All of lore.kernel.org
 help / color / mirror / Atom feed
From: Mihai Carabas <mihai.carabas@oracle.com>
To: Jim Mattson <jmattson@google.com>
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
	LKML <linux-kernel@vger.kernel.org>,
	"kvm list" <kvm@vger.kernel.org>,
	"Radim Krčmář" <rkrcmar@redhat.com>,
	"Liran Alon" <liran.alon@oracle.com>,
	"Anthony Liguori" <aliguori@amazon.com>,
	"Tom Lendacky" <thomas.lendacky@amd.com>,
	"David Woodhouse" <dwmw@amazon.co.uk>,
	"Borislav Petkov" <bp@alien8.de>,
	"the arch/x86 maintainers" <x86@kernel.org>,
	"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>
Subject: Re: [9/8] KVM: x86: limit MSR_IA32_SPEC_CTRL access based on CPUID availability
Date: Tue, 30 Jan 2018 18:43:35 +0200	[thread overview]
Message-ID: <beb9f9b4-7bc0-4a3a-73c2-0828febbd06c@oracle.com> (raw)
In-Reply-To: <CALMp9eSVC=LO-SrPkA3m6eSpgJ6X4rNCRCf3uvtJEdMG_B72cQ@mail.gmail.com>

On 30.01.2018 18:33, Jim Mattson wrote:
> All MSR intercepts are enabled by default, so I don't think this patch
> does anything at all, unless I'm missing some context.
> 

Currently on upstream some MSR are intercepted: 
https://github.com/torvalds/linux/blob/master/arch/x86/kvm/vmx.c#L6838

In particular to this patch, the MSR_IA32_SPEC_CTRL intercept is 
disabled in 3/8: https://patchwork.kernel.org/patch/10151889/


> On Tue, Jan 30, 2018 at 5:21 AM, Mihai Carabas <mihai.carabas@oracle.com> wrote:
>> Hello Paolo,
>>
>> I've back ported this patch on 4.1, after adding the per-vcpu MSR bitmap.
>> Also enabled the SPEC_CTRL_MSR intercept if qemu instructed so [1].
>>
>> Reviewed-by: Mihai Carabas <mihai.carabas@oracle.com>
>>
>> [1]
>> +++ b/arch/x86/kvm/vmx.c
>> @@ -8391,6 +8391,16 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm
>> *kvm, unsigned int id)
>>          vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_PRED_CMD,
>> MSR_TYPE_R | MSR_TYPE_W);
>>          vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_BNDCFGS,
>> MSR_TYPE_R | MSR_TYPE_W);
>>
>> +       /*
>> +        * If the physical CPU or the vCPU of this VM doesn't
>> +        * support SPEC_CTRL feature, catch each access to it.
>> +        */
>> +       if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) ||
>> +            !guest_cpuid_has_spec_ctrl(&vmx->vcpu))
>> +               vmx_enable_intercept_for_msr(
>> +                       msr_bitmap,
>> +                       MSR_IA32_SPEC_CTRL,
>> +                       MSR_TYPE_R | MSR_TYPE_W);
>>
>>          /*
>>           * If PML is turned on, failure on enabling PML just results in
>> failure
>>
>>
>>
>> On 09.01.2018 14:03, Paolo Bonzini wrote:
>>>
>>> MSR_IA32_SPEC_CTRL is not available unless CPU[7,0].EDX[26] is 1.
>>> Check that against host CPUID or guest CPUID, respectively for
>>> host-initiated and guest-initiated accesses.
>>>
>>> Suggested-by: Jim Mattson <jmattson@google.com>
>>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>>> ---
>>>          This is for after X86_FEATURE_SPEC_CTRL is added to Linux, but
>>>          I still wanted to ack Jim's improvement.
>>>
>>>    arch/x86/kvm/svm.c | 8 ++++++++
>>>    arch/x86/kvm/vmx.c | 8 ++++++++
>>>    2 files changed, 16 insertions(+)
>>>
>>> diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
>>> index 97126c2bd663..3a646580d7c5 100644
>>> --- a/arch/x86/kvm/svm.c
>>> +++ b/arch/x86/kvm/svm.c
>>> @@ -3648,6 +3648,10 @@ static int svm_get_msr(struct kvm_vcpu *vcpu,
>>> struct msr_data *msr_info)
>>>                  msr_info->data = svm->nested.vm_cr_msr;
>>>                  break;
>>>          case MSR_IA32_SPEC_CTRL:
>>> +               if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) ||
>>> +                   (!msr_info->host_initiated &&
>>> +                            !guest_cpuid_has(vcpu,
>>> X86_FEATURE_SPEC_CTRL)))
>>> +                       return 1;
>>>                  msr_info->data = svm->spec_ctrl;
>>>                  break;
>>>          case MSR_IA32_UCODE_REV:
>>> @@ -3806,6 +3810,10 @@ static int svm_set_msr(struct kvm_vcpu *vcpu,
>>> struct msr_data *msr)
>>>                  vcpu_unimpl(vcpu, "unimplemented wrmsr: 0x%x data
>>> 0x%llx\n", ecx, data);
>>>                  break;
>>>          case MSR_IA32_SPEC_CTRL:
>>> +               if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) ||
>>> +                   (!msr_info->host_initiated &&
>>> +                            !guest_cpuid_has(vcpu,
>>> X86_FEATURE_SPEC_CTRL)))
>>> +                       return 1;
>>>                  svm->spec_ctrl = data;
>>>                  break;
>>>          case MSR_IA32_APICBASE:
>>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>>> index 49b4a2d61603..42bc7ee293e4 100644
>>> --- a/arch/x86/kvm/vmx.c
>>> +++ b/arch/x86/kvm/vmx.c
>>> @@ -3368,6 +3368,10 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu,
>>> struct msr_data *msr_info)
>>>                  msr_info->data = guest_read_tsc(vcpu);
>>>                  break;
>>>          case MSR_IA32_SPEC_CTRL:
>>> +               if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) ||
>>> +                   (!msr_info->host_initiated &&
>>> +                    !guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL)))
>>> +                       return 1;
>>>                  msr_info->data = to_vmx(vcpu)->spec_ctrl;
>>>                  break;
>>>          case MSR_IA32_SYSENTER_CS:
>>> @@ -3510,6 +3514,10 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu,
>>> struct msr_data *msr_info)
>>>                  kvm_write_tsc(vcpu, msr_info);
>>>                  break;
>>>          case MSR_IA32_SPEC_CTRL:
>>> +               if (!static_cpu_has(X86_FEATURE_SPEC_CTRL) ||
>>> +                   (!msr_info->host_initiated &&
>>> +                    !guest_cpuid_has(vcpu, X86_FEATURE_SPEC_CTRL)))
>>> +                       return 1;
>>>                  to_vmx(vcpu)->spec_ctrl = data;
>>>                  break;
>>>          case MSR_IA32_CR_PAT:
>>>
>>

