* [Qemu-devel][PATCH v6 0/6] Enable CET support for guest
@ 2020-10-13 5:19 Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words Yang Weijiang
` (5 more replies)
0 siblings, 6 replies; 9+ messages in thread
From: Yang Weijiang @ 2020-10-13 5:19 UTC (permalink / raw)
To: pbonzini, mtosatti, rth, ehabkost, sean.j.christopherson, qemu-devel
Cc: Yang Weijiang, hao.wu
Control-flow Enforcement Technology (CET) provides protection against
Return/Jump-Oriented Programming (ROP/JOP). It includes two sub-features:
Shadow Stack(SHSTK) and Indirect Branch Tracking(IBT).
This patchset is for guest CET enabling. It enclosed patches for
XSS feature report and CET CPUID enumeration, XSAVE support and MSR
access interface etc.
Related patch series:
CET KVM patches v14:
https://github.com/sean-jc/linux/releases/tag/kvm-cet-v14-rc1
Intel 64 and IA-32 Architectures Software Developer's Manual:
https://software.intel.com/en-us/download/intel-64-and-ia-32-
architectures-sdm-combined-volumes-1-2a-2b-2c-2d-3a-3b-3c-3d-and-4
CET Shadow Stack patches v14:
https://lkml.kernel.org/r/20201012153850.26996-1-yu-cheng.yu@intel.com/
[3] Indirect Branch Tracking patches v14.
https://lkml.kernel.org/r/20201012154530.28382-1-yu-cheng.yu@intel.com/
v6:
- Cleaned up XSAVE related naming for adding XSS features.
- Refactored patches based on new QEMU code base.
v5:
- Checked CET states before access related MSRs.
- Added new MSR MSR_KVM_GUEST_SSP for live-migration.
- Refactored patches to make them more structured.
v4:
- Added MSR read/write interface for PL1_SSP/PL2_SSP.
- Removed CET structures from X86XSaveArea.
- Cleared ebx in return of CPUID.(EAX=d, ECX=1).
v3:
- Add CET MSR save/restore support for live-migration.
v2:
- In CPUID.(EAX=d, ECX=1), set return ECX[n] = 0 if bit n corresponds
to a bit in MSR_IA32_XSS.
- In CPUID.(EAX=d, ECX=n), set return ECX = 1 if bit n corresponds
to a bit in MSR_IA32_XSS.
- Skip Supervisor mode xsave component when calculate User mode
xave component size in xsave_area_size() and x86_cpu_reset().
Yang Weijiang (6):
x86/cpu: Rename XSAVE related feature words.
x86/cpuid: Enable XSS feature enumeration for CPUID
x86/cpu: Enable CET components support for XSAVE
x86/cpu: Add user-space MSR access interface for CET
x86/cpu: Add CET state support for guest migration
x86/cpu: Advise CET bits in CPU/MSR feature words
target/i386/cpu.c | 132 +++++++++++++++++++++++---------
target/i386/cpu.h | 57 +++++++++++++-
target/i386/fpu_helper.c | 2 +-
target/i386/kvm.c | 73 ++++++++++++++++++
target/i386/machine.c | 161 +++++++++++++++++++++++++++++++++++++++
target/i386/translate.c | 2 +-
6 files changed, 384 insertions(+), 43 deletions(-)
--
2.26.2
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words.
2020-10-13 5:19 [Qemu-devel][PATCH v6 0/6] Enable CET support for guest Yang Weijiang
@ 2020-10-13 5:19 ` Yang Weijiang
2020-10-14 0:08 ` Sean Christopherson
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 2/6] x86/cpuid: Enable XSS feature enumeration for CPUID Yang Weijiang
` (4 subsequent siblings)
5 siblings, 1 reply; 9+ messages in thread
From: Yang Weijiang @ 2020-10-13 5:19 UTC (permalink / raw)
To: pbonzini, mtosatti, rth, ehabkost, sean.j.christopherson, qemu-devel
Cc: Yang Weijiang, hao.wu
With more components in XSS being developed on Intel platform,
it's necessary to clean up existing XSAVE related feature words to
make the name clearer. It's to prepare for adding CET related support
in following patches.
