From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A863CC282DD for ; Fri, 10 Jan 2020 16:59:01 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 7E3E820842 for ; Fri, 10 Jan 2020 16:59:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728488AbgAJQ7A (ORCPT ); Fri, 10 Jan 2020 11:59:00 -0500 Received: from mga11.intel.com ([192.55.52.93]:34768 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725937AbgAJQ7A (ORCPT ); Fri, 10 Jan 2020 11:59:00 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 10 Jan 2020 08:58:59 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,417,1571727600"; d="scan'208";a="255077476" Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.202]) by fmsmga002.fm.intel.com with ESMTP; 10 Jan 2020 08:58:59 -0800 Date: Fri, 10 Jan 2020 08:58:59 -0800 From: Sean Christopherson To: Yang Weijiang Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, pbonzini@redhat.com, jmattson@google.com, yu.c.zhang@linux.intel.com, alazar@bitdefender.com, edwin.zhai@intel.com Subject: Re: [RESEND PATCH v10 02/10] vmx: spp: Add control flags for Sub-Page Protection(SPP) Message-ID: <20200110165859.GB21485@linux.intel.com> References: <20200102061319.10077-1-weijiang.yang@intel.com> <20200102061319.10077-3-weijiang.yang@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200102061319.10077-3-weijiang.yang@intel.com> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 02, 2020 at 02:13:11PM +0800, Yang Weijiang wrote: > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > index e3394c839dea..5713e8a6224c 100644 > --- a/arch/x86/kvm/vmx/vmx.c > +++ b/arch/x86/kvm/vmx/vmx.c > @@ -60,6 +60,7 @@ > #include "vmcs12.h" > #include "vmx.h" > #include "x86.h" > +#include "../mmu/spp.h" The ".." should be unnecessary, e.g. x86.h is obviously a level up. > MODULE_AUTHOR("Qumranet"); > MODULE_LICENSE("GPL"); > @@ -111,6 +112,7 @@ module_param_named(pml, enable_pml, bool, S_IRUGO); > > static bool __read_mostly dump_invalid_vmcs = 0; > module_param(dump_invalid_vmcs, bool, 0644); > +static bool __read_mostly spp_supported = 0; s/spp_supported/enable_spp to be consistent with all the other booleans. Is there a reason this isn't exposed as a module param? And if this is to be on by default, then the flag itself should be initialized to '1' so that it's clear to readers that the feature is enabled by default (if it's supported). Looking at only this code, I would think that SPP is forced off and can't be enabled. That being said, turning on the enable_spp control flag should be the last patch in the series, i.e. it shouldn't be turned on until all the underlying support code is in place. So, I would keep this as is, but invert the code in hardware_setup() below. That way the flag exists and is checked, but can't be turned on without modifying the code. Then when all is said and done, you can add a patch to introduce the module param and turn on the flag by default (if that's indeed what we want). > #define MSR_BITMAP_MODE_X2APIC 1 > #define MSR_BITMAP_MODE_X2APIC_APICV 2 > @@ -2391,6 +2393,7 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, > SECONDARY_EXEC_RDSEED_EXITING | > SECONDARY_EXEC_RDRAND_EXITING | > SECONDARY_EXEC_ENABLE_PML | > + SECONDARY_EXEC_ENABLE_SPP | > SECONDARY_EXEC_TSC_SCALING | > SECONDARY_EXEC_ENABLE_USR_WAIT_PAUSE | > SECONDARY_EXEC_PT_USE_GPA | > @@ -4039,6 +4042,9 @@ static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx) > if (!enable_pml) > exec_control &= ~SECONDARY_EXEC_ENABLE_PML; > > + if (!spp_supported) > + exec_control &= ~SECONDARY_EXEC_ENABLE_SPP; > + > if (vmx_xsaves_supported()) { > /* Exposing XSAVES only when XSAVE is exposed */ > bool xsaves_enabled = > @@ -7630,6 +7636,9 @@ static __init int hardware_setup(void) > if (!cpu_has_vmx_flexpriority()) > flexpriority_enabled = 0; > > + if (cpu_has_vmx_ept_spp() && enable_ept) > + spp_supported = 1; As above, invert this to disable spp when it's not supported, or when EPT is disabled (or not supported). > + > if (!cpu_has_virtual_nmis()) > enable_vnmi = 0; > > -- > 2.17.2 >