From: Sean Christopherson <seanjc@google.com>
To: Aaron Lewis <aaronlewis@google.com>
Cc: kvm@vger.kernel.org, pbonzini@redhat.com, jmattson@google.com
Subject: Re: [PATCH v2 1/6] KVM: x86: Clear all supported MPX xfeatures if they are not all set
Date: Tue, 3 Jan 2023 18:46:03 +0000 [thread overview]
Message-ID: <Y7R36wsXn3JqwfEv@google.com> (raw)
In-Reply-To: <20221230162442.3781098-2-aaronlewis@google.com>
On Fri, Dec 30, 2022, Aaron Lewis wrote:
> Be a good citizen and don't allow any of the supported MPX xfeatures[1]
> to be set if they can't all be set. That way userspace or a guest
> doesn't fail if it attempts to set them in XCR0.
>
> [1] CPUID.(EAX=0DH,ECX=0):EAX.BNDREGS[bit-3]
> CPUID.(EAX=0DH,ECX=0):EAX.BNDCSR[bit-4]
>
> Suggested-by: Jim Mattson <jmattson@google.com>
> Signed-off-by: Aaron Lewis <aaronlewis@google.com>
> ---
> arch/x86/kvm/cpuid.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index c4e8257629165..2431c46d456b4 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -855,6 +855,16 @@ static int __do_cpuid_func_emulated(struct kvm_cpuid_array *array, u32 func)
> return 0;
> }
>
> +static u64 sanitize_xcr0(u64 xcr0)
> +{
> + u64 mask;
> +
> + mask = XFEATURE_MASK_BNDREGS | XFEATURE_MASK_BNDCSR;
> + if ((xcr0 & mask) != mask)
> + xcr0 &= ~mask;
> +
> + return xcr0;
> +}
> +
> static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
> {
> struct kvm_cpuid_entry2 *entry;
> @@ -982,6 +992,8 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
> u64 permitted_xcr0 = kvm_caps.supported_xcr0 & xstate_get_guest_group_perm();
> u64 permitted_xss = kvm_caps.supported_xss;
>
> + permitted_xcr0 = sanitize_xcr0(permitted_xcr0);
This isn't 100% correct, all usage needs to be sanitized so that KVM provides a
consistent view. E.g. KVM_CAP_XSAVE2 would report the wrong size.
case KVM_CAP_XSAVE2: {
u64 guest_perm = xstate_get_guest_group_perm();
r = xstate_required_size(kvm_caps.supported_xcr0 & guest_perm, false);
if (r < sizeof(struct kvm_xsave))
r = sizeof(struct kvm_xsave);
break;
}
Barring a kernel bug, xstate_get_guest_group_perm() will never report partial
support, so I think the easy solution is to sanitize kvm_caps.suport_xcr0.
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 2480b8027a45..7ea06c58eaf6 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -9344,6 +9344,10 @@ int kvm_arch_init(void *opaque)
if (boot_cpu_has(X86_FEATURE_XSAVE)) {
host_xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK);
kvm_caps.supported_xcr0 = host_xcr0 & KVM_SUPPORTED_XCR0;
+ if (!(kvm_caps.supported_xcr0 & XFEATURE_MASK_BNDREGS) ||
+ !(kvm_caps.supported_xcr0 & XFEATURE_MASK_BNDCSR))
+ kvm_caps.supported_xcr0 &= ~(XFEATURE_MASK_BNDREGS |
+ XFEATURE_MASK_BNDCSR);
}
if (pi_inject_timer == -1)
> +
> entry->eax &= permitted_xcr0;
> entry->ebx = xstate_required_size(permitted_xcr0, false);
> entry->ecx = entry->ebx;
> --
> 2.39.0.314.g84b9a713c41-goog
>
next prev parent reply other threads:[~2023-01-03 18:48 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-30 16:24 [PATCH v2 0/6] Clean up the supported xfeatures Aaron Lewis
2022-12-30 16:24 ` [PATCH v2 1/6] KVM: x86: Clear all supported MPX xfeatures if they are not all set Aaron Lewis
2023-01-02 15:03 ` Xiaoyao Li
2023-01-03 18:47 ` Sean Christopherson
2023-01-03 18:46 ` Sean Christopherson [this message]
2023-01-10 14:49 ` Aaron Lewis
2023-01-10 18:32 ` Chang S. Bae
2023-01-12 18:21 ` Mingwei Zhang
2023-01-12 18:44 ` Chang S. Bae
2023-01-12 19:17 ` Mingwei Zhang
2023-01-12 20:31 ` Chang S. Bae
2023-01-12 21:21 ` Mingwei Zhang
2023-01-12 21:33 ` Chang S. Bae
2023-01-13 0:25 ` Mingwei Zhang
2023-01-13 14:43 ` Aaron Lewis
2023-01-17 20:32 ` Chang S. Bae
2023-01-17 22:39 ` Mingwei Zhang
2023-01-18 0:34 ` Chang S. Bae
2022-12-30 16:24 ` [PATCH v2 2/6] KVM: x86: Clear all supported AVX-512 " Aaron Lewis
2023-01-04 16:33 ` Sean Christopherson
2023-01-04 16:39 ` Sean Christopherson
2022-12-30 16:24 ` [PATCH v2 3/6] KVM: x86: Clear all supported AMX " Aaron Lewis
2022-12-30 16:24 ` [PATCH v2 4/6] KVM: selftests: Hoist XGETBV and XSETBV to make them more accessible Aaron Lewis
2022-12-30 16:24 ` [PATCH v2 5/6] KVM: selftests: Add XFEATURE masks to common code Aaron Lewis
2023-01-04 16:43 ` Sean Christopherson
2022-12-30 16:24 ` [PATCH v2 6/6] KVM: selftests: Add XCR0 Test Aaron Lewis
2023-01-04 17:13 ` Sean Christopherson
2023-01-05 22:46 ` Aaron Lewis
2023-01-05 23:10 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y7R36wsXn3JqwfEv@google.com \
--to=seanjc@google.com \
--cc=aaronlewis@google.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.