrote: > > From: "Maciej S. Szmigiero" > > > > Since commit b0563468eeac ("x86/CPU/AMD: Disable XSAVES on AMD family 0x17") > > kernel unconditionally clears the XSAVES CPU feature bit on Zen1/2 CPUs. > > > > Since KVM CPU caps are initialized from the kernel boot CPU features this > > makes the XSAVES feature also unavailable for KVM guests in this case, even > > though they might want to decide on their own whether they are affected by > > this errata. > > > > Allow KVM guests to make such decision by setting the XSAVES KVM CPU > > capability bit based on the actual CPU capability > > This is not generally safe, as the guest can make such a decision if and only if > the Family/Model/Stepping information is reasonably accurate. Another thing that really worries me is that the XSAVES errata is really nasty one - AFAIK it silently corrupts some registers. Is it better to let a broken CPU boot a broken OS (OS which demands XSAVES blindly), and let a silent data corruption happen than refuse to boot it completely? I mean I understand that it is technically OS fault in this case (assuming that we do provide it the correct CPU family info), but still this seems like the wrong thing to do. I guess this is one of those few cases when it makes sense for the userspace to override KVM's CPUID caps and force a feature - in this case at least that won't be KVM's fault. Best regards, Maxim Levitsky > > > This fixes booting Hyper-V enabled Windows Server 2016 VMs with more than > > one vCPU on Zen1/2 CPUs. > > How/why does lack of XSAVES break a multi-vCPU setup? Is Windows blindly doing > XSAVES based on FMS? >