[PATCH 0/2] KVM: nVMX: Skip IPBP on nested VMCS switch

[PATCH 0/2] KVM: nVMX: Skip IPBP on nested VMCS switch

[Sean Christopherson]

Or as Jim would say, "Really skip IPBP on nested VMCS switch" :-D

Patch 1 is the delta between kvm/queue and v3 of the original patch[*],
i.e. I just cherry-picked v3 and fixed the conflicts.

Patch 2 applies the "no IPBP" logic to copy_vmcs02_to_vmcs12_rare().

Feel free to sqaush both of these to commit 7407a52f23732 ("KVM: nVMX:
Skip IBPB when switching between vmcs01 and vmcs02") if you so desire.

[*] https://lkml.kernel.org/r/20200505044644.16563-1-sean.j.christopherson@intel.com

Sean Christopherson (2):
  KVM: nVMX: Refactor IBPB handling on VMCS switch to genericize code
  KVM: nVMX: Skip IPBP when switching between vmcs01 and vmcs02, redux

 arch/x86/kvm/vmx/nested.c | 13 +++----------
 arch/x86/kvm/vmx/vmx.c    | 19 ++++++++++++++-----
 arch/x86/kvm/vmx/vmx.h    |  4 ++--
 3 files changed, 19 insertions(+), 17 deletions(-)

-- 
2.26.0

[PATCH 1/2] KVM: nVMX: Refactor IBPB handling on VMCS switch to genericize code

[Sean Christopherson]

Refactor the IPBP handling to effectively move the WARN and comment in
vmx_switch_vmcs() to vmx_vcpu_load_vmcs().  A future patch will give
copy_vmcs02_to_vmcs12_rare() the same treatment.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/kvm/vmx/nested.c |  9 +--------
 arch/x86/kvm/vmx/vmx.c    | 17 +++++++++++++----
 arch/x86/kvm/vmx/vmx.h    |  3 ++-
 3 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 20a9edca51fa5..7d1e19149ef46 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -302,15 +302,8 @@ static void vmx_switch_vmcs(struct kvm_vcpu *vcpu, struct loaded_vmcs *vmcs)
 
 	cpu = get_cpu();
 	prev = vmx->loaded_vmcs;
-	WARN_ON_ONCE(prev->cpu != cpu || prev->vmcs != per_cpu(current_vmcs, cpu));
 	vmx->loaded_vmcs = vmcs;
-
-	/*
-	 * This is the same guest from our point of view, so no
-	 * indirect branch prediction barrier is needed.  The L1
-	 * guest can protect itself with retpolines, IBPB or IBRS.
-	 */
-	vmx_vcpu_load_vmcs(vcpu, cpu, false);
+	vmx_vcpu_load_vmcs(vcpu, cpu, prev);
 	vmx_sync_vmcs_host_state(vmx, prev);
 	put_cpu();
 
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 94f49c5ae89aa..ddbd8fae24927 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -1311,10 +1311,12 @@ static void vmx_vcpu_pi_load(struct kvm_vcpu *vcpu, int cpu)
 		pi_set_on(pi_desc);
 }
 
-void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu, bool need_ibpb)
+void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu,
+			struct loaded_vmcs *buddy)
 {
 	struct vcpu_vmx *vmx = to_vmx(vcpu);
 	bool already_loaded = vmx->loaded_vmcs->cpu == cpu;
+	struct vmcs *prev;
 
 	if (!already_loaded) {
 		loaded_vmcs_clear(vmx->loaded_vmcs);
@@ -1333,10 +1335,17 @@ void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu, bool need_ibpb)
 		local_irq_enable();
 	}
 
-	if (per_cpu(current_vmcs, cpu) != vmx->loaded_vmcs->vmcs) {
+	prev = per_cpu(current_vmcs, cpu);
+	if (prev != vmx->loaded_vmcs->vmcs) {
 		per_cpu(current_vmcs, cpu) = vmx->loaded_vmcs->vmcs;
 		vmcs_load(vmx->loaded_vmcs->vmcs);
-		if (need_ibpb)
+
+		/*
+		 * No indirect branch prediction barrier needed when switching
+		 * the active VMCS within a guest, e.g. on nested VM-Enter.
+		 * The L1 VMM can protect itself with retpolines, IBPB or IBRS.
+		 */
+		if (!buddy || WARN_ON_ONCE(buddy->vmcs != prev))
 			indirect_branch_prediction_barrier();
 	}
 
