Received: by 2002:ab2:6f44:0:b0:1fd:c486:4f03 with SMTP id l4csp6782lqq; Wed, 12 Jun 2024 14:32:20 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCV3RovT1bp9O2Kcwz71FA1jc0wBUZMvbdHIuoYLhsGumg4dUczdFiunPeoDOdar0a3x1C8DRrQ96yIpthQyQcVWn7FD3HGwXx9p3wO1Og== X-Google-Smtp-Source: AGHT+IF0gq0PEVv/KxC0cfC8Zpep34/z6kRtfW+sQtg7rLLwhQh46IZsucYy9lxwoPDx55duWYkg X-Received: by 2002:a05:6a20:3d88:b0:1b2:a889:f7da with SMTP id adf61e73a8af0-1b8a9c887fdmr3583430637.55.1718227939928; Wed, 12 Jun 2024 14:32:19 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718227939; cv=pass; d=google.com; s=arc-20160816; b=rCoLxwPjMUNtNg9/ody6PM4VFkViY1Er/EKNo6gGBghV6aJxhvLFUtIG/TCW3RljnA bJm5C79Y0k3wbtQ5WKTvDeYKCQ5df7/Eg8bvn8d8jnKfg5IdTT/elM4F1mamhkauT1Qe jMgG0xDr22vDjFdcFWYhyEKnTtoiBoKm30JFqHeHKe5bJj8plu8xm7tjV5BJpTpgsCmK IE2uH5YYKd0fLmsoMFC7Imd5xcrtkqbLTfLyptIDMtKA7aqapCjw7lpsh/CZqERWRE8F l8fkGAZmoOprSBNVl5pHRYOMW1ypwFRNWFNgE+0CN0DQ27QSLAD5PnD3qVK8dJBF+MC/ yBCg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=1QhL6pyEL28D/XNE8O9WA5q6Sm9P5RrVE+DUX18+yxg=; fh=6zbFUbjGHoAXMHLd1vDdZsFiEkt1CaSyC4nqpM6J86Q=; b=XBg0ziEVq1qXbP1MOxYuAn/qkHn3VlOnAodoCBdg8lzz8QQOqXhsrHCqUtnpYeGfQD 04cAFyam6fJxtagSFsA874Fj9lu8CHRu4JYgw/1DTdOymW7wzPHWshqFtVWO69kHimS7 DkD2UB+KJcS+OUFdB35/CTAMWPj+W5BbO6S8JAld266Fz6g1NnFZBOWy5PAETU/Fv1I5 h6686/7XeOWvr/bXUH7BnY1FVz5sdR55SUrmA/2neALSQfxPVPwhYz7+bFz3Hw2ueDpc J8nhg5I2+whSEbIQCrIeex4gLrIA1hF8am3gNpzUT8zWOKK1ccODyAW3MuA7JfuT34cM 74Kw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=BGZ0oYOj; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-212280-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-212280-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id 98e67ed59e1d1-2c4a75f3c82si2188802a91.50.2024.06.12.14.32.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 12 Jun 2024 14:32:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-212280-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=BGZ0oYOj; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-212280-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-212280-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 8919A28413F for ; Wed, 12 Jun 2024 21:32:19 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DB3858288C; Wed, 12 Jun 2024 21:32:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="BGZ0oYOj" Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E9FC185956 for ; Wed, 12 Jun 2024 21:32:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718227927; cv=none; b=D1Wx1NqhwxB85i9z+Bw2r3gt2vLTVE+j43dMRx031rmwsJfbPGdPI3R9szpi0vwpFr/Vd9Ky/D3gR5Ozz8mkH3TuDfla+wi2U0Ya/T27GkjQq85uQr4pg6cYF5fBV7VbkvW1ct5tjZovksaw5ylYiAK19+8db/6kwDBF/c76n0E= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718227927; c=relaxed/simple; bh=W5Lf3m/ndcYRRPBJWPF6wvhs/2Q/L4nQNdthZxKjzRg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=bAgjmNTiZLhxvdDWtPSw/RRYoY+LifK8LZ2dKwrcjpK4MS/PSvBZgd99tOVOBnnLTe4JsTsQE4LFVvQcX86TcS7xSQw0T5rg968j55h2KTUfqhj7iFT6+ZDFqnl96Qk8vSGN7El0IQ3R7L9v5yGKcRd8qsdqYAkkLZBmlfMAAHY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=BGZ0oYOj; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-62834d556feso6146077b3.3 for ; Wed, 12 Jun 2024 14:32:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1718227924; x=1718832724; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=1QhL6pyEL28D/XNE8O9WA5q6Sm9P5RrVE+DUX18+yxg=; b=BGZ0oYOjCuu+2FztOekL9bGT4kIT+0Mkyxtlqqs4iixMR2yB5xY0xLmd2xZSAFmoxL NhwKcdf2MJWhO87UrxL22vqKTdQMLLfk+QSM6pqmfiu5YXG7HXylm/W0MNqSwAEc9tMd muevp/bCQxRs5QSt/Y3L8aCehNOu6VKmCmpkViMXfCxi6SwrFY3YK3YnYmOGKM62TfoU bNctT8HnlUkayiMEC1SYecE80166dbZh+hwfXXWnyHYDs8G486V+oYM9ihIv27eCGwfp SIRYDMUIko+f1VvH65QrcaQ+j7djCOafZqYfhBx48v2xhBtBaUYpnWGbgp//+tV688Dd