Received-SPF: pass (google.com: domain of linux-kernel+bounces-180692-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Message-ID: <f77496b0-ee94-4690-803f-44650706640f@intel.com>
Date: Thu, 16 May 2024 15:20:21 +0800
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH v10 24/27] KVM: x86: Enable CET virtualization for VMX and
 advertise to userspace
From: "Yang, Weijiang" <weijiang.yang@intel.com>
To: Sean Christopherson <seanjc@google.com>
CC: <pbonzini@redhat.com>, <dave.hansen@intel.com>, <x86@kernel.org>,
	<kvm@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
	<peterz@infradead.org>, <chao.gao@intel.com>, <rick.p.edgecombe@intel.com>,
	<mlevitsk@redhat.com>, <john.allen@amd.com>
References: <20240219074733.122080-1-weijiang.yang@intel.com>
 <20240219074733.122080-25-weijiang.yang@intel.com>
 <ZjLRnisdUgeYgg8i@google.com>
 <83bb5f3f-a374-4b0e-a26d-9a9d88561bbe@intel.com>
Content-Language: en-US
In-Reply-To: <83bb5f3f-a374-4b0e-a26d-9a9d88561bbe@intel.com>
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
Precedence: bulk
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?U0Y1TG93YlljNlFuaUorVG44OFNVS0l5TjFtTkVRUDFUdEdTOEE5MVVJTy84?=
 =?utf-8?B?VGRLa2g0NW84L1dEdmJpQld0Mk5RR3BHQlJERHB5WmxGTkVwN1NmNjdWRGdL?=
 =?utf-8?B?eDFyWlowTEdBUW5DRys1dUpaaDRJOU1iQ2FVajZSY0FENnovcVRaTnNBczE2?=
 =?utf-8?B?M3VtUDh1VW1pbWtndW5jYzcxWlNEMkMycTZRSjU4MHowNnUvak83ZlovbGVM?=
 =?utf-8?B?UzErTGQ4RXJKNCtka04xMFcrNGRiZEVWZWR3dmx4ODd4M3RBR0N4WEtYTVFK?=
 =?utf-8?B?Z2h4ck9pcjFFdk4rb3d0WlRsM2lpU2FYbmxid2p3L1RpYWdTZWNkMG9FdDFi?=
 =?utf-8?B?NGkxMU9yR01jSnlwanNOQVl5TkxnWXBlY0o5TEVSSkl0UnNWVnBObUxSZ3VU?=
 =?utf-8?B?KzVWSE50MjdBTzhRcWRadmhqUHRFRmxkazg0bmtCNm1WMWUvOVRrVm03STY0?=
 =?utf-8?B?R0VxeUFHcjkxR1luNCtkZ2JObXhJTGloa25KSHN4M2Z2d3VOdEJQRlJxUUhk?=
 =?utf-8?B?SklVQlZLYmlHU0l5QlY3UW9qUXE1c1BSN2ZqL1JvZHhCTG1ha2QxdG1VdnlC?=
 =?utf-8?B?ekQwZmhtajJaYXVkQzlQakxlV1hPcFBwL1pVdWdhUW1weVJ1b3o4cUtrek5v?=
 =?utf-8?B?Z0x6NjcrNXFoV2R4RGRhUkZFV2pKTkpyTHBLYm9sNGdDOUhvdmZ1YzVadWFx?=
 =?utf-8?B?Rm5FUkJyZTFnekRLWlVEWWMwNkdicmFic2VOd0ptV2ZRbW91ZlF6U282RzNv?=
 =?utf-8?B?ZTBEUW5wSmk2cHJRQ2taNEZLWUFzZmRvOHlNeFV6MUh5enFDak9RSkRsS0Mx?=
 =?utf-8?B?UW5sZlpyTTE0bTBPS3grN1QxYU82UzJ4MERTY2UrN2JwWTdJaTRRRVJJZW41?=
 =?utf-8?B?dVFXR0hmMFNOM29QWmNGYXUvNXJpNlpYVjQ3MGdLdWdZODNyd2drTWVTK01o?=
 =?utf-8?B?MktkdUk4b0s5d3FhTkdpS1hrTUQ1WHdZbHhCNThzdGx2OEhYMzJYVlIwMnFj?=
