From: Yang Weijiang <weijiang.yang@intel.com>
To: qemu-devel@nongnu.org, pbonzini@redhat.com
Cc: Yang Weijiang <weijiang.yang@intel.com>
Subject: [Qemu-devel][PATCH v5 4/4] x86/cpu: Add user space access interface for CET MSRs
Date: Sun, 10 May 2020 09:42:50 +0800 [thread overview]
Message-ID: <20200510014250.28111-5-weijiang.yang@intel.com> (raw)
In-Reply-To: <20200510014250.28111-1-weijiang.yang@intel.com>
Added interface for CET MSR_IA32_{U,S}_CET, MSR_IA32_PL{0,1,2,3}_SSP,
MSR_IA32_INTR_SSP_TBL and MSR_KVM_GUEST_SSP save/restore. Check if
corresponding CET features are available before access the MSRs.
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
target/i386/cpu.h | 18 +++++
target/i386/kvm.c | 73 +++++++++++++++++++
target/i386/machine.c | 161 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 252 insertions(+)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index ed03cd1760..51577a04ca 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -480,6 +480,15 @@ typedef enum X86Seg {
#define MSR_IA32_VMX_TRUE_ENTRY_CTLS 0x00000490
#define MSR_IA32_VMX_VMFUNC 0x00000491
+#define MSR_IA32_U_CET 0x6a0
+#define MSR_IA32_S_CET 0x6a2
+#define MSR_IA32_PL0_SSP 0x6a4
+#define MSR_IA32_PL1_SSP 0x6a5
+#define MSR_IA32_PL2_SSP 0x6a6
+#define MSR_IA32_PL3_SSP 0x6a7
+#define MSR_IA32_SSP_TBL 0x6a8
+#define MSR_KVM_GUEST_SSP 0x4b564d06
+
#define XSTATE_FP_BIT 0
#define XSTATE_SSE_BIT 1
#define XSTATE_YMM_BIT 2
@@ -1567,6 +1576,15 @@ typedef struct CPUX86State {
uintptr_t retaddr;
+ uint64_t u_cet;
+ uint64_t s_cet;
+ uint64_t pl0_ssp;
+ uint64_t pl1_ssp;
+ uint64_t pl2_ssp;
+ uint64_t pl3_ssp;
+ uint64_t ssp_tbl;
+ uint64_t guest_ssp;
+
/* Fields up to this point are cleared by a CPU reset */
struct {} end_reset_fields;
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index 4901c6dd74..0735981558 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -2979,6 +2979,31 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
}
}
+ if (((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) ||
+ (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT)) &&
+ (env->features[FEAT_XSAVES_LO] & XSTATE_CET_U_MASK)) {
+ kvm_msr_entry_add(cpu, MSR_IA32_U_CET, env->u_cet);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL3_SSP, env->pl3_ssp);
+ }
+
+ if (env->features[FEAT_XSAVES_LO] & XSTATE_CET_S_MASK) {
+ if (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) {
+ kvm_msr_entry_add(cpu, MSR_IA32_PL0_SSP, env->pl0_ssp);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL1_SSP, env->pl1_ssp);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL2_SSP, env->pl2_ssp);
+ kvm_msr_entry_add(cpu, MSR_IA32_SSP_TBL, env->ssp_tbl);
+ }
+
+ if (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT) {
+ kvm_msr_entry_add(cpu, MSR_IA32_S_CET, env->s_cet);
+ }
+ }
+
+ if ((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) &&
+ (env->features[FEAT_XSAVES_LO] & (XSTATE_CET_U_MASK |
+ XSTATE_CET_S_MASK)))
+ kvm_msr_entry_add(cpu, MSR_KVM_GUEST_SSP, env->guest_ssp);
+
return kvm_buf_set_msrs(cpu);
}
@@ -3295,6 +3320,30 @@ static int kvm_get_msrs(X86CPU *cpu)
}
}
+ if (((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) ||
+ (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT)) &&
+ (env->features[FEAT_XSAVES_LO] & XSTATE_CET_U_MASK)) {
+ kvm_msr_entry_add(cpu, MSR_IA32_U_CET, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL3_SSP, 0);
+ }
+
+ if (env->features[FEAT_XSAVES_LO] & XSTATE_CET_S_MASK) {
+ if (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) {
+ kvm_msr_entry_add(cpu, MSR_IA32_PL0_SSP, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL1_SSP, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL2_SSP, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_SSP_TBL, 0);
+ }
+
+ if (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT) {
+ kvm_msr_entry_add(cpu, MSR_IA32_S_CET, 0);
+ }
+ }
+ if ((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) &&
+ (env->features[FEAT_XSAVES_LO] & (XSTATE_CET_U_MASK |
+ XSTATE_CET_S_MASK)))
+ kvm_msr_entry_add(cpu, MSR_KVM_GUEST_SSP, 0);
+
ret = kvm_vcpu_ioctl(CPU(cpu), KVM_GET_MSRS, cpu->kvm_msr_buf);
if (ret < 0) {
return ret;
@@ -3578,6 +3627,30 @@ static int kvm_get_msrs(X86CPU *cpu)
case MSR_IA32_RTIT_ADDR0_A ... MSR_IA32_RTIT_ADDR3_B:
env->msr_rtit_addrs[index - MSR_IA32_RTIT_ADDR0_A] = msrs[i].data;
break;
+ case MSR_IA32_U_CET:
+ env->u_cet = msrs[i].data;
+ break;
+ case MSR_IA32_S_CET:
+ env->s_cet = msrs[i].data;