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
target/i386/cpu.c | 60 ++++++++++++++++++++--------------------
target/i386/cpu.h | 6 ++--
target/i386/fpu_helper.c | 2 +-
target/i386/translate.c | 2 +-
4 files changed, 35 insertions(+), 35 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 588f32e136..e2891740f1 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1050,7 +1050,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.tcg_features = 0,
.unmigratable_flags = 0,
},
- [FEAT_XSAVE] = {
+ [FEAT_XSAVE_INSTRUCTION] = {
.type = CPUID_FEATURE_WORD,
.feat_names = {
"xsaveopt", "xsavec", "xgetbv1", "xsaves",
@@ -1084,7 +1084,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.cpuid = { .eax = 6, .reg = R_EAX, },
.tcg_features = TCG_6_EAX_FEATURES,
},
- [FEAT_XSAVE_COMP_LO] = {
+ [FEAT_XSAVE_XCR0_LO] = {
.type = CPUID_FEATURE_WORD,
.cpuid = {
.eax = 0xD,
@@ -1097,7 +1097,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
XSTATE_OPMASK_MASK | XSTATE_ZMM_Hi256_MASK | XSTATE_Hi16_ZMM_MASK |
XSTATE_PKRU_MASK,
},
- [FEAT_XSAVE_COMP_HI] = {
+ [FEAT_XSAVE_XCR0_HI] = {
.type = CPUID_FEATURE_WORD,
.cpuid = {
.eax = 0xD,
@@ -1369,7 +1369,7 @@ static FeatureDep feature_dependencies[] = {
.to = { FEAT_VMX_SECONDARY_CTLS, ~0ull },
},
{
- .from = { FEAT_XSAVE, CPUID_XSAVE_XSAVES },
+ .from = { FEAT_XSAVE_INSTRUCTION, CPUID_XSAVE_XSAVES },
.to = { FEAT_VMX_SECONDARY_CTLS, VMX_SECONDARY_EXEC_XSAVES },
},
{
@@ -1502,8 +1502,8 @@ static inline bool accel_uses_host_cpuid(void)
static inline uint64_t x86_cpu_xsave_components(X86CPU *cpu)
{
- return ((uint64_t)cpu->env.features[FEAT_XSAVE_COMP_HI]) << 32 |
- cpu->env.features[FEAT_XSAVE_COMP_LO];
+ return ((uint64_t)cpu->env.features[FEAT_XSAVE_XCR0_HI]) << 32 |
+ cpu->env.features[FEAT_XSAVE_XCR0_LO];
}
const char *get_register_name_32(unsigned int reg)
@@ -2390,7 +2390,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
CPUID_EXT2_SYSCALL,
.features[FEAT_8000_0001_ECX] =
CPUID_EXT3_LAHF_LM,
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT,
.features[FEAT_6_EAX] =
CPUID_6_EAX_ARAT,
@@ -2479,7 +2479,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
CPUID_EXT2_SYSCALL,
.features[FEAT_8000_0001_ECX] =
CPUID_EXT3_LAHF_LM,
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT,
.features[FEAT_6_EAX] =
CPUID_6_EAX_ARAT,
@@ -2574,7 +2574,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
CPUID_7_0_EBX_HLE | CPUID_7_0_EBX_AVX2 | CPUID_7_0_EBX_SMEP |
CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
CPUID_7_0_EBX_RTM,
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT,
.features[FEAT_6_EAX] =
CPUID_6_EAX_ARAT,
@@ -2704,7 +2704,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ERMS | CPUID_7_0_EBX_INVPCID |
CPUID_7_0_EBX_RTM | CPUID_7_0_EBX_RDSEED | CPUID_7_0_EBX_ADX |
CPUID_7_0_EBX_SMAP,
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT,
.features[FEAT_6_EAX] =
CPUID_6_EAX_ARAT,
@@ -2834,7 +2834,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -2954,7 +2954,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -3089,7 +3089,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -3228,7 +3228,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -3331,7 +3331,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -3448,7 +3448,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -3581,7 +3581,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC | CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
CPUID_6_EAX_ARAT,
@@ -3712,7 +3712,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* and the only one defined in Skylake (processor tracing)
* probably will block migration anyway.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -3814,7 +3814,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
CPUID_7_0_ECX_AVX512_VPOPCNTDQ,
.features[FEAT_7_0_EDX] =
CPUID_7_0_EDX_AVX512_4VNNIW | CPUID_7_0_EDX_AVX512_4FMAPS,
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT,
.features[FEAT_6_EAX] =
CPUID_6_EAX_ARAT,
@@ -3985,7 +3985,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_RDSEED |
CPUID_7_0_EBX_ADX | CPUID_7_0_EBX_SMAP | CPUID_7_0_EBX_CLFLUSHOPT |
CPUID_7_0_EBX_SHA_NI,
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -4063,7 +4063,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
* including v4.1 to v4.12).
* KVM doesn't yet expose any XSAVES state save component.
*/
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1,
.features[FEAT_6_EAX] =
@@ -4113,7 +4113,7 @@ static X86CPUDefinition builtin_x86_defs[] = {
CPUID_7_0_EBX_SHA_NI | CPUID_7_0_EBX_CLWB,
.features[FEAT_7_0_ECX] =
CPUID_7_0_ECX_UMIP | CPUID_7_0_ECX_RDPID,
- .features[FEAT_XSAVE] =
+ .features[FEAT_XSAVE_INSTRUCTION] =
CPUID_XSAVE_XSAVEOPT | CPUID_XSAVE_XSAVEC |
CPUID_XSAVE_XGETBV1 | CPUID_XSAVE_XSAVES,
.features[FEAT_6_EAX] =
@@ -4689,8 +4689,8 @@ static const char *x86_cpu_feature_name(FeatureWord w, int bitnr)
