| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b36dd125-ad80-4572-8258-7eea3a899bf9@intel.com>
Date: Fri, 29 Nov 2024 13:39:33 +0200
From: Adrian Hunter <adrian.hunter@...el.com>
To: Sean Christopherson <seanjc@...gle.com>, Chao Gao <chao.gao@...el.com>
Cc: pbonzini@...hat.com, kvm@...r.kernel.org, dave.hansen@...ux.intel.com,
rick.p.edgecombe@...el.com, kai.huang@...el.com, reinette.chatre@...el.com,
xiaoyao.li@...el.com, tony.lindgren@...ux.intel.com,
binbin.wu@...ux.intel.com, dmatlack@...gle.com, isaku.yamahata@...el.com,
nik.borisov@...e.com, linux-kernel@...r.kernel.org, x86@...nel.org,
yan.y.zhao@...el.com, weijiang.yang@...el.com
Subject: Re: [PATCH 7/7] KVM: TDX: Add TSX_CTRL msr into uret_msrs list
On 27/11/24 16:00, Sean Christopherson wrote:
> On Fri, Nov 22, 2024, Chao Gao wrote:
>>> +static bool tdparams_tsx_supported(struct kvm_cpuid2 *cpuid)
>>> +{
>>> + const struct kvm_cpuid_entry2 *entry;
>>> + u64 mask;
>>> + u32 ebx;
>>> +
>>> + entry = kvm_find_cpuid_entry2(cpuid->entries, cpuid->nent, 0x7, 0);
>>> + if (entry)
>>> + ebx = entry->ebx;
>>> + else
>>> + ebx = 0;
>>> +
>>> + mask = __feature_bit(X86_FEATURE_HLE) | __feature_bit(X86_FEATURE_RTM);
>>> + return ebx & mask;
>>> +}
>>> +
>>> static int setup_tdparams(struct kvm *kvm, struct td_params *td_params,
>>> struct kvm_tdx_init_vm *init_vm)
>>> {
>>> @@ -1299,6 +1322,7 @@ static int setup_tdparams(struct kvm *kvm, struct td_params *td_params,
>>> MEMCPY_SAME_SIZE(td_params->mrowner, init_vm->mrowner);
>>> MEMCPY_SAME_SIZE(td_params->mrownerconfig, init_vm->mrownerconfig);
>>>
>>> + to_kvm_tdx(kvm)->tsx_supported = tdparams_tsx_supported(cpuid);
>>> return 0;
>>> }
>>>
>>> @@ -2272,6 +2296,11 @@ static int __init __tdx_bringup(void)
>>> return -EIO;
>>> }
>>> }
>>> + tdx_uret_tsx_ctrl_slot = kvm_find_user_return_msr(MSR_IA32_TSX_CTRL);
>>> + if (tdx_uret_tsx_ctrl_slot == -1 && boot_cpu_has(X86_FEATURE_MSR_TSX_CTRL)) {
>>> + pr_err("MSR_IA32_TSX_CTRL isn't included by kvm_find_user_return_msr\n");
>>> + return -EIO;
>>> + }
>>>
>>> /*
>>> * Enabling TDX requires enabling hardware virtualization first,
>>> diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h
>>> index 48cf0a1abfcc..815ff6bdbc7e 100644
>>> --- a/arch/x86/kvm/vmx/tdx.h
>>> +++ b/arch/x86/kvm/vmx/tdx.h
>>> @@ -29,6 +29,14 @@ struct kvm_tdx {
>>> u8 nr_tdcs_pages;
>>> u8 nr_vcpu_tdcx_pages;
>>>
>>> + /*
>>> + * Used on each TD-exit, see tdx_user_return_msr_update_cache().
>>> + * TSX_CTRL value on TD exit
>>> + * - set 0 if guest TSX enabled
>>> + * - preserved if guest TSX disabled
>>> + */
>>> + bool tsx_supported;
>>
>> Is it possible to drop this boolean and tdparams_tsx_supported()? I think we
>> can use the guest_can_use() framework instead.
>
> Yeah, though that optimized handling will soon come for free[*], and I plan on
> landing that sooner than TDX, so don't fret too much over this.
>
> [*] https://lore.kernel.org/all/20240517173926.965351-1-seanjc@google.com
guest_can_use() is per-vcpu whereas we are currently using the
CPUID from TD_PARAMS (as per spec) before there are any VCPU's.
It is a bit of a disconnect so let's keep tsx_supported for now.
Powered by blists - more mailing lists