From patchwork Wed Apr 27 10:47:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= X-Patchwork-Id: 12828587 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 548B0C433F5 for ; Wed, 27 Apr 2022 10:48:04 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.314858.533121 (Exim 4.92) (envelope-from ) id 1njfD4-0002Mg-LS; Wed, 27 Apr 2022 10:47:50 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 314858.533121; Wed, 27 Apr 2022 10:47:50 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1njfD4-0002MV-Hy; Wed, 27 Apr 2022 10:47:50 +0000 Received: by outflank-mailman (input) for mailman id 314858; Wed, 27 Apr 2022 10:47:48 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1njfD2-0002LY-Ix for xen-devel@lists.xenproject.org; Wed, 27 Apr 2022 10:47:48 +0000 Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com [216.71.155.144]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 785cc2eb-c617-11ec-8fc2-03012f2f19d4; Wed, 27 Apr 2022 12:47:46 +0200 (CEST) Received: from mail-mw2nam08lp2168.outbound.protection.outlook.com (HELO NAM04-MW2-obe.outbound.protection.outlook.com) ([104.47.73.168]) by ob1.hc3370-68.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256; 27 Apr 2022 06:47:43 -0400 Received: from DS7PR03MB5608.namprd03.prod.outlook.com (2603:10b6:5:2c9::18) by DM5PR03MB3403.namprd03.prod.outlook.com (2603:10b6:4:43::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.21; Wed, 27 Apr 2022 10:47:39 +0000 Received: from DS7PR03MB5608.namprd03.prod.outlook.com ([fe80::5df3:95ce:4dfd:134e]) by DS7PR03MB5608.namprd03.prod.outlook.com ([fe80::5df3:95ce:4dfd:134e%4]) with mapi id 15.20.5186.021; Wed, 27 Apr 2022 10:47:39 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 785cc2eb-c617-11ec-8fc2-03012f2f19d4 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1651056466; h=from:to:cc:subject:date:message-id:in-reply-to: references:content-transfer-encoding:mime-version; bh=zdmBQ2lSYlZPiHjFHT8xjLwtwTyxFKhXvcBkDbhK3Fw=; b=Ix8rGebHY7LPRtQf09+9OOmN3bDQIlm/4iwMQ6VA0kiUNRL40DCnXgNN R7ZabUNGOEi0ZG/zplimcWsfIL1jaB7PgpWJJxcWAmdrhdCGJixCj5wuK 4YstAmjlO1hU4wQ6U5dtMY4DlpmFrBwULOzJ2APPczWM4eTXR72XF4nqN k=; X-IronPort-RemoteIP: 104.47.73.168 X-IronPort-MID: 72483394 X-IronPort-Reputation: None X-IronPort-Listener: OutboundMail X-IronPort-SenderGroup: RELAY_O365 X-IronPort-MailFlowPolicy: $RELAYED IronPort-Data: A9a23:faaTva15ow74yeX14PbD5aRwkn2cJEfYwER7XKvMYLTBsI5bpzwFm zNNWDzUPv+OMWvyeIt/bt7nph5QsZHXndNjHFY9pC1hF35El5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkjk7xdOCn9xGQ7InQLlbGILes1htZGEk1EE/NtTo5w7Rj2tIy34Dia++wk