Received: by 2002:a05:7208:9594:b0:7e:5202:c8b4 with SMTP id gs20csp1114969rbb; Sun, 25 Feb 2024 21:26:18 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCU7dQ2gbR1XZLdapQIX9mSiUYAwXojiJfjWJj6vlDQsoxUpj2xR2Jk9juAjisnz1Hh+quJYPBbi8m96QpD8BhzLxkoMI0p1ke3IGV6dPg== X-Google-Smtp-Source: AGHT+IEYAxlqQcCbxmjc6d/r8LhzS3cxAY+8RijhbUJX4dljuRAq4L/RgcgtBwwIKq/Y+4fDlfsx X-Received: by 2002:a17:902:ce84:b0:1dc:2d65:5fcf with SMTP id f4-20020a170902ce8400b001dc2d655fcfmr8637706plg.4.1708925178627; Sun, 25 Feb 2024 21:26:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708925178; cv=pass; d=google.com; s=arc-20160816; b=s8ww2f2AflIO3HLuY6GXSASvKAnLwX6uFf3tk70AloQ7ncYRhg/c1t7UfYcZXeVZ63 bbPRh0M2Mu2ki6rZ5PPhUsr7xoRaOqxybI4KUF+O7K6Ghuz6xo7S3OR+ejJqoRaRNwt4 dHbX5u47czSX1g5EMbWPoVoEx5bZrYE/2V6Q/Uw7fTlQOsKktGw1muvtOBiJ6uuyLZ4O LDsyB2BWWT0Hk/r2eCwGmvOkcxwV/APSsnky7r3KOjMfH+oywqfacieYfakhci5tNA6X DDc6xNaiWZhiRaweRCl090unAmHX1CKG3RJaY0/GrZQPUQHHCuvxzdEbiWUEOlHdsfpr ub3g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=jdN5BpKsPkJJ6eqDbCiKs/wiEdTu24sm9gqOy/Ztag0=; fh=Bb3QrCS06LlJGTfta4S3RcwxfSBx8dWRW1w6f4zBa7c=; b=EA4lrXnyyXU/LOZDnbPHSZ3Un/9JcTwl4MEZom6UHQJjMHyE9R2ebgkuSV99EmyjzE OKXhkqkTSUWrPY+v5bNrkwUhuy6WWYKa+wwkdDXvivL4iLmnuemSeXEO6rZCTntftOQV cXqfBtjIK56JKLSGfunfwCU3maUlU28cnThRWS2kSdpPYsuAhGT8A8A+yK7C4dga0XN7 JyPV1jc5BT3IPBxJecen5riO1xjPdTjIQVENTPssbWousMCpH423NaDTZI4BXHmTsG/U 0xos30Y6m6nWFRygBWkPPP5/yTwv9bgrcocuEDNZlnFRu+7asJ4+ya/0AIlnbsS1E/gL yU2Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@xen0n.name header.s=mail header.b=VwgvDp6S; arc=pass (i=1 spf=pass spfdomain=xen0n.name dkim=pass dkdomain=xen0n.name); spf=pass (google.com: domain of linux-kernel+bounces-80564-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-80564-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id l9-20020a170903244900b001dc76ff8904si3086615pls.540.2024.02.25.21.26.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 25 Feb 2024 21:26:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-80564-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@xen0n.name header.s=mail header.b=VwgvDp6S; arc=pass (i=1 spf=pass spfdomain=xen0n.name dkim=pass dkdomain=xen0n.name); spf=pass (google.com: domain of linux-kernel+bounces-80564-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-80564-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id E3E4CB21499 for ; Mon, 26 Feb 2024 05:26:13 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 992361B978; Mon, 26 Feb 2024 05:25:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b="VwgvDp6S" Received: from mailbox.box.xen0n.name (mail.xen0n.name [115.28.160.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4F1F61B7E5; Mon, 26 Feb 2024 05:25:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=115.28.160.31 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708925158; cv=none; b=P8E0QzGNQXcc7nieGAtkt+V0wRxNEs0hvpm3Xv92ZupdoYj2Q3bQSgroxu9PdvPXNVYdcJa9xGVUjkwmGisi7WX4tf2FQ90bG7Qd9svPv++Hv/yTQZET5KwKsDRjAFogQexmgD7v1hLBf776EB7n6eHkWhq/fWguOtiuhQVpC4g= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708925158; c=relaxed/simple; bh=unQ2LQsYSP+PhMQIlc9dBDKLvTxY8sUnH0tFh+ISuH0=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=tbka5yPIv93mCf6sa5J0fdKJvISoIoU4e5pFfaDmbbPXDoKXapjFNyN/ZZLXaPtmRreZkT1KJJqLj+qUGxPmBvAUodgbmqqLarFnn/32Y1o4PvXxgNgegYoAxb7YQLnRGXZapBFx2bB2lcQprdNa6v6kdHJALtK2ErbSg31N8ZY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name; spf=pass smtp.mailfrom=xen0n.name; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b=VwgvDp6S; arc=none smtp.client-ip=115.28.160.31 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=xen0n.