Re: [RFC PATCH v2 02/11] KVM: x86: Advertise CPUID.7.2.EDX and RRSBA_CTRL support

From: Xiaoyao Li <xiaoyao.li@intel.com>
To: Chao Gao <chao.gao@intel.com>
Cc: kvm@vger.kernel.org, Jiaan Lu <jiaan.lu@intel.com>,
	Zhang Chen <chen.zhang@intel.com>,
	Sean Christopherson <seanjc@google.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
	linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH v2 02/11] KVM: x86: Advertise CPUID.7.2.EDX and RRSBA_CTRL support
Date: Tue, 16 May 2023 10:22:22 +0800	[thread overview]
Message-ID: <9c75663c-6363-34e7-8341-d8f719365768@intel.com> (raw)
In-Reply-To: <ZGLkvlx5W0JStTjD@chao-email>

On 5/16/2023 10:04 AM, Chao Gao wrote:
> On Mon, May 15, 2023 at 02:53:07PM +0800, Xiaoyao Li wrote:
>> On 4/14/2023 2:25 PM, Chao Gao wrote:
>>> From: Zhang Chen <chen.zhang@intel.com>
>>>
>>> Add a kvm-only CPUID feature leaf for CPUID.7.2.EDX and RRSBA_CTRL
>>> as the first feature in the leaf.
>>>
>>> RRSBA_CTRL is enumerated by CPUID.7.2.EDX[2]. If supported, RRSBA_DIS_U
>>> (bit 5) and RRSBA_DIS_S (bit 6) of IA32_SPEC_CTRL MSR can be used to
>>> disable RRSBA behavior for CPL3 and CPL0/1/2 respectively.
>>>
>>> Note that KVM does not intercept guests' IA32_SPEC_CTRL MSR accesses
>>> after a non-zero is written to the MSR. Therefore, guests can already
>>> toggle the two bits if the host supports RRSBA_CTRL, and no extra code
>>> is needed to allow guests to toggle the two bits.
>>
>> This is a bug that also matters with other bits in MSR_IA32_SPEC_CTRL which
>> has a dedicated enumeration CPUID bit and no support in KVM yet.
> 
> Do you mean passing through the MSR is a bug? guest can write any hardware
> supported value to the MSR if the MSR isn't intercepted.
> 
> I guess this is intentional and a trade-off for performance (note that
> context-switch may cause writes to the MSR). And see
> 
> commit 841c2be09fe4 ("kvm: x86: replace kvm_spec_ctrl_test_value with runtime test on the host")
> 
> it appears that this behavior is widely recognized.
> 
>>
>> I think we need to fix this bug at first.
> 
> I have no idea how to fix the "bug" without intercepting the MSR. The
> performance penalty makes me think intercepting the MSR is not a viable
> solution.

I thought correctness always takes higher priority over performance.

>>
>>> Signed-off-by: Zhang Chen <chen.zhang@intel.com>
>>> Signed-off-by: Chao Gao <chao.gao@intel.com>
>>> Tested-by: Jiaan Lu <jiaan.lu@intel.com>
>>> ---
>>>    arch/x86/kvm/cpuid.c         | 22 +++++++++++++++++++---
>>>    arch/x86/kvm/reverse_cpuid.h |  7 +++++++
>>>    2 files changed, 26 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
>>> index 9583a110cf5f..f024c3ac2203 100644
>>> --- a/arch/x86/kvm/cpuid.c
>>> +++ b/arch/x86/kvm/cpuid.c
>>> @@ -685,6 +685,10 @@ void kvm_set_cpu_caps(void)
>>>    		SF(SGX1) | SF(SGX2) | SF(SGX_EDECCSSA)
>>>    	);
>>> +	kvm_cpu_cap_init_kvm_defined(CPUID_7_2_EDX,
>>> +		SF(RRSBA_CTRL)
>>> +	);
>>> +
>>
>> Please move this hook up to right follow the leaf CPUID_7_1_EAX.
> 
> sure. will do.