YiaT/P3aQfNNwFcagr424rbwP+4lK2v0N+wlgVWicFj5DcypVFMZH4sDfjZw0/DaptVBoaHq 9Prl9lVyI97EyAFUbtJmp6jGqEDryW70QKm0hK6UID66vROS7BbPg/W+5PwZG8O4whlkeydx /1didvhZiA2BJHpws4PTD9eER4nY5N/reqvzXiX6aR/zmXgWl60n7BLMxtzOocVvOFqHWtJ6 PoUbigXaQyOjP63x7T9TfRwgsMkL4/gO4Z3VnNIlGmFS6p5B8+YBfyUtbe03x9p7ixKNezZa McDLyJmcTzLYgFVO0dRA5U79AutrialL20D8wPJzUYxy0L0xxJ+/YPUDMHqftiqQM5Yrn2Vp W2TqgwVBTlfbrRz0wGt4n+qw+PCgy7/cIYTD6GjsO5nhkWJwW4eAwFQUkG0ydG7gEOjX9NUK 2QP5zEj66M18SSDUd3VTxC+5nmesXYht8F4FuQ77ESI1fDS6gPBVmwcFGcfOJohqdM8QiEs2 hmRhdT1CDdzsbqTD3WA6rOTqjD0Mi8QRYMfWRI5ocI+y4GLiOkOYtjnF4wL/HKd5jEtJQzN/ g== IronPort-HdrOrdr: A9a23:MSOXUqhO6BaGSCLB3iemP5s3knBQX0h13DAbv31ZSRFFG/FwyP rCoB1L73XJYWgqM03I+eruBEBPewK/yXcT2/hqAV7CZnichILMFu1fBOTZslnd8kHFltK1kJ 0QCpSWa+eAcmSS8/yKhzVQeuxIqLfnzEnrv5an854Ed3AXV0gK1XYdNu/0KDwUeOEQbqBJaa Z0q/A37gaISDAyVICWF3MFV+/Mq5nik4/nWwcPA1oC5BOVhT2lxbbmG1zAty1uGA9n8PMHyy zoggb57qKsv7WSzQLd7Xba69BzlMH6wtVOKcSQgow+KynqiCyveIN9Mofy9AwdkaWK0hIHgd PMqxAvM4Ba7G7QRHi8pV/X1wzpwF8Vmgvf4G7dpUGmjd3yRTo8BcYEr5leaAHl500pu8w5+L 5X3kqC3qAnQi/orWDY3ZzlRhtqnk27rT4JiugIlUFSVoMYdft4sZEfxkVIC50NdRiKpLzPKN MeTf002cwmMW9zNxvizypSKZ2XLzkO9y69MwY/Upf/6UkVoJh7p3FosfD30E1wsa7VcKM0lt gsAp4Y6o2mcfVmHZ6VfN1xJ/dfKla9Ni4kY1jiV2gOKsk8SgHwgq+yxokJz8eXX7FN5KcOuf 36ISFlXCgJCgjTNfE= X-IronPort-AV: E=Sophos;i="5.90,292,1643691600"; d="scan'208";a="72483394" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Bwa/TuB4iODCqcpCNT00EGZCFmvZu9cKpUpbnilU+gvq9UEb8tjD/ULq9SLZErsZj4kkwWb1i3wjjeb+UGR9UZDLbmW1KN0sTdZjDViAe/6oz6H3wu0c/2RVEexfPFXzv5BAXn+FMfRfy1Jf/ogHjLzoMFBs3yzp2aUdP86PnXjziJK3Sc54Mj3QJDvL5lPp9IENKYVHbOwbmFboqpekN3jX26UEQ6aylxtYIlcbPIhPoVLxlNUCrmoUlqUmqb5HM5XRcrSZhL9NKhOYkvudICWpdYraYzDFufV0NlVoCOQX7djtC3TDyk5/bJY1MmJCqsOXcb9B7PxpC2f88gboOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9awa4GHJOZs7bmYCimKBd6r5RU7QuG94g/4ySbfQYEk=; b=LWb4Nt1NoXDuxRp6ZM6jskzLfeklXvQWt2rzHrpZdHmbcP4kPT6UgHOBhDOHG5RPZfngq5xtuthYLjHuz4dMX26N2KzWOwHsCpPFocBwCSiE4IE5pK4Oq3nRJfiNAEa7TkZqHZjsbBwr4zImvHr/tdkYRhWM8PXB+CEOcxWq8IdGfVBLEnNDo22jmdwP1Zzspr2ZJ0qv8sN4/bjnFozcINOhD9a1tBcGtruh9ELx1TJSLNPk6Um/n1+qyeSYpgMhtFNGh5AhB644lk6VDoXDf+GdxYo6uO2000Gr/lRxW58fHSWbmaFGHMi+J5GHKmfTXOEgQo7ge0/sXlz7ixMeJA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.onmicrosoft.com; s=selector2-citrix-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9awa4GHJOZs7bmYCimKBd6r5RU7QuG94g/4ySbfQYEk=; b=phHQhBv1fD0iB9Sz+emBSaW1sXPApp+vT9VqVyoeqPvaRUDe8gBfXck7BKzMSja/MjG2+Nuxz9LxbBzHDsHbpI3Doy6KrLMV35wTt5Eg+baQ+2CN6kcISlunIrgdV438VyPbVpaEnVXYrvy25j/f7o8yDX4M0hrOpBi9YIuW8yE= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com; From: