| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 24 Feb 2020 22:40:00 +0100
From: Vitaly Kuznetsov <vkuznets@...hat.com>
To: Sean Christopherson <sean.j.christopherson@...el.com>
Cc: Paolo Bonzini <pbonzini@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 40/61] KVM: VMX: Convert feature updates from CPUID to KVM cpu caps
Sean Christopherson <sean.j.christopherson@...el.com> writes:
> Use the recently introduced KVM CPU caps to propagate VMX-only (kernel)
> settings to supported CPUID flags.
>
> No functional change intended.
>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@...el.com>
> ---
> arch/x86/kvm/vmx/vmx.c | 51 ++++++++++++++++++++++++------------------
> 1 file changed, 29 insertions(+), 22 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index 11b9c1e7e520..bae915431c72 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -7102,37 +7102,42 @@ static void vmx_cpuid_update(struct kvm_vcpu *vcpu)
> static void vmx_set_supported_cpuid(struct kvm_cpuid_entry2 *entry)
> {
> switch (entry->function) {
> - case 0x1:
> - if (nested)
> - cpuid_entry_set(entry, X86_FEATURE_VMX);
> - break;
> case 0x7:
> - if (boot_cpu_has(X86_FEATURE_MPX) && kvm_mpx_supported())
> - cpuid_entry_set(entry, X86_FEATURE_MPX);
> - if (boot_cpu_has(X86_FEATURE_INVPCID) && cpu_has_vmx_invpcid())
> - cpuid_entry_set(entry, X86_FEATURE_INVPCID);
> - if (boot_cpu_has(X86_FEATURE_INTEL_PT) &&
> - vmx_pt_mode_is_host_guest())
> - cpuid_entry_set(entry, X86_FEATURE_INTEL_PT);
> if (vmx_umip_emulated())
> cpuid_entry_set(entry, X86_FEATURE_UMIP);
> -
> - /* PKU is not yet implemented for shadow paging. */
> - if (enable_ept && boot_cpu_has(X86_FEATURE_PKU) &&
> - boot_cpu_has(X86_FEATURE_OSPKE))
> - cpuid_entry_set(entry, X86_FEATURE_PKU);
> - break;
> - case 0x80000001:
> - if (!cpu_has_vmx_rdtscp())
> - cpuid_entry_clear(entry, X86_FEATURE_RDTSCP);
> - if (enable_ept && !cpu_has_vmx_ept_1g_page())
> - cpuid_entry_clear(entry, X86_FEATURE_GBPAGES);
> break;
> default:
> break;
> }
> }
>
Same comment as for svm: I think someone may not understand what goes
where, i.e. the separation between vmx_set_supported_cpuid() and
vmx_set_cpu_caps().
> +static __init void vmx_set_cpu_caps(void)
> +{
> + /* CPUID 0x1 */
> + if (nested)
> + kvm_cpu_cap_set(X86_FEATURE_VMX);
> +
> + /* CPUID 0x7 */
> + if (boot_cpu_has(X86_FEATURE_MPX) && kvm_mpx_supported())
> + kvm_cpu_cap_set(X86_FEATURE_MPX);
> + if (boot_cpu_has(X86_FEATURE_INVPCID) && cpu_has_vmx_invpcid())
> + kvm_cpu_cap_set(X86_FEATURE_INVPCID);
> + if (boot_cpu_has(X86_FEATURE_INTEL_PT) &&
> + vmx_pt_mode_is_host_guest())
> + kvm_cpu_cap_set(X86_FEATURE_INTEL_PT);
> +
> + /* PKU is not yet implemented for shadow paging. */
> + if (enable_ept && boot_cpu_has(X86_FEATURE_PKU) &&
> + boot_cpu_has(X86_FEATURE_OSPKE))
> + kvm_cpu_cap_set(X86_FEATURE_PKU);
> +
> + /* CPUID 0x80000001 */
> + if (!cpu_has_vmx_rdtscp())
> + kvm_cpu_cap_clear(X86_FEATURE_RDTSCP);
> + if (enable_ept && !cpu_has_vmx_ept_1g_page())
> + kvm_cpu_cap_clear(X86_FEATURE_GBPAGES);
> +}
> +
> static void vmx_request_immediate_exit(struct kvm_vcpu *vcpu)
> {
> to_vmx(vcpu)->req_immediate_exit = true;
> @@ -7750,6 +7755,8 @@ static __init int hardware_setup(void)
> return r;
> }
>
> + vmx_set_cpu_caps();
> +
> r = alloc_kvm_area();
> if (r)
> nested_vmx_hardware_unsetup();
Reviewed-by: Vitaly Kuznetsov <vkuznets@...hat.com>
--
Vitaly
Powered by blists - more mailing lists