OYEw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718227924; x=1718832724; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=1QhL6pyEL28D/XNE8O9WA5q6Sm9P5RrVE+DUX18+yxg=; b=n9GeCOfP56bH15EF3+yOp4xkOX2fIfj769pbzV0QlwCleXwr1iwrjYQuuzBX7wzhb8 xu4MC63LEOEbDEhzuRZ19vBXfLbbzSKJxO7we8e5SvNxocF5Sr6jTjqj1IkhF5d4TrcP OYCCqrM7OKK9bK7Ws9Wb6yQRiqP2Or78O7rPsf71EMZyVlwMnB1btiGtxURE4L0HhfP3 I7Sse6GaLC3WdKz8KWmWs7WiAB4+uXQZHxkQPqlzTvcZIfSsBxAIRubyUgscsoZH+sT/ n+zJGFzSKV0uQnBLnbThJWcdtBdoM7QGQ3qz9Z2wQN9GwdOvlqSkgxY7PwpR0/6g4UZ/ m9Rw== X-Forwarded-Encrypted: i=1; AJvYcCW9mCSa9bxlP0itbtXGKpZxronSG/qnw/iAI6NcH+gb4yURDP9aEUlnHUJsKxfHaU0YlJ4MtRiaCOZXJzbki28rxrVmIsJUnXp3ncdh X-Gm-Message-State: AOJu0YxQzBvY83nGB3dR50VtE3c65K04f2RdFE0cI1A5Y68QmR19Xl4A 5rTEwYZY8/Z99LGN0EQPcw/cuX/aO+vjzqBY+MFEYRmQJ4Ug7itqLLpxf4mXGOPNTX6cuZ36Gjh PWw== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:690c:d88:b0:62c:f976:a763 with SMTP id 00721157ae682-62fb72f2569mr9479477b3.1.1718227923971; Wed, 12 Jun 2024 14:32:03 -0700 (PDT) Date: Wed, 12 Jun 2024 14:32:02 -0700 In-Reply-To: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240207172646.3981-1-xin3.li@intel.com> <20240207172646.3981-8-xin3.li@intel.com> Message-ID: Subject: Re: [PATCH v2 07/25] KVM: VMX: Set intercept for FRED MSRs From: Sean Christopherson To: Chao Gao Cc: Xin Li , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, linux-kselftest@vger.kernel.org, pbonzini@redhat.com, corbet@lwn.net, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, shuah@kernel.org, vkuznets@redhat.com, peterz@infradead.org, ravi.v.shankar@intel.com, xin@zytor.com Content-Type: text/plain; charset="us-ascii" On Fri, Apr 19, 2024, Chao Gao wrote: > On Wed, Feb 07, 2024 at 09:26:27AM -0800, Xin Li wrote: > >Add FRED MSRs to the valid passthrough MSR list and set FRED MSRs intercept > >based on FRED enumeration. This needs a *much* more verbose explanation. It's pretty darn obvious _what_ KVM is doing, but it's not at all clear _why_ KVM is passing through FRED MSRs. E.g. why is FRED_SSP0 not included in the set of passthrough MSRs? > > static void vmx_vcpu_config_fred_after_set_cpuid(struct kvm_vcpu *vcpu) > > { > > struct vcpu_vmx *vmx = to_vmx(vcpu); > >+ bool fred_enumerated; > > > > kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_FRED); > >+ fred_enumerated = guest_can_use(vcpu, X86_FEATURE_FRED); > > > >- if (guest_can_use(vcpu, X86_FEATURE_FRED)) { > >+ if (fred_enumerated) { > > vm_entry_controls_setbit(vmx, VM_ENTRY_LOAD_IA32_FRED); > > secondary_vm_exit_controls_setbit(vmx, > > SECONDARY_VM_EXIT_SAVE_IA32_FRED | > >@@ -7788,6 +7793,16 @@ static void vmx_vcpu_config_fred_after_set_cpuid(struct kvm_vcpu *vcpu) > > SECONDARY_VM_EXIT_SAVE_IA32_FRED | > > SECONDARY_VM_EXIT_LOAD_IA32_FRED); > > } > >+ > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP0, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP1, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP2, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP3, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_STKLVLS, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_SSP1, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_SSP2, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_SSP3, MSR_TYPE_RW, !fred_enumerated); > >+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_CONFIG, MSR_TYPE_RW, !fred_enumerated); > > Use a for-loop here? e.g., > for (i = MSR_IA32_FRED_RSP0; i <= MSR_IA32_FRED_CONFIG; i++) Hmm, I'd prefer to keep the open coded version. It's not pretty, but I don't expect this to have much, if any, maintenance cost. And using a loop makes it harder to both understand _exactly_ what's happening, and to search for relevant code. E.g. it's quite difficult to see that FRED_SSP0 is still intercepted (see my comment regarding the changelog).