Roger Pau Monne To: xen-devel@lists.xenproject.org Cc: Roger Pau Monne , Jan Beulich , Andrew Cooper , Wei Liu Subject: [PATCH v4 1/3] amd/msr: implement VIRT_SPEC_CTRL for HVM guests on top of SPEC_CTRL Date: Wed, 27 Apr 2022 12:47:16 +0200 Message-Id: <20220427104718.81342-2-roger.pau@citrix.com> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220427104718.81342-1-roger.pau@citrix.com> References: <20220427104718.81342-1-roger.pau@citrix.com> X-ClientProxiedBy: LO4P123CA0059.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:153::10) To DS7PR03MB5608.namprd03.prod.outlook.com (2603:10b6:5:2c9::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 192e296a-f008-49e7-2431-08da283b5960 X-MS-TrafficTypeDiagnostic: DM5PR03MB3403:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZSpWIjMQ/bMEvwZtJPIUV9LWgQiqDe4Kro155ClmkOcTteTLldz1Rj92xEm4vREXqjDDMdTv6j3VjODOeb5nv4HI/RM0QbrZe4hbAUmFuSjrjFECS+gpJ/eqI9vznaS8K6WQ1surCcRUMgobM1GIoVcJ20oj9udBNYtYXhMECtDi+HvXEsOWj0XwhhE7JFMIc/XsfIB4zZUmkeH0QyiiJNa0NHPGfF8faOXoKwmBusAZLJPkszSQWC+56q+w9Y3YLwZ1Z/VB/lbwqrm0eYAQR92QZxtyISRnl7ecIBr+BdJm34xMSTCQAKpQwdRLYMp6YHIUMLxT7/uV1daKmP843buACyuTo8ed+xIOjX29TjL9iRfLtMouNMHScKBeZHYpoj3Xp+1XXC3REGspxVXj4EsXms5We6yUqPwgknbcR8t24J7yxQ5I92aj4j70zMlt963sXxi7U/mCnEptnZX0tSijO/LcmJ9a4FfmR+ZbuPR+e9Rj283SlYUd/of8tYJJH29/p7owTkuXGERdnJmv2kwXkGnOsXgh10G9MgOgy7fCGYuuAma/7uxyVkz2xL6cmdrmcqMaW02WjdHVFjWkZL07FoCLyVr8hQNUG8C3Ouse3nXu7OQ8zPMJXJldGpUP6sPvbvQj3EQ6x8KutERGo6KNPuy0TzZVJzcdYms0Eql0ZK6tAxaw5qQxBotd9+5l X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR03MB5608.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(508600001)(6486002)(6666004)(8676002)(66476007)(66946007)(86362001)(4326008)(66556008)(6916009)(54906003)(38100700002)(36756003)(82960400001)(6506007)(1076003)(6512007)(316002)(83380400001)(2906002)(26005)(186003)(5660300002)(8936002)(2616005);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?ja98fanRb17JDFKzdQ7REtDe84nn?= =?utf-8?q?HXPDjJ9EIbfhEqvkqKcifvY6sQlyUKE2LwLHHnfzdQ9C+3mMMefzvs8MZH05CP5nE?= =?utf-8?q?7w9xKxiC9dnNJ51b7Bk5R9J/OAMXOFCmxCYxueGTtl2KVvk6wGeu8ZvjXJBoMLC/c?= =?utf-8?q?wIxlQuGNH52Sx9kj9Bj5uFuwZmeKRPJQSTrOvAQsmOXj4fjstdA1k5mb7EQ3+gyyw?= =?utf-8?q?Lodvs0pEBzECpaG9ScPKIpk1dk5bNVL10Uqvz1/a9hhIRmCWUGVbKChu+3UhAqp95?= =?utf-8?q?v/ciFU1ugCkEHTBDfXrYINehmZyO8pbIA8n5JqgYl9F2j49h4XsXmPobtesWEYw4w?= =?utf-8?q?ClaNULqNLw4mHoSoJxPo4kBLZzQvHLlHMypYTt3OAb3OYcfz2re2J4h9ZHYQmBkCh?= =?utf-8?q?ZwvJAXpcRfrMkgD03g+HS5qrO4O4qS0q+b7KkGJZuBxFPmhNwfU48CW//STbmTWdi?= =?utf-8?q?5GlXbGsKB2EXDMnxlq6biNZWudRnECa+lEfysWVCo5KgdM1BJjtzjIZhZ9TYh3wmT?