[v2] target/i386: Restore TSX features with taa-no

Message ID	20220714053631.417152-1-zhenzhong.duan@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Zhenzhong Duan <zhenzhong.duan@intel.com> To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, ehabkost@redhat.com, xiangfeix.ma@intel.com, xiaoyao.li@intel.com, seanjc@google.com Subject: [PATCH v2] target/i386: Restore TSX features with taa-no Date: Thu, 14 Jul 2022 13:36:31 +0800 Message-Id: <20220714053631.417152-1-zhenzhong.duan@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=192.55.52.43; envelope-from=zhenzhong.duan@intel.com; helo=mga05.intel.com X-Spam_score_int: -44 X-Spam_score: -4.5 X-Spam_bar: ---- X-Spam_report: (-4.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.082, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	[v2] target/i386: Restore TSX features with taa-no \| expand [v2] target/i386: Restore TSX features with taa-no

Message ID

20220714053631.417152-1-zhenzhong.duan@intel.com (mailing list archive)

State

New, archived

Headers

From: Zhenzhong Duan <zhenzhong.duan@intel.com>
To: qemu-devel@nongnu.org
Cc: pbonzini@redhat.com, ehabkost@redhat.com, xiangfeix.ma@intel.com,
 xiaoyao.li@intel.com, seanjc@google.com
Subject: [PATCH v2] target/i386: Restore TSX features with taa-no
Date: Thu, 14 Jul 2022 13:36:31 +0800
Message-Id: <20220714053631.417152-1-zhenzhong.duan@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=192.55.52.43;
 envelope-from=zhenzhong.duan@intel.com; helo=mga05.intel.com
X-Spam_score_int: -44
X-Spam_score: -4.5
X-Spam_bar: ----
X-Spam_report: (-4.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.082,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

[v2] target/i386: Restore TSX features with taa-no | expand

Commit Message

Duan, Zhenzhong July 14, 2022, 5:36 a.m. UTC

On ICX-2S2 host, when run L2 guest with both L1/L2 using Icelake-Server-v3
or above, we got below warning:

"warning: host doesn't support requested feature: MSR(10AH).taa-no [bit 8]"

This is because L1 KVM doesn't expose taa-no to L2 if RTM is disabled,
then starting L2 qemu triggers the warning.

Fix it by restoring TSX features in Icelake-Server-v3, which may also help
guest performance if host isn't susceptible to TSX Async Abort (TAA)
vulnerabilities.

Fixes: d965dc35592d ("target/i386: Add ARCH_CAPABILITIES related bits into Icelake-Server CPU model")
Tested-by: Xiangfei Ma <xiangfeix.ma@intel.com>
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
---
v2: Rewrite commit message

 target/i386/cpu.c | 3 +++
 1 file changed, 3 insertions(+)

Comments

Paolo Bonzini July 14, 2022, 7:59 a.m. UTC | #1

On 7/14/22 07:36, Zhenzhong Duan wrote:
> On ICX-2S2 host, when run L2 guest with both L1/L2 using Icelake-Server-v3
> or above, we got below warning:
> 
> "warning: host doesn't support requested feature: MSR(10AH).taa-no [bit 8]"
> 
> This is because L1 KVM doesn't expose taa-no to L2 if RTM is disabled,
> then starting L2 qemu triggers the warning.
> 
> Fix it by restoring TSX features in Icelake-Server-v3, which may also help
> guest performance if host isn't susceptible to TSX Async Abort (TAA)
> vulnerabilities.
> 
> Fixes: d965dc35592d ("target/i386: Add ARCH_CAPABILITIES related bits into Icelake-Server CPU model")
> Tested-by: Xiangfei Ma <xiangfeix.ma@intel.com>
> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
> ---
> v2: Rewrite commit message

Why wouldn't the fix be (in an Icelake-Server-v4 model) to remove taa-no?