@@ -1378,7 +1387,7 @@ void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
 {
 	struct vcpu_vmx *vmx = to_vmx(vcpu);
 
-	vmx_vcpu_load_vmcs(vcpu, cpu, true);
+	vmx_vcpu_load_vmcs(vcpu, cpu, NULL);
 
 	vmx_vcpu_pi_load(vcpu, cpu);
 
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index c6f940ba5d79c..4a6f382b05b49 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -320,7 +320,8 @@ struct kvm_vmx {
 };
 
 bool nested_vmx_allowed(struct kvm_vcpu *vcpu);
-void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu, bool need_ibpb);
+void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu,
+			struct loaded_vmcs *buddy);
 void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu);
 int allocate_vpid(void);
 void free_vpid(int vpid);
-- 
2.26.0

[PATCH 2/2] KVM: nVMX: Skip IPBP when switching between vmcs01 and vmcs02, redux

[Sean Christopherson]

Skip the Indirect Branch Prediction Barrier that is triggered on a VMCS
switch when temporarily loading vmcs02 to synchronize it to vmcs12, i.e.
give copy_vmcs02_to_vmcs12_rare() the same treatment as
vmx_switch_vmcs().

Make vmx_vcpu_load() static now that it's only referenced within vmx.c.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
---
 arch/x86/kvm/vmx/nested.c | 4 ++--
 arch/x86/kvm/vmx/vmx.c    | 2 +-
 arch/x86/kvm/vmx/vmx.h    | 1 -
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 7d1e19149ef46..4f770eed66cc9 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -3915,12 +3915,12 @@ static void copy_vmcs02_to_vmcs12_rare(struct kvm_vcpu *vcpu,
 
 	cpu = get_cpu();
 	vmx->loaded_vmcs = &vmx->nested.vmcs02;
-	vmx_vcpu_load(&vmx->vcpu, cpu);
+	vmx_vcpu_load_vmcs(vcpu, cpu, &vmx->vmcs01);
 
 	sync_vmcs02_to_vmcs12_rare(vcpu, vmcs12);
 
 	vmx->loaded_vmcs = &vmx->vmcs01;
-	vmx_vcpu_load(&vmx->vcpu, cpu);
+	vmx_vcpu_load_vmcs(vcpu, cpu, &vmx->nested.vmcs02);
 	put_cpu();
 }
 
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index ddbd8fae24927..bc5e5cf1d4cc8 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -1383,7 +1383,7 @@ void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu,
  * Switches to specified vcpu, until a matching vcpu_put(), but assumes
  * vcpu mutex is already taken.
  */
-void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
+static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
 {
 	struct vcpu_vmx *vmx = to_vmx(vcpu);
 
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index 4a6f382b05b49..298ddef79d009 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -322,7 +322,6 @@ struct kvm_vmx {
 bool nested_vmx_allowed(struct kvm_vcpu *vcpu);
 void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu,
 			struct loaded_vmcs *buddy);
-void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu);
 int allocate_vpid(void);
 void free_vpid(int vpid);
 void vmx_set_constant_host_state(struct vcpu_vmx *vmx);
-- 
2.26.0

Re: [PATCH 0/2] KVM: nVMX: Skip IPBP on nested VMCS switch

[Paolo Bonzini]

On 07/05/20 01:58, Sean Christopherson wrote:
> Or as Jim would say, "Really skip IPBP on nested VMCS switch" :-D
> 
> Patch 1 is the delta between kvm/queue and v3 of the original patch[*],
> i.e. I just cherry-picked v3 and fixed the conflicts.
> 
> Patch 2 applies the "no IPBP" logic to copy_vmcs02_to_vmcs12_rare().
> 
> Feel free to sqaush both of these to commit 7407a52f23732 ("KVM: nVMX:
> Skip IBPB when switching between vmcs01 and vmcs02") if you so desire.

I squashed patch 1 and applied patch 2 separately.  Thanks!

Paolo

> [*] https://lkml.kernel.org/r/20200505044644.16563-1-sean.j.christopherson@intel.com
> 
> Sean Christopherson (2):
>   KVM: nVMX: Refactor IBPB handling on VMCS switch to genericize code
>   KVM: nVMX: Skip IPBP when switching between vmcs01 and vmcs02, redux
> 
>  arch/x86/kvm/vmx/nested.c | 13 +++----------
>  arch/x86/kvm/vmx/vmx.c    | 19 ++++++++++++++-----
>  arch/x86/kvm/vmx/vmx.h    |  4 ++--
>  3 files changed, 19 insertions(+), 17 deletions(-)
>