lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3ced155309e5c3a01815ec39bb69016ca06316b6.camel@linux.intel.com>
Date:   Fri, 08 Mar 2019 14:10:30 +0800
From:   Xiaoyao Li <xiaoyao.li@...ux.intel.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        Fenghua Yu <fenghua.yu@...el.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        H Peter Anvin <hpa@...or.com>,
        Dave Hansen <dave.hansen@...el.com>,
        Ashok Raj <ashok.raj@...el.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Ravi V Shankar <ravi.v.shankar@...el.com>
Cc:     linux-kernel <linux-kernel@...r.kernel.org>, x86 <x86@...nel.org>,
        kvm@...r.kernel.org
Subject: Re: [PATCH v4 16/17] kvm: x86: Add support IA32_CORE_CAPABILITY MSR

Hi, Paolo

On Mon, 2019-03-04 at 09:42 +0100, Paolo Bonzini wrote:
> On 02/03/19 03:45, Fenghua Yu wrote:
> > From: Xiaoyao Li <xiaoyao.li@...ux.intel.com>
> > 
> > MSR IA32_CORE_CAPABILITY is a feature-enumerating MSR, bit 5 of which
> > reports the capability of enabling detection of split locks (will be
> > supported on future processors based on Tremont microarchitecture and
> > later).
> > 
> > Please check the latest Intel Architecture Instruction Set Extensions
> > and Future Features Programming Reference for more detailed information
> > on the MSR and the split lock bit.
> > 
> > 1. Expose it to user space as a feature-enumerating MSR, so that user
> > space can query it.
> > 
> > 2. Emualte MSR_IA32_CORE_CAPABILITY with vmx->core_capability. And add the
> > get and set handler of MSR_IA32_CORE_CAPABILITY.
> >    For uesrspace, it can set this MSR when customizing features of guest,
> > also it can read the value of this MSR of guest.
> >    For guest, as it's a feature-enumerating MSR, guest only can read it.
> > 
> > Signed-off-by: Xiaoyao Li <xiaoyao.li@...ux.intel.com>
> > Signed-off-by: Fenghua Yu <fenghua.yu@...el.com>
> > ---
> >  arch/x86/include/asm/kvm_host.h |  1 +
> >  arch/x86/kvm/vmx/vmx.c          | 23 +++++++++++++++++++++++
> >  arch/x86/kvm/vmx/vmx.h          |  1 +
> >  arch/x86/kvm/x86.c              | 17 ++++++++++++++++-
> >  4 files changed, 41 insertions(+), 1 deletion(-)
> > 
> > diff --git a/arch/x86/include/asm/kvm_host.h
> > b/arch/x86/include/asm/kvm_host.h
> > index 180373360e34..208f15570d17 100644
> > --- a/arch/x86/include/asm/kvm_host.h
> > +++ b/arch/x86/include/asm/kvm_host.h
> > @@ -1527,6 +1527,7 @@ int kvm_pv_send_ipi(struct kvm *kvm, unsigned long
> > ipi_bitmap_low,
> >  		    unsigned long icr, int op_64_bit);
> >  
> >  u64 kvm_get_arch_capabilities(void);
> > +u64 kvm_get_core_capability(void);
> >  void kvm_define_shared_msr(unsigned index, u32 msr);
> >  int kvm_set_shared_msr(unsigned index, u64 val, u64 mask);
> >  
> > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> > index 30a6bcd735ec..3e03c6e1e558 100644
> > --- a/arch/x86/kvm/vmx/vmx.c
> > +++ b/arch/x86/kvm/vmx/vmx.c
> > @@ -1679,6 +1679,12 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct
> > msr_data *msr_info)
> >  
> >  		msr_info->data = to_vmx(vcpu)->spec_ctrl;
> >  		break;
> > +	case MSR_IA32_CORE_CAPABILITY:
> > +		if (!msr_info->host_initiated &&
> > +		    !guest_cpuid_has(vcpu, X86_FEATURE_CORE_CAPABILITY))
> > +			return 1;
> > +		msr_info->data = vmx->core_capability;
> > +		break;
> >  	case MSR_IA32_ARCH_CAPABILITIES:
> >  		if (!msr_info->host_initiated &&
> >  		    !guest_cpuid_has(vcpu, X86_FEATURE_ARCH_CAPABILITIES))
> > @@ -1891,6 +1897,21 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct
> > msr_data *msr_info)
> >  		vmx_disable_intercept_for_msr(vmx->vmcs01.msr_bitmap,
> > MSR_IA32_PRED_CMD,
> >  					      MSR_TYPE_W);
> >  		break;
> > +	case MSR_IA32_CORE_CAPABILITY:
> > +		if (!msr_info->host_initiated)
> > +			return 1;
> > +		if (data & ~CORE_CAP_SPLIT_LOCK_DETECT)
> > +			return 1;
> > +
> > +		/*
> > +		 * Since AC split lock is a hardware feature, and there is no
> > +		 * software emulation yet, we cannot enable it for guest if
> > +		 * host hardware doesn't support it.
> > +		 */
> > +		if (!boot_cpu_has(X86_FEATURE_SPLIT_LOCK_DETECT))
> > +			data &= ~CORE_CAP_SPLIT_LOCK_DETECT;
> > +		vmx->core_capability = data;
> > +		break;
> >  	case MSR_IA32_ARCH_CAPABILITIES:
> >  		if (!msr_info->host_initiated)
> >  			return 1;
> > @@ -4083,6 +4104,8 @@ static void vmx_vcpu_setup(struct vcpu_vmx *vmx)
> >  		++vmx->nmsrs;
> >  	}
> >  
> > +	vmx->core_capability = kvm_get_core_capability();
> > +
> >  	vmx->arch_capabilities = kvm_get_arch_capabilities();
> >  
> >  	vm_exit_controls_init(vmx, vmx_vmexit_ctrl());
> > diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
> > index 0ac0a64c7790..cc22379991f3 100644
> > --- a/arch/x86/kvm/vmx/vmx.h
> > +++ b/arch/x86/kvm/vmx/vmx.h
> > @@ -191,6 +191,7 @@ struct vcpu_vmx {
> >  	u64		      msr_guest_kernel_gs_base;
> >  #endif
> >  
> > +	u64		      core_capability;
> >  	u64		      arch_capabilities;
> >  	u64		      spec_ctrl;
> >  
> > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> > index 941f932373d0..c3c9e3f2d08a 100644
> > --- a/arch/x86/kvm/x86.c
> > +++ b/arch/x86/kvm/x86.c
> > @@ -1125,7 +1125,8 @@ static u32 msrs_to_save[] = {
> >  #endif
> >  	MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA,
> >  	MSR_IA32_FEATURE_CONTROL, MSR_IA32_BNDCFGS, MSR_TSC_AUX,
> > -	MSR_IA32_SPEC_CTRL, MSR_IA32_ARCH_CAPABILITIES,
> > +	MSR_IA32_SPEC_CTRL, MSR_IA32_CORE_CAPABILITY,
> > +	MSR_IA32_ARCH_CAPABILITIES,
> >  	MSR_IA32_RTIT_CTL, MSR_IA32_RTIT_STATUS, MSR_IA32_RTIT_CR3_MATCH,
> >  	MSR_IA32_RTIT_OUTPUT_BASE, MSR_IA32_RTIT_OUTPUT_MASK,
> >  	MSR_IA32_RTIT_ADDR0_A, MSR_IA32_RTIT_ADDR0_B,
> > @@ -1197,11 +1198,22 @@ static u32 msr_based_features[] = {
> >  
> >  	MSR_F10H_DECFG,
> >  	MSR_IA32_UCODE_REV,
> > +	MSR_IA32_CORE_CAPABILITY,
> >  	MSR_IA32_ARCH_CAPABILITIES,
> >  };
> >  
> >  static unsigned int num_msr_based_features;
> >  
> > +u64 kvm_get_core_capability(void)
> > +{
> > +	u64 data;
> > +
> > +	rdmsrl_safe(MSR_IA32_CORE_CAPABILITY, &data);
> 
> This patch should be merged with the previous patch.  Also here you
> should add:
> 
> 	data &= CORE_CAP_SPLIT_LOCK_DETECT;

