* [PATCH v14 00/13] Introduce support for guest CET feature
@ 2020-11-06 1:16 Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 01/13] KVM: x86: Report XSS as an MSR to be saved if there are supported features Yang Weijiang
` (13 more replies)
0 siblings, 14 replies; 32+ messages in thread
From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw)
To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson
Cc: yu.c.zhang, Yang Weijiang
Control-flow Enforcement Technology (CET) provides protection against
Return/Jump-Oriented Programming (ROP/JOP) attack. There're two CET
sub-features: Shadow Stack (SHSTK) and Indirect Branch Tracking (IBT).
SHSTK is to prevent ROP programming and IBT is to prevent JOP programming.
Several parts in KVM have been updated to provide VM CET support, including:
CPUID/XSAVES config, MSR pass-through, user space MSR access interface,
vmentry/vmexit config, nested VM etc. These patches have dependency on CET
kernel patches for xsaves support and CET definitions, e.g., MSR and related
feature flags.
CET kernel patches are here:
SHSTK: https://lkml.kernel.org/r/20201012153850.26996-1-yu-cheng.yu@intel.com/
IBT: https://lkml.kernel.org/r/20201012154530.28382-1-yu-cheng.yu@intel.com/
CET QEMU patch:
https://patchwork.ozlabs.org/project/qemu-devel/patch/20201013051935.6052-2-weijiang.yang@intel.com/
KVM Unit test:
https://patchwork.kernel.org/project/kvm/patch/20200506082110.25441-12-weijiang.yang@intel.com/
v14:
- Sean refactored v13 patchset then came out v14-rc1, this version is
rebased on top of 5.10-rc1 and tested on TGL.
- Fixed a few minor issues found during test, such as nested CET broken,
call-trace and guest reboot failure etc.
- Original v14-rc1 is here: https://github.com/sean-jc/linux/tree/vmx/cet.
v13:
- Added CET definitions as a separate patch to facilitate KVM test.
- Disabled CET support in KVM if unrestricted_guest is turned off since
in this case CET related instructions/infrastructure cannot be emulated
well.
v12:
- Fixed a few issues per Sean and Paolo's review feeback.
- Refactored patches to make them properly arranged.
- Removed unnecessary hard-coded CET states for host/guest.
- Added compile-time assertions for vmcs_field_to_offset_table to detect
mismatch of the field type and field encoding number.
- Added a custom MSR MSR_KVM_GUEST_SSP for guest active SSP save/restore.
- Rebased patches to 5.7-rc3.
v11:
- Fixed a guest vmentry failure issue when guest reboots.
- Used vm_xxx_control_{set, clear}bit() to avoid side effect, it'll
clear cached data instead of pure VMCS field bits.
- Added vcpu->arch.guest_supported_xss dedidated for guest runtime mask,
this avoids supported_xss overwritten issue caused by an old qemu.
- Separated vmentry/vmexit state setting with CR0/CR4 dependency check
to make the patch more clear.
- Added CET VMCS states in dump_vmcs() for debugging purpose.
- Other refactor based on testing.
- This patch serial is built on top of below branch and CET kernel patches
for seeking xsaves support.
v10:
- Refactored code per Sean's review feedback.
- Added CET support for nested VM.
- Removed fix-patch for CPUID(0xd,N) enumeration as this part is done
by Paolo and Sean.
- This new patchset is based on Paolo's queued cpu_caps branch.
- Modified patch per XSAVES related change.
- Consolidated KVM unit-test patch with KVM patches.
v9:
- Refactored msr-check functions per Sean's feedback.
- Fixed a few issues per Sean's suggestion.
- Rebased patch to kernel-v5.4.
- Moved CET CPUID feature bits and CR4.CET to last patch.
v8:
- Addressed Jim and Sean's feedback on: 1) CPUID(0xD,i) enumeration. 2)
sanity check when configure guest CET. 3) function improvement.
- Added more sanity check functions.
- Set host vmexit default status so that guest won't leak CET status to
host when vmexit.
- Added CR0.WP vs. CR4.CET mutual constrains.
v7:
- Rebased patch to kernel v5.3
- Sean suggested to change CPUID(0xd, n) enumeration code as alined with
existing one, and I think it's better to make the fix as an independent patch
since XSS MSR are being used widely on X86 platforms.
- Check more host and guest status before configure guest CET
per Sean's feedback.
- Add error-check before guest accesses CET MSRs per Sean's feedback.
- Other minor fixes suggested by Sean.
v6:
- Rebase patch to kernel v5.2.
- Move CPUID(0xD, n>=1) helper to a seperate patch.
- Merge xsave size fix with other patch.
- Other minor fixes per community feedback.
v5:
- Rebase patch to kernel v5.1.
- Wrap CPUID(0xD, n>=1) code to a helper function.
- Pass through MSR_IA32_PL1_SSP and MSR_IA32_PL2_SSP to Guest.
- Add Co-developed-by expression in patch description.
- Refine patch description.
v4:
- Add Sean's patch for loading Guest fpu state before access XSAVES
managed CET MSRs.
- Melt down CET bits setting into CPUID configuration patch.
- Add VMX interface to query Host XSS.
- Check Host and Guest XSS support bits before set Guest XSS.
- Make Guest SHSTK and IBT feature enabling independent.
- Do not report CET support to Guest when Host CET feature is Disabled.
v3:
- Modified patches to make Guest CET independent to Host enabling.
- Added patch 8 to add user space access for Guest CET MSR access.
- Modified code comments and patch description to reflect changes.
v2:
- Re-ordered patch sequence, combined one patch.
- Added more description for CET related VMCS fields.
- Added Host CET capability check while enabling Guest CET loading bit.
- Added Host CET capability check while reporting Guest CPUID(EAX=7, EXC=0).
- Modified code in reporting Guest CPUID(EAX=D,ECX>=1), make it clearer.
- Added Host and Guest XSS mask check while setting bits for Guest XSS.
Sean Christopherson (2):
KVM: x86: Report XSS as an MSR to be saved if there are supported features
KVM: x86: Load guest fpu state when accessing MSRs managed by XSAVES
Yang Weijiang (11):
KVM: x86: Refresh CPUID on writes to MSR_IA32_XSS
KVM: x86: Add #CP support in guest exception dispatch
KVM: VMX: Introduce CET VMCS fields and flags
KVM: x86: Add fault checks for CR4.CET
KVM: VMX: Emulate reads and writes to CET MSRs
KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP
KVM: x86: Report CET MSRs as to-be-saved if CET is supported
KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace
KVM: VMX: Pass through CET MSRs to the guest when supported
KVM: nVMX: Add helper to check the vmcs01 MSR bitmap for MSR pass-through
KVM: nVMX: Enable CET support for nested VMX
arch/x86/include/asm/kvm_host.h | 4 +-
arch/x86/include/asm/vmx.h | 8 ++
arch/x86/include/uapi/asm/kvm.h | 1 +
arch/x86/include/uapi/asm/kvm_para.h | 1 +
arch/x86/kvm/cpuid.c | 26 +++-
arch/x86/kvm/vmx/capabilities.h | 5 +
arch/x86/kvm/vmx/nested.c | 57 ++++++--
arch/x86/kvm/vmx/vmcs12.c | 6 +
arch/x86/kvm/vmx/vmcs12.h | 14 +-
arch/x86/kvm/vmx/vmx.c | 207 ++++++++++++++++++++++++++-
arch/x86/kvm/x86.c | 56 +++++++-
arch/x86/kvm/x86.h | 10 +-
12 files changed, 370 insertions(+), 25 deletions(-)
--
2.17.2
^ permalink raw reply [flat|nested] 32+ messages in thread* [PATCH v14 01/13] KVM: x86: Report XSS as an MSR to be saved if there are supported features 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 02/13] KVM: x86: Refresh CPUID on writes to MSR_IA32_XSS Yang Weijiang ` (12 subsequent siblings) 13 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson; +Cc: yu.c.zhang From: Sean Christopherson <sean.j.christopherson@intel.com> Add MSR_IA32_XSS to the list of MSRs reported to userspace if supported_xss is non-zero, i.e. KVM supports at least one XSS based feature. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> --- arch/x86/kvm/x86.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 397f599b20e5..fce18a2537ea 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1237,6 +1237,8 @@ static const u32 msrs_to_save_all[] = { MSR_ARCH_PERFMON_EVENTSEL0 + 12, MSR_ARCH_PERFMON_EVENTSEL0 + 13, MSR_ARCH_PERFMON_EVENTSEL0 + 14, MSR_ARCH_PERFMON_EVENTSEL0 + 15, MSR_ARCH_PERFMON_EVENTSEL0 + 16, MSR_ARCH_PERFMON_EVENTSEL0 + 17, + + MSR_IA32_XSS, }; static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_all)]; @@ -5728,6 +5730,10 @@ static void kvm_init_msr_list(void) min(INTEL_PMC_MAX_GENERIC, x86_pmu.num_counters_gp)) continue; break; + case MSR_IA32_XSS: + if (!supported_xss) + continue; + break; default: break; } -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH v14 02/13] KVM: x86: Refresh CPUID on writes to MSR_IA32_XSS 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 01/13] KVM: x86: Report XSS as an MSR to be saved if there are supported features Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 03/13] KVM: x86: Add #CP support in guest exception dispatch Yang Weijiang ` (11 subsequent siblings) 13 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Updated CPUID.0xD.0x1, which reports the current required storage size of all features enabled via XCR0 | XSS, when the guest's XSS is modified. Note, KVM does not yet support any XSS based features, i.e. supported_xss is guaranteed to be zero at this time. Co-developed-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> Signed-off-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/cpuid.c | 21 ++++++++++++++++++--- arch/x86/kvm/x86.c | 7 +++++-- 3 files changed, 24 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index d44858b69353..1620a2cca781 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -611,6 +611,7 @@ struct kvm_vcpu_arch { u64 xcr0; u64 guest_supported_xcr0; + u64 guest_supported_xss; struct kvm_pio_request pio; void *pio_data; diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 06a278b3701d..2c737337f466 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -115,9 +115,24 @@ void kvm_update_cpuid_runtime(struct kvm_vcpu *vcpu) best->ebx = xstate_required_size(vcpu->arch.xcr0, false); best = kvm_find_cpuid_entry(vcpu, 0xD, 1); - if (best && (cpuid_entry_has(best, X86_FEATURE_XSAVES) || - cpuid_entry_has(best, X86_FEATURE_XSAVEC))) - best->ebx = xstate_required_size(vcpu->arch.xcr0, true); + if (best) { + if (cpuid_entry_has(best, X86_FEATURE_XSAVES) || + cpuid_entry_has(best, X86_FEATURE_XSAVEC)) { + u64 xstate = vcpu->arch.xcr0 | vcpu->arch.ia32_xss; + + best->ebx = xstate_required_size(xstate, true); + } + + if (!cpuid_entry_has(best, X86_FEATURE_XSAVES)) { + best->ecx = 0; + best->edx = 0; + } + vcpu->arch.guest_supported_xss = + (((u64)best->edx << 32) | best->ecx) & supported_xss; + + } else { + vcpu->arch.guest_supported_xss = 0; + } best = kvm_find_cpuid_entry(vcpu, KVM_CPUID_FEATURES, 0); if (kvm_hlt_in_guest(vcpu->kvm) && best && diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index fce18a2537ea..0823bf1e2977 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -3124,9 +3124,12 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) * IA32_XSS[bit 8]. Guests have to use RDMSR/WRMSR rather than * XSAVES/XRSTORS to save/restore PT MSRs. */ - if (data & ~supported_xss) + if (data & ~vcpu->arch.guest_supported_xss) return 1; - vcpu->arch.ia32_xss = data; + if (vcpu->arch.ia32_xss != data) { + vcpu->arch.ia32_xss = data; + kvm_update_cpuid_runtime(vcpu); + } break; case MSR_SMI_COUNT: if (!msr_info->host_initiated) -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH v14 03/13] KVM: x86: Add #CP support in guest exception dispatch 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 01/13] KVM: x86: Report XSS as an MSR to be saved if there are supported features Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 02/13] KVM: x86: Refresh CPUID on writes to MSR_IA32_XSS Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 04/13] KVM: VMX: Introduce CET VMCS fields and flags Yang Weijiang ` (10 subsequent siblings) 13 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Add handling for Control Protection (#CP) exceptions, vector 21, used and introduced by Intel's Control-Flow Enforcement Technology (CET). relevant CET violation case. See Intel's SDM for details. Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/include/uapi/asm/kvm.h | 1 + arch/x86/kvm/x86.c | 1 + arch/x86/kvm/x86.h | 2 +- 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 89e5f3d1bba8..9dc2c58d894b 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -31,6 +31,7 @@ #define MC_VECTOR 18 #define XM_VECTOR 19 #define VE_VECTOR 20 +#define CP_VECTOR 21 /* Select x86 specific features in <linux/kvm.h> */ #define __KVM_HAVE_PIT diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 0823bf1e2977..0433015ee443 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -433,6 +433,7 @@ static int exception_class(int vector) case NP_VECTOR: case SS_VECTOR: case GP_VECTOR: + case CP_VECTOR: return EXCPT_CONTRIBUTORY; default: break; diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index 3900ab0c6004..74858c18978a 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -115,7 +115,7 @@ static inline bool x86_exception_has_error_code(unsigned int vector) { static u32 exception_has_error_code = BIT(DF_VECTOR) | BIT(TS_VECTOR) | BIT(NP_VECTOR) | BIT(SS_VECTOR) | BIT(GP_VECTOR) | - BIT(PF_VECTOR) | BIT(AC_VECTOR); + BIT(PF_VECTOR) | BIT(AC_VECTOR) | BIT(CP_VECTOR); return (1U << vector) & exception_has_error_code; } -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH v14 04/13] KVM: VMX: Introduce CET VMCS fields and flags 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (2 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 03/13] KVM: x86: Add #CP support in guest exception dispatch Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 05/13] KVM: x86: Add fault checks for CR4.CET Yang Weijiang ` (9 subsequent siblings) 13 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang CET (Control-flow Enforcement Technology) is a CPU feature used to prevent Return/Jump-Oriented Programming (ROP/JOP) attacks. CET introduces a new exception type, Control Protection (#CP), and two sub-features to defend against ROP/JOP style control-flow subversion attacks: Shadow Stack (SHSTK): A shadow stack is a second stack used exclusively for control transfer operations. The shadow stack is separate from the data/normal stack and can be enabled individually in user and kernel mode. When shadow stacks are enabled, CALL pushes the return address on both the data and shadow stack. RET pops the return address from both stacks and compares them. If the return addresses from the two stacks do not match, the processor signals a #CP. Indirect Branch Tracking (IBT): IBT adds a new instrution, ENDBRANCH, that is used to mark valid target addresses of indirect branches (CALL, JMP, ENCLU[EEXIT], etc...). If an indirect branch is executed and the next instruction is _not_ an ENDBRANCH, the processor signals a #CP. Several new CET MSRs are defined to support CET: MSR_IA32_{U,S}_CET: Controls the CET settings for user mode and kernel mode respectively. MSR_IA32_PL{0,1,2,3}_SSP: Stores shadow stack pointers for CPL-0,1,2,3 protection respectively. MSR_IA32_INT_SSP_TAB: Stores base address of shadow stack pointer table. Two XSAVES state bits are introduced for CET: IA32_XSS:[bit 11]: Control saving/restoring user mode CET states IA32_XSS:[bit 12]: Control saving/restoring kernel mode CET states. Six VMCS fields are introduced for CET: {HOST,GUEST}_S_CET: Stores CET settings for kernel mode. {HOST,GUEST}_SSP: Stores shadow stack pointer of current task/thread. {HOST,GUEST}_INTR_SSP_TABLE: Stores base address of shadow stack pointer table. If VM_EXIT_LOAD_HOST_CET_STATE = 1, the host CET states are restored from the following VMCS fields at VM-Exit: HOST_S_CET HOST_SSP HOST_INTR_SSP_TABLE If VM_ENTRY_LOAD_GUEST_CET_STATE = 1, the guest CET states are loaded from the following VMCS fields at VM-Entry: GUEST_S_CET GUEST_SSP GUEST_INTR_SSP_TABLE Co-developed-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> Signed-off-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/include/asm/vmx.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h index f8ba5289ecb0..2b1c55f32d5b 100644 --- a/arch/x86/include/asm/vmx.h +++ b/arch/x86/include/asm/vmx.h @@ -94,6 +94,7 @@ #define VM_EXIT_CLEAR_BNDCFGS 0x00800000 #define VM_EXIT_PT_CONCEAL_PIP 0x01000000 #define VM_EXIT_CLEAR_IA32_RTIT_CTL 0x02000000 +#define VM_EXIT_LOAD_CET_STATE 0x10000000 #define VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR 0x00036dff @@ -107,6 +108,7 @@ #define VM_ENTRY_LOAD_BNDCFGS 0x00010000 #define VM_ENTRY_PT_CONCEAL_PIP 0x00020000 #define VM_ENTRY_LOAD_IA32_RTIT_CTL 0x00040000 +#define VM_ENTRY_LOAD_CET_STATE 0x00100000 #define VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR 0x000011ff @@ -328,6 +330,9 @@ enum vmcs_field { GUEST_PENDING_DBG_EXCEPTIONS = 0x00006822, GUEST_SYSENTER_ESP = 0x00006824, GUEST_SYSENTER_EIP = 0x00006826, + GUEST_S_CET = 0x00006828, + GUEST_SSP = 0x0000682a, + GUEST_INTR_SSP_TABLE = 0x0000682c, HOST_CR0 = 0x00006c00, HOST_CR3 = 0x00006c02, HOST_CR4 = 0x00006c04, @@ -340,6 +345,9 @@ enum vmcs_field { HOST_IA32_SYSENTER_EIP = 0x00006c12, HOST_RSP = 0x00006c14, HOST_RIP = 0x00006c16, + HOST_S_CET = 0x00006c18, + HOST_SSP = 0x00006c1a, + HOST_INTR_SSP_TABLE = 0x00006c1c }; /* -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH v14 05/13] KVM: x86: Add fault checks for CR4.CET 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (3 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 04/13] KVM: VMX: Introduce CET VMCS fields and flags Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-09 10:44 ` kernel test robot 2020-11-06 1:16 ` [PATCH v14 06/13] KVM: x86: Load guest fpu state when accessing MSRs managed by XSAVES Yang Weijiang ` (8 subsequent siblings) 13 siblings, 1 reply; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Add the fault checks for CR4.CET, which is the master control for all CET features (SHSTK and IBT). In addition to basic support checks, CET can be enabled if and only if CR0.WP==1, i.e. setting CR4.CET=1 faults if CR0.WP==0 and setting CR0.WP=0 fails if CR4.CET==1. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/x86.c | 6 ++++++ arch/x86/kvm/x86.h | 3 +++ 2 files changed, 9 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 0433015ee443..8c9d631d7842 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -847,6 +847,9 @@ int kvm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0) if (!(cr0 & X86_CR0_PG) && kvm_read_cr4_bits(vcpu, X86_CR4_PCIDE)) return 1; + if (!(cr0 & X86_CR0_WP) && kvm_read_cr4_bits(vcpu, X86_CR4_CET)) + return 1; + kvm_x86_ops.set_cr0(vcpu, cr0); if ((cr0 ^ old_cr0) & X86_CR0_PG) { @@ -1008,6 +1011,9 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) return 1; } + if ((cr4 & X86_CR4_CET) && !(kvm_read_cr0(vcpu) & X86_CR0_WP)) + return 1; + if (kvm_x86_ops.set_cr4(vcpu, cr4)) return 1; diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index 74858c18978a..50386318a382 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -398,6 +398,9 @@ bool kvm_msr_allowed(struct kvm_vcpu *vcpu, u32 index, u32 type); __reserved_bits |= X86_CR4_UMIP; \ if (!__cpu_has(__c, X86_FEATURE_VMX)) \ __reserved_bits |= X86_CR4_VMXE; \ + if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ + !__cpu_has(__c, X86_FEATURE_IBT)) \ + __reserved_bits |= X86_CR4_CET; \ __reserved_bits; \ }) -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH v14 05/13] KVM: x86: Add fault checks for CR4.CET 2020-11-06 1:16 ` [PATCH v14 05/13] KVM: x86: Add fault checks for CR4.CET Yang Weijiang @ 2020-11-09 10:44 ` kernel test robot 0 siblings, 0 replies; 32+ messages in thread From: kernel test robot @ 2020-11-09 10:44 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: kbuild-all, yu.c.zhang, Yang Weijiang [-- Attachment #1: Type: text/plain, Size: 9696 bytes --] Hi Yang, Thank you for the patch! Yet something to improve: [auto build test ERROR on tip/master] [also build test ERROR on linus/master kvm/linux-next v5.10-rc3 next-20201109] [cannot apply to vhost/linux-next linux/master] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Yang-Weijiang/Introduce-support-for-guest-CET-feature/20201106-090915 base: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git 6f72faf4a32303c8bdc6491186b79391e9cf0c7e config: i386-randconfig-r022-20201109 (attached as .config) compiler: gcc-9 (Debian 9.3.0-15) 9.3.0 reproduce (this is a W=1 build): # https://github.com/0day-ci/linux/commit/6ad097a38652897acc9b138f8c43f6c61ce92fc5 git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Yang-Weijiang/Introduce-support-for-guest-CET-feature/20201106-090915 git checkout 6ad097a38652897acc9b138f8c43f6c61ce92fc5 # save the attached .config to linux build tree make W=1 ARCH=i386 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All errors (new ones prefixed by >>): arch/x86/kvm/x86.c: In function 'kvm_set_cr0': arch/x86/kvm/x86.c:850:53: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_DE'? 850 | if (!(cr0 & X86_CR0_WP) && kvm_read_cr4_bits(vcpu, X86_CR4_CET)) | ^~~~~~~~~~~ | X86_CR4_DE arch/x86/kvm/x86.c:850:53: note: each undeclared identifier is reported only once for each function it appears in arch/x86/kvm/x86.c: In function 'kvm_set_cr4': arch/x86/kvm/x86.c:1014:13: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_DE'? 1014 | if ((cr4 & X86_CR4_CET) && !(kvm_read_cr0(vcpu) & X86_CR0_WP)) | ^~~~~~~~~~~ | X86_CR4_DE arch/x86/kvm/x86.c: In function 'kvm_arch_hardware_setup': >> arch/x86/kvm/x86.h:401:22: error: 'X86_FEATURE_SHSTK' undeclared (first use in this function); did you mean 'X86_FEATURE_EST'? 401 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10175:55: note: in definition of macro '__kvm_cpu_cap_has' 10175 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10176:22: note: in expansion of macro '__cr4_reserved_bits' 10176 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/kvm/x86.h:402:22: error: 'X86_FEATURE_IBT' undeclared (first use in this function); did you mean 'X86_FEATURE_IBS'? 402 | !__cpu_has(__c, X86_FEATURE_IBT)) \ | ^~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10175:55: note: in definition of macro '__kvm_cpu_cap_has' 10175 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10176:22: note: in expansion of macro '__cr4_reserved_bits' 10176 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/kvm/cpuid.h:5, from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/x86.h:403:22: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_DE'? 403 | __reserved_bits |= X86_CR4_CET; \ | ^~~~~~~~~~~ arch/x86/kvm/x86.c:10176:22: note: in expansion of macro '__cr4_reserved_bits' 10176 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/include/asm/thread_info.h:53, from include/linux/thread_info.h:38, from arch/x86/include/asm/preempt.h:7, from include/linux/preempt.h:78, from include/linux/percpu.h:6, from include/linux/context_tracking_state.h:5, from include/linux/hardirq.h:5, from include/linux/kvm_host.h:7, from arch/x86/kvm/x86.c:19: arch/x86/kvm/x86.c: In function 'kvm_arch_check_processor_compat': >> arch/x86/kvm/x86.h:401:22: error: 'X86_FEATURE_SHSTK' undeclared (first use in this function); did you mean 'X86_FEATURE_EST'? 401 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:24: note: in definition of macro 'cpu_has' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~ arch/x86/kvm/x86.c:10209:6: note: in expansion of macro '__cr4_reserved_bits' 10209 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/kvm/x86.h:402:22: error: 'X86_FEATURE_IBT' undeclared (first use in this function); did you mean 'X86_FEATURE_IBS'? 402 | !__cpu_has(__c, X86_FEATURE_IBT)) \ | ^~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:24: note: in definition of macro 'cpu_has' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~ arch/x86/kvm/x86.c:10209:6: note: in expansion of macro '__cr4_reserved_bits' 10209 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/kvm/cpuid.h:5, from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/x86.h:403:22: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_DE'? 403 | __reserved_bits |= X86_CR4_CET; \ | ^~~~~~~~~~~ arch/x86/kvm/x86.c:10209:6: note: in expansion of macro '__cr4_reserved_bits' 10209 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ -- In file included from arch/x86/kvm/cpuid.h:5, from arch/x86/kvm/cpuid.c:21: arch/x86/kvm/cpuid.c: In function 'kvm_vcpu_after_set_cpuid': >> arch/x86/kvm/x86.h:401:22: error: 'X86_FEATURE_SHSTK' undeclared (first use in this function); did you mean 'X86_FEATURE_EST'? 401 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ arch/x86/kvm/cpuid.c:185:6: note: in expansion of macro '__cr4_reserved_bits' 185 | __cr4_reserved_bits(guest_cpuid_has, vcpu); | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:401:22: note: each undeclared identifier is reported only once for each function it appears in 401 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ arch/x86/kvm/cpuid.c:185:6: note: in expansion of macro '__cr4_reserved_bits' 185 | __cr4_reserved_bits(guest_cpuid_has, vcpu); | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/kvm/x86.h:402:22: error: 'X86_FEATURE_IBT' undeclared (first use in this function); did you mean 'X86_FEATURE_IBS'? 402 | !__cpu_has(__c, X86_FEATURE_IBT)) \ | ^~~~~~~~~~~~~~~ arch/x86/kvm/cpuid.c:185:6: note: in expansion of macro '__cr4_reserved_bits' 185 | __cr4_reserved_bits(guest_cpuid_has, vcpu); | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:403:22: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_MCE'? 403 | __reserved_bits |= X86_CR4_CET; \ | ^~~~~~~~~~~ arch/x86/kvm/cpuid.c:185:6: note: in expansion of macro '__cr4_reserved_bits' 185 | __cr4_reserved_bits(guest_cpuid_has, vcpu); | ^~~~~~~~~~~~~~~~~~~ vim +401 arch/x86/kvm/x86.h 380 381 #define __cr4_reserved_bits(__cpu_has, __c) \ 382 ({ \ 383 u64 __reserved_bits = CR4_RESERVED_BITS; \ 384 \ 385 if (!__cpu_has(__c, X86_FEATURE_XSAVE)) \ 386 __reserved_bits |= X86_CR4_OSXSAVE; \ 387 if (!__cpu_has(__c, X86_FEATURE_SMEP)) \ 388 __reserved_bits |= X86_CR4_SMEP; \ 389 if (!__cpu_has(__c, X86_FEATURE_SMAP)) \ 390 __reserved_bits |= X86_CR4_SMAP; \ 391 if (!__cpu_has(__c, X86_FEATURE_FSGSBASE)) \ 392 __reserved_bits |= X86_CR4_FSGSBASE; \ 393 if (!__cpu_has(__c, X86_FEATURE_PKU)) \ 394 __reserved_bits |= X86_CR4_PKE; \ 395 if (!__cpu_has(__c, X86_FEATURE_LA57)) \ 396 __reserved_bits |= X86_CR4_LA57; \ 397 if (!__cpu_has(__c, X86_FEATURE_UMIP)) \ 398 __reserved_bits |= X86_CR4_UMIP; \ 399 if (!__cpu_has(__c, X86_FEATURE_VMX)) \ 400 __reserved_bits |= X86_CR4_VMXE; \ > 401 if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ > 402 !__cpu_has(__c, X86_FEATURE_IBT)) \ 403 __reserved_bits |= X86_CR4_CET; \ 404 __reserved_bits; \ 405 }) 406 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org [-- Attachment #2: .config.gz --] [-- Type: application/gzip, Size: 40368 bytes --] ^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH v14 06/13] KVM: x86: Load guest fpu state when accessing MSRs managed by XSAVES 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (4 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 05/13] KVM: x86: Add fault checks for CR4.CET Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 07/13] KVM: VMX: Emulate reads and writes to CET MSRs Yang Weijiang ` (7 subsequent siblings) 13 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang From: Sean Christopherson <sean.j.christopherson@intel.com> A handful of CET MSRs are not context switched through "traditional" methods, e.g. VMCS or manual switching, but rather are passed through to the guest and are saved and restored by XSAVES/XRSTORS, i.e. in the guest's FPU state. Load the guest's FPU state if userspace is accessing MSRs whose values are managed by XSAVES so that the MSR helper, e.g. vmx_{get,set}_msr(), can simply do {RD,WR}MSR to access the guest's value. Because is also used for the KVM_GET_MSRS device ioctl(), explicitly check that @vcpu is non-null before attempting to load guest state. The CET MSRs cannot be retrieved via the device ioctl() without loading guest FPU state (which doesn't exist). Note that guest_cpuid_has() is not queried as host userspace is allowed to access MSRs that have not been exposed to the guest, e.g. it might do KVM_SET_MSRS prior to KVM_SET_CPUID2. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Co-developed-by: Yang Weijiang <weijiang.yang@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/x86.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 8c9d631d7842..751b62e871e5 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -109,6 +109,8 @@ static void enter_smm(struct kvm_vcpu *vcpu); static void __kvm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags); static void store_regs(struct kvm_vcpu *vcpu); static int sync_regs(struct kvm_vcpu *vcpu); +static void kvm_load_guest_fpu(struct kvm_vcpu *vcpu); +static void kvm_put_guest_fpu(struct kvm_vcpu *vcpu); struct kvm_x86_ops kvm_x86_ops __read_mostly; EXPORT_SYMBOL_GPL(kvm_x86_ops); @@ -3582,6 +3584,12 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) } EXPORT_SYMBOL_GPL(kvm_get_msr_common); +static bool is_xsaves_msr(u32 index) +{ + return index == MSR_IA32_U_CET || + (index >= MSR_IA32_PL0_SSP && index <= MSR_IA32_PL3_SSP); +} + /* * Read or write a bunch of msrs. All parameters are kernel addresses. * @@ -3592,11 +3600,20 @@ static int __msr_io(struct kvm_vcpu *vcpu, struct kvm_msrs *msrs, int (*do_msr)(struct kvm_vcpu *vcpu, unsigned index, u64 *data)) { + bool fpu_loaded = false; int i; - for (i = 0; i < msrs->nmsrs; ++i) + for (i = 0; i < msrs->nmsrs; ++i) { + if (vcpu && !fpu_loaded && supported_xss && + is_xsaves_msr(entries[i].index)) { + kvm_load_guest_fpu(vcpu); + fpu_loaded = true; + } if (do_msr(vcpu, entries[i].index, &entries[i].data)) break; + } + if (fpu_loaded) + kvm_put_guest_fpu(vcpu); return i; } -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH v14 07/13] KVM: VMX: Emulate reads and writes to CET MSRs 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (5 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 06/13] KVM: x86: Load guest fpu state when accessing MSRs managed by XSAVES Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2021-01-28 17:45 ` Paolo Bonzini 2020-11-06 1:16 ` [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP Yang Weijiang ` (6 subsequent siblings) 13 siblings, 1 reply; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Add support for emulating read and write accesses to CET MSRs. CET MSRs are universally "special" as they are either context switched via dedicated VMCS fields or via XSAVES, i.e. no additional in-memory tracking is needed, but emulated reads/writes are more expensive. MSRs that are switched through XSAVES are especially annoying due to the possibility of the kernel's FPU being used in IRQ context. Disable IRQs and ensure the guest's FPU state is loaded when accessing such MSRs. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/vmx/vmx.c | 105 +++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/x86.h | 5 ++ 2 files changed, 110 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index aef73dd3de4f..dd78d3a79e79 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1788,6 +1788,66 @@ static int vmx_get_msr_feature(struct kvm_msr_entry *msr) } } +static void vmx_get_xsave_msr(struct msr_data *msr_info) +{ + local_irq_disable(); + if (test_thread_flag(TIF_NEED_FPU_LOAD)) + switch_fpu_return(); + rdmsrl(msr_info->index, msr_info->data); + local_irq_enable(); +} + +static void vmx_set_xsave_msr(struct msr_data *msr_info) +{ + local_irq_disable(); + if (test_thread_flag(TIF_NEED_FPU_LOAD)) + switch_fpu_return(); + wrmsrl(msr_info->index, msr_info->data); + local_irq_enable(); +} + +static bool cet_is_ssp_msr_accessible(struct kvm_vcpu *vcpu, + struct msr_data *msr) +{ + u64 mask; + + if (!kvm_cet_supported()) + return false; + + if (msr->host_initiated) + return true; + + if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) + return false; + + if (msr->index == MSR_IA32_INT_SSP_TAB) + return false; + + mask = (msr->index == MSR_IA32_PL3_SSP) ? XFEATURE_MASK_CET_USER : + XFEATURE_MASK_CET_KERNEL; + return !!(vcpu->arch.guest_supported_xss & mask); +} + +static bool cet_is_control_msr_accessible(struct kvm_vcpu *vcpu, + struct msr_data *msr) +{ + u64 mask; + + if (!kvm_cet_supported()) + return false; + + if (msr->host_initiated) + return true; + + if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) && + !guest_cpuid_has(vcpu, X86_FEATURE_IBT)) + return false; + + mask = (msr->index == MSR_IA32_U_CET) ? XFEATURE_MASK_CET_USER : + XFEATURE_MASK_CET_KERNEL; + return !!(vcpu->arch.guest_supported_xss & mask); +} + /* * Reads an msr value (of 'msr_index') into 'pdata'. * Returns 0 on success, non-0 otherwise. @@ -1920,6 +1980,26 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) else msr_info->data = vmx->pt_desc.guest.addr_a[index / 2]; break; + case MSR_IA32_S_CET: + if (!cet_is_control_msr_accessible(vcpu, msr_info)) + return 1; + msr_info->data = vmcs_readl(GUEST_S_CET); + break; + case MSR_IA32_U_CET: + if (!cet_is_control_msr_accessible(vcpu, msr_info)) + return 1; + vmx_get_xsave_msr(msr_info); + break; + case MSR_IA32_INT_SSP_TAB: + if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) + return 1; + msr_info->data = vmcs_readl(GUEST_INTR_SSP_TABLE); + break; + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: + if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) + return 1; + vmx_get_xsave_msr(msr_info); + break; case MSR_TSC_AUX: if (!msr_info->host_initiated && !