/* XSAVE components are automatically enabled by other features,
* so return the original feature name instead
*/
- if (w == FEAT_XSAVE_COMP_LO || w == FEAT_XSAVE_COMP_HI) {
- int comp = (w == FEAT_XSAVE_COMP_HI) ? bitnr + 32 : bitnr;
+ if (w == FEAT_XSAVE_XCR0_LO || w == FEAT_XSAVE_XCR0_HI) {
+ int comp = (w == FEAT_XSAVE_XCR0_HI) ? bitnr + 32 : bitnr;
if (comp < ARRAY_SIZE(x86_ext_save_areas) &&
x86_ext_save_areas[comp].bits) {
@@ -5736,8 +5736,8 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
if (count == 0) {
*ecx = xsave_area_size(x86_cpu_xsave_components(cpu));
- *eax = env->features[FEAT_XSAVE_COMP_LO];
- *edx = env->features[FEAT_XSAVE_COMP_HI];
+ *eax = env->features[FEAT_XSAVE_XCR0_LO];
+ *edx = env->features[FEAT_XSAVE_XCR0_HI];
/*
* The initial value of xcr0 and ebx == 0, On host without kvm
* commit 412a3c41(e.g., CentOS 6), the ebx's value always == 0
@@ -5746,7 +5746,7 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
*/
*ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0);
} else if (count == 1) {
- *eax = env->features[FEAT_XSAVE];
+ *eax = env->features[FEAT_XSAVE_INSTRUCTION];
} else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
if ((x86_cpu_xsave_components(cpu) >> count) & 1) {
const ExtSaveArea *esa = &x86_ext_save_areas[count];
@@ -6307,8 +6307,8 @@ static void x86_cpu_enable_xsave_components(X86CPU *cpu)
}
}
- env->features[FEAT_XSAVE_COMP_LO] = mask;
- env->features[FEAT_XSAVE_COMP_HI] = mask >> 32;
+ env->features[FEAT_XSAVE_XCR0_LO] = mask;
+ env->features[FEAT_XSAVE_XCR0_HI] = mask >> 32;
}
/***** Steps involved on loading and filtering CPUID data
@@ -6423,7 +6423,7 @@ static void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
x86_cpu_adjust_feat_level(cpu, FEAT_8000_0008_EBX);
x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX);
x86_cpu_adjust_feat_level(cpu, FEAT_SVM);
- x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE);
+ x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE_INSTRUCTION);
/* Intel Processor Trace requires CPUID[0x14] */
if ((env->features[FEAT_7_0_EBX] & CPUID_7_0_EBX_INTEL_PT)) {
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index e1a5c174dc..b86eb8dba0 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -525,10 +525,10 @@ typedef enum FeatureWord {
FEAT_HV_RECOMM_EAX, /* CPUID[4000_0004].EAX */
FEAT_HV_NESTED_EAX, /* CPUID[4000_000A].EAX */
FEAT_SVM, /* CPUID[8000_000A].EDX */
- FEAT_XSAVE, /* CPUID[EAX=0xd,ECX=1].EAX */
+ FEAT_XSAVE_INSTRUCTION, /* CPUID[EAX=0xd,ECX=1].EAX */
FEAT_6_EAX, /* CPUID[6].EAX */
- FEAT_XSAVE_COMP_LO, /* CPUID[EAX=0xd,ECX=0].EAX */
- FEAT_XSAVE_COMP_HI, /* CPUID[EAX=0xd,ECX=0].EDX */
+ FEAT_XSAVE_XCR0_LO, /* CPUID[EAX=0xd,ECX=0].EAX */
+ FEAT_XSAVE_XCR0_HI, /* CPUID[EAX=0xd,ECX=0].EDX */
FEAT_ARCH_CAPABILITIES,
FEAT_CORE_CAPABILITY,
FEAT_PERF_CAPABILITIES,
diff --git a/target/i386/fpu_helper.c b/target/i386/fpu_helper.c
index 4ea73874d8..a104467a18 100644
--- a/target/i386/fpu_helper.c
+++ b/target/i386/fpu_helper.c
@@ -2891,7 +2891,7 @@ uint64_t helper_xgetbv(CPUX86State *env, uint32_t ecx)
case 0:
return env->xcr0;
case 1:
- if (env->features[FEAT_XSAVE] & CPUID_XSAVE_XGETBV1) {
+ if (env->features[FEAT_XSAVE_INSTRUCTION] & CPUID_XSAVE_XGETBV1) {
return env->xcr0 & get_xinuse(env);
}
break;
diff --git a/target/i386/translate.c b/target/i386/translate.c
index caea6f5fb1..8510300ae6 100644
--- a/target/i386/translate.c
+++ b/target/i386/translate.c
@@ -8481,7 +8481,7 @@ static void i386_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu)
dc->cpuid_ext2_features = env->features[FEAT_8000_0001_EDX];
dc->cpuid_ext3_features = env->features[FEAT_8000_0001_ECX];
dc->cpuid_7_0_ebx_features = env->features[FEAT_7_0_EBX];
- dc->cpuid_xsave_features = env->features[FEAT_XSAVE];
+ dc->cpuid_xsave_features = env->features[FEAT_XSAVE_INSTRUCTION];
#ifdef TARGET_X86_64
dc->lma = (flags >> HF_LMA_SHIFT) & 1;
dc->code64 = (flags >> HF_CS64_SHIFT) & 1;
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel][PATCH v6 2/6] x86/cpuid: Enable XSS feature enumeration for CPUID
2020-10-13 5:19 [Qemu-devel][PATCH v6 0/6] Enable CET support for guest Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words Yang Weijiang
@ 2020-10-13 5:19 ` Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 3/6] x86/cpu: Enable CET components support for XSAVE Yang Weijiang
` (3 subsequent siblings)
5 siblings, 0 replies; 9+ messages in thread
From: Yang Weijiang @ 2020-10-13 5:19 UTC (permalink / raw)
To: pbonzini, mtosatti, rth, ehabkost, sean.j.christopherson, qemu-devel
Cc: Yang Weijiang, hao.wu
Currently, CPUID.(EAX=0DH,ECX=01H) doesn't enumerate features in
XSS properly, add the support here. XCR0 bits indicate user-mode XSAVE
components, and XSS bits indicate supervisor-mode XSAVE components.
