Message ID | 20230803042732.88515-18-weijiang.yang@intel.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Enable CET Virtualization | expand |
On 8/3/23 06:27, Yang Weijiang wrote: > if (boot_cpu_has(X86_FEATURE_XSAVES)) { > + u32 eax, ebx, ecx, edx; > + > + cpuid_count(0xd, 1, &eax, &ebx, &ecx, &edx); > rdmsrl(MSR_IA32_XSS, host_xss); > kvm_caps.supported_xss = host_xss & KVM_SUPPORTED_XSS; > + if (ecx & XFEATURE_MASK_CET_KERNEL) > + kvm_caps.supported_xss |= XFEATURE_MASK_CET_KERNEL; > } This is a bit hackish and makes me lean more towards adding support for XFEATURE_MASK_CET_KERNEL in host MSR_IA32_XSS (and then possibly hide it in the actual calls to XSAVE/XRSTORS for non-guest FPU). Paolo
On 8/5/2023 6:02 AM, Paolo Bonzini wrote: > On 8/3/23 06:27, Yang Weijiang wrote: >> if (boot_cpu_has(X86_FEATURE_XSAVES)) { >> + u32 eax, ebx, ecx, edx; >> + >> + cpuid_count(0xd, 1, &eax, &ebx, &ecx, &edx); >> rdmsrl(MSR_IA32_XSS, host_xss); >> kvm_caps.supported_xss = host_xss & KVM_SUPPORTED_XSS; >> + if (ecx & XFEATURE_MASK_CET_KERNEL) >> + kvm_caps.supported_xss |= XFEATURE_MASK_CET_KERNEL; >> } > > This is a bit hackish and makes me lean more towards adding support for XFEATURE_MASK_CET_KERNEL in host MSR_IA32_XSS (and then possibly hide it in the actual calls to XSAVE/XRSTORS for non-guest FPU). Yes, if kernel can support CET_U/S bits in XSS, things would be much easier. But if CET_S bit cannot be enabled for somehow, we may have KVM emulation for it. > Paolo >
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index aa92dec66f1e..2e200a5d00e9 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -230,7 +230,8 @@ static struct kvm_user_return_msrs __percpu *user_return_msrs; | XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 \ | XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE) -#define KVM_SUPPORTED_XSS (XFEATURE_MASK_CET_USER) +#define KVM_SUPPORTED_XSS (XFEATURE_MASK_CET_USER | \ + XFEATURE_MASK_CET_KERNEL) u64 __read_mostly host_efer; EXPORT_SYMBOL_GPL(host_efer); @@ -9657,8 +9658,13 @@ static int __kvm_x86_vendor_init(struct kvm_x86_init_ops *ops) rdmsrl_safe(MSR_EFER, &host_efer); if (boot_cpu_has(X86_FEATURE_XSAVES)) { + u32 eax, ebx, ecx, edx; + + cpuid_count(0xd, 1, &eax, &ebx, &ecx, &edx); rdmsrl(MSR_IA32_XSS, host_xss); kvm_caps.supported_xss = host_xss & KVM_SUPPORTED_XSS; + if (ecx & XFEATURE_MASK_CET_KERNEL) + kvm_caps.supported_xss |= XFEATURE_MASK_CET_KERNEL; } kvm_init_pmu_capability(ops->pmu_ops); diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index 373386fb9ed2..ea0ecb8f0df6 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -363,7 +363,7 @@ static inline bool kvm_mpx_supported(void) == (XFEATURE_MASK_BNDREGS | XFEATURE_MASK_BNDCSR); } -#define CET_XSTATE_MASK (XFEATURE_MASK_CET_USER) +#define CET_XSTATE_MASK (XFEATURE_MASK_CET_USER | XFEATURE_MASK_CET_KERNEL) /* * Shadow Stack and Indirect Branch Tracking feature enabling depends on * whether host side CET user xstate bit is supported or not.
Add S_CET bit in kvm_caps.supported_xss so that guest can enumerate the feature in CPUID(0xd,1).ECX. Guest S_CET xstate bit is specially handled, i.e., it can be exposed without related enabling on host side, because KVM manually saves/reloads guest supervisor SHSTK SSPs and current XSS swap logic for host/guest aslo supports doing so, thus it's safe to enable the bit without host support. Signed-off-by: Yang Weijiang <weijiang.yang@intel.com> --- arch/x86/kvm/x86.c | 8 +++++++- arch/x86/kvm/x86.h | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-)