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) @@ -2189,6 +2269,31 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) else vmx->pt_desc.guest.addr_a[index / 2] = data; break; + case MSR_IA32_S_CET: + case MSR_IA32_U_CET: + if (!cet_is_control_msr_accessible(vcpu, msr_info)) + return 1; + if (data & GENMASK(9, 6)) + return 1; + if (msr_index == MSR_IA32_S_CET) + vmcs_writel(GUEST_S_CET, data); + else + vmx_set_xsave_msr(msr_info); + break; + case MSR_IA32_INT_SSP_TAB: + if (!cet_is_control_msr_accessible(vcpu, msr_info)) + return 1; + if (is_noncanonical_address(data, vcpu)) + return 1; + vmcs_writel(GUEST_INTR_SSP_TABLE, data); + break; + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: + if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) + return 1; + if ((data & GENMASK(2, 0)) || is_noncanonical_address(data, vcpu)) + return 1; + vmx_set_xsave_msr(msr_info); + break; case MSR_TSC_AUX: if (!msr_info->host_initiated && !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP)) diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index 50386318a382..d05c3d11161e 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -286,6 +286,11 @@ static inline bool kvm_mpx_supported(void) == (XFEATURE_MASK_BNDREGS | XFEATURE_MASK_BNDCSR); } +static inline bool kvm_cet_supported(void) +{ + return supported_xss & XFEATURE_MASK_CET_USER; +} + extern unsigned int min_timer_period_us; extern bool enable_vmware_backdoor; -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH v14 07/13] KVM: VMX: Emulate reads and writes to CET MSRs 2020-11-06 1:16 ` [PATCH v14 07/13] KVM: VMX: Emulate reads and writes to CET MSRs Yang Weijiang @ 2021-01-28 17:45 ` Paolo Bonzini 2021-01-29 8:07 ` Yang Weijiang 0 siblings, 1 reply; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 17:45 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson Cc: yu.c.zhang On 06/11/20 02:16, Yang Weijiang wrote: > > +static bool cet_is_ssp_msr_accessible(struct kvm_vcpu *vcpu, > + struct msr_data *msr) > +{ > + u64 mask; > + > + if (!kvm_cet_supported()) > + return false; > + > + if (msr->host_initiated) > + return true; > + > + if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) > + return false; > + > + if (msr->index == MSR_IA32_INT_SSP_TAB) > + return false; Shouldn't this return true? Paolo > + mask = (msr->index == MSR_IA32_PL3_SSP) ? XFEATURE_MASK_CET_USER : > + XFEATURE_MASK_CET_KERNEL; > + return !!(vcpu->arch.guest_supported_xss & mask); > +} ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 07/13] KVM: VMX: Emulate reads and writes to CET MSRs 2021-01-28 17:45 ` Paolo Bonzini @ 2021-01-29 8:07 ` Yang Weijiang 0 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2021-01-29 8:07 UTC (permalink / raw) To: Paolo Bonzini Cc: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson, yu.c.zhang On Thu, Jan 28, 2021 at 06:45:08PM +0100, Paolo Bonzini wrote: > On 06/11/20 02:16, Yang Weijiang wrote: > > > > +static bool cet_is_ssp_msr_accessible(struct kvm_vcpu *vcpu, > > + struct msr_data *msr) > > +{ > > + u64 mask; > > + > > + if (!kvm_cet_supported()) > > + return false; > > + > > + if (msr->host_initiated) > > + return true; > > + > > + if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) > > + return false; > > + > > + if (msr->index == MSR_IA32_INT_SSP_TAB) > > + return false; > > Shouldn't this return true? > Hi, Paolo, Thanks for the feedback! Yes, it should be true, will fix it in next release. > Paolo > > > + mask = (msr->index == MSR_IA32_PL3_SSP) ? XFEATURE_MASK_CET_USER : > > + XFEATURE_MASK_CET_KERNEL; > > + return !!(vcpu->arch.guest_supported_xss & mask); > > +} ^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (6 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 07/13] KVM: VMX: Emulate reads and writes to CET MSRs Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2021-01-28 17:41 ` Paolo Bonzini 2021-01-28 17:42 ` Paolo Bonzini 2020-11-06 1:16 ` [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported Yang Weijiang ` (5 subsequent siblings) 13 siblings, 2 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Introduce a host-only synthetic MSR, MSR_KVM_GUEST_SSP so that the VMM can read/write the guest's SSP, e.g. to migrate CET state. Use a synthetic MSR, e.g. as opposed to a VCPU_REG_, as GUEST_SSP is subject to the same consistency checks as the PL*_SSP MSRs, i.e. can share code. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/include/uapi/asm/kvm_para.h | 1 + arch/x86/kvm/vmx/vmx.c | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/uapi/asm/kvm_para.h b/arch/x86/include/uapi/asm/kvm_para.h index 812e9b4c1114..5203dc084125 100644 --- a/arch/x86/include/uapi/asm/kvm_para.h +++ b/arch/x86/include/uapi/asm/kvm_para.h @@ -53,6 +53,7 @@ #define MSR_KVM_POLL_CONTROL 0x4b564d05 #define MSR_KVM_ASYNC_PF_INT 0x4b564d06 #define MSR_KVM_ASYNC_PF_ACK 0x4b564d07 +#define MSR_KVM_GUEST_SSP 0x4b564d08 struct kvm_steal_time { __u64 steal; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index dd78d3a79e79..28ba8414a7a3 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1817,7 +1817,8 @@ static bool cet_is_ssp_msr_accessible(struct kvm_vcpu *vcpu, if (msr->host_initiated) return true; - if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) + if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) || + msr->index == MSR_KVM_GUEST_SSP) return false; if (msr->index == MSR_IA32_INT_SSP_TAB) @@ -1995,6 +1996,11 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) return 1; msr_info->data = vmcs_readl(GUEST_INTR_SSP_TABLE); break; + case MSR_KVM_GUEST_SSP: + if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) + return 1; + msr_info->data = vmcs_readl(GUEST_SSP); + break; case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) return 1; @@ -2287,12 +2293,16 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) return 1; vmcs_writel(GUEST_INTR_SSP_TABLE, data); break; + case MSR_KVM_GUEST_SSP: case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) return 1; if ((data & GENMASK(2, 0)) || is_noncanonical_address(data, vcpu)) return 1; - vmx_set_xsave_msr(msr_info); + if (msr_index == MSR_KVM_GUEST_SSP) + vmcs_writel(GUEST_SSP, data); + else + vmx_set_xsave_msr(msr_info); break; case MSR_TSC_AUX: if (!msr_info->host_initiated && -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP 2020-11-06 1:16 ` [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP Yang Weijiang @ 2021-01-28 17:41 ` Paolo Bonzini 2021-01-28 17:42 ` Paolo Bonzini 1 sibling, 0 replies; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 17:41 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson Cc: yu.c.zhang On 06/11/20 02:16, Yang Weijiang wrote: > Introduce a host-only synthetic MSR, MSR_KVM_GUEST_SSP so that the VMM > can read/write the guest's SSP, e.g. to migrate CET state. Use a > synthetic MSR, e.g. as opposed to a VCPU_REG_, as GUEST_SSP is subject > to the same consistency checks as the PL*_SSP MSRs, i.e. can share code. > > Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> > --- > arch/x86/include/uapi/asm/kvm_para.h | 1 + > arch/x86/kvm/vmx/vmx.c | 14 ++++++++++++-- > 2 files changed, 13 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/include/uapi/asm/kvm_para.h b/arch/x86/include/uapi/asm/kvm_para.h > index 812e9b4c1114..5203dc084125 100644 > --- a/arch/x86/include/uapi/asm/kvm_para.h > +++ b/arch/x86/include/uapi/asm/kvm_para.h > @@ -53,6 +53,7 @@ > #define MSR_KVM_POLL_CONTROL 0x4b564d05 > #define MSR_KVM_ASYNC_PF_INT 0x4b564d06 > #define MSR_KVM_ASYNC_PF_ACK 0x4b564d07 > +#define MSR_KVM_GUEST_SSP 0x4b564d08 > > struct kvm_steal_time { > __u64 steal; > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > index dd78d3a79e79..28ba8414a7a3 100644 > --- a/arch/x86/kvm/vmx/vmx.c > +++ b/arch/x86/kvm/vmx/vmx.c > @@ -1817,7 +1817,8 @@ static bool cet_is_ssp_msr_accessible(struct kvm_vcpu *vcpu, > if (msr->host_initiated) > return true; > > - if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) > + if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) || > + msr->index == MSR_KVM_GUEST_SSP) > return false; > > if (msr->index == MSR_IA32_INT_SSP_TAB) > @@ -1995,6 +1996,11 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > return 1; > msr_info->data = vmcs_readl(GUEST_INTR_SSP_TABLE); > break; > + case MSR_KVM_GUEST_SSP: > + if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) > + return 1; > + msr_info->data = vmcs_readl(GUEST_SSP); > + break; > case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) > return 1; > @@ -2287,12 +2293,16 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > return 1; > vmcs_writel(GUEST_INTR_SSP_TABLE, data); > break; > + case MSR_KVM_GUEST_SSP: > case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) > return 1; > if ((data & GENMASK(2, 0)) || is_noncanonical_address(data, vcpu)) > return 1; > - vmx_set_xsave_msr(msr_info); > + if (msr_index == MSR_KVM_GUEST_SSP) > + vmcs_writel(GUEST_SSP, data); > + else > + vmx_set_xsave_msr(msr_info); > break; > case MSR_TSC_AUX: > if (!msr_info->host_initiated && > Better make this fail if !msr_info->host_initiated. Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP 2020-11-06 1:16 ` [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP Yang Weijiang 2021-01-28 17:41 ` Paolo Bonzini @ 2021-01-28 17:42 ` Paolo Bonzini 1 sibling, 0 replies; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 17:42 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson Cc: yu.c.zhang On 06/11/20 02:16, Yang Weijiang wrote: > Introduce a host-only synthetic MSR, MSR_KVM_GUEST_SSP so that the VMM > can read/write the guest's SSP, e.g. to migrate CET state. Use a > synthetic MSR, e.g. as opposed to a VCPU_REG_, as GUEST_SSP is subject > to the same consistency checks as the PL*_SSP MSRs, i.e. can share code. > > Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> > --- > arch/x86/include/uapi/asm/kvm_para.h | 1 + > arch/x86/kvm/vmx/vmx.c | 14 ++++++++++++-- > 2 files changed, 13 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/include/uapi/asm/kvm_para.h b/arch/x86/include/uapi/asm/kvm_para.h > index 812e9b4c1114..5203dc084125 100644 > --- a/arch/x86/include/uapi/asm/kvm_para.h > +++ b/arch/x86/include/uapi/asm/kvm_para.h > @@ -53,6 +53,7 @@ > #define MSR_KVM_POLL_CONTROL 0x4b564d05 > #define MSR_KVM_ASYNC_PF_INT 0x4b564d06 > #define MSR_KVM_ASYNC_PF_ACK 0x4b564d07 > +#define MSR_KVM_GUEST_SSP 0x4b564d08 > > struct kvm_steal_time { > __u64 steal; > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > index dd78d3a79e79..28ba8414a7a3 100644 > --- a/arch/x86/kvm/vmx/vmx.c > +++ b/arch/x86/kvm/vmx/vmx.c > @@ -1817,7 +1817,8 @@ static bool cet_is_ssp_msr_accessible(struct kvm_vcpu *vcpu, > if (msr->host_initiated) > return true; > > - if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK)) > + if (!guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) || > + msr->index == MSR_KVM_GUEST_SSP) > return false; > > if (msr->index == MSR_IA32_INT_SSP_TAB) > @@ -1995,6 +1996,11 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > return 1; > msr_info->data = vmcs_readl(GUEST_INTR_SSP_TABLE); > break; > + case MSR_KVM_GUEST_SSP: > + if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) > + return 1; > + msr_info->data = vmcs_readl(GUEST_SSP); > + break; > case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) > return 1; > @@ -2287,12 +2293,16 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) > return 1; > vmcs_writel(GUEST_INTR_SSP_TABLE, data); > break; > + case MSR_KVM_GUEST_SSP: > case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > if (!cet_is_ssp_msr_accessible(vcpu, msr_info)) > return 1; > if ((data & GENMASK(2, 0)) || is_noncanonical_address(data, vcpu)) > return 1; > - vmx_set_xsave_msr(msr_info); > + if (msr_index == MSR_KVM_GUEST_SSP) > + vmcs_writel(GUEST_SSP, data); > + else > + vmx_set_xsave_msr(msr_info); > break; > case MSR_TSC_AUX: > if (!msr_info->host_initiated && > Doh, I misread the change in cet_is_ssp_msr_accessible, sorry. */ ^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (7 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-09 6:17 ` kernel test robot 2021-01-28 17:46 ` Paolo Bonzini 2020-11-06 1:16 ` [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace Yang Weijiang ` (4 subsequent siblings) 13 siblings, 2 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Report all CET MSRs, including the synthetic GUEST_SSP MSR, as to-be-saved, e.g. for migration, if CET is supported by KVM. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/x86.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 751b62e871e5..d573cadf5baf 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1248,6 +1248,8 @@ static const u32 msrs_to_save_all[] = { MSR_ARCH_PERFMON_EVENTSEL0 + 16, MSR_ARCH_PERFMON_EVENTSEL0 + 17, MSR_IA32_XSS, + MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, + MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, }; static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_all)]; @@ -5761,6 +5763,13 @@ static void kvm_init_msr_list(void) if (!supported_xss) continue; break; + case MSR_IA32_U_CET: + case MSR_IA32_S_CET: + case MSR_IA32_INT_SSP_TAB: + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: + if (!kvm_cet_supported()) + continue; + break; default: break; } -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported 2020-11-06 1:16 ` [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported Yang Weijiang @ 2020-11-09 6:17 ` kernel test robot 2021-01-28 17:46 ` Paolo Bonzini 1 sibling, 0 replies; 32+ messages in thread From: kernel test robot @ 2020-11-09 6:17 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: kbuild-all, yu.c.zhang, Yang Weijiang [-- Attachment #1: Type: text/plain, Size: 117743 bytes --] Hi Yang, Thank you for the patch! Perhaps something to improve: [auto build test WARNING on tip/master] [also build test WARNING on linus/master kvm/linux-next v5.10-rc3 next-20201106] [cannot apply to vhost/linux-next linux/master] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Yang-Weijiang/Introduce-support-for-guest-CET-feature/20201106-090915 base: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git 6f72faf4a32303c8bdc6491186b79391e9cf0c7e config: i386-randconfig-r022-20201109 (attached as .config) compiler: gcc-9 (Debian 9.3.0-15) 9.3.0 reproduce (this is a W=1 build): # https://github.com/0day-ci/linux/commit/d52c3d57bc17482b10d4071ea5b2cced7d2dc63e git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Yang-Weijiang/Introduce-support-for-guest-CET-feature/20201106-090915 git checkout d52c3d57bc17482b10d4071ea5b2cced7d2dc63e # save the attached .config to linux build tree make W=1 ARCH=i386 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All warnings (new ones prefixed by >>): In file included from arch/x86/kvm/cpuid.h:5, from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/x86.h: In function 'kvm_cet_supported': arch/x86/kvm/x86.h:291:25: error: 'XFEATURE_MASK_CET_USER' undeclared (first use in this function); did you mean 'XFEATURE_MASK_SSE'? 291 | return supported_xss & XFEATURE_MASK_CET_USER; | ^~~~~~~~~~~~~~~~~~~~~~ | XFEATURE_MASK_SSE arch/x86/kvm/x86.h:291:25: note: each undeclared identifier is reported only once for each function it appears in arch/x86/kvm/x86.c: In function 'kvm_set_cr0': arch/x86/kvm/x86.c:852:53: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_DE'? 852 | if (!(cr0 & X86_CR0_WP) && kvm_read_cr4_bits(vcpu, X86_CR4_CET)) | ^~~~~~~~~~~ | X86_CR4_DE arch/x86/kvm/x86.c: In function 'kvm_set_cr4': arch/x86/kvm/x86.c:1016:13: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_DE'? 1016 | if ((cr4 & X86_CR4_CET) && !(kvm_read_cr0(vcpu) & X86_CR0_WP)) | ^~~~~~~~~~~ | X86_CR4_DE arch/x86/kvm/x86.c: At top level: arch/x86/kvm/x86.c:1251:2: error: 'MSR_IA32_U_CET' undeclared here (not in a function); did you mean 'MSR_IA32_PMC0'? 1251 | MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, | ^~~~~~~~~~~~~~ | MSR_IA32_PMC0 arch/x86/kvm/x86.c:1251:18: error: 'MSR_IA32_S_CET' undeclared here (not in a function); did you mean 'MSR_IA32_PMC0'? 1251 | MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, | ^~~~~~~~~~~~~~ | MSR_IA32_PMC0 arch/x86/kvm/x86.c:1251:34: error: 'MSR_IA32_INT_SSP_TAB' undeclared here (not in a function) 1251 | MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, | ^~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:1252:2: error: 'MSR_IA32_PL0_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c:1252:20: error: 'MSR_IA32_PL1_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c:1252:38: error: 'MSR_IA32_PL2_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c:1252:56: error: 'MSR_IA32_PL3_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c: In function 'is_xsaves_msr': >> arch/x86/kvm/x86.c:3591:15: warning: comparison between pointer and integer 3591 | return index == MSR_IA32_U_CET || | ^~ arch/x86/kvm/x86.c:3592:16: warning: comparison between pointer and integer 3592 | (index >= MSR_IA32_PL0_SSP && index <= MSR_IA32_PL3_SSP); | ^~ arch/x86/kvm/x86.c:3592:45: warning: comparison between pointer and integer 3592 | (index >= MSR_IA32_PL0_SSP && index <= MSR_IA32_PL3_SSP); | ^~ arch/x86/kvm/x86.c: In function 'kvm_arch_hardware_setup': arch/x86/kvm/x86.h:406:22: error: 'X86_FEATURE_SHSTK' undeclared (first use in this function); did you mean 'X86_FEATURE_EST'? 