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xen0n.name; s=mail; t=1708925147; bh=unQ2LQsYSP+PhMQIlc9dBDKLvTxY8sUnH0tFh+ISuH0=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=VwgvDp6SUHfPOigpuhE1gpc9zmD7L8Ki4mPHj0Aa6Fk6HhSyNB+aF4vyQP2c629Lc DqaOuHpjb3R4vLU7nPILjQgz3zVoi04gxYQ2m0t3LBQhvJrWezX32liQzCeITwrB4d /3PMn1gvzMwvq1zEWUCp69t/bdu8qmT3ZSH6B+uQ= Received: from [IPV6:240e:388:8d00:6500:68e:73ae:46e1:716] (unknown [IPv6:240e:388:8d00:6500:68e:73ae:46e1:716]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mailbox.box.xen0n.name (Postfix) with ESMTPSA id 7EDB26006F; Mon, 26 Feb 2024 13:25:47 +0800 (CST) Message-ID: Date: Mon, 26 Feb 2024 13:25:47 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v5 3/6] LoongArch: KVM: Add cpucfg area for kvm hypervisor Content-Language: en-US To: maobibo , Huacai Chen Cc: Tianrui Zhao , Juergen Gross , Paolo Bonzini , loongarch@lists.linux.dev, linux-kernel@vger.kernel.org, virtualization@lists.linux.dev, kvm@vger.kernel.org References: <20240222032803.2177856-1-maobibo@loongson.cn> <20240222032803.2177856-4-maobibo@loongson.cn> From: WANG Xuerui In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Hi, On 2/26/24 10:04, maobibo wrote: > On 2024/2/24 下午5:13, Huacai Chen wrote: >> Hi, Bibo, >> >> On Thu, Feb 22, 2024 at 11:28 AM Bibo Mao wrote: >>> >>> Instruction cpucfg can be used to get processor features. And there >>> is trap exception when it is executed in VM mode, and also it is >>> to provide cpu features to VM. On real hardware cpucfg area 0 - 20 >>> is used.  Here one specified area 0x40000000 -- 0x400000ff is used >>> for KVM hypervisor to privide PV features, and the area can be extended >>> for other hypervisors in future. This area will never be used for >>> real HW, it is only used by software. >> After reading and thinking, I find that the hypercall method which is >> used in our productive kernel is better than this cpucfg method. >> Because hypercall is more simple and straightforward, plus we don't >> worry about conflicting with the real hardware. > No, I do not think so. cpucfg is simper than hypercall, hypercall can > be in effect when system runs in guest mode. In some scenario like TCG > mode, hypercall is illegal intruction, however cpucfg can work. While the CPUCFG instruction is universally available, it's also unprivileged, so any additional CPUCFG behavior also automatically becomes UAPI, which likely isn't what you expect. Hypervisor implementation details shouldn't be leaked to userland because it has no reason to care -- even though userland learns about the capabilities, it cannot actually access the resources, because relevant CSRs and/or instructions are privileged. Worse, the unnecessary exposure of information could be a problem security-wise. A possible way to preserve the unprivileged CPUCFG behavior would be acting differently based on guest CSR.CRMD.PLV: only returning data for the new configuration space when guest is not in PLV3. But this behavior isn't explicitly allowed nor disallowed in the LoongArch manuals, and is in my opinion unnecessarily complex. And regarding the lack of hypcall support from QEMU system mode emulation on TCG, I'd argue it's simply a matter of adding support in target/loongarch64. This would be attractive because it will enable easy development and testing of hypervisor software with QEMU -- both locally and in CI. > Extioi virtualization extension will be added later, cpucfg can be > used to get extioi features. It is unlikely that extioi driver depends > on PARA_VIRT macro if hypercall is used to get features. And the EXTIOI feature too isn't something usable from unprivileged code, so I don't think it will affect the conclusions above. -- WANG "xen0n" Xuerui Linux/LoongArch mailing list: https://lore.kernel.org/loongarch/