Message ID | 20210504171734.1434054-2-seanjc@google.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | KVM: x86: RDPID/RDTSCP fixes and uret MSR cleanups | expand |
On Tue, May 4, 2021 at 10:17 AM Sean Christopherson <seanjc@google.com> wrote: > > Clear KVM's RDPID capability if the ENABLE_RDTSCP secondary exec control is > unsupported. Despite being enumerated in a separate CPUID flag, RDPID is > bundled under the same VMCS control as RDTSCP and will #UD in VMX non-root > if ENABLE_RDTSCP is not enabled. > > Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID") > Cc: stable@vger.kernel.org > Signed-off-by: Sean Christopherson <seanjc@google.com> But KVM will happily emulate RDPID if the instruction causes a #UD VM-exit, won't it? See commit fb6d4d340e05 (KVM: x86: emulate RDPID).
On Tue, May 4, 2021 at 10:37 AM Jim Mattson <jmattson@google.com> wrote: > > On Tue, May 4, 2021 at 10:17 AM Sean Christopherson <seanjc@google.com> wrote: > > > > Clear KVM's RDPID capability if the ENABLE_RDTSCP secondary exec control is > > unsupported. Despite being enumerated in a separate CPUID flag, RDPID is > > bundled under the same VMCS control as RDTSCP and will #UD in VMX non-root > > if ENABLE_RDTSCP is not enabled. > > > > Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID") > > Cc: stable@vger.kernel.org > > Signed-off-by: Sean Christopherson <seanjc@google.com> > > But KVM will happily emulate RDPID if the instruction causes a #UD > VM-exit, won't it? See commit fb6d4d340e05 (KVM: x86: emulate RDPID). Oh, after reading the second patch, I now see why this is needed. You mispelled 'advertise' in the summary line. Reviewed-by: Jim Mattson <jmattson@google.com>
On Tue, May 04, 2021, Jim Mattson wrote: > On Tue, May 4, 2021 at 10:37 AM Jim Mattson <jmattson@google.com> wrote: > > > > On Tue, May 4, 2021 at 10:17 AM Sean Christopherson <seanjc@google.com> wrote: > > > > > > Clear KVM's RDPID capability if the ENABLE_RDTSCP secondary exec control is > > > unsupported. Despite being enumerated in a separate CPUID flag, RDPID is > > > bundled under the same VMCS control as RDTSCP and will #UD in VMX non-root > > > if ENABLE_RDTSCP is not enabled. > > > > > > Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID") > > > Cc: stable@vger.kernel.org > > > Signed-off-by: Sean Christopherson <seanjc@google.com> > > > > But KVM will happily emulate RDPID if the instruction causes a #UD > > VM-exit, won't it? See commit fb6d4d340e05 (KVM: x86: emulate RDPID). > > Oh, after reading the second patch, I now see why this is needed. Yeah. Technically, once common x86 can query MSR_TSC_AUX support directly at the end of the series, the emulation enumeration could be: if (kvm_is_supported_user_return_msr(MSR_TSC_AUX)) entry->ecx = F(RDPID); I think I actually meant to do that, then lost track of that TODO item when reworking the series for the umpteenth time. Practically speaking, the only way for kvm_is_supported_user_return_msr() to be meaningful vs. kvm_cpu_cap_has() is if RDTSCP is supported in hardware but the VMCS control is not available. And I suppose there's also the case where X86_FEATURE_RDTSCP was cleared by the kernel, but I feel like KVM should respect the kernel's avoidance of RDTSCP/MSR_TSC_AUX in that case. Regarding the silly VMCS case, I have no objection to making the change, but I also don't care if we sweep it under the rug.
On Tue, May 4, 2021 at 10:17 AM Sean Christopherson <seanjc@google.com> wrote: > > Clear KVM's RDPID capability if the ENABLE_RDTSCP secondary exec control is > unsupported. Despite being enumerated in a separate CPUID flag, RDPID is > bundled under the same VMCS control as RDTSCP and will #UD in VMX non-root > if ENABLE_RDTSCP is not enabled. > > Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID") > Cc: stable@vger.kernel.org > Signed-off-by: Sean Christopherson <seanjc@google.com> Reviewed-by: Reiji Watanabe <reijiw@google.com>
On Tue, 2021-05-04 at 10:17 -0700, Sean Christopherson wrote: > Clear KVM's RDPID capability if the ENABLE_RDTSCP secondary exec control is > unsupported. Despite being enumerated in a separate CPUID flag, RDPID is > bundled under the same VMCS control as RDTSCP and will #UD in VMX non-root > if ENABLE_RDTSCP is not enabled. > > Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID") > Cc: stable@vger.kernel.org > Signed-off-by: Sean Christopherson <seanjc@google.com> > --- > arch/x86/kvm/vmx/vmx.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c > index 10b610fc7bbc..82404ee2520e 100644 > --- a/arch/x86/kvm/vmx/vmx.c > +++ b/arch/x86/kvm/vmx/vmx.c > @@ -7377,9 +7377,11 @@ static __init void vmx_set_cpu_caps(void) > if (!cpu_has_vmx_xsaves()) > kvm_cpu_cap_clear(X86_FEATURE_XSAVES); > > - /* CPUID 0x80000001 */ > - if (!cpu_has_vmx_rdtscp()) > + /* CPUID 0x80000001 and 0x7 (RDPID) */ > + if (!cpu_has_vmx_rdtscp()) { > kvm_cpu_cap_clear(X86_FEATURE_RDTSCP); > + kvm_cpu_cap_clear(X86_FEATURE_RDPID); > + } > > if (cpu_has_vmx_waitpkg()) > kvm_cpu_cap_check_and_set(X86_FEATURE_WAITPKG); Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com> Best regards, Maxim Levitsky
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 10b610fc7bbc..82404ee2520e 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7377,9 +7377,11 @@ static __init void vmx_set_cpu_caps(void) if (!cpu_has_vmx_xsaves()) kvm_cpu_cap_clear(X86_FEATURE_XSAVES); - /* CPUID 0x80000001 */ - if (!cpu_has_vmx_rdtscp()) + /* CPUID 0x80000001 and 0x7 (RDPID) */ + if (!cpu_has_vmx_rdtscp()) { kvm_cpu_cap_clear(X86_FEATURE_RDTSCP); + kvm_cpu_cap_clear(X86_FEATURE_RDPID); + } if (cpu_has_vmx_waitpkg()) kvm_cpu_cap_check_and_set(X86_FEATURE_WAITPKG);
Clear KVM's RDPID capability if the ENABLE_RDTSCP secondary exec control is unsupported. Despite being enumerated in a separate CPUID flag, RDPID is bundled under the same VMCS control as RDTSCP and will #UD in VMX non-root if ENABLE_RDTSCP is not enabled. Fixes: 41cd02c6f7f6 ("kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson <seanjc@google.com> --- arch/x86/kvm/vmx/vmx.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)