Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp3776070rdb; Sun, 10 Dec 2023 22:03:38 -0800 (PST) X-Google-Smtp-Source: AGHT+IHi1rafAP5BB0QP0QkQ4rFQ59DsUMJ+NSLeCH1ehGQdCDmr6yNxnt4iDuFISGLJZUNymjm7 X-Received: by 2002:a17:903:22cb:b0:1d0:6ffe:1e6c with SMTP id y11-20020a17090322cb00b001d06ffe1e6cmr1432690plg.79.1702274618527; Sun, 10 Dec 2023 22:03:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702274618; cv=none; d=google.com; s=arc-20160816; b=bkRTJ5Ia9+J+9FZBl2cy+yAAmAYwo52UvooPE/Uf4EPtjhJxnOxyKNeqY5VQ9fx9EP Uo2ChrfLXd6wQZa2dv8HtqrGImxjZEI4A+POfWLCLHmtOxgrAjzDPSJxIS0yrYqCOx4y ttuKz0QWL2Ph60BfmQfUB5TLZI3rCiTaxPbR5g39EFvY1s6qy62paIxwFvrImvsenSvG EoD/UbOgV6IV9lWydvhYu7TWl2LWyerryJ3fuMhNjDBl+Ae65okoSGi5sy/wFhXEM9uQ IaGkAs6ngzIbXvuRF8fhNME8mMdE9DalDzZLgofP+lbHdHLQbq3vKxuMLFY6UuP4amGu 18oA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=wuOQUGtXyiDBJe6U2xqQVaq6WM8z+kbSgS0zjv0sui0=; fh=8hMhf/bWLGeBzWmgLGn3yaL17tj1bW1VaYHi0JARJ5w=; b=IARR5djatv1FAaiA8W7P3ufMXFIqpievba5mLuzPV19Y/fRHxZXeYjTFrloRqHs29V W7yVH7StbcIuZM9IkA+O94jX2etg7f8YNGGOd1f+fAuk8l37r2KaQN00LkTy5B8XbE2D we6Ab8pJ85RQxucotFmtsdYEhHi9m02WNqwFABpx3B3ZqaKr/zHR3pi1ArkZGVvHu1si F5rjDmeGtv0bmXeoHE2jt+wynVpFik+UeesbYt5RBiOk+YrIaVVcl/rerSSbxo5/MW74 hwGdAXJfBoukE6FFCs1RLT/AFfmd29CI/2Jsi1IIbtGUJsM4ibRhcYG3/b6+JKMUzO2U CJ+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=mdg0HjdP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id e23-20020a170902ed9700b001d2e976bd09si5468650plj.396.2023.12.10.22.03.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 10 Dec 2023 22:03:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=mdg0HjdP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id F117380792D5; Sun, 10 Dec 2023 22:03:36 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233104AbjLKGD0 (ORCPT + 99 others); Mon, 11 Dec 2023 01:03:26 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42920 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229478AbjLKGDZ (ORCPT ); Mon, 11 Dec 2023 01:03:25 -0500 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 89A13D9; Sun, 10 Dec 2023 22:03:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1702274611; x=1733810611; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=fqItQSWm3yTpgW92qdHNXR7t4gqbCIKE+I2hDEIxe5o=; b=mdg0HjdPiD5tdHlwOLFWspJWL7xK050FikLzt2birfLupd8XSmJPe5gw 7EyKSZYm9T+cVuNDQcMgthq7V8cWBGa3eUecuCPP8raDtHrSKOsg/DlDL RcIhltvlpTlQ87tb1pbn8xsdTDTgwcc9RjiN2c/SHsvy8a5TmcAmHfGeV rNA02d3ktn6pBx7AgEhrM5jPZdr18S0/JZT4ZAuMQqtpoB1qdIqxQZOng 3WDMpDpsB1ggNFSRsg0udHvOpiXQgB22EIXcggFq6U/ZlesXDd1s+1IfZ mxBDHtY1Q0/jQPVDEwbJYcFCciglzQq/WDPp7qNBaYMOdNfImllqo24tw Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10920"; a="374103030" X-IronPort-AV: E=Sophos;i="6.04,267,1695711600"; d="scan'208";a="374103030" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Dec 2023 22:03:31 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10920"; a="863642253" X-IronPort-AV: E=Sophos;i="6.04,267,1695711600"; d="scan'208";a="863642253" Received: from dapengmi-mobl1.ccr.corp.intel.com (HELO [10.93.5.53]) ([10.93.5.53]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Dec 2023 22:03:28 -0800 Message-ID: <7639fb68-5142-42fe-9dff-7f7c31d03d22@linux.intel.com> Date: Mon, 11 Dec 2023 14:03:26 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v9 09/28] KVM: x86/pmu: Disallow "fast" RDPMC for architectural Intel PMUs Content-Language: en-US To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Kan Liang , Jim Mattson , Jinrong Liang , Aaron Lewis , Like Xu References: <20231202000417.922113-1-seanjc@google.com> <20231202000417.922113-10-seanjc@google.com> From: "Mi, Dapeng" In-Reply-To: <20231202000417.922113-10-seanjc@google.