From: Alexander Graf <graf@amazon.com>
To: Aaron Lewis <aaronlewis@google.com>
Cc: Jim Mattson <jmattson@google.com>, kvm list <kvm@vger.kernel.org>
Subject: Re: [PATCH v3 07/12] KVM: x86: Ensure the MSR bitmap never clears userspace tracked MSRs
Date: Fri, 21 Aug 2020 00:04:09 +0200 [thread overview]
Message-ID: <d75a3862-d4f4-e057-5d45-9edcb3f9b696@amazon.com> (raw)
In-Reply-To: <CAAAPnDFEKOQjTKcmkFjP6hr6dgmR-61NL_W9=7Fs0THdOOJ7+Q@mail.gmail.com>
On 20.08.20 02:18, Aaron Lewis wrote:
>
> On Wed, Aug 19, 2020 at 8:26 AM Alexander Graf <graf@amazon.com> wrote:
>>
>>
>>
>> On 18.08.20 23:15, Aaron Lewis wrote:
>>>
>>> SDM volume 3: 24.6.9 "MSR-Bitmap Address" and APM volume 2: 15.11 "MS
>>> intercepts" describe MSR permission bitmaps. Permission bitmaps are
>>> used to control whether an execution of rdmsr or wrmsr will cause a
>>> vm exit. For userspace tracked MSRs it is required they cause a vm
>>> exit, so the host is able to forward the MSR to userspace. This change
>>> adds vmx/svm support to ensure the permission bitmap is properly set to
>>> cause a vm_exit to the host when rdmsr or wrmsr is used by one of the
>>> userspace tracked MSRs. Also, to avoid repeatedly setting them,
>>> kvm_make_request() is used to coalesce these into a single call.
>>>
>>> Signed-off-by: Aaron Lewis <aaronlewis@google.com>
>>> Reviewed-by: Oliver Upton <oupton@google.com>
>>
>> This is incomplete, as it doesn't cover all of the x2apic registers.
>> There are also a few MSRs that IIRC are handled differently from this
>> logic, such as EFER.
>>
>> I'm really curious if this is worth the effort? I would be inclined to
>> say that MSRs that KVM has direct access for need special handling one
>> way or another.
>>
>
> Can you please elaborate on this? It was my understanding that the
> permission bitmap covers the x2apic registers. Also, I’m not sure how
So x2apic MSR passthrough is configured specially:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/x86/kvm/vmx/vmx.c#n3796
and I think not handled by this patch?
> EFER is handled differently, but I see there is a separate
> conversation on that.
EFER is a really special beast in VT.
> This effort does seem worthwhile as it ensures userspace is able to
> manage the MSRs it is requesting, and will remain that way in the
> future.
I couldn't see why any of the passthrough MSRs are relevant to user
space, but I tend to agree that it makes everything more consistent.
Alex
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
next prev parent reply other threads:[~2020-08-20 22:04 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-18 21:15 [PATCH v3 00/12] Allow userspace to manage MSRs Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 01/12] KVM: x86: Deflect unknown MSR accesses to user space Aaron Lewis
2020-08-19 8:42 ` Alexander Graf
2020-08-18 21:15 ` [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation Aaron Lewis
2020-08-19 8:53 ` Alexander Graf
2020-08-31 10:39 ` Dan Carpenter
2020-08-31 10:39 ` Dan Carpenter
2020-08-31 10:39 ` Dan Carpenter
2020-09-01 19:13 ` Alexander Graf
2020-09-02 7:31 ` Dan Carpenter
2020-09-02 7:31 ` Dan Carpenter
2020-09-02 7:31 ` Dan Carpenter
2020-08-18 21:15 ` [PATCH v3 03/12] KVM: selftests: Add test for user space MSR handling Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 04/12] KVM: x86: Add ioctl for accepting a userspace provided MSR list Aaron Lewis
2020-08-19 9:00 ` Alexander Graf
2020-08-20 17:30 ` Jim Mattson
2020-08-20 21:49 ` Alexander Graf
2020-08-20 22:28 ` Jim Mattson
2020-08-18 21:15 ` [PATCH v3 05/12] KVM: x86: Add support for exiting to userspace on rdmsr or wrmsr Aaron Lewis
2020-08-19 10:25 ` Alexander Graf
2020-08-20 18:17 ` Jim Mattson
2020-08-20 21:59 ` Alexander Graf
2020-08-20 22:55 ` Jim Mattson
2020-08-21 17:58 ` Jim Mattson
2020-08-24 1:35 ` Alexander Graf
2020-08-24 17:23 ` Jim Mattson
2020-08-24 18:09 ` Alexander Graf
2020-08-24 18:34 ` Jim Mattson
2020-08-18 21:15 ` [PATCH v3 06/12] KVM: x86: Prepare MSR bitmaps for userspace tracked MSRs Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 07/12] KVM: x86: Ensure the MSR bitmap never clears " Aaron Lewis
2020-08-19 1:12 ` kernel test robot
2020-08-19 1:12 ` kernel test robot
2020-08-19 1:12 ` [RFC PATCH] KVM: x86: vmx_set_user_msr_intercept() can be static kernel test robot
2020-08-19 1:12 ` kernel test robot
2020-08-19 15:26 ` [PATCH v3 07/12] KVM: x86: Ensure the MSR bitmap never clears userspace tracked MSRs Alexander Graf
2020-08-20 0:18 ` Aaron Lewis
2020-08-20 22:04 ` Alexander Graf [this message]
2020-08-20 22:35 ` Jim Mattson
2020-08-21 14:27 ` Aaron Lewis
2020-08-21 16:07 ` Alexander Graf
2020-08-21 16:43 ` Aaron Lewis
2020-08-26 15:48 ` kernel test robot
2020-08-26 15:48 ` kernel test robot
2020-08-18 21:15 ` [PATCH v3 08/12] selftests: kvm: Fix the segment descriptor layout to match the actual layout Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 09/12] selftests: kvm: Clear uc so UCALL_NONE is being properly reported Aaron Lewis
2020-08-19 9:13 ` Andrew Jones
2020-08-18 21:15 ` [PATCH v3 10/12] selftests: kvm: Add exception handling to selftests Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 11/12] selftests: kvm: Add a test to exercise the userspace MSR list Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 12/12] selftests: kvm: Add emulated rdmsr, wrmsr tests Aaron Lewis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d75a3862-d4f4-e057-5d45-9edcb3f9b696@amazon.com \
--to=graf@amazon.com \
--cc=aaronlewis@google.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.