| Message ID | 1574101067-5638-2-git-send-email-pbonzini@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: vmx: implement MSR_IA32_TSX_CTRL for guests | expand |
On Mon, Nov 18, 2019 at 10:17 AM Paolo Bonzini <pbonzini@redhat.com> wrote: > > KVM does not implement MSR_IA32_TSX_CTRL, so it must not be presented > to the guests. It is also confusing to have !ARCH_CAP_TSX_CTRL_MSR && > !RTM && ARCH_CAP_TAA_NO: lack of MSR_IA32_TSX_CTRL suggests TSX was not > hidden (it actually was), yet the value says that TSX is not vulnerable > to microarchitectural data sampling. Fix both. I actually think kvm should virtualize IA32_TSX_CTRL for VMs that have exclusive use of their cores (i.e. the same VMs for which we disable MWAIT and HLT exiting).
On Mon, Nov 18, 2019 at 10:17 AM Paolo Bonzini <pbonzini@redhat.com> wrote: > > KVM does not implement MSR_IA32_TSX_CTRL, so it must not be presented > to the guests. It is also confusing to have !ARCH_CAP_TSX_CTRL_MSR && > !RTM && ARCH_CAP_TAA_NO: lack of MSR_IA32_TSX_CTRL suggests TSX was not > hidden (it actually was), yet the value says that TSX is not vulnerable > to microarchitectural data sampling. Fix both. > Cc: stable@vger.kernel.org > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Ignore my previous comment. I see that the functionality I want is coming later in this series. Reviewed-by: Jim Mattson <jmattson@google.com>
On Mon, Nov 18, 2019 at 07:17:43PM +0100, Paolo Bonzini wrote: > KVM does not implement MSR_IA32_TSX_CTRL, so it must not be presented > to the guests. It is also confusing to have !ARCH_CAP_TSX_CTRL_MSR && > !RTM && ARCH_CAP_TAA_NO: lack of MSR_IA32_TSX_CTRL suggests TSX was not > hidden (it actually was), yet the value says that TSX is not vulnerable > to microarchitectural data sampling. Fix both. > > Cc: stable@vger.kernel.org > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > arch/x86/kvm/x86.c | 10 ++++++++-- > 1 file changed, 8 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 5d530521f11d..6ea735d632e9 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -1327,12 +1327,18 @@ static u64 kvm_get_arch_capabilities(void) > * If TSX is disabled on the system, guests are also mitigated against > * TAA and clear CPU buffer mitigation is not required for guests. > */ > - if (boot_cpu_has_bug(X86_BUG_TAA) && boot_cpu_has(X86_FEATURE_RTM) && > - (data & ARCH_CAP_TSX_CTRL_MSR)) > + if (!boot_cpu_has(X86_FEATURE_RTM)) > + data &= ~ARCH_CAP_TAA_NO; > + else if (!boot_cpu_has_bug(X86_BUG_TAA)) > + data |= ARCH_CAP_TAA_NO; > + else if (data & ARCH_CAP_TSX_CTRL_MSR) > data &= ~ARCH_CAP_MDS_NO; > > + /* KVM does not emulate MSR_IA32_TSX_CTRL. */ > + data &= ~ARCH_CAP_TSX_CTRL_MSR; > return data; > } > +EXPORT_SYMBOL_GPL(kvm_get_arch_capabilities); Whoever backports this patch should drop this spurious addition of EXPORT_SYMBOL_GPL, unless they also want to backport the cleanup :-).
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 5d530521f11d..6ea735d632e9 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1327,12 +1327,18 @@ static u64 kvm_get_arch_capabilities(void) * If TSX is disabled on the system, guests are also mitigated against * TAA and clear CPU buffer mitigation is not required for guests. */ - if (boot_cpu_has_bug(X86_BUG_TAA) && boot_cpu_has(X86_FEATURE_RTM) && - (data & ARCH_CAP_TSX_CTRL_MSR)) + if (!boot_cpu_has(X86_FEATURE_RTM)) + data &= ~ARCH_CAP_TAA_NO; + else if (!boot_cpu_has_bug(X86_BUG_TAA)) + data |= ARCH_CAP_TAA_NO; + else if (data & ARCH_CAP_TSX_CTRL_MSR) data &= ~ARCH_CAP_MDS_NO; + /* KVM does not emulate MSR_IA32_TSX_CTRL. */ + data &= ~ARCH_CAP_TSX_CTRL_MSR; return data; } +EXPORT_SYMBOL_GPL(kvm_get_arch_capabilities); static int kvm_get_msr_feature(struct kvm_msr_entry *msr) {
KVM does not implement MSR_IA32_TSX_CTRL, so it must not be presented to the guests. It is also confusing to have !ARCH_CAP_TSX_CTRL_MSR && !RTM && ARCH_CAP_TAA_NO: lack of MSR_IA32_TSX_CTRL suggests TSX was not hidden (it actually was), yet the value says that TSX is not vulnerable to microarchitectural data sampling. Fix both. Cc: stable@vger.kernel.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- arch/x86/kvm/x86.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-)