All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 0/2] Remaining work for PKS Implementation
@ 2021-02-05  8:33 Chenyi Qiang
  2021-02-05  8:33 ` [PATCH 1/2] target/i386: Add support for save/load IA32_PKRS MSR Chenyi Qiang
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Chenyi Qiang @ 2021-02-05  8:33 UTC (permalink / raw)
  To: Paolo Bonzini, Richard Henderson, Eduardo Habkost, Xiaoyao Li; +Cc: qemu-devel

Protection Keys for Supervisor Pages (PKS) is a feature that extends the
Protection Keys architecture to support thread-specific permission
restrictions on superviosr pages, which works similar to an existing
feature named PKU (protecting user-mode pages).

Thanks Paolo to send out the PKS QEMU implemention at:
https://lore.kernel.org/qemu-devel/20210127093540.472624-1-pbonzini@redhat.com/

This patch series is just to add the remaining part, i.e. the support
for save/load PKRS and expose the vmx entry/exit load controls to guest.

Chenyi Qiang (2):
  target/i386: Add support for save/load IA32_PKRS MSR
  target/i386: Expose VMX entry/exit load pkrs control bits

 target/i386/cpu.c     |  4 ++--
 target/i386/cpu.h     |  2 ++
 target/i386/kvm/kvm.c | 13 +++++++++++++
 3 files changed, 17 insertions(+), 2 deletions(-)

-- 
2.17.1



^ permalink raw reply	[flat|nested] 4+ messages in thread
* [PATCH 1/2] target/i386: Add support for save/load IA32_PKRS MSR
  2021-02-05  8:33 [PATCH 0/2] Remaining work for PKS Implementation Chenyi Qiang
@ 2021-02-05  8:33 ` Chenyi Qiang
  2021-02-05  8:33 ` [PATCH 2/2] target/i386: Expose VMX entry/exit load pkrs control bits Chenyi Qiang
  2021-02-05 10:56 ` [PATCH 0/2] Remaining work for PKS Implementation Paolo Bonzini
  2 siblings, 0 replies; 4+ messages in thread
From: Chenyi Qiang @ 2021-02-05  8:33 UTC (permalink / raw)
  To: Paolo Bonzini, Richard Henderson, Eduardo Habkost, Xiaoyao Li; +Cc: qemu-devel

PKS introduces MSR IA32_PKRS(0x6e1) to manage the supervisor protection
key rights. Page access and writes can be managed via the MSR update
without TLB flushes when permissions change.

Add the support to save/load IA32_PKRS MSR in guest.

Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
---
 target/i386/kvm/kvm.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index 6dc1ee052d..1aa4b8ca51 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -112,6 +112,7 @@ static bool has_msr_vmx_vmfunc;
 static bool has_msr_ucode_rev;
 static bool has_msr_vmx_procbased_ctls2;
 static bool has_msr_perf_capabs;
+static bool has_msr_pkrs;
 
 static uint32_t has_architectural_pmu_version;
 static uint32_t num_architectural_pmu_gp_counters;
@@ -2086,6 +2087,9 @@ static int kvm_get_supported_msrs(KVMState *s)
             case MSR_IA32_VMX_PROCBASED_CTLS2:
                 has_msr_vmx_procbased_ctls2 = true;
                 break;
+            case MSR_IA32_PKRS:
+                has_msr_pkrs = true;
+                break;
             }
         }
     }
@@ -2794,6 +2798,9 @@ static int kvm_put_msrs(X86CPU *cpu, int level)
     if (has_msr_smi_count) {
         kvm_msr_entry_add(cpu, MSR_SMI_COUNT, env->msr_smi_count);
     }
+    if (has_msr_pkrs) {
+        kvm_msr_entry_add(cpu, MSR_IA32_PKRS, env->pkrs);
+    }
     if (has_msr_bndcfgs) {
         kvm_msr_entry_add(cpu, MSR_IA32_BNDCFGS, env->msr_bndcfgs);
     }
@@ -3185,6 +3192,9 @@ static int kvm_get_msrs(X86CPU *cpu)
     if (has_msr_feature_control) {
         kvm_msr_entry_add(cpu, MSR_IA32_FEATURE_CONTROL, 0);
     }
+    if (has_msr_pkrs) {
+        kvm_msr_entry_add(cpu, MSR_IA32_PKRS, 0);
+    }
     if (has_msr_bndcfgs) {
         kvm_msr_entry_add(cpu, MSR_IA32_BNDCFGS, 0);
     }
@@ -3455,6 +3465,9 @@ static int kvm_get_msrs(X86CPU *cpu)
         case MSR_IA32_UMWAIT_CONTROL:
             env->umwait = msrs[i].data;
             break;
+        case MSR_IA32_PKRS:
+            env->pkrs = msrs[i].data;
+            break;
         default:
             if (msrs[i].index >= MSR_MC0_CTL &&
                 msrs[i].index < MSR_MC0_CTL + (env->mcg_cap & 0xff) * 4) {
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH 2/2] target/i386: Expose VMX entry/exit load pkrs control bits
  2021-02-05  8:33 [PATCH 0/2] Remaining work for PKS Implementation Chenyi Qiang
  2021-02-05  8:33 ` [PATCH 1/2] target/i386: Add support for save/load IA32_PKRS MSR Chenyi Qiang
@ 2021-02-05  8:33 ` Chenyi Qiang
  2021-02-05 10:56 ` [PATCH 0/2] Remaining work for PKS Implementation Paolo Bonzini
  2 siblings, 0 replies; 4+ messages in thread
From: Chenyi Qiang @ 2021-02-05  8:33 UTC (permalink / raw)
  To: Paolo Bonzini, Richard Henderson, Eduardo Habkost, Xiaoyao Li; +Cc: qemu-devel

Expose the VMX exit/entry load pkrs control bits in
VMX_TRUE_EXIT_CTLS/VMX_TRUE_ENTRY_CTLS MSRs to guest, which supports the
PKS in nested VM.

Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
---
 target/i386/cpu.c | 4 ++--
 target/i386/cpu.h | 2 ++
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 21136c61a8..0de67bbbb2 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -1215,7 +1215,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
             "vmx-exit-save-efer", "vmx-exit-load-efer",
                 "vmx-exit-save-preemption-timer", "vmx-exit-clear-bndcfgs",
             NULL, "vmx-exit-clear-rtit-ctl", NULL, NULL,
-            NULL, NULL, NULL, NULL,
+            NULL, "vmx-exit-load-pkrs", NULL, NULL,
         },
         .msr = {
             .index = MSR_IA32_VMX_TRUE_EXIT_CTLS,
@@ -1230,7 +1230,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = {
             NULL, "vmx-entry-ia32e-mode", NULL, NULL,
             NULL, "vmx-entry-load-perf-global-ctrl", "vmx-entry-load-pat", "vmx-entry-load-efer",
             "vmx-entry-load-bndcfgs", NULL, "vmx-entry-load-rtit-ctl", NULL,
-            NULL, NULL, NULL, NULL,
+            NULL, NULL, "vmx-entry-load-pkrs", NULL,
             NULL, NULL, NULL, NULL,
             NULL, NULL, NULL, NULL,
         },
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index d7f3ef99d1..fbf65db4db 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -969,6 +969,7 @@ typedef uint64_t FeatureWordArray[FEATURE_WORDS];
 #define VMX_VM_EXIT_CLEAR_BNDCFGS                   0x00800000
 #define VMX_VM_EXIT_PT_CONCEAL_PIP                  0x01000000
 #define VMX_VM_EXIT_CLEAR_IA32_RTIT_CTL             0x02000000
+#define VMX_VM_EXIT_LOAD_IA32_PKRS                  0x20000000
 
 #define VMX_VM_ENTRY_LOAD_DEBUG_CONTROLS            0x00000004
 #define VMX_VM_ENTRY_IA32E_MODE                     0x00000200
@@ -980,6 +981,7 @@ typedef uint64_t FeatureWordArray[FEATURE_WORDS];
 #define VMX_VM_ENTRY_LOAD_BNDCFGS                   0x00010000
 #define VMX_VM_ENTRY_PT_CONCEAL_PIP                 0x00020000
 #define VMX_VM_ENTRY_LOAD_IA32_RTIT_CTL             0x00040000
+#define VMX_VM_ENTRY_LOAD_IA32_PKRS                 0x00400000
 
 /* Supported Hyper-V Enlightenments */
 #define HYPERV_FEAT_RELAXED             0
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] Remaining work for PKS Implementation
  2021-02-05  8:33 [PATCH 0/2] Remaining work for PKS Implementation Chenyi Qiang
  2021-02-05  8:33 ` [PATCH 1/2] target/i386: Add support for save/load IA32_PKRS MSR Chenyi Qiang
  2021-02-05  8:33 ` [PATCH 2/2] target/i386: Expose VMX entry/exit load pkrs control bits Chenyi Qiang
@ 2021-02-05 10:56 ` Paolo Bonzini
  2 siblings, 0 replies; 4+ messages in thread
From: Paolo Bonzini @ 2021-02-05 10:56 UTC (permalink / raw)
  To: Chenyi Qiang, Richard Henderson, Eduardo Habkost, Xiaoyao Li; +Cc: qemu-devel

On 05/02/21 09:33, Chenyi Qiang wrote:
> Protection Keys for Supervisor Pages (PKS) is a feature that extends the
> Protection Keys architecture to support thread-specific permission
> restrictions on superviosr pages, which works similar to an existing
> feature named PKU (protecting user-mode pages).
> 
> Thanks Paolo to send out the PKS QEMU implemention at:
> https://lore.kernel.org/qemu-devel/20210127093540.472624-1-pbonzini@redhat.com/
> 
> This patch series is just to add the remaining part, i.e. the support
> for save/load PKRS and expose the vmx entry/exit load controls to guest.
> 
> Chenyi Qiang (2):
>    target/i386: Add support for save/load IA32_PKRS MSR
>    target/i386: Expose VMX entry/exit load pkrs control bits
> 
>   target/i386/cpu.c     |  4 ++--
>   target/i386/cpu.h     |  2 ++
>   target/i386/kvm/kvm.c | 13 +++++++++++++
>   3 files changed, 17 insertions(+), 2 deletions(-)
> 

Queued, thanks.

Paolo



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-02-05 10:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-05  8:33 [PATCH 0/2] Remaining work for PKS Implementation Chenyi Qiang
2021-02-05  8:33 ` [PATCH 1/2] target/i386: Add support for save/load IA32_PKRS MSR Chenyi Qiang
2021-02-05  8:33 ` [PATCH 2/2] target/i386: Expose VMX entry/exit load pkrs control bits Chenyi Qiang
2021-02-05 10:56 ` [PATCH 0/2] Remaining work for PKS Implementation Paolo Bonzini

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.