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
target/i386/cpu.c | 48 ++++++++++++++++++++++++++++++++++++++++++-----
target/i386/cpu.h | 12 ++++++++++++
2 files changed, 55 insertions(+), 5 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index e2891740f1..38eab02b3d 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1069,6 +1069,24 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
},
.tcg_features = TCG_XSAVE_FEATURES,
},
+ [FEAT_XSAVE_XSS_LO] = {
+ .type = CPUID_FEATURE_WORD,
+ .cpuid = {
+ .eax = 0xD,
+ .needs_ecx = true,
+ .ecx = 1,
+ .reg = R_ECX,
+ },
+ },
+ [FEAT_XSAVE_XSS_HI] = {
+ .type = CPUID_FEATURE_WORD,
+ .cpuid = {
+ .eax = 0xD,
+ .needs_ecx = true,
+ .ecx = 1,
+ .reg = R_EDX
+ },
+ },
[FEAT_6_EAX] = {
.type = CPUID_FEATURE_WORD,
.feat_names = {
@@ -1489,6 +1507,9 @@ static uint32_t xsave_area_size(uint64_t mask)
for (i = 0; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
const ExtSaveArea *esa = &x86_ext_save_areas[i];
if ((mask >> i) & 1) {
+ if (i >= 2 && !esa->offset) {
+ continue;
+ }
ret = MAX(ret, esa->offset + esa->size);
}
}
@@ -1500,12 +1521,18 @@ static inline bool accel_uses_host_cpuid(void)
return kvm_enabled() || hvf_enabled();
}
-static inline uint64_t x86_cpu_xsave_components(X86CPU *cpu)
+static inline uint64_t x86_cpu_xsave_xcr0_components(X86CPU *cpu)
{
return ((uint64_t)cpu->env.features[FEAT_XSAVE_XCR0_HI]) << 32 |
cpu->env.features[FEAT_XSAVE_XCR0_LO];
}
+static inline uint64_t x86_cpu_xsave_xss_components(X86CPU *cpu)
+{
+ return ((uint64_t)cpu->env.features[FEAT_XSAVE_XSS_HI]) << 32 |
+ cpu->env.features[FEAT_XSAVE_XSS_LO];
+}
+
const char *get_register_name_32(unsigned int reg)
{
if (reg >= CPU_NB_REGS32) {
@@ -5735,7 +5762,7 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
}
if (count == 0) {
- *ecx = xsave_area_size(x86_cpu_xsave_components(cpu));
+ *ecx = xsave_area_size(x86_cpu_xsave_xcr0_components(cpu));
*eax = env->features[FEAT_XSAVE_XCR0_LO];
*edx = env->features[FEAT_XSAVE_XCR0_HI];
/*
@@ -5747,11 +5774,17 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
*ebx = kvm_enabled() ? *ecx : xsave_area_size(env->xcr0);
} else if (count == 1) {
*eax = env->features[FEAT_XSAVE_INSTRUCTION];
+ *ecx = env->features[FEAT_XSAVE_XSS_LO];
+ *edx = env->features[FEAT_XSAVE_XSS_HI];
} else if (count < ARRAY_SIZE(x86_ext_save_areas)) {
- if ((x86_cpu_xsave_components(cpu) >> count) & 1) {
- const ExtSaveArea *esa = &x86_ext_save_areas[count];
+ const ExtSaveArea *esa = &x86_ext_save_areas[count];
+ if ((x86_cpu_xsave_xcr0_components(cpu) >> count) & 1) {
*eax = esa->size;
*ebx = esa->offset;
+ } else if ((x86_cpu_xsave_xss_components(cpu) >> count) & 1) {
+ *eax = esa->size;
+ *ebx = 0;
+ *ecx = 1;
}
}
break;
@@ -6073,6 +6106,9 @@ static void x86_cpu_reset(DeviceState *dev)
}
for (i = 2; i < ARRAY_SIZE(x86_ext_save_areas); i++) {
const ExtSaveArea *esa = &x86_ext_save_areas[i];
+ if (!esa->offset) {
+ continue;
+ }
if (env->features[esa->feature] & esa->bits) {
xcr0 |= 1ull << i;
}
@@ -6307,8 +6343,10 @@ static void x86_cpu_enable_xsave_components(X86CPU *cpu)
}
}
- env->features[FEAT_XSAVE_XCR0_LO] = mask;
+ env->features[FEAT_XSAVE_XCR0_LO] = mask & CPUID_XSTATE_XCR0_MASK;
env->features[FEAT_XSAVE_XCR0_HI] = mask >> 32;
+ env->features[FEAT_XSAVE_XSS_LO] = mask & CPUID_XSTATE_XSS_MASK;
+ env->features[FEAT_XSAVE_XSS_HI] = mask >> 32;
}
/***** Steps involved on loading and filtering CPUID data
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index b86eb8dba0..10bf4d8b51 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -504,6 +504,16 @@ typedef enum X86Seg {
#define XSTATE_Hi16_ZMM_MASK (1ULL << XSTATE_Hi16_ZMM_BIT)
#define XSTATE_PKRU_MASK (1ULL << XSTATE_PKRU_BIT)
+/* CPUID feature bits available in XCR0 */
+#define CPUID_XSTATE_XCR0_MASK (XSTATE_FP_MASK | XSTATE_SSE_MASK | \
+ XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | \
+ XSTATE_BNDCSR_MASK | XSTATE_OPMASK_MASK | \
+ XSTATE_ZMM_Hi256_MASK | \
+ XSTATE_Hi16_ZMM_MASK | XSTATE_PKRU_MASK)
+
+/* CPUID feature bits available in XSS */
+#define CPUID_XSTATE_XSS_MASK 0
+
/* CPUID feature words */
typedef enum FeatureWord {
FEAT_1_EDX, /* CPUID[1].EDX */
@@ -541,6 +551,8 @@ typedef enum FeatureWord {
FEAT_VMX_EPT_VPID_CAPS,
FEAT_VMX_BASIC,
FEAT_VMX_VMFUNC,
+ FEAT_XSAVE_XSS_LO, /* CPUID[EAX=0xd,ECX=1].ECX */
+ FEAT_XSAVE_XSS_HI, /* CPUID[EAX=0xd,ECX=1].EDX */
FEATURE_WORDS,
} FeatureWord;
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel][PATCH v6 3/6] x86/cpu: Enable CET components support for XSAVE
2020-10-13 5:19 [Qemu-devel][PATCH v6 0/6] Enable CET support for guest Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 2/6] x86/cpuid: Enable XSS feature enumeration for CPUID Yang Weijiang
@ 2020-10-13 5:19 ` Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 4/6] x86/cpu: Add user-space MSR access interface for CET Yang Weijiang
` (2 subsequent siblings)
5 siblings, 0 replies; 9+ messages in thread
From: Yang Weijiang @ 2020-10-13 5:19 UTC (permalink / raw)
To: pbonzini, mtosatti, rth, ehabkost, sean.j.christopherson, qemu-devel
Cc: Yang Weijiang, hao.wu
CET Shadow Stack(SHSTK) and Indirect Branch Tracking(IBT) are enumerated
via CPUID.(EAX=07H,ECX=0H):ECX[bit 7] and EDX[bit 20] respectively.