Paolo

>   target/i386/cpu.c | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index 14f681e998cc..25ef972a3eed 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -3423,6 +3423,9 @@ static const X86CPUDefinition builtin_x86_defs[] = {
>               {
>                   .version = 3,
>                   .props = (PropValue[]) {
> +                    /* Restore TSX features removed by -v2 above */
> +                    { "hle", "on" },
> +                    { "rtm", "on" },
>                       { "arch-capabilities", "on" },
>                       { "rdctl-no", "on" },
>                       { "ibrs-all", "on" },

Duan, Zhenzhong July 14, 2022, 9:44 a.m. UTC | #2

>-----Original Message-----
>From: Paolo Bonzini <paolo.bonzini@gmail.com> On Behalf Of Paolo Bonzini
>Sent: Thursday, July 14, 2022 3:59 PM
>To: Duan, Zhenzhong <zhenzhong.duan@intel.com>; qemu-
>devel@nongnu.org
>Cc: ehabkost@redhat.com; Ma, XiangfeiX <xiangfeix.ma@intel.com>; Li,
>Xiaoyao <xiaoyao.li@intel.com>; Christopherson,, Sean <seanjc@google.com>
>Subject: Re: [PATCH v2] target/i386: Restore TSX features with taa-no
>
>On 7/14/22 07:36, Zhenzhong Duan wrote:
>> On ICX-2S2 host, when run L2 guest with both L1/L2 using
>> Icelake-Server-v3 or above, we got below warning:
>>
>> "warning: host doesn't support requested feature: MSR(10AH).taa-no [bit
>8]"
>>
>> This is because L1 KVM doesn't expose taa-no to L2 if RTM is disabled,
>> then starting L2 qemu triggers the warning.
>>
>> Fix it by restoring TSX features in Icelake-Server-v3, which may also
>> help guest performance if host isn't susceptible to TSX Async Abort
>> (TAA) vulnerabilities.
>>
>> Fixes: d965dc35592d ("target/i386: Add ARCH_CAPABILITIES related bits
>> into Icelake-Server CPU model")
>> Tested-by: Xiangfei Ma <xiangfeix.ma@intel.com>
>> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
>> ---
>> v2: Rewrite commit message
>
>Why wouldn't the fix be (in an Icelake-Server-v4 model) to remove taa-no?

This way we don't have a versioned model enabling both TSX and taa-no.
In currently implementation, TSX is disabled in Icelake-Server-v2 and above.
And taa-no is enabled in Icelake-Server-v3 and above.

If hardware supports taa-no mitigation, I thought it's better to expose it to guest together with TSX so that guest knows it's secure to use TSX?

Thanks
Zhenzhong

>
>Paolo
>
>>   target/i386/cpu.c | 3 +++
>>   1 file changed, 3 insertions(+)
>>
>> diff --git a/target/i386/cpu.c b/target/i386/cpu.c index
>> 14f681e998cc..25ef972a3eed 100644
>> --- a/target/i386/cpu.c
>> +++ b/target/i386/cpu.c
>> @@ -3423,6 +3423,9 @@ static const X86CPUDefinition builtin_x86_defs[]
>= {
>>               {
>>                   .version = 3,
>>                   .props = (PropValue[]) {
>> +                    /* Restore TSX features removed by -v2 above */
>> +                    { "hle", "on" },
>> +                    { "rtm", "on" },
>>                       { "arch-capabilities", "on" },
>>                       { "rdctl-no", "on" },
>>                       { "ibrs-all", "on" },

Xiaoyao Li July 15, 2022, 1:13 a.m. UTC | #3

On 7/14/2022 3:59 PM, Paolo Bonzini wrote:
> On 7/14/22 07:36, Zhenzhong Duan wrote:
>> On ICX-2S2 host, when run L2 guest with both L1/L2 using 
>> Icelake-Server-v3
>> or above, we got below warning:
>>
>> "warning: host doesn't support requested feature: MSR(10AH).taa-no 
>> [bit 8]"
>>
>> This is because L1 KVM doesn't expose taa-no to L2 if RTM is disabled,
>> then starting L2 qemu triggers the warning.
>>
>> Fix it by restoring TSX features in Icelake-Server-v3, which may also 
>> help
>> guest performance if host isn't susceptible to TSX Async Abort (TAA)
>> vulnerabilities.
>>
>> Fixes: d965dc35592d ("target/i386: Add ARCH_CAPABILITIES related bits 
>> into Icelake-Server CPU model")
>> Tested-by: Xiangfei Ma <xiangfeix.ma@intel.com>
>> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
>> ---
>> v2: Rewrite commit message
> 
> Why wouldn't the fix be (in an Icelake-Server-v4 model) to remove taa-no?