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10201:55: note: in definition of macro '__kvm_cpu_cap_has' 10201 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10202:22: note: in expansion of macro '__cr4_reserved_bits' 10202 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/kvm/x86.h:406:22: warning: passing argument 1 of 'kvm_cpu_cap_has' makes integer from pointer without a cast [-Wint-conversion] 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.c:10201:55: note: in definition of macro '__kvm_cpu_cap_has' 10201 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10202:22: note: in expansion of macro '__cr4_reserved_bits' 10202 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/cpuid.h:301:58: note: expected 'unsigned int' but argument is of type 'const u32 *' {aka 'const unsigned int *'} 301 | static __always_inline bool kvm_cpu_cap_has(unsigned int x86_feature) | ~~~~~~~~~~~~~^~~~~~~~~~~ arch/x86/kvm/x86.h:407:22: error: 'X86_FEATURE_IBT' undeclared (first use in this function); did you mean 'X86_FEATURE_IBS'? 407 | !__cpu_has(__c, X86_FEATURE_IBT)) \ | ^~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10201:55: note: in definition of macro '__kvm_cpu_cap_has' 10201 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10202:22: note: in expansion of macro '__cr4_reserved_bits' 10202 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:407:22: warning: passing argument 1 of 'kvm_cpu_cap_has' makes integer from pointer without a cast [-Wint-conversion] 407 | !__cpu_has(__c, X86_FEATURE_IBT)) \ | ^~~~~~~~~~~~~~~ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.c:10201:55: note: in definition of macro '__kvm_cpu_cap_has' 10201 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10202:22: note: in expansion of macro '__cr4_reserved_bits' 10202 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/cpuid.h:301:58: note: expected 'unsigned int' but argument is of type 'const u32 *' {aka 'const unsigned int *'} 301 | static __always_inline bool kvm_cpu_cap_has(unsigned int x86_feature) | ~~~~~~~~~~~~~^~~~~~~~~~~ In file included from arch/x86/kvm/cpuid.h:5, from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/x86.h:408:22: error: 'X86_CR4_CET' undeclared (first use in this function); did you mean 'X86_CR4_DE'? 408 | __reserved_bits |= X86_CR4_CET; \ | ^~~~~~~~~~~ arch/x86/kvm/x86.c:10202:22: note: in expansion of macro '__cr4_reserved_bits' 10202 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:408:19: error: invalid operands to binary | (have 'u64' {aka 'long long unsigned int'} and 'const u32 *' {aka 'const unsigned int *'}) 408 | __reserved_bits |= X86_CR4_CET; \ | ^~ ~~~~~~~~~~~ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.c:10202:22: note: in expansion of macro '__cr4_reserved_bits' 10202 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:408:3: warning: statement with no effect [-Wunused-value] 408 | __reserved_bits |= X86_CR4_CET; \ | ^~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10202:22: note: in expansion of macro '__cr4_reserved_bits' 10202 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/include/asm/thread_info.h:53, from include/linux/thread_info.h:38, from arch/x86/include/asm/preempt.h:7, from include/linux/preempt.h:78, from include/linux/percpu.h:6, from include/linux/context_tracking_state.h:5, from include/linux/hardirq.h:5, from include/linux/kvm_host.h:7, from arch/x86/kvm/x86.c:19: arch/x86/kvm/x86.c: In function 'kvm_arch_check_processor_compat': arch/x86/kvm/x86.h:406:22: error: 'X86_FEATURE_SHSTK' undeclared (first use in this function); did you mean 'X86_FEATURE_EST'? 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:24: note: in definition of macro 'cpu_has' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:72:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 72 | ( CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 0, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:72:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 72 | ( CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 0, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:72:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 72 | ( CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 0, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:72:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 72 | ( CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 0, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:73:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 73 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 1, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:73:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 73 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 1, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:73:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 73 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 1, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:73:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 73 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 1, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:73:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 73 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 1, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:74:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 74 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 2, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:74:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 74 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 2, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:74:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 74 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 2, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:74:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 74 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 2, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:74:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 74 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 2, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:75:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 75 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 3, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:75:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 75 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 3, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:75:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 75 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 3, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:75:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 75 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 3, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:75:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 75 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 3, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:76:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 76 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 4, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:76:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 76 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 4, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:76:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 76 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 4, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:76:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 76 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 4, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:76:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 76 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 4, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:77:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 77 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 5, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:77:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 77 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 5, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:77:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 77 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 5, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:77:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 77 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 5, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:77:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 77 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 5, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:78:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 78 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 6, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:78:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 78 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 6, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:78:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 78 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 6, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:78:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 78 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 6, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:78:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 78 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 6, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:79:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 79 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 7, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:79:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 79 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 7, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:79:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 79 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 7, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:79:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 79 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 7, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:79:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 79 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 7, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:80:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 80 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 8, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:80:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 80 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 8, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:80:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 80 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 8, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:80:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 80 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 8, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:80:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 80 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 8, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:81:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 81 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 9, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:81:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 81 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 9, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:81:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 81 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 9, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:81:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 81 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 9, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:81:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 81 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 9, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:82:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 82 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 10, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:82:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 82 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 10, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:82:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 82 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 10, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:82:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 82 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 10, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:82:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 82 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 10, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:83:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 83 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 11, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:83:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 83 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 11, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:83:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 83 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 11, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:83:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 83 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 11, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:83:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 83 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 11, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:84:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 84 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 12, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:84:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 84 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 12, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:84:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 84 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 12, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:84:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 84 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 12, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:84:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 84 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 12, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:85:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 85 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 13, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:85:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 85 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 13, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:85:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 85 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 13, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:85:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 85 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 13, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:85:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 85 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 13, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:86:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 86 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 14, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:86:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 86 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 14, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:86:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 86 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 14, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:86:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 86 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 14, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:86:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 86 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 14, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:87:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 87 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:87:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 87 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:87:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 87 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:87:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 87 