= =?utf-8?q?MIKwwkoUBTuLbTEHkY5faCH38TJR/4kCqNtLxwQj4d62GtIzR6+DXB6X7WfwToh9n?= =?utf-8?q?AGkDmlXVtUCXxztog8VSQ7gpNIDf+wiFvDMZqHwovTNIXPODtrkD7Mlp31sxCoegm?= =?utf-8?q?l6wK7SeluJ3tjbmouJpxjb74XHEzQbqEyWVC8NIFnvDxdnHj0UPLcgn5Nse2VoDRN?= =?utf-8?q?p7DVSJwGGhDkTx7B5C8y3lw4nceKXFMZplCgc+HP3K0JYZ0utRW7C7DCZq8gIGo/H?= =?utf-8?q?SSq5ie/IbZ1hRPUX5NSSw+oYrQPM7p50pw+3o38x37uBNIs3/7/7oHbsCOIY9zsLT?= =?utf-8?q?/J3d6cEV3BVm6ktT1uKpnDJw9jnx4C+9qgmt/6UX6/VniYygzjXHpSmITpGfhuoPI?= =?utf-8?q?Z2k0XItWY2WDPAMnUcaPn+ATOyXMN2i481abInYWBuCkYin6xFvNjbT8ZAk/ndieV?= =?utf-8?q?mVlNKH8xv6+1UoWl6lAajjejQyMcAp4uK7bPq0dxsd+hwVO9MVRnRcrAJmS3L4MV8?= =?utf-8?q?1JtGjUgmPbXPQdlCdLC+yG33yHl3ZG261I4lqzHUWzgR4QzRfa+QwujlT8PvaQ+BR?= =?utf-8?q?Zd+cu4WpFo310sJx87TpPG7NvZDCMsSRJmNNRAbrNMRVYd9gkmYQy7ipLSp2F5z9Q?= =?utf-8?q?ejIkH8kk0/iXolpaFgw2PA2yxdfv8kreiEzSgYtHR8Vy6YzuZVCo9EBJofx/+JrDT?= =?utf-8?q?CrDlR5y3JMCjsxPSpclnLtlGsz3OYieSvrv4MIOkOj8Yqwv6Mvj1otdEPdcXunF2s?= =?utf-8?q?otDAJaM6eKFEhabH6R7WsSWH6NDONpYf4JjYAD1dcu69UxB7gqogKh5LY+Uo79/2P?= =?utf-8?q?WhT8pNEtE5wwwX91LnNh0Qv6B+1uXf+eHC7/gCa4IJozSeD7osc2nt52vj96qk+9K?= =?utf-8?q?LyekqvLJRRwuys5WYRwYTaNzRYWgVr23OWTbMhY+IgKEvDYwc3Jblt6ZD0wMEBzOO?= =?utf-8?q?R6aLLeyRpDS/UoHa2+wRYmnuT0QGfwE2kByoj5oD5xsCXS5WkVTR3AXdwtC0ESvlk?= =?utf-8?q?9YFtAUoI1P7l0gUsgsmu7nTnw8YSyugRL6Khh54u90Mu8rJMcSPMeNqTviixJTomJ?= =?utf-8?q?JWCztR/7L31xH7DStTTQRBFytSLC6owUl2r6fxV1FZmgugsyvTAqspQEQGSgpROBu?= =?utf-8?q?VRV8zdGGsREPH627sN18IXCVVhNJT3ZvzJFM3jzjTcf8BONchls8A=3D?= X-OriginatorOrg: citrix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 192e296a-f008-49e7-2431-08da283b5960 X-MS-Exchange-CrossTenant-AuthSource: DS7PR03MB5608.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2022 10:47:39.5094 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 335836de-42ef-43a2-b145-348c2ee9ca5b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: h3reVVk5mwrf2ZO43BL1KgjBCrk98wx1RlkHQHbBZm2N1mrljnrnbULsN05R4fQjvpvxDtY3UQBIECVFh8vGaQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR03MB3403 Use the logic to set shadow SPEC_CTRL values in order to implement support for VIRT_SPEC_CTRL (signaled by VIRT_SSBD CPUID flag) for HVM guests. This includes using the spec_ctrl vCPU MSR variable to store the guest set value of VIRT_SPEC_CTRL.SSBD, which will be OR'ed with any SPEC_CTRL values being set by the guest. On hardware having SPEC_CTRL VIRT_SPEC_CTRL will not be offered by default to guests. VIRT_SPEC_CTRL will only be part of the max CPUID policy so it can be enabled for compatibility purposes. Use '!' to annotate the