lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1e01fb97-2e3c-4fd7-8ed4-1770d6c2b0d4@zytor.com>
Date:   Fri, 27 Oct 2023 10:59:05 -0700
From:   Xin Li <xin@...or.com>
To:     "Huang, Kai" <kai.huang@...el.com>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Cc:     "Yang, Weijiang" <weijiang.yang@...el.com>,
        "Christopherson,, Sean" <seanjc@...gle.com>,
        "x86@...nel.org" <x86@...nel.org>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "hpa@...or.com" <hpa@...or.com>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "bp@...en8.de" <bp@...en8.de>,
        "pbonzini@...hat.com" <pbonzini@...hat.com>
Subject: Re: [PATCH v2 1/2] KVM: VMX: Cleanup VMX basic information defines
 and usages

On 10/27/2023 2:29 AM, Huang, Kai wrote:
> 
>>   
>> +/* VMX_BASIC bits and bitmasks */
>> +#define VMX_BASIC_32BIT_PHYS_ADDR_ONLY		BIT_ULL(48)
>> +#define VMX_BASIC_MEM_TYPE_WB			6LLU
> 
> Strictly speaking, VMX_BASIC_MEM_TYPE_MB isn't any bit definition or bitmasks of
> VMX_BASIC MSR.  So perhaps better to put it somewhere under separately.

Actually you reminded me that the memory type WB is architectural on
x86, but I can't find it defined in a common x86 header.

We also have:
#define VMX_EPTP_MT_WB                               0x6ull
which is simply redundant if we have a common definition MEMTYPE_WB.


>   
>> +#define VMX_BASIC_INOUT				BIT_ULL(54)
>> +
>> +/* VMX_MISC bits and bitmasks */
> 
> Your next patch is to "Cleanup VMX misc information defines and usages", so I
> guess it's better to move any VMX_MISC related change to that patch.

ah, you're right.

> 
>>   #define VMX_MISC_PREEMPTION_TIMER_RATE_MASK	0x0000001f
>>   #define VMX_MISC_SAVE_EFER_LMA			0x00000020
>>   #define VMX_MISC_ACTIVITY_HLT			0x00000040
>> @@ -143,6 +149,16 @@ static inline u32 vmx_basic_vmcs_size(u64 vmx_basic)
>>   	return (vmx_basic & GENMASK_ULL(44, 32)) >> 32;
>>   }
>>   
>> +static inline u32 vmx_basic_vmcs_basic_cap(u64 vmx_basic)
>> +{
>> +	return (vmx_basic & GENMASK_ULL(63, 45)) >> 32;
>> +}
>> +
>> +static inline u32 vmx_basic_vmcs_mem_type(u64 vmx_basic)
>> +{
>> +	return (vmx_basic & GENMASK_ULL(53, 50)) >> 50;
>> +}
>> +
>>   static inline int vmx_misc_preemption_timer_rate(u64 vmx_misc)
>>   {
>>   	return vmx_misc & VMX_MISC_PREEMPTION_TIMER_RATE_MASK;
>> diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
>> index 4ba46e1b29d2..274d480d9071 100644
>> --- a/arch/x86/kvm/vmx/nested.c
>> +++ b/arch/x86/kvm/vmx/nested.c
>> @@ -1201,23 +1201,34 @@ static bool is_bitwise_subset(u64 superset, u64 subset, u64 mask)
>>   	return (superset | subset) == superset;
>>   }
>>   
>> +#define VMX_BASIC_VMCS_SIZE_SHIFT		32
>> +#define VMX_BASIC_DUAL_MONITOR_TREATMENT	BIT_ULL(49)
>> +#define VMX_BASIC_MEM_TYPE_SHIFT		50
>> +#define VMX_BASIC_TRUE_CTLS			BIT_ULL(55)
> 
> If I am reading correctly, the two "*_SHIFT" above are not used?  The above
> vmx_basic_vmcs_mem_type() and vmx_basic_vmcs_basic_cap() use hard-coded values
> directly.

The 2 shift macros are needed in arch/x86/kvm/vmx/nested.c.

> 
> And How about moving all these bit/mask definitions to <asm/vmx.h> above?
> 
> It's better they stay together for better readability.

Sean kind of prefers to keep the macros close to code that uses it,
unless they are used somewhere else.