Production Icelake silicon should have the taa-no set, that's the reason 
taa-no was added in v3 model.

When taa-no presents, it's safe to bring TSX features back.

I'm wondering if we need a new version (v7) for this change.

> Paolo
> 
>>   target/i386/cpu.c | 3 +++
>>   1 file changed, 3 insertions(+)
>>
>> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
>> index 14f681e998cc..25ef972a3eed 100644
>> --- a/target/i386/cpu.c
>> +++ b/target/i386/cpu.c
>> @@ -3423,6 +3423,9 @@ static const X86CPUDefinition builtin_x86_defs[] 
>> = {
>>               {
>>                   .version = 3,
>>                   .props = (PropValue[]) {
>> +                    /* Restore TSX features removed by -v2 above */
>> +                    { "hle", "on" },
>> +                    { "rtm", "on" },
>>                       { "arch-capabilities", "on" },
>>                       { "rdctl-no", "on" },
>>                       { "ibrs-all", "on" },
>

Duan, Zhenzhong Sept. 2, 2022, 10:35 a.m. UTC | #4

>-----Original Message-----
>From: Li, Xiaoyao <xiaoyao.li@intel.com>
>Sent: Friday, July 15, 2022 9:14 AM
>To: Paolo Bonzini <pbonzini@redhat.com>; Duan, Zhenzhong
><zhenzhong.duan@intel.com>; qemu-devel@nongnu.org
>Cc: ehabkost@redhat.com; Ma, XiangfeiX <xiangfeix.ma@intel.com>;
>Christopherson,, Sean <seanjc@google.com>
>Subject: Re: [PATCH v2] target/i386: Restore TSX features with taa-no
>
>On 7/14/2022 3:59 PM, Paolo Bonzini wrote:
>> On 7/14/22 07:36, Zhenzhong Duan wrote:
>>> On ICX-2S2 host, when run L2 guest with both L1/L2 using
>>> Icelake-Server-v3
>>> or above, we got below warning:
>>>
>>> "warning: host doesn't support requested feature: MSR(10AH).taa-no
>>> [bit 8]"
>>>
>>> This is because L1 KVM doesn't expose taa-no to L2 if RTM is
>>> disabled, then starting L2 qemu triggers the warning.
>>>
>>> Fix it by restoring TSX features in Icelake-Server-v3, which may also
>>> help guest performance if host isn't susceptible to TSX Async Abort
>>> (TAA) vulnerabilities.
>>>
>>> Fixes: d965dc35592d ("target/i386: Add ARCH_CAPABILITIES related bits
>>> into Icelake-Server CPU model")
>>> Tested-by: Xiangfei Ma <xiangfeix.ma@intel.com>
>>> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
>>> ---
>>> v2: Rewrite commit message
>>
>> Why wouldn't the fix be (in an Icelake-Server-v4 model) to remove taa-no?
>
>Production Icelake silicon should have the taa-no set, that's the reason taa-no
>was added in v3 model.
>
>When taa-no presents, it's safe to bring TSX features back.
>
>I'm wondering if we need a new version (v7) for this change.

Ping. Any further suggestion on which way to go ahead? Thanks

Zhenzhong

diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 14f681e998cc..25ef972a3eed 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -3423,6 +3423,9 @@  static const X86CPUDefinition builtin_x86_defs[] = {
             {
                 .version = 3,
                 .props = (PropValue[]) {
+                    /* Restore TSX features removed by -v2 above */
+                    { "hle", "on" },
+                    { "rtm", "on" },
                     { "arch-capabilities", "on" },
                     { "rdctl-no", "on" },
                     { "ibrs-all", "on" },

[v2] target/i386: Restore TSX features with taa-no

Commit Message

Comments

Patch