+ break;
+ case MSR_IA32_PL0_SSP:
+ env->pl0_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_PL1_SSP:
+ env->pl1_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_PL2_SSP:
+ env->pl2_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_PL3_SSP:
+ env->pl3_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_SSP_TBL:
+ env->ssp_tbl = msrs[i].data;
+ break;
+ case MSR_KVM_GUEST_SSP:
+ env->guest_ssp = msrs[i].data;
+ break;
}
}
diff --git a/target/i386/machine.c b/target/i386/machine.c
index 0c96531a56..3e1d8b6eb9 100644
--- a/target/i386/machine.c
+++ b/target/i386/machine.c
@@ -962,6 +962,159 @@ static const VMStateDescription vmstate_umwait = {
}
};
+static bool u_cet_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->u_cet != 0;
+}
+
+static const VMStateDescription vmstate_u_cet = {
+ .name = "cpu/u_cet",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = u_cet_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.u_cet, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool s_cet_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->s_cet != 0;
+}
+
+static const VMStateDescription vmstate_s_cet = {
+ .name = "cpu/s_cet",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = s_cet_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.s_cet, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool pl0_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl0_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl0_ssp = {
+ .name = "cpu/pl0_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl0_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl0_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool pl1_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl1_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl1_ssp = {
+ .name = "cpu/pl1_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl1_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl1_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool pl2_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl2_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl2_ssp = {
+ .name = "cpu/pl2_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl2_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl2_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+
+static bool pl3_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl3_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl3_ssp = {
+ .name = "cpu/pl3_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl3_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl3_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool ssp_tbl_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->ssp_tbl != 0;
+}
+
+static const VMStateDescription vmstate_ssp_tbl = {
+ .name = "cpu/ssp_tbl",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = ssp_tbl_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.ssp_tbl, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool guest_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->guest_ssp != 0;
+}
+
+static const VMStateDescription vmstate_guest_ssp = {
+ .name = "cpu/guest_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = guest_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.guest_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
#ifdef TARGET_X86_64
static bool pkru_needed(void *opaque)
{
@@ -1447,6 +1600,14 @@ VMStateDescription vmstate_x86_cpu = {
&vmstate_nested_state,
#endif
&vmstate_msr_tsx_ctrl,
+ &vmstate_u_cet,
+ &vmstate_s_cet,
+ &vmstate_pl0_ssp,
+ &vmstate_pl1_ssp,
+ &vmstate_pl2_ssp,
+ &vmstate_pl3_ssp,
+ &vmstate_ssp_tbl,
+ &vmstate_guest_ssp,
NULL
}
};
--
2.17.2
prev parent reply other threads:[~2020-05-10 1:44 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-10 1:42 [Qemu-devel][PATCH v5 0/4] Enable CET support for guest Yang Weijiang
2020-05-10 1:42 ` [Qemu-devel][PATCH v5 1/4] x86/cpu: Add CET CPUID/XSAVES flags and data structures Yang Weijiang
2020-07-15 7:10 ` Xiaoyao Li
2020-05-10 1:42 ` [Qemu-devel][PATCH v5 2/4] x86/cpuid: Add XSAVES feature words and CET related state bits Yang Weijiang
2020-07-15 7:22 ` Xiaoyao Li
2020-05-10 1:42 ` [Qemu-devel][PATCH v5 3/4] x86/cpuid: Add support for XSAVES dependent feature enumeration Yang Weijiang
2020-05-10 1:42 ` Yang Weijiang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200510014250.28111-5-weijiang.yang@intel.com \
--to=weijiang.yang@intel.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.