  reply	other threads:[~2018-01-30 16:44 UTC|newest]

Thread overview: 46+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-01-09 12:03 [PATCH v2 0/8] KVM: x86: expose CVE-2017-5715 ("Spectre variant 2") mitigations to guest Paolo Bonzini
2018-01-09 12:03 ` [PATCH 1/8] KVM: x86: add SPEC_CTRL and IBPB_SUPPORT accessors Paolo Bonzini
2018-01-15  9:42   ` David Hildenbrand
2018-01-09 12:03 ` [PATCH 2/8] x86/msr: add definitions for indirect branch predictor MSRs Paolo Bonzini
2018-01-09 12:03 ` [PATCH 3/8] kvm: vmx: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to the guest Paolo Bonzini
2018-01-13 10:16   ` Longpeng (Mike)
2018-01-15  9:23     ` Paolo Bonzini
2018-01-15  9:34       ` Thomas Gleixner
     [not found]   ` <1515839272.22302.520.camel@amazon.co.uk>
2018-01-15  9:23     ` Paolo Bonzini
2018-01-09 12:03 ` [PATCH 4/8] kvm: vmx: Set IBPB when running a different VCPU Paolo Bonzini
2018-01-12  1:49   ` Wanpeng Li
2018-01-12 17:03     ` Jim Mattson
2018-01-13  9:29       ` Woodhouse, David
2018-01-15  9:21         ` Paolo Bonzini
2018-01-09 12:03 ` [PATCH 5/8] KVM: SVM: fix comment Paolo Bonzini
2018-01-15  9:53   ` David Hildenbrand
2018-01-09 12:03 ` [PATCH 6/8] kvm: svm: pass MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD down to guest Paolo Bonzini
2018-01-09 14:22   ` Konrad Rzeszutek Wilk
2018-01-09 16:05     ` Paolo Bonzini
2018-01-09 16:08     ` Paolo Bonzini
2018-01-11 10:45       ` Wanpeng Li
2018-01-10 20:13   ` Tom Lendacky
2018-01-11 10:33     ` Paolo Bonzini
2018-01-09 12:03 ` [PATCH 7/8] x86/svm: Set IBPB when running a different VCPU Paolo Bonzini
2018-01-09 14:23   ` Konrad Rzeszutek Wilk
2018-01-09 12:03 ` [PATCH 8/8] KVM: x86: add SPEC_CTRL and IBPB_SUPPORT to MSR and CPUID lists Paolo Bonzini
2018-01-13  1:25   ` Eric Wheeler
2018-01-13  8:00     ` Paolo Bonzini
2018-01-16  0:40       ` Eric Wheeler
2018-01-16  7:39         ` R: " Paolo Bonzini
2018-01-09 12:03 ` [PATCH 9/8] KVM: x86: limit MSR_IA32_SPEC_CTRL access based on CPUID availability Paolo Bonzini
2018-01-16  0:55   ` Eric Wheeler
2018-01-16 12:59     ` Paolo Bonzini
2018-01-30 13:21   ` [9/8] " Mihai Carabas
2018-01-30 16:33     ` Jim Mattson
2018-01-30 16:43       ` Mihai Carabas [this message]
2018-01-30 16:57         ` Jim Mattson
2018-01-30 17:14           ` David Woodhouse
2018-01-30 17:38             ` Jim Mattson
2018-01-30 17:45             ` Thomas Gleixner
2018-01-30 23:11               ` Paolo Bonzini
2018-01-30 23:47                 ` David Woodhouse
2018-01-31  1:06                   ` Paolo Bonzini
2018-02-05 11:10                 ` Ingo Molnar
2018-02-05 11:15                   ` David Woodhouse
2018-02-05 12:10                     ` Ingo Molnar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=beb9f9b4-7bc0-4a3a-73c2-0828febbd06c@oracle.com \
    --to=mihai.carabas@oracle.com \
    --cc=aliguori@amazon.com \
    --cc=bp@alien8.de \
    --cc=dwmw@amazon.co.uk \
    --cc=jmattson@google.com \
    --cc=konrad.wilk@oracle.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=liran.alon@oracle.com \
    --cc=pbonzini@redhat.com \
    --cc=rkrcmar@redhat.com \
    --cc=thomas.lendacky@amd.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.