[3/7] target/i386: Allow MCDT_NO if host supports

Message ID	20230616032311.19137-4-tao1.su@linux.intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> From: Tao Su <tao1.su@linux.intel.com> To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, xiaoyao.li@intel.com, lei4.wang@intel.com, qian.wen@intel.com, imammedo@redhat.com, tao1.su@linux.intel.com Subject: [PATCH 3/7] target/i386: Allow MCDT_NO if host supports Date: Fri, 16 Jun 2023 11:23:07 +0800 Message-Id: <20230616032311.19137-4-tao1.su@linux.intel.com> In-Reply-To: <20230616032311.19137-1-tao1.su@linux.intel.com> References: <20230616032311.19137-1-tao1.su@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: none client-ip=192.55.52.120; envelope-from=tao1.su@linux.intel.com; helo=mga04.intel.com X-Spam_score_int: -42 X-Spam_score: -4.3 X-Spam_bar: ---- X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Series	Add new CPU model EmeraldRapids and GraniteRapids \| expand [0/7] Add new CPU model EmeraldRapids and GraniteRapids [1/7] target/i386: Add FEAT_7_1_EDX to adjust feature level [2/7] target/i386: Add support for MCDT_NO in CPUID enumeration [3/7] target/i386: Allow MCDT_NO if host supports [4/7] target/i386: Add new bit definitions of MSR_IA32_ARCH_CAPABILITIES [5/7] target/i386: Add few security fix bits in ARCH_CAPABILITIES into SapphireRapids CPU model [6/7] target/i386: Add new CPU model EmeraldRapids [7/7] target/i386: Add new CPU model GraniteRapids

Message ID

20230616032311.19137-4-tao1.su@linux.intel.com (mailing list archive)

State

New, archived

Headers

From: Tao Su <tao1.su@linux.intel.com>
To: qemu-devel@nongnu.org
Cc: pbonzini@redhat.com, xiaoyao.li@intel.com, lei4.wang@intel.com,
 qian.wen@intel.com, imammedo@redhat.com, tao1.su@linux.intel.com
Subject: [PATCH 3/7] target/i386: Allow MCDT_NO if host supports
Date: Fri, 16 Jun 2023 11:23:07 +0800
Message-Id: <20230616032311.19137-4-tao1.su@linux.intel.com>
In-Reply-To: <20230616032311.19137-1-tao1.su@linux.intel.com>
References: <20230616032311.19137-1-tao1.su@linux.intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: none client-ip=192.55.52.120;
 envelope-from=tao1.su@linux.intel.com; helo=mga04.intel.com
X-Spam_score_int: -42
X-Spam_score: -4.3
X-Spam_bar: ----
X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3,
 SPF_HELO_NONE=0.001, SPF_NONE=0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org

Series

Add new CPU model EmeraldRapids and GraniteRapids | expand

Commit Message

Tao Su June 16, 2023, 3:23 a.m. UTC

MCDT_NO bit indicates HW contains the security fix and doesn't need to
be mitigated to avoid data-dependent behaviour for certain instructions.
It needs no hypervisor support. Treat it as supported regardless of what
KVM reports.

Signed-off-by: Tao Su <tao1.su@linux.intel.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 target/i386/kvm/kvm.c | 5 +++++
 1 file changed, 5 insertions(+)

Comments

Igor Mammedov June 26, 2023, 1:03 p.m. UTC | #1

On Fri, 16 Jun 2023 11:23:07 +0800
Tao Su <tao1.su@linux.intel.com> wrote:

> MCDT_NO bit indicates HW contains the security fix and doesn't need to
> be mitigated to avoid data-dependent behaviour for certain instructions.
> It needs no hypervisor support. Treat it as supported regardless of what
> KVM reports.
> 
> Signed-off-by: Tao Su <tao1.su@linux.intel.com>
> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
> ---
>  target/i386/kvm/kvm.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
> index de531842f6..4defd8b479 100644
> --- a/target/i386/kvm/kvm.c
> +++ b/target/i386/kvm/kvm.c
> @@ -432,6 +432,11 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
>          uint32_t eax;
>          host_cpuid(7, 1, &eax, &unused, &unused, &unused);
>          ret |= eax & (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC);
> +    } else if (function == 7 && index == 2 && reg == R_EDX) {

> +        /* Not new instructions, just an optimization.  */
comment doesn't make much sense to me, just drop it or
describe what MCDT_NO is/mitigates.

> +        uint32_t edx;
> +        host_cpuid(7, 2, &unused, &unused, &unused, &edx);
> +        ret |= edx & CPUID_7_2_EDX_MCDT_NO;
>      } else if (function == 0xd && index == 0 &&
>                 (reg == R_EAX || reg == R_EDX)) {
>          /*

Tao Su June 27, 2023, 4:31 a.m. UTC | #2

On Mon, Jun 26, 2023 at 03:03:12PM +0200, Igor Mammedov wrote:
> On Fri, 16 Jun 2023 11:23:07 +0800
> Tao Su <tao1.su@linux.intel.com> wrote:
> 
> > MCDT_NO bit indicates HW contains the security fix and doesn't need to
> > be mitigated to avoid data-dependent behaviour for certain instructions.
> > It needs no hypervisor support. Treat it as supported regardless of what
> > KVM reports.
> > 
> > Signed-off-by: Tao Su <tao1.su@linux.intel.com>
> > Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
> > ---
> >  target/i386/kvm/kvm.c | 5 +++++
> >  1 file changed, 5 insertions(+)
> > 
> > diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
> > index de531842f6..4defd8b479 100644
> > --- a/target/i386/kvm/kvm.c
> > +++ b/target/i386/kvm/kvm.c
> > @@ -432,6 +432,11 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
> >          uint32_t eax;
> >          host_cpuid(7, 1, &eax, &unused, &unused, &unused);
> >          ret |= eax & (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC);
> > +    } else if (function == 7 && index == 2 && reg == R_EDX) {
> 
> > +        /* Not new instructions, just an optimization.  */
> comment doesn't make much sense to me, just drop it or
> describe what MCDT_NO is/mitigates.

Ok, I will drop it in the next version, thanks!

> 
> > +        uint32_t edx;
> > +        host_cpuid(7, 2, &unused, &unused, &unused, &edx);
> > +        ret |= edx & CPUID_7_2_EDX_MCDT_NO;
> >      } else if (function == 0xd && index == 0 &&
> >                 (reg == R_EAX || reg == R_EDX)) {
> >          /*
> 
>

diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index de531842f6..4defd8b479 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -432,6 +432,11 @@  uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function,
         uint32_t eax;
         host_cpuid(7, 1, &eax, &unused, &unused, &unused);
         ret |= eax & (CPUID_7_1_EAX_FZRM | CPUID_7_1_EAX_FSRS | CPUID_7_1_EAX_FSRC);
+    } else if (function == 7 && index == 2 && reg == R_EDX) {
+        /* Not new instructions, just an optimization.  */
+        uint32_t edx;
+        host_cpuid(7, 2, &unused, &unused, &unused, &edx);
+        ret |= edx & CPUID_7_2_EDX_MCDT_NO;
     } else if (function == 0xd && index == 0 &&
                (reg == R_EAX || reg == R_EDX)) {
         /*

[3/7] target/i386: Allow MCDT_NO if host supports

Commit Message

Comments

Patch