Two CET bits (bit 11 and 12) are defined in MSR_IA32_XSS for XSAVE.
They correspond to CET states in user and supervisor mode respectively.
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
target/i386/cpu.c | 18 ++++++++++++++++++
target/i386/cpu.h | 23 ++++++++++++++++++++++-
2 files changed, 40 insertions(+), 1 deletion(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 38eab02b3d..5496fd68d4 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1071,6 +1071,16 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
},
[FEAT_XSAVE_XSS_LO] = {
.type = CPUID_FEATURE_WORD,
+ .feat_names = {
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, "cet-u",
+ "cet-s", NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ NULL, NULL, NULL, NULL,
+ },
.cpuid = {
.eax = 0xD,
.needs_ecx = true,
@@ -1497,6 +1507,14 @@ static const ExtSaveArea x86_ext_save_areas[] = {
{ .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_PKU,
.offset = offsetof(X86XSaveArea, pkru_state),
.size = sizeof(XSavePKRU) },
+ [XSTATE_CET_U_BIT] = {
+ .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_CET_SHSTK,
+ .offset = 0,
+ .size = sizeof(XSavesCETU) },
+ [XSTATE_CET_S_BIT] = {
+ .feature = FEAT_7_0_ECX, .bits = CPUID_7_0_ECX_CET_SHSTK,
+ .offset = 0,
+ .size = sizeof(XSavesCETS) },
};
static uint32_t xsave_area_size(uint64_t mask)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 10bf4d8b51..d4563fa0e8 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -493,6 +493,8 @@ typedef enum X86Seg {
#define XSTATE_ZMM_Hi256_BIT 6
#define XSTATE_Hi16_ZMM_BIT 7
#define XSTATE_PKRU_BIT 9
+#define XSTATE_CET_U_BIT 11
+#define XSTATE_CET_S_BIT 12
#define XSTATE_FP_MASK (1ULL << XSTATE_FP_BIT)
#define XSTATE_SSE_MASK (1ULL << XSTATE_SSE_BIT)
@@ -503,6 +505,8 @@ typedef enum X86Seg {
#define XSTATE_ZMM_Hi256_MASK (1ULL << XSTATE_ZMM_Hi256_BIT)
#define XSTATE_Hi16_ZMM_MASK (1ULL << XSTATE_Hi16_ZMM_BIT)
#define XSTATE_PKRU_MASK (1ULL << XSTATE_PKRU_BIT)
+#define XSTATE_CET_U_MASK (1ULL << XSTATE_CET_U_BIT)
+#define XSTATE_CET_S_MASK (1ULL << XSTATE_CET_S_BIT)
/* CPUID feature bits available in XCR0 */
#define CPUID_XSTATE_XCR0_MASK (XSTATE_FP_MASK | XSTATE_SSE_MASK | \
@@ -512,7 +516,7 @@ typedef enum X86Seg {
XSTATE_Hi16_ZMM_MASK | XSTATE_PKRU_MASK)
/* CPUID feature bits available in XSS */
-#define CPUID_XSTATE_XSS_MASK 0
+#define CPUID_XSTATE_XSS_MASK (XSTATE_CET_U_MASK)
/* CPUID feature words */
typedef enum FeatureWord {
@@ -760,6 +764,8 @@ typedef uint64_t FeatureWordArray[FEATURE_WORDS];
#define CPUID_7_0_ECX_WAITPKG (1U << 5)
/* Additional AVX-512 Vector Byte Manipulation Instruction */
#define CPUID_7_0_ECX_AVX512_VBMI2 (1U << 6)
+/* CET SHSTK feature */
+#define CPUID_7_0_ECX_CET_SHSTK (1U << 7)
/* Galois Field New Instructions */
#define CPUID_7_0_ECX_GFNI (1U << 8)
/* Vector AES Instructions */
@@ -795,6 +801,8 @@ typedef uint64_t FeatureWordArray[FEATURE_WORDS];
#define CPUID_7_0_EDX_SERIALIZE (1U << 14)
/* TSX Suspend Load Address Tracking instruction */
#define CPUID_7_0_EDX_TSX_LDTRK (1U << 16)
+/* CET IBT feature */
+#define CPUID_7_0_EDX_CET_IBT (1U << 20)
/* Speculation Control */
#define CPUID_7_0_EDX_SPEC_CTRL (1U << 26)
/* Single Thread Indirect Branch Predictors */
@@ -1285,6 +1293,19 @@ typedef struct XSavePKRU {
uint32_t padding;
} XSavePKRU;
+/* Ext. save area 11: User mode CET state */
+typedef struct XSavesCETU {
+ uint64_t u_cet;
+ uint64_t user_ssp;
+} XSavesCETU;
+
+/* Ext. save area 12: Supervisor mode CET state */
+typedef struct XSavesCETS {
+ uint64_t kernel_ssp;
+ uint64_t pl1_ssp;
+ uint64_t pl2_ssp;
+} XSavesCETS;
+
typedef struct X86XSaveArea {
X86LegacyXSaveArea legacy;
X86XSaveHeader header;
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel][PATCH v6 4/6] x86/cpu: Add user-space MSR access interface for CET
2020-10-13 5:19 [Qemu-devel][PATCH v6 0/6] Enable CET support for guest Yang Weijiang
` (2 preceding siblings ...)
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 3/6] x86/cpu: Enable CET components support for XSAVE Yang Weijiang
@ 2020-10-13 5:19 ` Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 5/6] x86/cpu: Add CET state support for guest migration Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 6/6] x86/cpu: Advise CET bits in CPU/MSR feature words Yang Weijiang
5 siblings, 0 replies; 9+ messages in thread
From: Yang Weijiang @ 2020-10-13 5:19 UTC (permalink / raw)
To: pbonzini, mtosatti, rth, ehabkost, sean.j.christopherson, qemu-devel
Cc: Yang Weijiang, hao.wu
CET states are divided into user-mode and supervisor-mode states,
MSR_KVM_GUEST_SSP stores current SHSTK pointer in use, MSR_IA32_U_CET and
MSR_IA32_PL3_SSP are for user-mode states, others are for supervisor-mode
states. Expose the access according to current CET supported bits in CPUID
and XSS.
