* [PATCH v2] kvm: vmx: Pass through IA32_TSC_AUX for read iff guest has RDTSCP
@ 2019-12-03 18:35 Jim Mattson
2019-12-03 19:07 ` Liran Alon
0 siblings, 1 reply; 2+ messages in thread
From: Jim Mattson @ 2019-12-03 18:35 UTC (permalink / raw)
To: kvm
Cc: Jim Mattson, Marc Orr, Peter Shier, Krish Sadhukhan, Sean Christopherson
If the guest supports RDTSCP, it already has read access to the
hardware IA32_TSC_AUX MSR via RDTSCP, so we can allow it read access
via the RDMSR instruction as well. If the guest doesn't support
RDTSCP, intercept all accesses to the IA32_TSC_AUX MSR, so that kvm
can synthesize a #GP. (IA32_TSC_AUX exists iff RDTSCP is supported.)
Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Marc Orr <marcorr@google.com>
Reviewed-by: Peter Shier <pshier@google.com>
Reviewed-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
v1 -> v2: Rebased across vmx directory creation.
Modified commit message based on Sean's comments.
arch/x86/kvm/vmx/vmx.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index d175429c91b0..04a728976d96 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -4070,6 +4070,10 @@ static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx)
if (vmx_rdtscp_supported()) {
bool rdtscp_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP);
+
+ vmx_set_intercept_for_msr(vmx->vmcs01.msr_bitmap, MSR_TSC_AUX,
+ MSR_TYPE_R, !rdtscp_enabled);
+
if (!rdtscp_enabled)
exec_control &= ~SECONDARY_EXEC_RDTSCP;
--
2.24.0.393.g34dc348eaf-goog
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH v2] kvm: vmx: Pass through IA32_TSC_AUX for read iff guest has RDTSCP
2019-12-03 18:35 [PATCH v2] kvm: vmx: Pass through IA32_TSC_AUX for read iff guest has RDTSCP Jim Mattson
@ 2019-12-03 19:07 ` Liran Alon
0 siblings, 0 replies; 2+ messages in thread
From: Liran Alon @ 2019-12-03 19:07 UTC (permalink / raw)
To: Jim Mattson
Cc: kvm, Marc Orr, Peter Shier, Krish Sadhukhan, Sean Christopherson
> On 3 Dec 2019, at 20:35, Jim Mattson <jmattson@google.com> wrote:
>
> If the guest supports RDTSCP, it already has read access to the
> hardware IA32_TSC_AUX MSR via RDTSCP, so we can allow it read access
> via the RDMSR instruction as well. If the guest doesn't support
> RDTSCP, intercept all accesses to the IA32_TSC_AUX MSR, so that kvm
> can synthesize a #GP. (IA32_TSC_AUX exists iff RDTSCP is supported.)
>
> Signed-off-by: Jim Mattson <jmattson@google.com>
> Reviewed-by: Marc Orr <marcorr@google.com>
> Reviewed-by: Peter Shier <pshier@google.com>
> Reviewed-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
> Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Reviewed-by: Liran Alon <liran.alon@oracle.com>
-Liran
>
> ---
> v1 -> v2: Rebased across vmx directory creation.
> Modified commit message based on Sean's comments.
>
> arch/x86/kvm/vmx/vmx.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index d175429c91b0..04a728976d96 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -4070,6 +4070,10 @@ static void vmx_compute_secondary_exec_control(struct vcpu_vmx *vmx)
>
> if (vmx_rdtscp_supported()) {
> bool rdtscp_enabled = guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP);
> +
> + vmx_set_intercept_for_msr(vmx->vmcs01.msr_bitmap, MSR_TSC_AUX,
> + MSR_TYPE_R, !rdtscp_enabled);
> +
> if (!rdtscp_enabled)
> exec_control &= ~SECONDARY_EXEC_RDTSCP;
>
> --
> 2.24.0.393.g34dc348eaf-goog
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-12-03 19:07 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-03 18:35 [PATCH v2] kvm: vmx: Pass through IA32_TSC_AUX for read iff guest has RDTSCP Jim Mattson
2019-12-03 19:07 ` Liran Alon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).