 =?utf-8?B?cGNrZ25FMldwUnBmbUcyZnBFRVgyeHlpS3JFbTh1RnpobC9rQjV0Y2FVQjI2?=
 =?utf-8?B?TytSVVNKU25vdkY5cHF6VmU3MFJBRkNKU2VFL2lvQ2dBRngxT1pLUzBDUEYw?=
 =?utf-8?B?dFI5OWxrMVFPYi9EejhGRXNUOEVtU0tCUTVnTVNubmFodGRKa2o4d21GL2wv?=
 =?utf-8?B?eVh5L0UxOUpqZHBrbHFjUzZIN2EvbHhSdGRnTDIyYTVSeFpsVHBHdkJvYUZE?=
 =?utf-8?B?TGtNWWRKdFl5R3N1VjFpcWFvcnNmdkFBTGtwVHNXUFpLZFRXYUx0MzRKQUFy?=
 =?utf-8?B?bUV2Szd0QTF2aUNrUUdvcDJ3RCt0cGV1OHU1anZqR1VwK1FzTXlUeTBzdTJN?=
 =?utf-8?B?bDYxNEJiMmJNSVhTRlpCY3p6aVY1WktRakpCUUNhRlJFa2hMU29wNDA2LzRH?=
 =?utf-8?B?UmQ4dmluVER6QXJmT09hMGdjNHlPWDRZTkYrVXVUV2FsREpXaTV3R0V1eWpT?=
 =?utf-8?B?NFRTT2JDdFRmUDFoZzExZTBkd2FOZUVkSGxnN1hrbEtnRS9zSWppS0VIZUF5?=
 =?utf-8?B?ZkxRdjdFck94RVhzQ1dvNlRTOWZTK3czcjl5dXZ2Vmp0emkzNmIxN0tVQkxq?=
 =?utf-8?B?UFFKUkJKMkkwaEZRNDMrM0lmem5PWE5jbWxOWkRwc01vY3kwdnNLNUJKSFRS?=
 =?utf-8?B?TTZscG94OTBSallrMzNycW5Xd2QvUnRvMXQvL1BXTWJSalVuQUdwMng3cUo5?=
 =?utf-8?B?amFUMlpBYkV5Qk1Dblc1ZzZCWCt3RnA0NGhjK0N1SlJVT0w2TCtkZC9VNS9Y?=
 =?utf-8?B?RXgzMEtwQUdJMDZ6QWw0MTAzd0xvOU1qazJodlNTSCtiK3J5Y1hOR0FsTVQ1?=
 =?utf-8?B?N2syMytFcngvMmFPZjVBLytQaldUYTF4NXBKRjQ1VHdkVitKV0RpeGVtQUVD?=
 =?utf-8?B?ZWtjTG5Qa3BTL0l2SlFWNnNMSHBPelN0YlVTd3dSQTBGbDl6Y2U3RzFLendW?=
 =?utf-8?B?ZFBTR2J4ZHdoYnozVnlEQXNVYW40VFQxaWVBK2tZWEorN1MwaWVZdVhXWHpG?=
 =?utf-8?B?YnBQYmZDcGRjczViQjJYdVJtTzQrNml2QnN3cTRnc2MzZytDalRXRjI2M2xl?=
 =?utf-8?B?MzNoZ1JTT1FuYXd1MWJoclZYZzJ4bS84MXNqWEd3THVJQnZ0UXo3Y1hZVkVY?=
 =?utf-8?B?U2c9PQ==?=
X-MS-Exchange-CrossTenant-Network-Message-Id: 5b7bae0e-f1fb-4aed-c093-08dc7578aaa0
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4965.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 May 2024 07:20:30.1880
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: NHp9QTqCak5GuQb4qmnyDDSDRoTd0NJzyz8/UAGMBQk3BFzC10T/7km8tNoCZf+YYUks6UOMi4k+YV/yVO91nA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4805
X-OriginatorOrg: intel.com

On 5/6/2024 5:41 PM, Yang, Weijiang wrote:
> On 5/2/2024 7:34 AM, Sean Christopherson wrote:
>> On Sun, Feb 18, 2024, Yang Weijiang wrote:
>>> @@ -665,7 +665,7 @@ void kvm_set_cpu_caps(void)
>>>           F(AVX512_VPOPCNTDQ) | F(UMIP) | F(AVX512_VBMI2) | F(GFNI) |
>>>           F(VAES) | F(VPCLMULQDQ) | F(AVX512_VNNI) | F(AVX512_BITALG) |
>>>           F(CLDEMOTE) | F(MOVDIRI) | F(MOVDIR64B) | 0 /*WAITPKG*/ |