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:87:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 87 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:88:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 88 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:88:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 88 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:88:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 88 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:88:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 88 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:88:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 88 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:89:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 89 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:89:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 89 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:89:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 89 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:89:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 89 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:89:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 89 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:9: error: invalid operands to binary >> (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:90:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 90 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ >> arch/x86/include/asm/cpufeature.h:62:13: warning: comparison between pointer and integer 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ arch/x86/include/asm/cpufeature.h:90:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 90 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:37: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:90:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 90 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:29: error: invalid operands to binary << (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ^~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:90:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 90 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:62:42: error: invalid operands to binary & (have 'const u32 *' {aka 'const unsigned int *'} and 'int') 62 | (((bit)>>5)==(word) && (1UL<<((bit)&31) & maskname##word )) | ~~~ ^ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:90:5: note: in expansion of macro 'CHECK_BIT_IN_MASK_WORD' 90 | CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ | ^~~~~~~~~~~~~~~~~~~~~~ arch/x86/include/asm/cpufeature.h:118:32: note: in expansion of macro 'REQUIRED_MASK_BIT_SET' 118 | (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ | ^~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:22: warning: passing argument 1 of 'test_bit' makes integer from pointer without a cast [-Wint-conversion] 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ | | | const u32 * {aka const unsigned int *} arch/x86/include/asm/cpufeature.h:52:12: note: in definition of macro 'test_cpu_cap' 52 | test_bit(bit, (unsigned long *)((c)->x86_capability)) | ^~~ arch/x86/kvm/x86.h:406:7: note: in expansion of macro 'cpu_has' 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~ arch/x86/kvm/x86.c:10235:6: note: in expansion of macro '__cr4_reserved_bits' 10235 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/include/asm/bitops.h:392, from include/linux/bitops.h:29, from include/linux/kernel.h:12, from include/asm-generic/bug.h:20, from arch/x86/include/asm/bug.h:93, from include/linux/bug.h:5, from include/linux/mmdebug.h:5, from include/linux/percpu.h:5, from include/linux/context_tracking_state.h:5, from include/linux/hardirq.h:5, from include/linux/kvm_host.h:7, from arch/x86/kvm/x86.c:19: include/asm-generic/bitops/instrumented-non-atomic.h:132:34: note: expected 'long int' but argument is of type 'const u32 *' {aka 'const unsigned int *'} 132 | static inline bool test_bit(long nr, const volatile unsigned long *addr) | ~~~~~^~ In file included from arch/x86/include/asm/thread_info.h:53, from include/linux/thread_info.h:38, from arch/x86/include/asm/preempt.h:7, from include/linux/preempt.h:78, from include/linux/percpu.h:6, from include/linux/context_tracking_state.h:5, vim +3591 arch/x86/kvm/x86.c 15c4a6406f6c406 drivers/kvm/x86.c Carsten Otte 2007-10-30 3588 40d6256c456d0be arch/x86/kvm/x86.c Sean Christopherson 2020-11-06 3589 static bool is_xsaves_msr(u32 index) 40d6256c456d0be arch/x86/kvm/x86.c Sean Christopherson 2020-11-06 3590 { 40d6256c456d0be arch/x86/kvm/x86.c Sean Christopherson 2020-11-06 @3591 return index == MSR_IA32_U_CET || 40d6256c456d0be arch/x86/kvm/x86.c Sean Christopherson 2020-11-06 3592 (index >= MSR_IA32_PL0_SSP && index <= MSR_IA32_PL3_SSP); 40d6256c456d0be arch/x86/kvm/x86.c Sean Christopherson 2020-11-06 3593 } 40d6256c456d0be arch/x86/kvm/x86.c Sean Christopherson 2020-11-06 3594 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org [-- Attachment #2: .config.gz --] [-- Type: application/gzip, Size: 40368 bytes --] ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported 2020-11-06 1:16 ` [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported Yang Weijiang 2020-11-09 6:17 ` kernel test robot @ 2021-01-28 17:46 ` Paolo Bonzini 2021-01-29 8:08 ` Yang Weijiang 1 sibling, 1 reply; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 17:46 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson Cc: yu.c.zhang On 06/11/20 02:16, Yang Weijiang wrote: > Report all CET MSRs, including the synthetic GUEST_SSP MSR, as > to-be-saved, e.g. for migration, if CET is supported by KVM. > > Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> > --- > arch/x86/kvm/x86.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 751b62e871e5..d573cadf5baf 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -1248,6 +1248,8 @@ static const u32 msrs_to_save_all[] = { > MSR_ARCH_PERFMON_EVENTSEL0 + 16, MSR_ARCH_PERFMON_EVENTSEL0 + 17, > > MSR_IA32_XSS, > + MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, > + MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, > }; > > static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_all)]; > @@ -5761,6 +5763,13 @@ static void kvm_init_msr_list(void) > if (!supported_xss) > continue; > break; > + case MSR_IA32_U_CET: > + case MSR_IA32_S_CET: > + case MSR_IA32_INT_SSP_TAB: > + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > + if (!kvm_cet_supported()) > + continue; > + break; > default: > break; > } > Missing "case MSR_KVM_GUEST_SSP". Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported 2021-01-28 17:46 ` Paolo Bonzini @ 2021-01-29 8:08 ` Yang Weijiang 0 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2021-01-29 8:08 UTC (permalink / raw) To: Paolo Bonzini Cc: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson, yu.c.zhang On Thu, Jan 28, 2021 at 06:46:37PM +0100, Paolo Bonzini wrote: > On 06/11/20 02:16, Yang Weijiang wrote: > > Report all CET MSRs, including the synthetic GUEST_SSP MSR, as > > to-be-saved, e.g. for migration, if CET is supported by KVM. > > > > Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> > > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > > Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> > > --- > > arch/x86/kvm/x86.c | 9 +++++++++ > > 1 file changed, 9 insertions(+) > > > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > > index 751b62e871e5..d573cadf5baf 100644 > > --- a/arch/x86/kvm/x86.c > > +++ b/arch/x86/kvm/x86.c > > @@ -1248,6 +1248,8 @@ static const u32 msrs_to_save_all[] = { > > MSR_ARCH_PERFMON_EVENTSEL0 + 16, MSR_ARCH_PERFMON_EVENTSEL0 + 17, > > MSR_IA32_XSS, > > + MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, > > + MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, > > }; > > static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_all)]; > > @@ -5761,6 +5763,13 @@ static void kvm_init_msr_list(void) > > if (!supported_xss) > > continue; > > break; > > + case MSR_IA32_U_CET: > > + case MSR_IA32_S_CET: > > + case MSR_IA32_INT_SSP_TAB: > > + case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP: > > + if (!kvm_cet_supported()) > > + continue; > > + break; > > default: > > break; > > } > > > > Missing "case MSR_KVM_GUEST_SSP". > OK, will fix it in next version. > Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (8 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-09 7:23 ` kernel test robot 2021-01-28 17:53 ` Paolo Bonzini 2020-11-06 1:16 ` [PATCH v14 11/13] KVM: VMX: Pass through CET MSRs to the guest when supported Yang Weijiang ` (3 subsequent siblings) 13 siblings, 2 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Set the feature bits so that CET capabilities can be seen in guest via CPUID enumeration. Add CR4.CET bit support in order to allow guest set CET master control bit(CR4.CET). Disable KVM CET feature if unrestricted_guest is unsupported/disabled as KVM does not support emulating CET. Reset guest CET states in vmcs so as to avoid vmentry failure when guest toggles CR4.CET bit, e.g. during guest reboot. Don't expose CET feature if dependent CET bits are cleared in host XSS, or if XSAVES isn't supported. Updating the CET features in common x86 is a little ugly, but there is on clean solution without risking breakage of SVM if SVM hardware ever gains support for CET, e.g. moving everything to common x86 would prematurely expose CET on SVM. The alternative is to put all the logic in VMX, but that means rereading host_xss in VMX and duplicating the XSAVES check across VMX and SVM. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/include/asm/kvm_host.h | 3 +- arch/x86/kvm/cpuid.c | 5 +-- arch/x86/kvm/vmx/capabilities.h | 5 +++ arch/x86/kvm/vmx/vmx.c | 64 +++++++++++++++++++++++++++++++-- arch/x86/kvm/x86.c | 8 +++++ 5 files changed, 79 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 1620a2cca781..b3b5cb44e75b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -100,7 +100,8 @@ | X86_CR4_PGE | X86_CR4_PCE | X86_CR4_OSFXSR | X86_CR4_PCIDE \ | X86_CR4_OSXSAVE | X86_CR4_SMEP | X86_CR4_FSGSBASE \ | X86_CR4_OSXMMEXCPT | X86_CR4_LA57 | X86_CR4_VMXE \ - | X86_CR4_SMAP | X86_CR4_PKE | X86_CR4_UMIP)) + | X86_CR4_SMAP | X86_CR4_PKE | X86_CR4_UMIP \ + | X86_CR4_CET)) #define CR8_RESERVED_BITS (~(unsigned long)X86_CR8_TPR) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 2c737337f466..6a888ee1c7db 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -405,7 +405,8 @@ void kvm_set_cpu_caps(void) F(AVX512VBMI) | F(LA57) | F(PKU) | 0 /*OSPKE*/ | F(RDPID) | F(AVX512_VPOPCNTDQ) | F(UMIP) | F(AVX512_VBMI2) | F(GFNI) | F(VAES) | F(VPCLMULQDQ) | F(AVX512_VNNI) | F(AVX512_BITALG) | - F(CLDEMOTE) | F(MOVDIRI) | F(MOVDIR64B) | 0 /*WAITPKG*/ + F(CLDEMOTE) | F(MOVDIRI) | F(MOVDIR64B) | 0 /*WAITPKG*/ | + F(SHSTK) ); /* Set LA57 based on hardware capability. */ if (cpuid_ecx(7) & F(LA57)) @@ -422,7 +423,7 @@ void kvm_set_cpu_caps(void) F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) | F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES) | F(INTEL_STIBP) | F(MD_CLEAR) | F(AVX512_VP2INTERSECT) | F(FSRM) | - F(SERIALIZE) | F(TSXLDTRK) + F(SERIALIZE) | F(TSXLDTRK) | F(IBT) ); /* TSC_ADJUST and ARCH_CAPABILITIES are emulated in software. */ diff --git a/arch/x86/kvm/vmx/capabilities.h b/arch/x86/kvm/vmx/capabilities.h index 3a1861403d73..58cb57b08697 100644 --- a/arch/x86/kvm/vmx/capabilities.h +++ b/arch/x86/kvm/vmx/capabilities.h @@ -103,6 +103,11 @@ static inline bool cpu_has_load_perf_global_ctrl(void) (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL); } +static inline bool cpu_has_load_cet_ctrl(void) +{ + return (vmcs_config.vmentry_ctrl & VM_ENTRY_LOAD_CET_STATE) && + (vmcs_config.vmexit_ctrl & VM_EXIT_LOAD_CET_STATE); +} static inline bool cpu_has_vmx_mpx(void) { return (vmcs_config.vmexit_ctrl & VM_EXIT_CLEAR_BNDCFGS) && diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 28ba8414a7a3..c88a6e1721b1 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2279,7 +2279,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) case MSR_IA32_U_CET: if (!cet_is_control_msr_accessible(vcpu, msr_info)) return 1; - if (data & GENMASK(9, 6)) + if ((data & GENMASK(9, 6)) || is_noncanonical_address(data, vcpu)) return 1; if (msr_index == MSR_IA32_S_CET) vmcs_writel(GUEST_S_CET, data); @@ -2594,7 +2594,8 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, VM_EXIT_LOAD_IA32_EFER | VM_EXIT_CLEAR_BNDCFGS | VM_EXIT_PT_CONCEAL_PIP | - VM_EXIT_CLEAR_IA32_RTIT_CTL; + VM_EXIT_CLEAR_IA32_RTIT_CTL | + VM_EXIT_LOAD_CET_STATE; if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_EXIT_CTLS, &_vmexit_control) < 0) return -EIO; @@ -2618,7 +2619,8 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, VM_ENTRY_LOAD_IA32_EFER | VM_ENTRY_LOAD_BNDCFGS | VM_ENTRY_PT_CONCEAL_PIP | - VM_ENTRY_LOAD_IA32_RTIT_CTL; + VM_ENTRY_LOAD_IA32_RTIT_CTL | + VM_ENTRY_LOAD_CET_STATE; if (adjust_vmx_controls(min, opt, MSR_IA32_VMX_ENTRY_CTLS, &_vmentry_control) < 0) return -EIO; @@ -2646,6 +2648,15 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, } } + /* + * The CET entry and exit controls need to be synchronized, e.g. to + * avoid loading guest state but not restoring host state. + */ + if (!(_vmentry_control & VM_ENTRY_LOAD_CET_STATE) || + !(_vmexit_control & VM_EXIT_LOAD_CET_STATE)) { + _vmentry_control &= ~VM_ENTRY_LOAD_CET_STATE; + _vmexit_control &= ~VM_EXIT_LOAD_CET_STATE; + } rdmsr(MSR_IA32_VMX_BASIC, vmx_msr_low, vmx_msr_high); @@ -3217,7 +3228,9 @@ int vmx_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) * this bit, even if host CR4.MCE == 0. */ unsigned long hw_cr4; + unsigned long old_cr4; + old_cr4 = vmcs_readl(CR4_READ_SHADOW); hw_cr4 = (cr4_read_shadow() & X86_CR4_MCE) | (cr4 & ~X86_CR4_MCE); if (is_unrestricted_guest(vcpu)) hw_cr4 |= KVM_VM_CR4_ALWAYS_ON_UNRESTRICTED_GUEST; @@ -3281,6 +3294,13 @@ int vmx_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) vmcs_writel(CR4_READ_SHADOW, cr4); vmcs_writel(GUEST_CR4, hw_cr4); + + if (((cr4 ^ old_cr4) & X86_CR4_CET) && kvm_cet_supported()) { + vmcs_writel(GUEST_SSP, 0); + vmcs_writel(GUEST_S_CET, 0); + vmcs_writel(GUEST_INTR_SSP_TABLE, 0); + } + return 0; } @@ -5961,6 +5981,12 @@ void dump_vmcs(void) pr_err("InterruptStatus = %04x\n", vmcs_read16(GUEST_INTR_STATUS)); + if (vmentry_ctl & VM_ENTRY_LOAD_CET_STATE) { + pr_err("S_CET = 0x%016lx\n", vmcs_readl(GUEST_S_CET)); + pr_err("SSP = 0x%016lx\n", vmcs_readl(GUEST_SSP)); + pr_err("SSP TABLE = 0x%016lx\n", + vmcs_readl(GUEST_INTR_SSP_TABLE)); + } pr_err("*** Host State ***\n"); pr_err("RIP = 0x%016lx RSP = 0x%016lx\n", vmcs_readl(HOST_RIP), vmcs_readl(HOST_RSP)); @@ -6035,6 +6061,12 @@ void dump_vmcs(void) if (secondary_exec_control & SECONDARY_EXEC_ENABLE_VPID) pr_err("Virtual processor ID = 0x%04x\n", vmcs_read16(VIRTUAL_PROCESSOR_ID)); + if (vmexit_ctl & VM_EXIT_LOAD_CET_STATE) { + pr_err("S_CET = 0x%016lx\n", vmcs_readl(HOST_S_CET)); + pr_err("SSP = 0x%016lx\n", vmcs_readl(HOST_SSP)); + pr_err("SSP TABLE = 0x%016lx\n", + vmcs_readl(HOST_INTR_SSP_TABLE)); + } } /* @@ -7409,6 +7441,15 @@ static __init void vmx_set_cpu_caps(void) if (cpu_has_vmx_waitpkg()) kvm_cpu_cap_check_and_set(X86_FEATURE_WAITPKG); + + if (!cpu_has_load_cet_ctrl() || !enable_unrestricted_guest) { + kvm_cpu_cap_clear(X86_FEATURE_SHSTK); + kvm_cpu_cap_clear(X86_FEATURE_IBT); + } else if (kvm_cpu_cap_has(X86_FEATURE_SHSTK) || + kvm_cpu_cap_has(X86_FEATURE_IBT)) { + supported_xss |= XFEATURE_MASK_CET_USER | + XFEATURE_MASK_CET_KERNEL; + } } static void vmx_request_immediate_exit(struct kvm_vcpu *vcpu) @@ -7837,6 +7878,8 @@ static __init int hardware_setup(void) unsigned long host_bndcfgs; struct desc_ptr dt; int r, i, ept_lpage_level; + u64 cet_msr; + bool accessible; store_idt(&dt); host_idt_base = dt.address; @@ -7850,6 +7893,21 @@ static __init int hardware_setup(void) if (boot_cpu_has(X86_FEATURE_NX)) kvm_enable_efer_bits(EFER_NX); + accessible = (supported_xss & XFEATURE_MASK_CET_KERNEL) && + (boot_cpu_has(X86_FEATURE_IBT) || + boot_cpu_has(X86_FEATURE_SHSTK)); + if (accessible) { + rdmsrl(MSR_IA32_S_CET, cet_msr); + WARN_ONCE(cet_msr, "KVM: CET S_CET in host will be lost!\n"); + } + + accessible = (supported_xss & XFEATURE_MASK_CET_KERNEL) && + boot_cpu_has(X86_FEATURE_SHSTK); + if (accessible) { + rdmsrl(MSR_IA32_PL0_SSP, cet_msr); + WARN_ONCE(cet_msr, "KVM: CET PL0_SSP in host will be lost!