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
target/i386/cpu.h | 18 ++++++++++++
target/i386/kvm.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 91 insertions(+)
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index d4563fa0e8..9c0568672e 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -484,6 +484,15 @@ typedef enum X86Seg {
#define MSR_IA32_VMX_TRUE_ENTRY_CTLS 0x00000490
#define MSR_IA32_VMX_VMFUNC 0x00000491
+#define MSR_IA32_U_CET 0x6a0
+#define MSR_IA32_S_CET 0x6a2
+#define MSR_IA32_PL0_SSP 0x6a4
+#define MSR_IA32_PL1_SSP 0x6a5
+#define MSR_IA32_PL2_SSP 0x6a6
+#define MSR_IA32_PL3_SSP 0x6a7
+#define MSR_IA32_SSP_TBL 0x6a8
+#define MSR_KVM_GUEST_SSP 0x4b564d06
+
#define XSTATE_FP_BIT 0
#define XSTATE_SSE_BIT 1
#define XSTATE_YMM_BIT 2
@@ -1583,6 +1592,15 @@ typedef struct CPUX86State {
uintptr_t retaddr;
+ uint64_t u_cet;
+ uint64_t s_cet;
+ uint64_t pl0_ssp;
+ uint64_t pl1_ssp;
+ uint64_t pl2_ssp;
+ uint64_t pl3_ssp;
+ uint64_t ssp_tbl;
+ uint64_t guest_ssp;
+
/* Fields up to this point are cleared by a CPU reset */
struct {} end_reset_fields;
diff --git a/target/i386/kvm.c b/target/i386/kvm.c
index 6f18d940a5..3315d5dd4f 100644
--- a/target/i386/kvm.c
+++ b/target/i386/kvm.c
@@ -3001,6 +3001,31 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
}
}
+ if (((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) ||
+ (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT)) &&
+ (env->features[FEAT_XSAVE_XSS_LO] & XSTATE_CET_U_MASK)) {
+ kvm_msr_entry_add(cpu, MSR_IA32_U_CET, env->u_cet);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL3_SSP, env->pl3_ssp);
+ }
+
+ if (env->features[FEAT_XSAVE_XSS_LO] & XSTATE_CET_S_MASK) {
+ if (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) {
+ kvm_msr_entry_add(cpu, MSR_IA32_PL0_SSP, env->pl0_ssp);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL1_SSP, env->pl1_ssp);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL2_SSP, env->pl2_ssp);
+ kvm_msr_entry_add(cpu, MSR_IA32_SSP_TBL, env->ssp_tbl);
+ }
+
+ if (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT) {
+ kvm_msr_entry_add(cpu, MSR_IA32_S_CET, env->s_cet);
+ }
+ }
+
+ if ((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) &&
+ (env->features[FEAT_XSAVE_XSS_LO] & (XSTATE_CET_U_MASK |
+ XSTATE_CET_S_MASK)))
+ kvm_msr_entry_add(cpu, MSR_KVM_GUEST_SSP, env->guest_ssp);
+
return kvm_buf_set_msrs(cpu);
}
@@ -3317,6 +3342,30 @@ static int kvm_get_msrs(X86CPU *cpu)
}
}
+ if (((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) ||
+ (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT)) &&
+ (env->features[FEAT_XSAVE_XSS_LO] & XSTATE_CET_U_MASK)) {
+ kvm_msr_entry_add(cpu, MSR_IA32_U_CET, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL3_SSP, 0);
+ }
+
+ if (env->features[FEAT_XSAVE_XSS_LO] & XSTATE_CET_S_MASK) {
+ if (env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) {
+ kvm_msr_entry_add(cpu, MSR_IA32_PL0_SSP, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL1_SSP, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_PL2_SSP, 0);
+ kvm_msr_entry_add(cpu, MSR_IA32_SSP_TBL, 0);
+ }
+
+ if (env->features[FEAT_7_0_EDX] & CPUID_7_0_EDX_CET_IBT) {
+ kvm_msr_entry_add(cpu, MSR_IA32_S_CET, 0);
+ }
+ }
+ if ((env->features[FEAT_7_0_ECX] & CPUID_7_0_ECX_CET_SHSTK) &&
+ (env->features[FEAT_XSAVE_XSS_LO] & (XSTATE_CET_U_MASK |
+ XSTATE_CET_S_MASK)))
+ kvm_msr_entry_add(cpu, MSR_KVM_GUEST_SSP, 0);
+
ret = kvm_vcpu_ioctl(CPU(cpu), KVM_GET_MSRS, cpu->kvm_msr_buf);
if (ret < 0) {
return ret;
@@ -3600,6 +3649,30 @@ static int kvm_get_msrs(X86CPU *cpu)
case MSR_IA32_RTIT_ADDR0_A ... MSR_IA32_RTIT_ADDR3_B:
env->msr_rtit_addrs[index - MSR_IA32_RTIT_ADDR0_A] = msrs[i].data;
break;
+ case MSR_IA32_U_CET:
+ env->u_cet = msrs[i].data;
+ break;
+ case MSR_IA32_S_CET:
+ env->s_cet = msrs[i].data;
+ break;
+ case MSR_IA32_PL0_SSP:
+ env->pl0_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_PL1_SSP:
+ env->pl1_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_PL2_SSP:
+ env->pl2_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_PL3_SSP:
+ env->pl3_ssp = msrs[i].data;
+ break;
+ case MSR_IA32_SSP_TBL:
+ env->ssp_tbl = msrs[i].data;
+ break;
+ case MSR_KVM_GUEST_SSP:
+ env->guest_ssp = msrs[i].data;
+ break;
}
}
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel][PATCH v6 5/6] x86/cpu: Add CET state support for guest migration
2020-10-13 5:19 [Qemu-devel][PATCH v6 0/6] Enable CET support for guest Yang Weijiang
` (3 preceding siblings ...)
