| Message ID | 20230526150044.31553-4-alejandro.vallejo@cloud.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Add Automatic IBRS support | expand |
On 26/05/2023 4:00 pm, Alejandro Vallejo wrote: > Expose AutoIBRS to HVM guests, because they can just use it. Make sure > writes to EFER:AIBRSE are gated on the feature being exposed. Also hide > EFER:AIBRSE from PV guests as they have no say in the matter. > > Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com> It's worth saying "EFER is fully switched by VMRUN, so there's nothing further for Xen to do in order for HVM guests to use AutoIBRS". We can in principle support AutoIBRS on PV guests, but it's fine not to for now. This patch probably wants reordering to #2, because it is entirely independent of what Xen is doing with AutoIBRS for spec safety. It will need a minor rebase over the bit name shortening, but otherwise Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index d7d31b5393..07f39d5e61 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -936,6 +936,9 @@ const char *hvm_efer_valid(const struct vcpu *v, uint64_t value, if ( (value & EFER_FFXSE) && !p->extd.ffxsr ) return "FFXSE without feature"; + if ( (value & EFER_AIBRSE) && !p->extd.automatic_ibrs ) + return "AutoIBRS without feature"; + return NULL; } diff --git a/xen/arch/x86/include/asm/msr-index.h b/xen/arch/x86/include/asm/msr-index.h index 73d0af2615..49cb334c61 100644 --- a/xen/arch/x86/include/asm/msr-index.h +++ b/xen/arch/x86/include/asm/msr-index.h @@ -178,7 +178,8 @@ #define EFER_AIBRSE (_AC(1, ULL) << 21) /* Automatic IBRS Enable */ #define EFER_KNOWN_MASK \ - (EFER_SCE | EFER_LME | EFER_LMA | EFER_NXE | EFER_SVME | EFER_FFXSE) + (EFER_SCE | EFER_LME | EFER_LMA | EFER_NXE | EFER_SVME | EFER_FFXSE | \ + EFER_AIBRSE) #define MSR_STAR 0xc0000081 /* legacy mode SYSCALL target */ #define MSR_LSTAR 0xc0000082 /* long mode SYSCALL target */ diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index 8a4ef9c35e..142bc4818c 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -853,8 +853,8 @@ static uint64_t guest_efer(const struct domain *d) { uint64_t val; - /* Hide unknown bits, and unconditionally hide SVME from guests. */ - val = read_efer() & EFER_KNOWN_MASK & ~EFER_SVME; + /* Hide unknown bits, and unconditionally hide SVME and AIBRSE from guests. */ + val = read_efer() & EFER_KNOWN_MASK & ~(EFER_SVME | EFER_AIBRSE); /* * Hide the 64-bit features from 32-bit guests. SCE has * vendor-dependent behaviour. diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h index e3952f62bc..42401e9452 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -287,7 +287,7 @@ XEN_CPUFEATURE(AVX_IFMA, 10*32+23) /*A AVX-IFMA Instructions */ /* AMD-defined CPU features, CPUID level 0x80000021.eax, word 11 */ XEN_CPUFEATURE(LFENCE_DISPATCH, 11*32+ 2) /*A LFENCE always serializing */ XEN_CPUFEATURE(NSCB, 11*32+ 6) /*A Null Selector Clears Base (and limit too) */ -XEN_CPUFEATURE(AUTOMATIC_IBRS, 11*32+ 8) /* HW can handle IBRS on its own */ +XEN_CPUFEATURE(AUTOMATIC_IBRS, 11*32+ 8) /*S HW can handle IBRS on its own */ XEN_CPUFEATURE(CPUID_USER_DIS, 11*32+17) /* CPUID disable for CPL > 0 software */ /* Intel-defined CPU features, CPUID level 0x00000007:1.ebx, word 12 */
Expose AutoIBRS to HVM guests, because they can just use it. Make sure writes to EFER:AIBRSE are gated on the feature being exposed. Also hide EFER:AIBRSE from PV guests as they have no say in the matter. Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com> --- xen/arch/x86/hvm/hvm.c | 3 +++ xen/arch/x86/include/asm/msr-index.h | 3 ++- xen/arch/x86/pv/emul-priv-op.c | 4 ++-- xen/include/public/arch-x86/cpufeatureset.h | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-)