\n"); + } + if (boot_cpu_has(X86_FEATURE_MPX)) { rdmsrl(MSR_IA32_BNDCFGS, host_bndcfgs); WARN_ONCE(host_bndcfgs, "KVM: BNDCFGS in host will be lost"); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index d573cadf5baf..a500c4e260af 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10197,6 +10197,14 @@ int kvm_arch_hardware_setup(void *opaque) if (!kvm_cpu_cap_has(X86_FEATURE_XSAVES)) supported_xss = 0; + else + supported_xss &= host_xss; + + /* Update CET features now that supported_xss is finalized. */ + if (!kvm_cet_supported()) { + kvm_cpu_cap_clear(X86_FEATURE_SHSTK); + kvm_cpu_cap_clear(X86_FEATURE_IBT); + } #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace 2020-11-06 1:16 ` [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace Yang Weijiang @ 2020-11-09 7:23 ` kernel test robot 2021-01-28 17:53 ` Paolo Bonzini 1 sibling, 0 replies; 32+ messages in thread From: kernel test robot @ 2020-11-09 7:23 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: kbuild-all, yu.c.zhang, Yang Weijiang [-- Attachment #1: Type: text/plain, Size: 13372 bytes --] Hi Yang, Thank you for the patch! Perhaps something to improve: [auto build test WARNING on tip/master] [also build test WARNING on linus/master v5.10-rc3 next-20201106] [cannot apply to vhost/linux-next kvm/linux-next linux/master] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Yang-Weijiang/Introduce-support-for-guest-CET-feature/20201106-090915 base: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git 6f72faf4a32303c8bdc6491186b79391e9cf0c7e config: i386-randconfig-r022-20201109 (attached as .config) compiler: gcc-9 (Debian 9.3.0-15) 9.3.0 reproduce (this is a W=1 build): # https://github.com/0day-ci/linux/commit/34e06718bac59b9ecb835d2c4a04ae9378067819 git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Yang-Weijiang/Introduce-support-for-guest-CET-feature/20201106-090915 git checkout 34e06718bac59b9ecb835d2c4a04ae9378067819 # save the attached .config to linux build tree make W=1 ARCH=i386 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All warnings (new ones prefixed by >>): In file included from arch/x86/kvm/cpuid.h:5, from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/x86.h: In function 'kvm_cet_supported': arch/x86/kvm/x86.h:291:25: error: 'XFEATURE_MASK_CET_USER' undeclared (first use in this function); did you mean 'XFEATURE_MASK_SSE'? 291 | return supported_xss & XFEATURE_MASK_CET_USER; | ^~~~~~~~~~~~~~~~~~~~~~ | XFEATURE_MASK_SSE arch/x86/kvm/x86.h:291:25: note: each undeclared identifier is reported only once for each function it appears in In file included from include/linux/kvm_host.h:36, from arch/x86/kvm/x86.c:19: arch/x86/kvm/x86.c: At top level: arch/x86/include/asm/kvm_host.h:104:8: error: 'X86_CR4_CET' undeclared here (not in a function); did you mean 'X86_CR4_DE'? 104 | | X86_CR4_CET)) | ^~~~~~~~~~~ arch/x86/kvm/x86.c:101:46: note: in expansion of macro 'CR4_RESERVED_BITS' 101 | static u64 __read_mostly cr4_reserved_bits = CR4_RESERVED_BITS; | ^~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:1251:2: error: 'MSR_IA32_U_CET' undeclared here (not in a function); did you mean 'MSR_IA32_PMC0'? 1251 | MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, | ^~~~~~~~~~~~~~ | MSR_IA32_PMC0 arch/x86/kvm/x86.c:1251:18: error: 'MSR_IA32_S_CET' undeclared here (not in a function); did you mean 'MSR_IA32_PMC0'? 1251 | MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, | ^~~~~~~~~~~~~~ | MSR_IA32_PMC0 arch/x86/kvm/x86.c:1251:34: error: 'MSR_IA32_INT_SSP_TAB' undeclared here (not in a function) 1251 | MSR_IA32_U_CET, MSR_IA32_S_CET, MSR_IA32_INT_SSP_TAB, MSR_KVM_GUEST_SSP, | ^~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:1252:2: error: 'MSR_IA32_PL0_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c:1252:20: error: 'MSR_IA32_PL1_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c:1252:38: error: 'MSR_IA32_PL2_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c:1252:56: error: 'MSR_IA32_PL3_SSP' undeclared here (not in a function); did you mean 'MSR_IA32_MCG_ESP'? 1252 | MSR_IA32_PL0_SSP, MSR_IA32_PL1_SSP, MSR_IA32_PL2_SSP, MSR_IA32_PL3_SSP, | ^~~~~~~~~~~~~~~~ | MSR_IA32_MCG_ESP arch/x86/kvm/x86.c: In function 'is_xsaves_msr': arch/x86/kvm/x86.c:3591:15: warning: comparison between pointer and integer 3591 | return index == MSR_IA32_U_CET || | ^~ arch/x86/kvm/x86.c:3592:16: warning: comparison between pointer and integer 3592 | (index >= MSR_IA32_PL0_SSP && index <= MSR_IA32_PL3_SSP); | ^~ arch/x86/kvm/x86.c:3592:45: warning: comparison between pointer and integer 3592 | (index >= MSR_IA32_PL0_SSP && index <= MSR_IA32_PL3_SSP); | ^~ arch/x86/kvm/x86.c: In function 'kvm_arch_hardware_setup': arch/x86/kvm/x86.c:10205:21: error: 'X86_FEATURE_SHSTK' undeclared (first use in this function); did you mean 'X86_FEATURE_EST'? 10205 | kvm_cpu_cap_clear(X86_FEATURE_SHSTK); | ^~~~~~~~~~~~~~~~~ | X86_FEATURE_EST >> arch/x86/kvm/x86.c:10205:21: warning: passing argument 1 of 'kvm_cpu_cap_clear' makes integer from pointer without a cast [-Wint-conversion] In file included from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/cpuid.h:277:60: note: expected 'unsigned int' but argument is of type 'const u32 *' {aka 'const unsigned int *'} 277 | static __always_inline void kvm_cpu_cap_clear(unsigned int x86_feature) | ~~~~~~~~~~~~~^~~~~~~~~~~ arch/x86/kvm/x86.c:10206:21: error: 'X86_FEATURE_IBT' undeclared (first use in this function); did you mean 'X86_FEATURE_IBS'? 10206 | kvm_cpu_cap_clear(X86_FEATURE_IBT); | ^~~~~~~~~~~~~~~ | X86_FEATURE_IBS arch/x86/kvm/x86.c:10206:21: warning: passing argument 1 of 'kvm_cpu_cap_clear' makes integer from pointer without a cast [-Wint-conversion] In file included from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/cpuid.h:277:60: note: expected 'unsigned int' but argument is of type 'const u32 *' {aka 'const unsigned int *'} 277 | static __always_inline void kvm_cpu_cap_clear(unsigned int x86_feature) | ~~~~~~~~~~~~~^~~~~~~~~~~ In file included from include/linux/kvm_host.h:36, from arch/x86/kvm/x86.c:19: arch/x86/include/asm/kvm_host.h:104:6: error: invalid operands to binary | (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 104 | | X86_CR4_CET)) | ^ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.h:388:24: note: in expansion of macro 'CR4_RESERVED_BITS' 388 | u64 __reserved_bits = CR4_RESERVED_BITS; \ | ^~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10210:22: note: in expansion of macro '__cr4_reserved_bits' 10210 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:406:22: warning: passing argument 1 of 'kvm_cpu_cap_has' makes integer from pointer without a cast [-Wint-conversion] 406 | if (!__cpu_has(__c, X86_FEATURE_SHSTK) && \ | ^~~~~~~~~~~~~~~~~ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.c:10209:55: note: in definition of macro '__kvm_cpu_cap_has' 10209 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10210:22: note: in expansion of macro '__cr4_reserved_bits' 10210 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/cpuid.h:301:58: note: expected 'unsigned int' but argument is of type 'const u32 *' {aka 'const unsigned int *'} 301 | static __always_inline bool kvm_cpu_cap_has(unsigned int x86_feature) | ~~~~~~~~~~~~~^~~~~~~~~~~ arch/x86/kvm/x86.h:407:22: warning: passing argument 1 of 'kvm_cpu_cap_has' makes integer from pointer without a cast [-Wint-conversion] 407 | !__cpu_has(__c, X86_FEATURE_IBT)) \ | ^~~~~~~~~~~~~~~ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.c:10209:55: note: in definition of macro '__kvm_cpu_cap_has' 10209 | #define __kvm_cpu_cap_has(UNUSED_, f) kvm_cpu_cap_has(f) | ^ arch/x86/kvm/x86.c:10210:22: note: in expansion of macro '__cr4_reserved_bits' 10210 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/cpuid.h:301:58: note: expected 'unsigned int' but argument is of type 'const u32 *' {aka 'const unsigned int *'} 301 | static __always_inline bool kvm_cpu_cap_has(unsigned int x86_feature) | ~~~~~~~~~~~~~^~~~~~~~~~~ In file included from arch/x86/kvm/cpuid.h:5, from arch/x86/kvm/mmu.h:7, from arch/x86/kvm/x86.c:22: arch/x86/kvm/x86.h:408:19: error: invalid operands to binary | (have 'u64' {aka 'long long unsigned int'} and 'const u32 *' {aka 'const unsigned int *'}) 408 | __reserved_bits |= X86_CR4_CET; \ | ^~ ~~~~~~~~~~~ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.c:10210:22: note: in expansion of macro '__cr4_reserved_bits' 10210 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.h:408:3: warning: statement with no effect [-Wunused-value] 408 | __reserved_bits |= X86_CR4_CET; \ | ^~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10210:22: note: in expansion of macro '__cr4_reserved_bits' 10210 | cr4_reserved_bits = __cr4_reserved_bits(__kvm_cpu_cap_has, UNUSED_); | ^~~~~~~~~~~~~~~~~~~ In file included from include/linux/kvm_host.h:36, from arch/x86/kvm/x86.c:19: arch/x86/kvm/x86.c: In function 'kvm_arch_check_processor_compat': arch/x86/include/asm/kvm_host.h:104:6: error: invalid operands to binary | (have 'long unsigned int' and 'const u32 *' {aka 'const unsigned int *'}) 104 | | X86_CR4_CET)) | ^ | | | const u32 * {aka const unsigned int *} arch/x86/kvm/x86.h:388:24: note: in expansion of macro 'CR4_RESERVED_BITS' 388 | u64 __reserved_bits = CR4_RESERVED_BITS; \ | ^~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c:10243:6: note: in expansion of macro '__cr4_reserved_bits' 10243 | if (__cr4_reserved_bits(cpu_has, c) != | ^~~~~~~~~~~~~~~~~~~ In file included from arch/x86/include/asm/thread_info.h:53, from include/linux/thread_info.h:38, from arch/x86/include/asm/preempt.h:7, from include/linux/preempt.h:78, from include/linux/percpu.h:6, from include/linux/context_tracking_state.h:5, from include/linux/hardirq.h:5, from include/linux/kvm_host.h:7, from arch/x86/kvm/x86.c:19: vim +/kvm_cpu_cap_clear +10205 arch/x86/kvm/x86.c 10181 10182 int kvm_arch_hardware_setup(void *opaque) 10183 { 10184 struct kvm_x86_init_ops *ops = opaque; 10185 int r; 10186 10187 rdmsrl_safe(MSR_EFER, &host_efer); 10188 10189 if (boot_cpu_has(X86_FEATURE_XSAVES)) 10190 rdmsrl(MSR_IA32_XSS, host_xss); 10191 10192 r = ops->hardware_setup(); 10193 if (r != 0) 10194 return r; 10195 10196 memcpy(&kvm_x86_ops, ops->runtime_ops, sizeof(kvm_x86_ops)); 10197 10198 if (!kvm_cpu_cap_has(X86_FEATURE_XSAVES)) 10199 supported_xss = 0; 10200 else 10201 supported_xss &= host_xss; 10202 10203 /* Update CET features now that supported_xss is finalized. */ 10204 if (!kvm_cet_supported()) { 10205 kvm_cpu_cap_clear(X86_FEATURE_SHSTK); 10206 kvm_cpu_cap_clear(X86_FEATURE_IBT); 10207 } 10208 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org [-- Attachment #2: .config.gz --] [-- Type: application/gzip, Size: 40368 bytes --] ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace 2020-11-06 1:16 ` [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace Yang Weijiang 2020-11-09 7:23 ` kernel test robot @ 2021-01-28 17:53 ` Paolo Bonzini [not found] ` <20210129112437.GA29715@local-michael-cet-test.sh.intel.com> 1 sibling, 1 reply; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 17:53 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson Cc: yu.c.zhang On 06/11/20 02:16, Yang Weijiang wrote: > > + > + if (((cr4 ^ old_cr4) & X86_CR4_CET) && kvm_cet_supported()) { > + vmcs_writel(GUEST_SSP, 0); > + vmcs_writel(GUEST_S_CET, 0); > + vmcs_writel(GUEST_INTR_SSP_TABLE, 0); > + } > + Is this behavior documented for bare metal? I suspect it is at least not true for S_CET and INTR_SSP_TABLE, because SMM entry does not save those to SMRAM (and clears CR4.CET). Also, you need to save/restore GUEST_SSP to SMRAM. Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
[parent not found: <20210129112437.GA29715@local-michael-cet-test.sh.intel.com>]
[parent not found: <68e288ee-6e09-36f1-a6c9-bed864eb7678@redhat.com>]
[parent not found: <20210129121717.GA30243@local-michael-cet-test.sh.intel.com>]
[parent not found: <1cf7e501-2c69-8b76-9332-42db1348ab08@redhat.com>]
* Re: [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace [not found] ` <1cf7e501-2c69-8b76-9332-42db1348ab08@redhat.com> @ 2021-01-30 6:32 ` Yang Weijiang 2021-02-01 4:56 ` Yang Weijiang 1 sibling, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2021-01-30 6:32 UTC (permalink / raw) To: Paolo Bonzini Cc: Yang Weijiang, kvm, linux-kernel, jmattson, yu.c.zhang, Sean Christopherson On Fri, Jan 29, 2021 at 03:38:52PM +0100, Paolo Bonzini wrote: > On 29/01/21 13:17, Yang Weijiang wrote: > > > > It's specific to VM case, during VM reboot, memory mode reset but VM_ENTRY_LOAD_CET_STATE > > > > is still set, and VMCS contains stale GUEST_SSP, this hits vm-entry failure > > > > documented in 10.7 VM Entry at: > > > > https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf > > > > Since CR4.CET is also reset during VM reboot, to take the change to clear the stale data. > > > > Maybe I need to find a better place to do the things. > > > Then you must use a field of struct vmx_vcpu instead of the VMCS to hold > > > GUEST_SSP (while GUEST_S_CET and GUEST_INTR_SSP_TABLE should not be an > > > issue). > > > > > Sorry, I don't get your point, can I just clear the GUEST_SSP field in this case? > > Anyway save/restore GUEST_SSP via VMCS is an efficient way. > > You cannot clear it, because it is preserved when CR4.CET is modified. > > However, I checked the latest SDM and the GUEST_SSP rules are changed to > just this: > > SSP. The following checks are performed if the “load CET state” VM-entry > control is 1 > — Bits 1:0 must be 0. > — If the processor supports the Intel 64 architecture, bits 63:N must be > identical, where N is the CPU’s maximum linear-address width. (This check > does not apply if the processor supports 64 linear-address bits.) The guest > SSP value is not required to be canonical; the value of bit N-1 may differ > from that of bit N. > > In particular it doesn't mention the "IA-32e mode guest" VM-entry control or > the CS.L bit anymore, so it should not be necessary anymore to even reset > SSP to 0, and you can keep GUEST_SSP in the VMCS. > There could be some gaps between the two specs, I tested VM reboot with these patches, if I don't clear GUEST_SSP field while CR4.CET is changed, then it always encounters the vm-entry failure issue, the VMCS dump is like below: [341485.265277] *** Guest State *** [341485.265280] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 [341485.265281] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=fffffffffffef871 [341485.265282] CR3 = 0x0000000000000000 [341485.265283] RSP = 0x0000000000000000 RIP = 0x000000000000fff0 [341485.265283] RFLAGS=0x00000002 DR7 = 0x0000000000000400 [341485.265284] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 [341485.265285] CS: sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000 [341485.265286] DS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [341485.265287] SS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [341485.265288] ES: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [341485.265288] FS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [341485.265289] GS: sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000 [341485.265289] GDTR: limit=0x0000ffff, base=0x0000000000000000 [341485.265290] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 [341485.265291] IDTR: limit=0x0000ffff, base=0x0000000000000000 [341485.265291] TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 [341485.265292] EFER = 0x0000000000000000 PAT = 0x0007040600070406 [341485.265292] DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 [341485.265293] Interruptibility = 00000000 ActivityState = 00000000 [341485.265294] InterruptStatus = 0000 [341485.265294] S_CET = 0x0000000000000000 [341485.265295] SSP = 0x00007fc1727fdfd0 [341485.265295] SSP TABLE = 0x0000000000000000 [341485.265296] *** Host State *** [341485.265296] RIP = 0xffffffffc1235900 RSP = 0xffffaed7c150bd68 [341485.265297] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 [341485.265298] FSBase=00007f6851d36700 GSBase=ffff9de2e0980000 TRBase=fffffe0000141000 [341485.265298] GDTBase=fffffe000013f000 IDTBase=fffffe0000000000 [341485.265299] CR0=0000000080050033 CR3=00000001135ae001 CR4=0000000000f72ee0 [341485.265300] Sysenter RSP=fffffe0000141000 CS:RIP=0010:ffffffff8dc015e0 [341485.265301] EFER = 0x0000000000000d01 PAT = 0x0407050600070106 [341485.265301] *** Control State *** [341485.265302] PinBased=000000ff CPUBased=b5a06dfa SecondaryExec=021237eb [341485.265303] EntryControls=0010d1ff ExitControls=102befff [341485.265303] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 [341485.265304] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 [341485.265305] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002 [341485.265306] reason=80000021 qualification=0000000000000000 [341485.265306] IDTVectoring: info=00000000 errcode=00000000 [341485.265307] TSC Offset = 0xfffd10acb111a2a0 [341485.265307] TSC Multiplier = 0x0001000000000000 [341485.265308] SVI|RVI = 00|00 TPR Threshold = 0x00 [341485.265309] APIC-access addr = 0x0000000499d63000 virt-APIC addr = 0x000000011ade6000 [341485.265310] PostedIntrVec = 0xf2 [341485.265310] EPT pointer = 0x000000011fffc05e [341485.265310] PLE Gap=00000080 Window=00010000 [341485.265311] Virtual processor ID = 0x0001 [341485.265312] S_CET = 0x0000000000000000 [341485.265312] SSP = 0x0000000000000000 [341485.265312] SSP TABLE = 0x0000000000000000 The alternative way is to clear it in exit_lmode(), it also works. > Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace [not found] ` <1cf7e501-2c69-8b76-9332-42db1348ab08@redhat.com> 2021-01-30 6:32 ` Yang Weijiang @ 2021-02-01 4:56 ` Yang Weijiang 1 sibling, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2021-02-01 4:56 UTC (permalink / raw) To: Paolo Bonzini Cc: Yang Weijiang, kvm, linux-kernel, jmattson, yu.c.zhang, Sean Christopherson On Fri, Jan 29, 2021 at 03:38:52PM +0100, Paolo Bonzini wrote: > On 29/01/21 13:17, Yang Weijiang wrote: > > > > It's specific to VM case, during VM reboot, memory mode reset but VM_ENTRY_LOAD_CET_STATE > > > > is still set, and VMCS contains stale GUEST_SSP, this hits vm-entry failure > > > > documented in 10.7 VM Entry at: > > > > https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf > > > > Since CR4.CET is also reset during VM reboot, to take the change to clear the stale data. > > > > Maybe I need to find a better place to do the things. > > > Then you must use a field of struct vmx_vcpu instead of the VMCS to hold > > > GUEST_SSP (while GUEST_S_CET and GUEST_INTR_SSP_TABLE should not be an > > > issue). > > > > > Sorry, I don't get your point, can I just clear the GUEST_SSP field in this case? > > Anyway save/restore GUEST_SSP via VMCS is an efficient way. > > You cannot clear it, because it is preserved when CR4.CET is modified. > > However, I checked the latest SDM and the GUEST_SSP rules are changed to > just this: > > SSP. The following checks are performed if the “load CET state” VM-entry > control is 1 > — Bits 1:0 must be 0. > — If the processor supports the Intel 64 architecture, bits 63:N must be > identical, where N is the CPU’s maximum linear-address width. (This check > does not apply if the processor supports 64 linear-address bits.) The guest > SSP value is not required to be canonical; the value of bit N-1 may differ > from that of bit N. > > In particular it doesn't mention the "IA-32e mode guest" VM-entry control or > the CS.L bit anymore, so it should not be necessary anymore to even reset > SSP to 0, and you can keep GUEST_SSP in the VMCS. > The vm-entry failure issue is due to mismatch of MSR_KVM_GUEST_SSP between QEMU and KVM. The original code is occupied by other usage, so QEMU cannot reset it properly. Sorry for the noise! > Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH v14 11/13] KVM: VMX: Pass through CET MSRs to the guest when supported 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (9 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2021-01-28 17:54 ` Paolo Bonzini 2020-11-06 1:16 ` [PATCH v14 12/13] KVM: nVMX: Add helper to check the vmcs01 MSR bitmap for MSR pass-through Yang Weijiang ` (2 subsequent siblings) 13 siblings, 1 reply; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Pass through all CET MSRs when the associated CET component (kernel vs. user) is enabled to improve guest performance. All CET MSRs are context switched, either via dedicated VMCS fields or XSAVES. Co-developed-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> Signed-off-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/vmx/vmx.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index c88a6e1721b1..6ba2027a3d44 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7366,6 +7366,32 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) vmx->pt_desc.ctl_bitmask &= ~(0xfULL << (32 + i * 4)); } +static bool is_cet_state_supported(struct kvm_vcpu *vcpu, u32 xss_state) +{ + return (vcpu->arch.guest_supported_xss & xss_state) && + (guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) || + guest_cpuid_has(vcpu, X86_FEATURE_IBT)); +} + +static void vmx_update_intercept_for_cet_msr(struct kvm_vcpu *vcpu) +{ + bool incpt = !is_cet_state_supported(vcpu, XFEATURE_MASK_CET_USER); + + vmx_set_intercept_for_msr(vcpu, MSR_IA32_U_CET, MSR_TYPE_RW, incpt); + + incpt |= !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP, MSR_TYPE_RW, incpt); + + incpt = !is_cet_state_supported(vcpu, XFEATURE_MASK_CET_KERNEL); + vmx_set_intercept_for_msr(vcpu, MSR_IA32_S_CET, MSR_TYPE_RW, incpt); + + incpt |= !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); + vmx_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB, MSR_TYPE_RW, incpt); + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP, MSR_TYPE_RW, incpt); + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP, MSR_TYPE_RW, incpt); + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP, MSR_TYPE_RW, incpt); +} + static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); @@ -7409,6 +7435,9 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) /* Refresh #PF interception to account for MAXPHYADDR changes. */ update_exception_bitmap(vcpu); + + if (kvm_cet_supported()) + vmx_update_intercept_for_cet_msr(vcpu); } static __init void vmx_set_cpu_caps(void) -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH v14 11/13] KVM: VMX: Pass through CET MSRs to the guest when supported 2020-11-06 1:16 ` [PATCH v14 11/13] KVM: VMX: Pass through CET MSRs to the guest when supported Yang Weijiang @ 2021-01-28 17:54 ` Paolo Bonzini 2021-01-28 18:04 ` Paolo Bonzini 0 siblings, 1 reply; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 17:54 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson Cc: yu.c.zhang On 06/11/20 02:16, Yang Weijiang wrote: > Pass through all CET MSRs when the associated CET component (kernel vs. > user) is enabled to improve guest performance. All CET MSRs are context > switched, either via dedicated VMCS fields or XSAVES. > > Co-developed-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> > Signed-off-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> > Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> > --- > arch/x86/kvm/vmx/vmx.c | 29 +++++++++++++++++++++++++++++ > 1 file changed, 29 insertions(+) > > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > index c88a6e1721b1..6ba2027a3d44 100644 > --- a/arch/x86/kvm/vmx/vmx.c > +++ b/arch/x86/kvm/vmx/vmx.c > @@ -7366,6 +7366,32 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) > vmx->pt_desc.ctl_bitmask &= ~(0xfULL << (32 + i * 4)); > } > > +static bool is_cet_state_supported(struct kvm_vcpu *vcpu, u32 xss_state) > +{ > + return (vcpu->arch.guest_supported_xss & xss_state) && > + (guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) || > + guest_cpuid_has(vcpu, X86_FEATURE_IBT)); > +} > + > +static void vmx_update_intercept_for_cet_msr(struct kvm_vcpu *vcpu) > +{ > + bool incpt = !is_cet_state_supported(vcpu, XFEATURE_MASK_CET_USER); > + > + vmx_set_intercept_for_msr(vcpu, MSR_IA32_U_CET, MSR_TYPE_RW, incpt); > + > + incpt |= !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); > + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP, MSR_TYPE_RW, incpt); > + > + incpt = !is_cet_state_supported(vcpu, XFEATURE_MASK_CET_KERNEL); > + vmx_set_intercept_for_msr(vcpu, MSR_IA32_S_CET, MSR_TYPE_RW, incpt); > + > + incpt |= !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); > + vmx_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB, MSR_TYPE_RW, incpt); > + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP, MSR_TYPE_RW, incpt); > + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP, MSR_TYPE_RW, incpt); > + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP, MSR_TYPE_RW, incpt); > +} > + > static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) > { > struct vcpu_vmx *vmx = to_vmx(vcpu); > @@ -7409,6 +7435,9 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) > > /* Refresh #PF interception to account for MAXPHYADDR changes. */ > update_exception_bitmap(vcpu); > + > + if (kvm_cet_supported()) > + vmx_update_intercept_for_cet_msr(vcpu); > } > > static __init void vmx_set_cpu_caps(void) > Can you do this only if CR4.CET=1? Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 11/13] KVM: VMX: Pass through CET MSRs to the guest when supported 2021-01-28 17:54 ` Paolo Bonzini @ 2021-01-28 18:04 ` Paolo Bonzini 0 siblings, 0 replies; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 18:04 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, sean.j.christopherson, jmattson Cc: yu.c.zhang On 28/01/21 18:54, Paolo Bonzini wrote: > On 06/11/20 02:16, Yang Weijiang wrote: >> Pass through all CET MSRs when the associated CET component (kernel vs. >> user) is enabled to improve guest performance. All CET MSRs are context >> switched, either via dedicated VMCS fields or XSAVES. >> >> Co-developed-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> >> Signed-off-by: Zhang Yi Z <yi.z.zhang@linux.intel.com> >> Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> >> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> >> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> >> --- >> arch/x86/kvm/vmx/vmx.c | 29 +++++++++++++++++++++++++++++ >> 1 file changed, 29 insertions(+) >> >> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c >> index c88a6e1721b1..6ba2027a3d44 100644 >> --- a/arch/x86/kvm/vmx/vmx.c >> +++ b/arch/x86/kvm/vmx/vmx.c >> @@ -7366,6 +7366,32 @@ static void update_intel_pt_cfg(struct kvm_vcpu >> *vcpu) >> vmx->pt_desc.ctl_bitmask &= ~(0xfULL << (32 + i * 4)); >> } >> +static bool is_cet_state_supported(struct kvm_vcpu *vcpu, u32 xss_state) >> +{ >> + return (vcpu->arch.guest_supported_xss & xss_state) && >> + (guest_cpuid_has(vcpu, X86_FEATURE_SHSTK) || >> + guest_cpuid_has(vcpu, X86_FEATURE_IBT)); >> +} >> + >> +static void vmx_update_intercept_for_cet_msr(struct kvm_vcpu *vcpu) >> +{ >> + bool incpt = !is_cet_state_supported(vcpu, XFEATURE_MASK_CET_USER); >> + >> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_U_CET, MSR_TYPE_RW, incpt); >> + >> + incpt |= !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); >> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP, MSR_TYPE_RW, >> incpt); >> + >> + incpt = !is_cet_state_supported(vcpu, XFEATURE_MASK_CET_KERNEL); >> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_S_CET, MSR_TYPE_RW, incpt); >> + >> + incpt |= !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK); >> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB, >> MSR_TYPE_RW, incpt); >> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP, MSR_TYPE_RW, >> incpt); >> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP, MSR_TYPE_RW, >> incpt); >> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP, MSR_TYPE_RW, >> incpt); >> +} >> + >> static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) >> { >> struct vcpu_vmx *vmx = to_vmx(vcpu); >> @@ -7409,6 +7435,9 @@ static void vmx_vcpu_after_set_cpuid(struct >> kvm_vcpu *vcpu) >> /* Refresh #PF interception to account for MAXPHYADDR changes. */ >> update_exception_bitmap(vcpu); >> + >> + if (kvm_cet_supported()) >> + vmx_update_intercept_for_cet_msr(vcpu); >> } >> static __init void vmx_set_cpu_caps(void) >> > > Can you do this only if CR4.CET=1? Actually, considering this is XSAVES and not RDMSR/WRMSR state, this is okay as is. Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH v14 12/13] KVM: nVMX: Add helper to check the vmcs01 MSR bitmap for MSR pass-through 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (10 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 11/13] KVM: VMX: Pass through CET MSRs to the guest when supported Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2020-11-06 1:16 ` [PATCH v14 13/13] KVM: nVMX: Enable CET support for nested VMX Yang Weijiang 2021-01-28 17:57 ` [PATCH v14 00/13] Introduce support for guest CET feature Paolo Bonzini 13 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Add a helper to perform the check on the vmcs01/l01 MSR bitmap when disabling interception of an MSR for L2. This reduces the boilerplate for the existing cases, and will be used heavily in a future patch for CET MSRs. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/vmx/nested.c | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 89af692deb7e..8abc7bdd94f7 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -544,6 +544,17 @@ static void nested_vmx_disable_intercept_for_msr(unsigned long *msr_bitmap_l1, } } +static void nested_vmx_cond_disable_intercept_for_msr(struct kvm_vcpu *vcpu, u32 msr, + unsigned long *bitmap_12, + unsigned long *bitmap_02, + int type) +{ + if (msr_write_intercepted_l01(vcpu, msr)) + return; + + nested_vmx_disable_intercept_for_msr(bitmap_12, bitmap_02, msr, type); +} + static inline void enable_x2apic_msr_intercepts(unsigned long *msr_bitmap) { int msr; @@ -640,17 +651,13 @@ static inline bool nested_vmx_prepare_msr_bitmap(struct kvm_vcpu *vcpu, * updated to reflect this when L1 (or its L2s) actually write to * the MSR. */ - if (!msr_write_intercepted_l01(vcpu, MSR_IA32_SPEC_CTRL)) - nested_vmx_disable_intercept_for_msr( - msr_bitmap_l1, msr_bitmap_l0, - MSR_IA32_SPEC_CTRL, - MSR_TYPE_R | MSR_TYPE_W); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_SPEC_CTRL, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_R | MSR_TYPE_W); - if (!msr_write_intercepted_l01(vcpu, MSR_IA32_PRED_CMD)) - nested_vmx_disable_intercept_for_msr( - msr_bitmap_l1, msr_bitmap_l0, - MSR_IA32_PRED_CMD, - MSR_TYPE_W); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_PRED_CMD, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_W); kvm_vcpu_unmap(vcpu, &to_vmx(vcpu)->nested.msr_bitmap_map, false); -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH v14 13/13] KVM: nVMX: Enable CET support for nested VMX 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (11 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 12/13] KVM: nVMX: Add helper to check the vmcs01 MSR bitmap for MSR pass-through Yang Weijiang @ 2020-11-06 1:16 ` Yang Weijiang 2021-01-28 17:57 ` [PATCH v14 00/13] Introduce support for guest CET feature Paolo Bonzini 13 siblings, 0 replies; 32+ messages in thread From: Yang Weijiang @ 2020-11-06 1:16 UTC (permalink / raw) To: kvm, linux-kernel, pbonzini, sean.j.christopherson, jmattson Cc: yu.c.zhang, Yang Weijiang Add vmcs12 fields for all CET fields, pass-through CET MSRs to L2 when possible, and enumerate the VMCS controls and CR4 bit as supported. Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/vmx/nested.c | 30 ++++++++++++++++++++++++++++-- arch/x86/kvm/vmx/vmcs12.c | 6 ++++++ arch/x86/kvm/vmx/vmcs12.h | 14 +++++++++++++- arch/x86/kvm/vmx/vmx.c | 1 + 4 files changed, 48 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 8abc7bdd94f7..0fe18986c259 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -638,6 +638,29 @@ static inline bool nested_vmx_prepare_msr_bitmap(struct kvm_vcpu *vcpu, nested_vmx_disable_intercept_for_msr(msr_bitmap_l1, msr_bitmap_l0, MSR_KERNEL_GS_BASE, MSR_TYPE_RW); + /* Pass CET MSRs to nested VM if L0 and L1 are set to pass-through. */ + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_U_CET, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_RW); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_RW); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_S_CET, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_RW); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_RW); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_RW); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_RW); + nested_vmx_cond_disable_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB, + msr_bitmap_l1, msr_bitmap_l0, + MSR_TYPE_RW); + /* * Checking the L0->L1 bitmap is trying to verify two things: * @@ -6336,7 +6359,9 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, u32 ept_caps) VM_EXIT_HOST_ADDR_SPACE_SIZE | #endif VM_EXIT_LOAD_IA32_PAT | VM_EXIT_SAVE_IA32_PAT | - VM_EXIT_CLEAR_BNDCFGS | VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; + VM_EXIT_CLEAR_BNDCFGS | VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL | + VM_EXIT_LOAD_CET_STATE; + msrs->exit_ctls_high |= VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR | VM_EXIT_LOAD_IA32_EFER | VM_EXIT_SAVE_IA32_EFER | @@ -6356,7 +6381,8 @@ void nested_vmx_setup_ctls_msrs(struct nested_vmx_msrs *msrs, u32 ept_caps) VM_ENTRY_IA32E_MODE | #endif VM_ENTRY_LOAD_IA32_PAT | VM_ENTRY_LOAD_BNDCFGS | - VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; + VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL | VM_ENTRY_LOAD_CET_STATE; + msrs->entry_ctls_high |= (VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR | VM_ENTRY_LOAD_IA32_EFER); diff --git a/arch/x86/kvm/vmx/vmcs12.c b/arch/x86/kvm/vmx/vmcs12.c index c8e51c004f78..8fd8e0beecef 100644 --- a/arch/x86/kvm/vmx/vmcs12.c +++ b/arch/x86/kvm/vmx/vmcs12.c @@ -137,6 +137,9 @@ const unsigned short vmcs_field_to_offset_table[] = { FIELD(GUEST_PENDING_DBG_EXCEPTIONS, guest_pending_dbg_exceptions), FIELD(GUEST_SYSENTER_ESP, guest_sysenter_esp), FIELD(GUEST_SYSENTER_EIP, guest_sysenter_eip), + FIELD(GUEST_S_CET, guest_s_cet), + FIELD(GUEST_SSP, guest_ssp), + FIELD(GUEST_INTR_SSP_TABLE, guest_ssp_tbl), FIELD(HOST_CR0, host_cr0), FIELD(HOST_CR3, host_cr3), FIELD(HOST_CR4, host_cr4), @@ -149,5 +152,8 @@ const unsigned short vmcs_field_to_offset_table[] = { FIELD(HOST_IA32_SYSENTER_EIP, host_ia32_sysenter_eip), FIELD(HOST_RSP, host_rsp), FIELD(HOST_RIP, host_rip), + FIELD(HOST_S_CET, host_s_cet), + FIELD(HOST_SSP, host_ssp), + FIELD(HOST_INTR_SSP_TABLE, host_ssp_tbl), }; const unsigned int nr_vmcs12_fields = ARRAY_SIZE(vmcs_field_to_offset_table); diff --git a/arch/x86/kvm/vmx/vmcs12.h b/arch/x86/kvm/vmx/vmcs12.h index 80232daf00ff..016896c9e701 100644 --- a/arch/x86/kvm/vmx/vmcs12.h +++ b/arch/x86/kvm/vmx/vmcs12.h @@ -115,7 +115,13 @@ struct __packed vmcs12 { natural_width host_ia32_sysenter_eip; natural_width host_rsp; natural_width host_rip; - natural_width paddingl[8]; /* room for future expansion */ + natural_width host_s_cet; + natural_width host_ssp; + natural_width host_ssp_tbl; + natural_width guest_s_cet; + natural_width guest_ssp; + natural_width guest_ssp_tbl; + natural_width paddingl[2]; /* room for future expansion */ u32 pin_based_vm_exec_control; u32 cpu_based_vm_exec_control; u32 exception_bitmap; @@ -295,6 +301,12 @@ static inline void vmx_check_vmcs12_offsets(void) CHECK_OFFSET(host_ia32_sysenter_eip, 656); CHECK_OFFSET(host_rsp, 664); CHECK_OFFSET(host_rip, 672); + CHECK_OFFSET(host_s_cet, 680); + CHECK_OFFSET(host_ssp, 688); + CHECK_OFFSET(host_ssp_tbl, 696); + CHECK_OFFSET(guest_s_cet, 704); + CHECK_OFFSET(guest_ssp, 712); + CHECK_OFFSET(guest_ssp_tbl, 720); CHECK_OFFSET(pin_based_vm_exec_control, 744); CHECK_OFFSET(cpu_based_vm_exec_control, 748); CHECK_OFFSET(exception_bitmap, 752); diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 6ba2027a3d44..5a3e2ff4d7ad 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7276,6 +7276,7 @@ static void nested_vmx_cr_fixed1_bits_update(struct kvm_vcpu *vcpu) cr4_fixed1_update(X86_CR4_PKE, ecx, feature_bit(PKU)); cr4_fixed1_update(X86_CR4_UMIP, ecx, feature_bit(UMIP)); cr4_fixed1_update(X86_CR4_LA57, ecx, feature_bit(LA57)); + cr4_fixed1_update(X86_CR4_CET, ecx, feature_bit(SHSTK)); #undef cr4_fixed1_update } -- 2.17.2 ^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH v14 00/13] Introduce support for guest CET feature 2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang ` (12 preceding siblings ...) 