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 4/6] x86/cpu: Add user-space MSR access interface for CET Yang Weijiang
@ 2020-10-13 5:19 ` Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 6/6] x86/cpu: Advise CET bits in CPU/MSR feature words Yang Weijiang
5 siblings, 0 replies; 9+ messages in thread
From: Yang Weijiang @ 2020-10-13 5:19 UTC (permalink / raw)
To: pbonzini, mtosatti, rth, ehabkost, sean.j.christopherson, qemu-devel
Cc: Yang Weijiang, hao.wu
Save the MSRs being used on source machine and restore them
on destination machine.
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
target/i386/machine.c | 161 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 161 insertions(+)
diff --git a/target/i386/machine.c b/target/i386/machine.c
index b1acf7d0ef..fe4692eaa8 100644
--- a/target/i386/machine.c
+++ b/target/i386/machine.c
@@ -962,6 +962,159 @@ static const VMStateDescription vmstate_umwait = {
}
};
+static bool u_cet_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->u_cet != 0;
+}
+
+static const VMStateDescription vmstate_u_cet = {
+ .name = "cpu/u_cet",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = u_cet_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.u_cet, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool s_cet_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->s_cet != 0;
+}
+
+static const VMStateDescription vmstate_s_cet = {
+ .name = "cpu/s_cet",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = s_cet_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.s_cet, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool pl0_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl0_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl0_ssp = {
+ .name = "cpu/pl0_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl0_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl0_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool pl1_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl1_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl1_ssp = {
+ .name = "cpu/pl1_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl1_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl1_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool pl2_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl2_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl2_ssp = {
+ .name = "cpu/pl2_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl2_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl2_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+
+static bool pl3_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->pl3_ssp != 0;
+}
+
+static const VMStateDescription vmstate_pl3_ssp = {
+ .name = "cpu/pl3_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = pl3_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.pl3_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool ssp_tbl_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->ssp_tbl != 0;
+}
+
+static const VMStateDescription vmstate_ssp_tbl = {
+ .name = "cpu/ssp_tbl",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = ssp_tbl_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.ssp_tbl, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static bool guest_ssp_needed(void *opaque)
+{
+ X86CPU *cpu = opaque;
+ CPUX86State *env = &cpu->env;
+
+ return env->guest_ssp != 0;
+}
+
+static const VMStateDescription vmstate_guest_ssp = {
+ .name = "cpu/guest_ssp",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .needed = guest_ssp_needed,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT64(env.guest_ssp, X86CPU),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
#ifdef TARGET_X86_64
static bool pkru_needed(void *opaque)
{
@@ -1476,6 +1629,14 @@ VMStateDescription vmstate_x86_cpu = {
&vmstate_nested_state,
#endif
&vmstate_msr_tsx_ctrl,
+ &vmstate_u_cet,
+ &vmstate_s_cet,
+ &vmstate_pl0_ssp,
+ &vmstate_pl1_ssp,
+ &vmstate_pl2_ssp,
+ &vmstate_pl3_ssp,
+ &vmstate_ssp_tbl,
+ &vmstate_guest_ssp,
NULL
}
};
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [Qemu-devel][PATCH v6 6/6] x86/cpu: Advise CET bits in CPU/MSR feature words
2020-10-13 5:19 [Qemu-devel][PATCH v6 0/6] Enable CET support for guest Yang Weijiang
` (4 preceding siblings ...)
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 5/6] x86/cpu: Add CET state support for guest migration Yang Weijiang
@ 2020-10-13 5:19 ` Yang Weijiang
5 siblings, 0 replies; 9+ messages in thread
From: Yang Weijiang @ 2020-10-13 5:19 UTC (permalink / raw)
To: pbonzini, mtosatti, rth, ehabkost, sean.j.christopherson, qemu-devel
Cc: Yang Weijiang, hao.wu
CET SHSTK and IBT feature are enumerated via CPUID.(EAX=07H,ECX=0H):ECX[bit 7]
and EDX[bit 20]. CET state load/restore at vmentry/vmexit are enabled via
VMX_ENTRY_CTLS[bit 20] and VMX_EXIT_CTLS[bit 28].
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
---
target/i386/cpu.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 5496fd68d4..904bf1d4b6 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -965,7 +965,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
.type = CPUID_FEATURE_WORD,
.feat_names = {
NULL, "avx512vbmi", "umip", "pku",
- NULL /* ospke */, "waitpkg", "avx512vbmi2", NULL,
+ NULL /* ospke */, "waitpkg", "avx512vbmi2", "shstk",
"gfni", "vaes", "vpclmulqdq", "avx512vnni",
"avx512bitalg", NULL, "avx512-vpopcntdq", NULL,
"la57", NULL, NULL, NULL,
@@ -988,7 +988,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
"avx512-vp2intersect", NULL, "md-clear", NULL,
NULL, NULL, "serialize", NULL,
"tsx-ldtrk", NULL, NULL /* pconfig */, NULL,
- NULL, NULL, NULL, NULL,
+ "ibt", NULL, NULL, NULL,
NULL, NULL, "spec-ctrl", "stibp",
NULL, "arch-capabilities", "core-capability", "ssbd",
},
@@ -1250,7 +1250,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
"vmx-exit-save-efer", "vmx-exit-load-efer",
"vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
- NULL, NULL, NULL, NULL,
+ "vmx-exit-save-cet-ctl", NULL, NULL, NULL,
},
.msr = {
.index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
@@ -1265,7 +1265,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
NULL, "vmx-entry-ia32e-mode", NULL, NULL,
NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
"vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
- NULL, NULL, NULL, NULL,
+ "vmx-entry-load-cet-ctl", NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL,
},
--
2.26.2
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words.