>>> -        F(SGX_LC) | F(BUS_LOCK_DETECT)
>>> +        F(SGX_LC) | F(BUS_LOCK_DETECT) | F(SHSTK)
>>>       );
>>>       /* Set LA57 based on hardware capability. */
>>>       if (cpuid_ecx(7) & F(LA57))
>>> @@ -683,7 +683,8 @@ void kvm_set_cpu_caps(void)
>>>           F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES) | F(INTEL_STIBP) |
>>>           F(MD_CLEAR) | F(AVX512_VP2INTERSECT) | F(FSRM) |
>>>           F(SERIALIZE) | F(TSXLDTRK) | F(AVX512_FP16) |
>>> -        F(AMX_TILE) | F(AMX_INT8) | F(AMX_BF16) | F(FLUSH_L1D)
>>> +        F(AMX_TILE) | F(AMX_INT8) | F(AMX_BF16) | F(FLUSH_L1D) |
>>> +        F(IBT)
>>>       );
>> ...
>>
>>> @@ -7977,6 +7993,18 @@ static __init void vmx_set_cpu_caps(void)
>>>         if (cpu_has_vmx_waitpkg())
>>>           kvm_cpu_cap_check_and_set(X86_FEATURE_WAITPKG);
>>> +
>>> +    /*
>>> +     * Disable CET if unrestricted_guest is unsupported as KVM doesn't
>>> +     * enforce CET HW behaviors in emulator. On platforms with
>>> +     * VMX_BASIC[bit56] == 0, inject #CP at VMX entry with error code
>>> +     * fails, so disable CET in this case too.
>>> +     */
>>> +    if (!cpu_has_load_cet_ctrl() || !enable_unrestricted_guest ||
>>> +        !cpu_has_vmx_basic_no_hw_errcode()) {
>>> +        kvm_cpu_cap_clear(X86_FEATURE_SHSTK);
>>> +        kvm_cpu_cap_clear(X86_FEATURE_IBT);
>>> +    }
>> Oh!  Almost missed it.  This patch should explicitly kvm_cpu_cap_clear()
>> X86_FEATURE_SHSTK and X86_FEATURE_IBT.  We *know* there are upcoming AMD CPUs
>> that support at least SHSTK, so enumerating support for common code would yield
>> a version of KVM that incorrectly advertises support for SHSTK.
>>
>> I hope to land both Intel and AMD virtualization in the same kernel release, but
>> there are no guarantees that will happen.  And explicitly clearing both SHSTK and
>> IBT would guard against IBT showing up in some future AMD CPU in advance of KVM
>> gaining full support.
>
> Let me be clear on this, you want me to disable SHSTK/IBT with kvm_cpu_cap_clear() unconditionally
> for now in this patch, and wait until both AMD's SVM patches and this series are ready for guest CET,
> then remove the disabling code in this patch for final merge, am I right?
Hi, Sean,
I haven't got your reply on above question. Would like to get your confirmation.
Thanks!

>
>