From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mx3-rdu2.redhat.com ([66.187.233.73] helo=mx1.redhat.com) by Galois.linutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1fJIF1-0007X5-U6 for speck@linutronix.de; Thu, 17 May 2018 14:42:44 +0200 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7946177060 for ; Thu, 17 May 2018 12:42:36 +0000 (UTC) Received: from [10.36.118.13] (unknown [10.36.118.13]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E45BB83B75 for ; Thu, 17 May 2018 12:42:35 +0000 (UTC) Subject: [MODERATED] Re: [patch 15/15] SSB updates V17 15 References: <20180516135132.687640705@linutronix.de> <20180516135210.593218929@linutronix.de> <20180517021849.GK10272@char.us.oracle.com> From: Paolo Bonzini Message-ID: <23c60d02-e47c-39c8-0b8c-dd4a72e99159@redhat.com> Date: Thu, 17 May 2018 14:42:30 +0200 MIME-Version: 1.0 In-Reply-To: <20180517021849.GK10272@char.us.oracle.com> Content-Type: multipart/mixed; boundary="6LunRLR1XAJ8ewKMajqTKEiwESBRSYPJt"; protected-headers="v1" To: speck@linutronix.de List-ID: This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156) --6LunRLR1XAJ8ewKMajqTKEiwESBRSYPJt Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 17/05/2018 04:18, speck for Konrad Rzeszutek Wilk wrote: >> @@ -4251,6 +4258,16 @@ static int svm_set_msr(struct kvm_vcpu * >> break; >> set_msr_interception(svm->msrpm, MSR_IA32_PRED_CMD, 0, 1); >> break; >> + case MSR_AMD64_VIRT_SPEC_CTRL: >> + if (!msr->host_initiated && >> + !guest_cpuid_has(vcpu, X86_FEATURE_VIRT_SSBD)) >> + return 1; >> + >> + if (data & ~SPEC_CTRL_SSBD) >> + return 1; >> + >> + svm->virt_spec_ctrl =3D data; >=20 > You need to save virt_spec_ctrl content for migration purposes. >=20 > It was introduced in "x86/bugs, KVM: Extend speculation control for VIR= T_SPEC_CTRL" > but not actually used so this patch is probably the best place to defin= e it. >=20 > That is add this MSR in the 'msrs_to_save' or perhaps 'emulated_msrs'? It's emulated_msrs since the MSR doesn't exist on bare metal. But it als= o doesn't exist on Intel, so: diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_h= ost.h index 949c977bc4c9..8a5d0fdb1d9a 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -924,7 +924,7 @@ struct kvm_x86_ops { int (*hardware_setup)(void); /* __init */ void (*hardware_unsetup)(void); /* __exit */ bool (*cpu_has_accelerated_tpr)(void); - bool (*cpu_has_high_real_mode_segbase)(void); + bool (*has_emulated_msr)(int index); void (*cpuid_update)(struct kvm_vcpu *vcpu); =20 struct kvm *(*vm_alloc)(void); diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index b58787daf9f8..5a2724c80ca6 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -5782,7 +5782,7 @@ static bool svm_cpu_has_accelerated_tpr(void) return false; } =20 -static bool svm_has_high_real_mode_segbase(void) +static bool svm_has_emulated_msr(int index) { return true; } @@ -7008,7 +7008,7 @@ static struct kvm_x86_ops svm_x86_ops __ro_after_in= it =3D { .hardware_enable =3D svm_hardware_enable, .hardware_disable =3D svm_hardware_disable, .cpu_has_accelerated_tpr =3D svm_cpu_has_accelerated_tpr, - .cpu_has_high_real_mode_segbase =3D svm_has_high_real_mode_segbase, + .has_emulated_msr =3D svm_has_emulated_msr, =20 .vcpu_create =3D svm_create_vcpu, .vcpu_free =3D svm_free_vcpu, diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index aafcc9881e88..ec1da2f44a75 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -9495,9 +9495,21 @@ static void vmx_handle_external_intr(struct kvm_vc= pu *vcpu) } STACK_FRAME_NON_STANDARD(vmx_handle_external_intr); =20 -static bool vmx_has_high_real_mode_segbase(void) +static bool vmx_has_emulated_msr(int index) { - return enable_unrestricted_guest || emulate_invalid_guest_state; + switch (index) { + case MSR_IA32_SMBASE: + /* + * We cannot do SMM unless we can run the guest in big + * real mode. + */ + return enable_unrestricted_guest || emulate_invalid_guest_state; + case MSR_AMD64_VIRT_SPEC_CTRL: + /* This is AMD only. */ + return false; + default: + return true; + } } =20 static bool vmx_mpx_supported(void) @@ -12622,7 +12634,7 @@ static struct kvm_x86_ops vmx_x86_ops __ro_after_= init =3D { .hardware_enable =3D hardware_enable, .hardware_disable =3D hardware_disable, .cpu_has_accelerated_tpr =3D report_flexpriority, - .cpu_has_high_real_mode_segbase =3D vmx_has_high_real_mode_segbase, + .has_emulated_msr =3D vmx_has_emulated_msr, =20 .vm_init =3D vmx_vm_init, .vm_alloc =3D vmx_vm_alloc, diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index b2ff74b12ec4..6a9c640e7c4f 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1058,6 +1058,7 @@ static u32 emulated_msrs[] =3D { MSR_SMI_COUNT, MSR_PLATFORM_INFO, MSR_MISC_FEATURES_ENABLES, + MSR_AMD64_VIRT_SPEC_CTRL, }; =20 static unsigned num_emulated_msrs; @@ -2894,7 +2895,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, l= ong ext) * fringe case that is not enabled except via specific settings * of the module parameters. */ - r =3D kvm_x86_ops->cpu_has_high_real_mode_segbase(); + r =3D kvm_x86_ops->has_emulated_msr(MSR_IA32_SMBASE); break; case KVM_CAP_VAPIC: r =3D !kvm_x86_ops->cpu_has_accelerated_tpr(); @@ -4594,14 +4595,8 @@ static void kvm_init_msr_list(void) num_msrs_to_save =3D j; =20 for (i =3D j =3D 0; i < ARRAY_SIZE(emulated_msrs); i++) { - switch (emulated_msrs[i]) { - case MSR_IA32_SMBASE: - if (!kvm_x86_ops->cpu_has_high_real_mode_segbase()) - continue; - break; - default: - break; - } + if (!kvm_x86_ops->has_emulated_msr(emulated_msrs[i])) + continue; =20 if (j < i) emulated_msrs[j] =3D emulated_msrs[i]; --6LunRLR1XAJ8ewKMajqTKEiwESBRSYPJt--