kvm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dave Hansen <dave.hansen@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
	Andy Lutomirski <luto@kernel.org>, Jon Kohler <jon@nutanix.com>,
	Sean Christopherson <seanjc@google.com>
Cc: Babu Moger <babu.moger@amd.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	X86 ML <x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
	Fenghua Yu <fenghua.yu@intel.com>,
	Yu-cheng Yu <yu-cheng.yu@intel.com>,
	Tony Luck <tony.luck@intel.com>, Uros Bizjak <ubizjak@gmail.com>,
	Petteri Aimonen <jpa@git.mail.kapsi.fi>,
	Kan Liang <kan.liang@linux.intel.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Mike Rapoport <rppt@kernel.org>,
	Benjamin Thiel <b.thiel@posteo.de>,
	Fan Yang <Fan_Yang@sjtu.edu.cn>, Juergen Gross <jgross@suse.com>,
	Dave Jiang <dave.jiang@intel.com>,
	"Peter Zijlstra (Intel)" <peterz@infradead.org>,
	Ricardo Neri <ricardo.neri-calderon@linux.intel.com>,
	Arvind Sankar <nivedita@alum.mit.edu>,
	LKML <linux-kernel@vger.kernel.org>,
	kvm list <kvm@vger.kernel.org>
Subject: Re: [PATCH] KVM: x86: add hint to skip hidden rdpkru under kvm_load_host_xsave_state
Date: Wed, 19 May 2021 15:44:20 -0700	[thread overview]
Message-ID: <8e45611c-f6ce-763a-ad17-adada33716d6@intel.com> (raw)
In-Reply-To: <5e01d18b-123c-b91f-c7b4-7ec583dd1ec6@redhat.com>

On 5/17/21 12:46 AM, Paolo Bonzini wrote:
> On 14/05/21 07:11, Andy Lutomirski wrote:
>> That's nice, but it fails to restore XINUSE[PKRU].  As far as I know,
>> that bit is live, and the only way to restore it to 0 is with
>> XRSTOR(S).
> 
> The manual says "It is possible for XINUSE[i] to be 1 even when state
> component i is in its initial configuration" so this is architecturally
> valid.  Does the XINUSE optimization matter for PKRU which is a single
> word?

In Linux with normal userspace, virtually never.

The hardware defaults PKRU to 0x0 which means "no restrictions on any
keys".  Linux defaults PKRU via 'init_pkru_value' to the most
restrictive value.  This ensures that new non-zero-pkey-assigned memory
is protected by default.

But, that also means PKRU is virtually never in its init state in Linux.
 An app would probably need to manipulate PKRU with XRSTOR to get
XINUSE[PKRU]=0.

It would only even *possibly* be useful if running a KVM guest that had
PKRU=0x0 (sorry I don't consider things using KVM "normal userspace" :P ).

  parent reply	other threads:[~2021-05-19 22:44 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-07 16:44 [PATCH] KVM: x86: add hint to skip hidden rdpkru under kvm_load_host_xsave_state Jon Kohler
2021-05-07 16:52 ` Paolo Bonzini
2021-05-07 16:58   ` Dave Hansen
2021-05-07 17:13     ` Jon Kohler
2021-05-14  5:11 ` Andy Lutomirski
2021-05-17  2:50   ` Jon Kohler
2021-05-17 16:35     ` Tom Lendacky
2021-05-17  7:46   ` Paolo Bonzini
2021-05-17 17:39     ` Sean Christopherson
2021-05-17 17:55       ` Dave Hansen
2021-05-17 18:02         ` Sean Christopherson
     [not found]       ` <4e6f7056-6b66-46b9-9eac-922ae1c7b526@www.fastmail.com>
2021-05-17 17:59         ` Dave Hansen
2021-05-17 18:04           ` Sean Christopherson
2021-05-17 18:15             ` Jim Mattson
2021-05-17 18:34               ` Sean Christopherson
2021-05-19 22:44     ` Dave Hansen [this message]
2021-05-19 23:15       ` Andy Lutomirski
2021-05-17 13:54   ` Dave Hansen
2021-05-17 16:43     ` Paolo Bonzini

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=8e45611c-f6ce-763a-ad17-adada33716d6@intel.com \
    --to=dave.hansen@intel.com \
    --cc=Fan_Yang@sjtu.edu.cn \
    --cc=akpm@linux-foundation.org \
    --cc=b.thiel@posteo.de \
    --cc=babu.moger@amd.com \
    --cc=bp@alien8.de \
    --cc=dave.jiang@intel.com \
    --cc=fenghua.yu@intel.com \
    --cc=hpa@zytor.com \
    --cc=jgross@suse.com \
    --cc=jmattson@google.com \
    --cc=jon@nutanix.com \
    --cc=joro@8bytes.org \
    --cc=jpa@git.mail.kapsi.fi \
    --cc=kan.liang@linux.intel.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=nivedita@alum.mit.edu \
    --cc=pbonzini@redhat.com \
    --cc=peterz@infradead.org \
    --cc=ricardo.neri-calderon@linux.intel.com \
    --cc=rppt@kernel.org \
    --cc=seanjc@google.com \
    --cc=tglx@linutronix.de \
    --cc=tony.luck@intel.com \
    --cc=ubizjak@gmail.com \
    --cc=vkuznets@redhat.com \
    --cc=wanpengli@tencent.com \
    --cc=x86@kernel.org \
    --cc=yu-cheng.yu@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).