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words Yang Weijiang
@ 2020-10-14 0:08 ` Sean Christopherson
2020-10-15 2:20 ` Yang Weijiang
0 siblings, 1 reply; 9+ messages in thread
From: Sean Christopherson @ 2020-10-14 0:08 UTC (permalink / raw)
To: Yang Weijiang; +Cc: ehabkost, mtosatti, qemu-devel, pbonzini, rth, hao.wu
On Tue, Oct 13, 2020 at 01:19:30PM +0800, Yang Weijiang wrote:
> With more components in XSS being developed on Intel platform,
> it's necessary to clean up existing XSAVE related feature words to
> make the name clearer. It's to prepare for adding CET related support
> in following patches.
>
> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
> ---
> target/i386/cpu.c | 60 ++++++++++++++++++++--------------------
> target/i386/cpu.h | 6 ++--
> target/i386/fpu_helper.c | 2 +-
> target/i386/translate.c | 2 +-
> 4 files changed, 35 insertions(+), 35 deletions(-)
>
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index 588f32e136..e2891740f1 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -1050,7 +1050,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> .tcg_features = 0,
> .unmigratable_flags = 0,
> },
> - [FEAT_XSAVE] = {
> + [FEAT_XSAVE_INSTRUCTION] = {
The COMP->XCRO change is great, but I don't think XSAVE->XSAVE_INSTRUCTION
makes sense. There is no guarantee the word will only be used for
instructions; it already blurs the line, e.g. XSAVEC also changes the behavior
of XRSTOR, and XSAVES also means the XSS MSR is available.
FWIW, I also don't find FEAT_XSAVE to be confusing.
> .type = CPUID_FEATURE_WORD,
> .feat_names = {
> "xsaveopt", "xsavec", "xgetbv1", "xsaves",
> @@ -1084,7 +1084,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> .cpuid = { .eax = 6, .reg = R_EAX, },
> .tcg_features = TCG_6_EAX_FEATURES,
> },
> - [FEAT_XSAVE_COMP_LO] = {
> + [FEAT_XSAVE_XCR0_LO] = {
> .type = CPUID_FEATURE_WORD,
> .cpuid = {
> .eax = 0xD,
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words.
2020-10-14 0:08 ` Sean Christopherson
@ 2020-10-15 2:20 ` Yang Weijiang
0 siblings, 0 replies; 9+ messages in thread
From: Yang Weijiang @ 2020-10-15 2:20 UTC (permalink / raw)
To: Sean Christopherson
Cc: ehabkost, mtosatti, qemu-devel, Yang Weijiang, pbonzini, hao.wu, rth
On Tue, Oct 13, 2020 at 05:08:54PM -0700, Sean Christopherson wrote:
> On Tue, Oct 13, 2020 at 01:19:30PM +0800, Yang Weijiang wrote:
> > With more components in XSS being developed on Intel platform,
> > it's necessary to clean up existing XSAVE related feature words to
> > make the name clearer. It's to prepare for adding CET related support
> > in following patches.
> >
> > Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
> > ---
> > target/i386/cpu.c | 60 ++++++++++++++++++++--------------------
> > target/i386/cpu.h | 6 ++--
> > target/i386/fpu_helper.c | 2 +-
> > target/i386/translate.c | 2 +-
> > 4 files changed, 35 insertions(+), 35 deletions(-)
> >
> > diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> > index 588f32e136..e2891740f1 100644
> > --- a/target/i386/cpu.c
> > +++ b/target/i386/cpu.c
> > @@ -1050,7 +1050,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> > .tcg_features = 0,
> > .unmigratable_flags = 0,
> > },
> > - [FEAT_XSAVE] = {
> > + [FEAT_XSAVE_INSTRUCTION] = {
>
> The COMP->XCRO change is great, but I don't think XSAVE->XSAVE_INSTRUCTION
> makes sense. There is no guarantee the word will only be used for
> instructions; it already blurs the line, e.g. XSAVEC also changes the behavior
> of XRSTOR, and XSAVES also means the XSS MSR is available.
>
> FWIW, I also don't find FEAT_XSAVE to be confusing.
>
Thanks for the feedback! I also found it's hard to rename it with a
precise one, just wanted to make all XSAVE related feature words more
specific. I'll revert it in next version.
> > .type = CPUID_FEATURE_WORD,
> > .feat_names = {
> > "xsaveopt", "xsavec", "xgetbv1", "xsaves",
> > @@ -1084,7 +1084,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
> > .cpuid = { .eax = 6, .reg = R_EAX, },
> > .tcg_features = TCG_6_EAX_FEATURES,
> > },
> > - [FEAT_XSAVE_COMP_LO] = {
> > + [FEAT_XSAVE_XCR0_LO] = {
> > .type = CPUID_FEATURE_WORD,
> > .cpuid = {
> > .eax = 0xD,
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-10-15 2:12 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-13 5:19 [Qemu-devel][PATCH v6 0/6] Enable CET support for guest Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 1/6] x86/cpu: Rename XSAVE related feature words Yang Weijiang
2020-10-14 0:08 ` Sean Christopherson
2020-10-15 2:20 ` Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 2/6] x86/cpuid: Enable XSS feature enumeration for CPUID Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 3/6] x86/cpu: Enable CET components support for XSAVE Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 4/6] x86/cpu: Add user-space MSR access interface for CET Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 5/6] x86/cpu: Add CET state support for guest migration Yang Weijiang
2020-10-13 5:19 ` [Qemu-devel][PATCH v6 6/6] x86/cpu: Advise CET bits in CPU/MSR feature words Yang Weijiang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.