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Sun, 10 Dec 2023 22:03:37 -0800 (PST) On 12/2/2023 8:03 AM, Sean Christopherson wrote: > Inject #GP on RDPMC if the "fast" flag is set for architectural Intel > PMUs, i.e. if the PMU version is non-zero. Per Intel's SDM, and confirmed > on bare metal, the "fast" flag is supported only for non-architectural > PMUs, and is reserved for architectural PMUs. > > If the processor does not support architectural performance monitoring > (CPUID.0AH:EAX[7:0]=0), ECX[30:0] specifies the index of the PMC to be > read. Setting ECX[31] selects “fast” read mode if supported. In this mode, > RDPMC returns bits 31:0 of the PMC in EAX while clearing EDX to zero. > > If the processor does support architectural performance monitoring > (CPUID.0AH:EAX[7:0] ≠ 0), ECX[31:16] specifies type of PMC while ECX[15:0] > specifies the index of the PMC to be read within that type. The following > PMC types are currently defined: > — General-purpose counters use type 0. The index x (to read IA32_PMCx) > must be less than the value enumerated by CPUID.0AH.EAX[15:8] (thus > ECX[15:8] must be zero). > — Fixed-function counters use type 4000H. The index x (to read > IA32_FIXED_CTRx) can be used if either CPUID.0AH.EDX[4:0] > x or > CPUID.0AH.ECX[x] = 1 (thus ECX[15:5] must be 0). > — Performance metrics use type 2000H. This type can be used only if > IA32_PERF_CAPABILITIES.PERF_METRICS_AVAILABLE[bit 15]=1. For this type, > the index in ECX[15:0] is implementation specific. > > Opportunistically WARN if KVM ever actually tries to complete RDPMC for a > non-architectural PMU, and drop the non-existent "support" for fast RDPMC, > as KVM doesn't support such PMUs, i.e. kvm_pmu_rdpmc() should reject the > RDPMC before getting to the Intel code. > > Fixes: f5132b01386b ("KVM: Expose a version 2 architectural PMU to a guests") > Fixes: 67f4d4288c35 ("KVM: x86: rdpmc emulation checks the counter incorrectly") > Cc: Dapeng Mi > Signed-off-by: Sean Christopherson > --- > arch/x86/kvm/vmx/pmu_intel.c | 22 ++++++++++++++++++---- > 1 file changed, 18 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/kvm/vmx/pmu_intel.c b/arch/x86/kvm/vmx/pmu_intel.c > index 6903dd9b71ad..644de27bd48a 100644 > --- a/arch/x86/kvm/vmx/pmu_intel.c > +++ b/arch/x86/kvm/vmx/pmu_intel.c > @@ -22,7 +22,6 @@ > > /* Perf's "BASE" is wildly misleading, this is a single-bit flag, not a base. */ > #define INTEL_RDPMC_FIXED INTEL_PMC_FIXED_RDPMC_BASE > -#define INTEL_RDPMC_FAST BIT(31) > > #define MSR_PMC_FULL_WIDTH_BIT (MSR_IA32_PMC0 - MSR_IA32_PERFCTR0) > > @@ -67,10 +66,25 @@ static struct kvm_pmc *intel_rdpmc_ecx_to_pmc(struct kvm_vcpu *vcpu, > struct kvm_pmc *counters; > unsigned int num_counters; > > - if (idx & INTEL_RDPMC_FAST) > - *mask &= GENMASK_ULL(31, 0); > + /* > + * The encoding of ECX for RDPMC is different for architectural versus > + * non-architecturals PMUs (PMUs with version '0'). For architectural > + * PMUs, bits 31:16 specify the PMC type and bits 15:0 specify the PMC > + * index. For non-architectural PMUs, bit 31 is a "fast" flag, and > + * bits 30:0 specify the PMC index. > + * > + * Yell and reject attempts to read PMCs for a non-architectural PMU, > + * as KVM doesn't support such PMUs. > + */ > + if (WARN_ON_ONCE(!pmu->version)) > + return NULL; > > - idx &= ~(INTEL_RDPMC_FIXED | INTEL_RDPMC_FAST); > + /* > + * Fixed PMCs are supported on all architectural PMUs. Note, KVM only > + * emulates fixed PMCs for PMU v2+, but the flag itself is still valid, > + * i.e. let RDPMC fail due to accessing a non-existent counter. > + */ > + idx &= ~INTEL_RDPMC_FIXED; > if (fixed) { > counters = pmu->fixed_counters; > num_counters = pmu->nr_arch_fixed_counters; Reviewed-by: Dapeng Mi