feature in order to express that the presence of the bit is not directly tied to its value in the host policy. Suggested-by: Andrew Cooper Signed-off-by: Roger Pau Monné Reviewed-by: Jan Beulich --- Changes since v3: - Use '!' to annotate the feature. Changes since v2: - Reword reasoning for using '!s'. - Trim comment about only setting SSBD bit in spec_ctrl.raw. Changes since v1: - Only expose VIRT_SSBD if AMD_SSBD is available on the host. - Revert change to msr-sc= command line option documentation. - Only set or clear the SSBD bit of spec_ctrl. --- xen/arch/x86/cpuid.c | 7 +++++++ xen/arch/x86/hvm/hvm.c | 1 + xen/arch/x86/include/asm/msr.h | 4 ++++ xen/arch/x86/msr.c | 18 ++++++++++++++++++ xen/arch/x86/spec_ctrl.c | 3 ++- xen/include/public/arch-x86/cpufeatureset.h | 2 +- 6 files changed, 33 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c index 7e0b395698..979dcf8164 100644 --- a/xen/arch/x86/cpuid.c +++ b/xen/arch/x86/cpuid.c @@ -550,6 +550,13 @@ static void __init calculate_hvm_max_policy(void) __clear_bit(X86_FEATURE_IBRSB, hvm_featureset); __clear_bit(X86_FEATURE_IBRS, hvm_featureset); } + else if ( boot_cpu_has(X86_FEATURE_AMD_SSBD) ) + /* + * If SPEC_CTRL.SSBD is available VIRT_SPEC_CTRL.SSBD can be exposed + * and implemented using the former. Expose in the max policy only as + * the preference is for guests to use SPEC_CTRL.SSBD if available. + */ + __set_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset); /* * With VT-x, some features are only supported by Xen if dedicated diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 5b16fb4cd8..db8f95ef7c 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -1334,6 +1334,7 @@ static const uint32_t msrs_to_send[] = { MSR_INTEL_MISC_FEATURES_ENABLES, MSR_IA32_BNDCFGS, MSR_IA32_XSS, + MSR_VIRT_SPEC_CTRL, MSR_AMD64_DR0_ADDRESS_MASK, MSR_AMD64_DR1_ADDRESS_MASK, MSR_AMD64_DR2_ADDRESS_MASK, diff --git a/xen/arch/x86/include/asm/msr.h b/xen/arch/x86/include/asm/msr.h index ce4fe51afe..ab6fbb5051 100644 --- a/xen/arch/x86/include/asm/msr.h +++ b/xen/arch/x86/include/asm/msr.h @@ -291,6 +291,7 @@ struct vcpu_msrs { /* * 0x00000048 - MSR_SPEC_CTRL + * 0xc001011f - MSR_VIRT_SPEC_CTRL (if X86_FEATURE_AMD_SSBD) * * For PV guests, this holds the guest kernel value. It is accessed on * every entry/exit path. @@ -306,6 +307,9 @@ struct vcpu_msrs * We must clear/restore Xen's value before/after VMRUN to avoid unduly * influencing the guest. In order to support "behind the guest's back" * protections, we load this value (commonly 0) before VMRUN. + * + * Once of such "behind