I agree with this.

> so that non-virtualizable features are hidden and
> 
> 	if (boot_cpu_has(X86_FEATURE_SPLIT_LOCK_DETECT))
> 		data |= CORE_CAP_SPLIT_LOCK_DETECT;
> 
> so that userspace gets "for free" the FMS list that will be added
> later to the kernel.

I think it's redundant. Because there is no case that
rdmsrl_safe(MSR_IA32_CORE_CAPABILITY, &data) shows no split lock detection while
boot_cpu_has(X86_FEATURE_SPLIT_LOCK_DETECT).

Xiaoyao

> Thanks,
> 
> Paolo
> 
> > +
> > +	return data;
> > +}
> > +EXPORT_SYMBOL_GPL(kvm_get_core_capability);
> > +
> >  u64 kvm_get_arch_capabilities(void)
> >  {
> >  	u64 data;
> > @@ -1227,6 +1239,9 @@ EXPORT_SYMBOL_GPL(kvm_get_arch_capabilities);
> >  static int kvm_get_msr_feature(struct kvm_msr_entry *msr)
> >  {
> >  	switch (msr->index) {
> > +	case MSR_IA32_CORE_CAPABILITY:
> > +		msr->data = kvm_get_core_capability();
> > +		break;
> >  	case MSR_IA32_ARCH_CAPABILITIES:
> >  		msr->data = kvm_get_arch_capabilities();
> >  		break;
> > 
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