> 
>> +
>> +#define VMX_BASIC_FEATURES_MASK			\
>> +	(VMX_BASIC_DUAL_MONITOR_TREATMENT |	\
>> +	 VMX_BASIC_INOUT |			\
>> +	 VMX_BASIC_TRUE_CTLS)
>> +
>> +#define VMX_BASIC_RESERVED_BITS			\
>> +	(GENMASK_ULL(63, 56) | GENMASK_ULL(47, 45) | BIT_ULL(31))
>> +
> 
> Also move these to <asm/vmx.h>?
> 
>>   static int vmx_restore_vmx_basic(struct vcpu_vmx *vmx, u64 data)
>>   {
>> -	const u64 feature_and_reserved =
>> -		/* feature (except bit 48; see below) */
>> -		BIT_ULL(49) | BIT_ULL(54) | BIT_ULL(55) |
>> -		/* reserved */
>> -		BIT_ULL(31) | GENMASK_ULL(47, 45) | GENMASK_ULL(63, 56);
>>   	u64 vmx_basic = vmcs_config.nested.basic;
>>   
>> -	if (!is_bitwise_subset(vmx_basic, data, feature_and_reserved))
>> +	static_assert(!(VMX_BASIC_FEATURES_MASK & VMX_BASIC_RESERVED_BITS));
>> +
>> +	if (!is_bitwise_subset(vmx_basic, data,
>> +			       VMX_BASIC_FEATURES_MASK | VMX_BASIC_RESERVED_BITS))
>>   		return -EINVAL;
>>   
>>   	/*
>>   	 * KVM does not emulate a version of VMX that constrains physical
>>   	 * addresses of VMX structures (e.g. VMCS) to 32-bits.
>>   	 */
>> -	if (data & BIT_ULL(48))
>> +	if (data & VMX_BASIC_32BIT_PHYS_ADDR_ONLY)
>>   		return -EINVAL;
>>   
>>   	if (vmx_basic_vmcs_revision_id(vmx_basic) !=
>> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
>> index 4c3a70f26b42..b68d54f6e9f8 100644
>> --- a/arch/x86/kvm/vmx/vmx.c
>> +++ b/arch/x86/kvm/vmx/vmx.c
>> @@ -2568,14 +2568,13 @@ static u64 adjust_vmx_controls64(u64 ctl_opt, u32 msr)
>>   static int setup_vmcs_config(struct vmcs_config *vmcs_conf,
>>   			     struct vmx_capability *vmx_cap)
>>   {
>> -	u32 vmx_msr_low, vmx_msr_high;
>>   	u32 _pin_based_exec_control = 0;
>>   	u32 _cpu_based_exec_control = 0;
>>   	u32 _cpu_based_2nd_exec_control = 0;
>>   	u64 _cpu_based_3rd_exec_control = 0;
>>   	u32 _vmexit_control = 0;
>>   	u32 _vmentry_control = 0;
>> -	u64 misc_msr;
>> +	u64 vmx_basic;
>>   	int i;
>>   
>>   	/*
>> @@ -2693,28 +2692,26 @@ static int setup_vmcs_config(struct vmcs_config *vmcs_conf,
>>   		_vmexit_control &= ~x_ctrl;
>>   	}
>>   
>> -	rdmsr(MSR_IA32_VMX_BASIC, vmx_msr_low, vmx_msr_high);
>> +	rdmsrl(MSR_IA32_VMX_BASIC, vmx_basic);
>>   
>>   	/* IA-32 SDM Vol 3B: VMCS size is never greater than 4kB. */
>> -	if ((vmx_msr_high & 0x1fff) > PAGE_SIZE)
>> +	if ((vmx_basic_vmcs_size(vmx_basic) > PAGE_SIZE))
>>   		return -EIO;
>>   
>>   #ifdef CONFIG_X86_64
>>   	/* IA-32 SDM Vol 3B: 64-bit CPUs always have VMX_BASIC_MSR[48]==0. */
>> -	if (vmx_msr_high & (1u<<16))
>> +	if (vmx_basic & VMX_BASIC_32BIT_PHYS_ADDR_ONLY)
>>   		return -EIO;
>>   #endif
>>   
>>   	/* Require Write-Back (WB) memory type for VMCS accesses. */
>> -	if (((vmx_msr_high >> 18) & 15) != 6)
>> +	if (vmx_basic_vmcs_mem_type(vmx_basic) != VMX_BASIC_MEM_TYPE_WB)
>>   		return -EIO;
>>   
>> -	rdmsrl(MSR_IA32_VMX_MISC, misc_msr);
>> -
>> -	vmcs_conf->size = vmx_msr_high & 0x1fff;
>> -	vmcs_conf->basic_cap = vmx_msr_high & ~0x1fff;
>> +	vmcs_conf->size = vmx_basic_vmcs_size(vmx_basic);
>> +	vmcs_conf->basic_cap = vmx_basic_vmcs_basic_cap(vmx_basic);
>>   
>> -	vmcs_conf->revision_id = vmx_msr_low;
>> +	vmcs_conf->revision_id = vmx_basic_vmcs_revision_id(vmx_basic);
> 
> I actually tried to do similar thing before, and Sean gave me below advice:
> 
> 	Rather than do all of these weird dances, what about saving the
> full/raw
> 	MSR in the config, and then using the helpers to extract info as
> needed?
> 
> https://lkml.kernel.org/kvm/20230330092149.101047-1-kai.huang@intel.com/T/#m4879a3c7e66ede7bfa568a25aea4f6e3778e6e34
> 
> I agreed, but I has been too lazy to do this, sorry :-)
> 
> So maybe we should still go with this approach?

Yes, this looks more consistent.

> 
>>   
>>   	vmcs_conf->pin_based_exec_ctrl = _pin_based_exec_control;
>>   	vmcs_conf->cpu_based_exec_ctrl = _cpu_based_exec_control;
>> @@ -2722,7 +2719,8 @@ static int setup_vmcs_config(struct vmcs_config *vmcs_conf,
>>   	vmcs_conf->cpu_based_3rd_exec_ctrl = _cpu_based_3rd_exec_control;
>>   	vmcs_conf->vmexit_ctrl         = _vmexit_control;
>>   	vmcs_conf->vmentry_ctrl        = _vmentry_control;
>> -	vmcs_conf->misc	= misc_msr;
>> +
>> +	rdmsrl(MSR_IA32_VMX_MISC, vmcs_conf->misc);
> 
> Better to move VMX_MISC code to next patch I suppose.

I view it a bit different, but maybe your suggestion is better.

> 

Thanks!
     Xin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