the guest's back" usages is setting SPEC_CTRL.SSBD + * if the guest sets VIRT_SPEC_CTRL.SSBD. */ struct { uint32_t raw; diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c index 01a15857b7..72c175fd8b 100644 --- a/xen/arch/x86/msr.c +++ b/xen/arch/x86/msr.c @@ -381,6 +381,13 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val) ? K8_HWCR_TSC_FREQ_SEL : 0; break; + case MSR_VIRT_SPEC_CTRL: + if ( !cp->extd.virt_ssbd ) + goto gp_fault; + + *val = msrs->spec_ctrl.raw & SPEC_CTRL_SSBD; + break; + case MSR_AMD64_DE_CFG: if ( !(cp->x86_vendor & (X86_VENDOR_AMD | X86_VENDOR_HYGON)) ) goto gp_fault; @@ -666,6 +673,17 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val) wrmsr_tsc_aux(val); break; + case MSR_VIRT_SPEC_CTRL: + if ( !cp->extd.virt_ssbd ) + goto gp_fault; + + /* Only supports SSBD bit, the rest are ignored. */ + if ( val & SPEC_CTRL_SSBD ) + msrs->spec_ctrl.raw |= SPEC_CTRL_SSBD; + else + msrs->spec_ctrl.raw &= ~SPEC_CTRL_SSBD; + break; + case MSR_AMD64_DE_CFG: /* * OpenBSD 6.7 will panic if writing to DE_CFG triggers a #GP: diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c index 1408e4c7ab..f338bfe292 100644 --- a/xen/arch/x86/spec_ctrl.c +++ b/xen/arch/x86/spec_ctrl.c @@ -402,12 +402,13 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps) * mitigation support for guests. */ #ifdef CONFIG_HVM - printk(" Support for HVM VMs:%s%s%s%s%s\n", + printk(" Support for HVM VMs:%s%s%s%s%s%s\n", (boot_cpu_has(X86_FEATURE_SC_MSR_HVM) || boot_cpu_has(X86_FEATURE_SC_RSB_HVM) || boot_cpu_has(X86_FEATURE_MD_CLEAR) || opt_eager_fpu) ? "" : " None", boot_cpu_has(X86_FEATURE_SC_MSR_HVM) ? " MSR_SPEC_CTRL" : "", + boot_cpu_has(X86_FEATURE_SC_MSR_HVM) ? " MSR_VIRT_SPEC_CTRL" : "", boot_cpu_has(X86_FEATURE_SC_RSB_HVM) ? " RSB" : "", opt_eager_fpu ? " EAGER_FPU" : "", boot_cpu_has(X86_FEATURE_MD_CLEAR) ? " MD_CLEAR" : ""); diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h index 9cee4b439e..5aa3c82fc6 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -265,7 +265,7 @@ XEN_CPUFEATURE(IBRS_SAME_MODE, 8*32+19) /*S IBRS provides same-mode protection XEN_CPUFEATURE(NO_LMSL, 8*32+20) /*S EFER.LMSLE no longer supported. */ XEN_CPUFEATURE(AMD_PPIN, 8*32+23) /* Protected Processor Inventory Number */ XEN_CPUFEATURE(AMD_SSBD, 8*32+24) /*S MSR_SPEC_CTRL.SSBD available */ -XEN_CPUFEATURE(VIRT_SSBD, 8*32+25) /* MSR_VIRT_SPEC_CTRL.SSBD */ +XEN_CPUFEATURE(VIRT_SSBD, 8*32+25) /*! MSR_VIRT_SPEC_CTRL.SSBD */ XEN_CPUFEATURE(SSB_NO, 8*32+26) /*A Hardware not vulnerable to SSB */ XEN_CPUFEATURE(PSFD, 8*32+28) /*S MSR_SPEC_CTRL.PSFD */