2020-11-06 1:16 ` [PATCH v14 13/13] KVM: nVMX: Enable CET support for nested VMX Yang Weijiang @ 2021-01-28 17:57 ` Paolo Bonzini 2021-01-28 18:04 ` Sean Christopherson 13 siblings, 1 reply; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 17:57 UTC (permalink / raw) To: Yang Weijiang, kvm, linux-kernel, jmattson, Sean Christopherson Cc: yu.c.zhang On 06/11/20 02:16, Yang Weijiang wrote: > Control-flow Enforcement Technology (CET) provides protection against > Return/Jump-Oriented Programming (ROP/JOP) attack. There're two CET > sub-features: Shadow Stack (SHSTK) and Indirect Branch Tracking (IBT). > SHSTK is to prevent ROP programming and IBT is to prevent JOP programming. > > Several parts in KVM have been updated to provide VM CET support, including: > CPUID/XSAVES config, MSR pass-through, user space MSR access interface, > vmentry/vmexit config, nested VM etc. These patches have dependency on CET > kernel patches for xsaves support and CET definitions, e.g., MSR and related > feature flags. > > CET kernel patches are here: > SHSTK: https://lkml.kernel.org/r/20201012153850.26996-1-yu-cheng.yu@intel.com/ > IBT: https://lkml.kernel.org/r/20201012154530.28382-1-yu-cheng.yu@intel.com/ > > CET QEMU patch: > https://patchwork.ozlabs.org/project/qemu-devel/patch/20201013051935.6052-2-weijiang.yang@intel.com/ > KVM Unit test: > https://patchwork.kernel.org/project/kvm/patch/20200506082110.25441-12-weijiang.yang@intel.com/ > > v14: > - Sean refactored v13 patchset then came out v14-rc1, this version is > rebased on top of 5.10-rc1 and tested on TGL. > - Fixed a few minor issues found during test, such as nested CET broken, > call-trace and guest reboot failure etc. > - Original v14-rc1 is here: https://github.com/sean-jc/linux/tree/vmx/cet. > > v13: > - Added CET definitions as a separate patch to facilitate KVM test. > - Disabled CET support in KVM if unrestricted_guest is turned off since > in this case CET related instructions/infrastructure cannot be emulated > well. > > v12: > - Fixed a few issues per Sean and Paolo's review feeback. > - Refactored patches to make them properly arranged. > - Removed unnecessary hard-coded CET states for host/guest. > - Added compile-time assertions for vmcs_field_to_offset_table to detect > mismatch of the field type and field encoding number. > - Added a custom MSR MSR_KVM_GUEST_SSP for guest active SSP save/restore. > - Rebased patches to 5.7-rc3. > > v11: > - Fixed a guest vmentry failure issue when guest reboots. > - Used vm_xxx_control_{set, clear}bit() to avoid side effect, it'll > clear cached data instead of pure VMCS field bits. > - Added vcpu->arch.guest_supported_xss dedidated for guest runtime mask, > this avoids supported_xss overwritten issue caused by an old qemu. > - Separated vmentry/vmexit state setting with CR0/CR4 dependency check > to make the patch more clear. > - Added CET VMCS states in dump_vmcs() for debugging purpose. > - Other refactor based on testing. > - This patch serial is built on top of below branch and CET kernel patches > for seeking xsaves support. > > v10: > - Refactored code per Sean's review feedback. > - Added CET support for nested VM. > - Removed fix-patch for CPUID(0xd,N) enumeration as this part is done > by Paolo and Sean. > - This new patchset is based on Paolo's queued cpu_caps branch. > - Modified patch per XSAVES related change. > - Consolidated KVM unit-test patch with KVM patches. > > v9: > - Refactored msr-check functions per Sean's feedback. > - Fixed a few issues per Sean's suggestion. > - Rebased patch to kernel-v5.4. > - Moved CET CPUID feature bits and CR4.CET to last patch. > > v8: > - Addressed Jim and Sean's feedback on: 1) CPUID(0xD,i) enumeration. 2) > sanity check when configure guest CET. 3) function improvement. > - Added more sanity check functions. > - Set host vmexit default status so that guest won't leak CET status to > host when vmexit. > - Added CR0.WP vs. CR4.CET mutual constrains. > > v7: > - Rebased patch to kernel v5.3 > - Sean suggested to change CPUID(0xd, n) enumeration code as alined with > existing one, and I think it's better to make the fix as an independent patch > since XSS MSR are being used widely on X86 platforms. > - Check more host and guest status before configure guest CET > per Sean's feedback. > - Add error-check before guest accesses CET MSRs per Sean's feedback. > - Other minor fixes suggested by Sean. > > v6: > - Rebase patch to kernel v5.2. > - Move CPUID(0xD, n>=1) helper to a seperate patch. > - Merge xsave size fix with other patch. > - Other minor fixes per community feedback. > > v5: > - Rebase patch to kernel v5.1. > - Wrap CPUID(0xD, n>=1) code to a helper function. > - Pass through MSR_IA32_PL1_SSP and MSR_IA32_PL2_SSP to Guest. > - Add Co-developed-by expression in patch description. > - Refine patch description. > > v4: > - Add Sean's patch for loading Guest fpu state before access XSAVES > managed CET MSRs. > - Melt down CET bits setting into CPUID configuration patch. > - Add VMX interface to query Host XSS. > - Check Host and Guest XSS support bits before set Guest XSS. > - Make Guest SHSTK and IBT feature enabling independent. > - Do not report CET support to Guest when Host CET feature is Disabled. > > v3: > - Modified patches to make Guest CET independent to Host enabling. > - Added patch 8 to add user space access for Guest CET MSR access. > - Modified code comments and patch description to reflect changes. > > v2: > - Re-ordered patch sequence, combined one patch. > - Added more description for CET related VMCS fields. > - Added Host CET capability check while enabling Guest CET loading bit. > - Added Host CET capability check while reporting Guest CPUID(EAX=7, EXC=0). > - Modified code in reporting Guest CPUID(EAX=D,ECX>=1), make it clearer. > - Added Host and Guest XSS mask check while setting bits for Guest XSS. > > > Sean Christopherson (2): > KVM: x86: Report XSS as an MSR to be saved if there are supported features > KVM: x86: Load guest fpu state when accessing MSRs managed by XSAVES > > Yang Weijiang (11): > KVM: x86: Refresh CPUID on writes to MSR_IA32_XSS > KVM: x86: Add #CP support in guest exception dispatch > KVM: VMX: Introduce CET VMCS fields and flags > KVM: x86: Add fault checks for CR4.CET > KVM: VMX: Emulate reads and writes to CET MSRs > KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP > KVM: x86: Report CET MSRs as to-be-saved if CET is supported > KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace > KVM: VMX: Pass through CET MSRs to the guest when supported > KVM: nVMX: Add helper to check the vmcs01 MSR bitmap for MSR pass-through > KVM: nVMX: Enable CET support for nested VMX > > arch/x86/include/asm/kvm_host.h | 4 +- > arch/x86/include/asm/vmx.h | 8 ++ > arch/x86/include/uapi/asm/kvm.h | 1 + > arch/x86/include/uapi/asm/kvm_para.h | 1 + > arch/x86/kvm/cpuid.c | 26 +++- > arch/x86/kvm/vmx/capabilities.h | 5 + > arch/x86/kvm/vmx/nested.c | 57 ++++++-- > arch/x86/kvm/vmx/vmcs12.c | 6 + > arch/x86/kvm/vmx/vmcs12.h | 14 +- > arch/x86/kvm/vmx/vmx.c | 207 ++++++++++++++++++++++++++- > arch/x86/kvm/x86.c | 56 +++++++- > arch/x86/kvm/x86.h | 10 +- > 12 files changed, 370 insertions(+), 25 deletions(-) > I reviewed the patch and it is mostly okay. However, if I understand it correctly, it will not do anything until host support materializes, because otherwise XSS will be 0. If this is the case, I plan to apply locally v15 and hold on it until the host code is committed. Paolo ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 00/13] Introduce support for guest CET feature 2021-01-28 17:57 ` [PATCH v14 00/13] Introduce support for guest CET feature Paolo Bonzini @ 2021-01-28 18:04 ` Sean Christopherson 2021-01-28 18:06 ` Paolo Bonzini 0 siblings, 1 reply; 32+ messages in thread From: Sean Christopherson @ 2021-01-28 18:04 UTC (permalink / raw) To: Paolo Bonzini; +Cc: Yang Weijiang, kvm, linux-kernel, jmattson, yu.c.zhang On Thu, Jan 28, 2021, Paolo Bonzini wrote: > On 06/11/20 02:16, Yang Weijiang wrote: > > Control-flow Enforcement Technology (CET) provides protection against > > Return/Jump-Oriented Programming (ROP/JOP) attack. There're two CET > > sub-features: Shadow Stack (SHSTK) and Indirect Branch Tracking (IBT). > > SHSTK is to prevent ROP programming and IBT is to prevent JOP programming. ... > I reviewed the patch and it is mostly okay. However, if I understand it > correctly, it will not do anything until host support materializes, because > otherwise XSS will be 0. IIRC, it won't even compile due to the X86_FEATURE_SHSTK and X86_FEATURE_IBT dependencies. > If this is the case, I plan to apply locally v15 and hold on it until the > host code is committed. > > Paolo > ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 00/13] Introduce support for guest CET feature 2021-01-28 18:04 ` Sean Christopherson @ 2021-01-28 18:06 ` Paolo Bonzini 2021-01-28 18:24 ` Sean Christopherson 0 siblings, 1 reply; 32+ messages in thread From: Paolo Bonzini @ 2021-01-28 18:06 UTC (permalink / raw) To: Sean Christopherson Cc: Yang Weijiang, kvm, linux-kernel, jmattson, yu.c.zhang On 28/01/21 19:04, Sean Christopherson wrote: > On Thu, Jan 28, 2021, Paolo Bonzini wrote: >> On 06/11/20 02:16, Yang Weijiang wrote: >>> Control-flow Enforcement Technology (CET) provides protection against >>> Return/Jump-Oriented Programming (ROP/JOP) attack. There're two CET >>> sub-features: Shadow Stack (SHSTK) and Indirect Branch Tracking (IBT). >>> SHSTK is to prevent ROP programming and IBT is to prevent JOP programming. > > ... > >> I reviewed the patch and it is mostly okay. However, if I understand it >> correctly, it will not do anything until host support materializes, because >> otherwise XSS will be 0. > > IIRC, it won't even compile due to the X86_FEATURE_SHSTK and X86_FEATURE_IBT > dependencies. Of course, but if that was the only issue I would sort it out with Boris as usual. OTOH if it is dead code I won't push it to Linus. Paolo >> If this is the case, I plan to apply locally v15 and hold on it until the >> host code is committed. >> >> Paolo >> > ^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH v14 00/13] Introduce support for guest CET feature 2021-01-28 18:06 ` Paolo Bonzini @ 2021-01-28 18:24 ` Sean Christopherson 0 siblings, 0 replies; 32+ messages in thread From: Sean Christopherson @ 2021-01-28 18:24 UTC (permalink / raw) To: Paolo Bonzini; +Cc: Yang Weijiang, kvm, linux-kernel, jmattson, yu.c.zhang On Thu, Jan 28, 2021, Paolo Bonzini wrote: > On 28/01/21 19:04, Sean Christopherson wrote: > > On Thu, Jan 28, 2021, Paolo Bonzini wrote: > > > On 06/11/20 02:16, Yang Weijiang wrote: > > > > Control-flow Enforcement Technology (CET) provides protection against > > > > Return/Jump-Oriented Programming (ROP/JOP) attack. There're two CET > > > > sub-features: Shadow Stack (SHSTK) and Indirect Branch Tracking (IBT). > > > > SHSTK is to prevent ROP programming and IBT is to prevent JOP programming. > > > > ... > > > > > I reviewed the patch and it is mostly okay. However, if I understand it > > > correctly, it will not do anything until host support materializes, because > > > otherwise XSS will be 0. > > > > IIRC, it won't even compile due to the X86_FEATURE_SHSTK and X86_FEATURE_IBT > > dependencies. > > Of course, but if that was the only issue I would sort it out with Boris as > usual. OTOH if it is dead code I won't push it to Linus. Yes, at best it's dead code. At worst, if it somehow became undead, the guest state would bleed into the host and wouldn't be migrated as the kernel wouldn't touch CET state when doing XSAVES/XRSTORS. I floated the idea of pulling in just enough of the kernel bits to enable KVM, but that didn't go anywhere. https://lkml.kernel.org/r/20200723162531.GF21891@linux.intel.com ^ permalink raw reply [flat|nested] 32+ messages in thread
end of thread, other threads:[~2021-02-01 4:46 UTC | newest]
Thread overview: 32+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-06 1:16 [PATCH v14 00/13] Introduce support for guest CET feature Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 01/13] KVM: x86: Report XSS as an MSR to be saved if there are supported features Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 02/13] KVM: x86: Refresh CPUID on writes to MSR_IA32_XSS Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 03/13] KVM: x86: Add #CP support in guest exception dispatch Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 04/13] KVM: VMX: Introduce CET VMCS fields and flags Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 05/13] KVM: x86: Add fault checks for CR4.CET Yang Weijiang
2020-11-09 10:44 ` kernel test robot
2020-11-06 1:16 ` [PATCH v14 06/13] KVM: x86: Load guest fpu state when accessing MSRs managed by XSAVES Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 07/13] KVM: VMX: Emulate reads and writes to CET MSRs Yang Weijiang
2021-01-28 17:45 ` Paolo Bonzini
2021-01-29 8:07 ` Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 08/13] KVM: VMX: Add a synthetic MSR to allow userspace VMM to access GUEST_SSP Yang Weijiang
2021-01-28 17:41 ` Paolo Bonzini
2021-01-28 17:42 ` Paolo Bonzini
2020-11-06 1:16 ` [PATCH v14 09/13] KVM: x86: Report CET MSRs as to-be-saved if CET is supported Yang Weijiang
2020-11-09 6:17 ` kernel test robot
2021-01-28 17:46 ` Paolo Bonzini
2021-01-29 8:08 ` Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 10/13] KVM: x86: Enable CET virtualization for VMX and advertise CET to userspace Yang Weijiang
2020-11-09 7:23 ` kernel test robot
2021-01-28 17:53 ` Paolo Bonzini
[not found] ` <20210129112437.GA29715@local-michael-cet-test.sh.intel.com>
[not found] ` <68e288ee-6e09-36f1-a6c9-bed864eb7678@redhat.com>
[not found] ` <20210129121717.GA30243@local-michael-cet-test.sh.intel.com>
[not found] ` <1cf7e501-2c69-8b76-9332-42db1348ab08@redhat.com>
2021-01-30 6:32 ` Yang Weijiang
2021-02-01 4:56 ` Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 11/13] KVM: VMX: Pass through CET MSRs to the guest when supported Yang Weijiang
2021-01-28 17:54 ` Paolo Bonzini
2021-01-28 18:04 ` Paolo Bonzini
2020-11-06 1:16 ` [PATCH v14 12/13] KVM: nVMX: Add helper to check the vmcs01 MSR bitmap for MSR pass-through Yang Weijiang
2020-11-06 1:16 ` [PATCH v14 13/13] KVM: nVMX: Enable CET support for nested VMX Yang Weijiang
2021-01-28 17:57 ` [PATCH v14 00/13] Introduce support for guest CET feature Paolo Bonzini
2021-01-28 18:04 ` Sean Christopherson
2021-01-28 18:06 ` Paolo Bonzini
2021-01-28 18:24 ` Sean Christopherson
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).