From patchwork Fri Aug 27 07:02:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12461301 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77FAEC432BE for ; Fri, 27 Aug 2021 07:03:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 583C260FD8 for ; Fri, 27 Aug 2021 07:03:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244315AbhH0HEA (ORCPT ); Fri, 27 Aug 2021 03:04:00 -0400 Received: from mga18.intel.com ([134.134.136.126]:6107 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232463AbhH0HD4 (ORCPT ); Fri, 27 Aug 2021 03:03:56 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="205045874" X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="205045874" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 00:03:04 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="495553014" Received: from lxy-dell.sh.intel.com ([10.239.159.31]) by fmsmga008.fm.intel.com with ESMTP; 27 Aug 2021 00:03:02 -0700 From: Xiaoyao Li To: Paolo Bonzini Cc: Xiaoyao Li , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 1/7] KVM: VMX: Restore host's MSR_IA32_RTIT_CTL when it's not zero Date: Fri, 27 Aug 2021 15:02:43 +0800 Message-Id: <20210827070249.924633-2-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210827070249.924633-1-xiaoyao.li@intel.com> References: <20210827070249.924633-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org A minor optimization to WRMSR MSR_IA32_RTIT_CTL when necessary. Opportunistically refine the comment to call out that KVM requires VM_EXIT_CLEAR_IA32_RTIT_CTL to expose PT to the guest. Reviewed-by: Sean Christopherson Signed-off-by: Xiaoyao Li --- Changes in v2: - Refine comments --- arch/x86/kvm/vmx/vmx.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index fada1055f325..5535a86aea37 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1074,8 +1074,12 @@ static void pt_guest_exit(struct vcpu_vmx *vmx) pt_load_msr(&vmx->pt_desc.host, vmx->pt_desc.addr_range); } - /* Reload host state (IA32_RTIT_CTL will be cleared on VM exit). */ - wrmsrl(MSR_IA32_RTIT_CTL, vmx->pt_desc.host.ctl); + /* + * KVM requires VM_EXIT_CLEAR_IA32_RTIT_CTL to expose PT to the guest, + * i.e. RTIT_CTL is always cleared on VM-Exit. Restore it if necessary. + */ + if (vmx->pt_desc.host.ctl) + wrmsrl(MSR_IA32_RTIT_CTL, vmx->pt_desc.host.ctl); } void vmx_set_host_fs_gs(struct vmcs_host_state *host, u16 fs_sel, u16 gs_sel, From patchwork Fri Aug 27 07:02:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12461303 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06065C4320E for ; Fri, 27 Aug 2021 07:03:14 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E145360FD9 for ; Fri, 27 Aug 2021 07:03:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244333AbhH0HEB (ORCPT ); Fri, 27 Aug 2021 03:04:01 -0400 Received: from mga18.intel.com ([134.134.136.126]:6111 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244305AbhH0HD6 (ORCPT ); Fri, 27 Aug 2021 03:03:58 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="205045881" X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="205045881" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 00:03:08 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="495553026" Received: from lxy-dell.sh.intel.com ([10.239.159.31]) by fmsmga008.fm.intel.com with ESMTP; 27 Aug 2021 00:03:04 -0700 From: Xiaoyao Li To: Paolo Bonzini Cc: Xiaoyao Li , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 2/7] KVM: VMX: Use precomputed vmx->pt_desc.addr_range Date: Fri, 27 Aug 2021 15:02:44 +0800 Message-Id: <20210827070249.924633-3-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210827070249.924633-1-xiaoyao.li@intel.com> References: <20210827070249.924633-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org The number of guest's valid PT ADDR MSRs is precomputed in vmx->pt_desc.addr_range. Use it instead of calculating again. Signed-off-by: Xiaoyao Li --- Changes in v2: - Refine comment to use 'precomputed' instead of 'cached' - Use precomputed value in vmx_get_msr() as well --- arch/x86/kvm/vmx/vmx.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 5535a86aea37..96a2df65678f 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1889,8 +1889,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) case MSR_IA32_RTIT_ADDR0_A ... MSR_IA32_RTIT_ADDR3_B: index = msr_info->index - MSR_IA32_RTIT_ADDR0_A; if (!vmx_pt_mode_is_host_guest() || - (index >= 2 * intel_pt_validate_cap(vmx->pt_desc.caps, - PT_CAP_num_address_ranges))) + (index >= 2 * vmx->pt_desc.addr_range)) return 1; if (index % 2) msr_info->data = vmx->pt_desc.guest.addr_b[index / 2]; @@ -2205,8 +2204,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) if (!pt_can_write_msr(vmx)) return 1; index = msr_info->index - MSR_IA32_RTIT_ADDR0_A; - if (index >= 2 * intel_pt_validate_cap(vmx->pt_desc.caps, - PT_CAP_num_address_ranges)) + if (index >= 2 * vmx->pt_desc.addr_range) return 1; if (is_noncanonical_address(data, vcpu)) return 1; From patchwork Fri Aug 27 07:02:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12461305 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5654DC4320A for ; Fri, 27 Aug 2021 07:03:15 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3568B61027 for ; Fri, 27 Aug 2021 07:03:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244339AbhH0HEC (ORCPT ); Fri, 27 Aug 2021 03:04:02 -0400 Received: from mga18.intel.com ([134.134.136.126]:6107 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244307AbhH0HD6 (ORCPT ); Fri, 27 Aug 2021 03:03:58 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="205045891" X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="205045891" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 00:03:09 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="495553038" Received: from lxy-dell.sh.intel.com ([10.239.159.31]) by fmsmga008.fm.intel.com with ESMTP; 27 Aug 2021 00:03:07 -0700 From: Xiaoyao Li To: Paolo Bonzini Cc: Xiaoyao Li , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 3/7] KVM: VMX: Rename pt_desc.addr_range to pt_desc.nr_addr_range Date: Fri, 27 Aug 2021 15:02:45 +0800 Message-Id: <20210827070249.924633-4-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210827070249.924633-1-xiaoyao.li@intel.com> References: <20210827070249.924633-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org To better self explain the meaning of this field. Suggested-by: Sean Christopherson Signed-off-by: Xiaoyao Li --- arch/x86/kvm/vmx/vmx.c | 26 +++++++++++++------------- arch/x86/kvm/vmx/vmx.h | 2 +- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 96a2df65678f..c54b99cec0e6 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1059,8 +1059,8 @@ static void pt_guest_enter(struct vcpu_vmx *vmx) rdmsrl(MSR_IA32_RTIT_CTL, vmx->pt_desc.host.ctl); if (vmx->pt_desc.guest.ctl & RTIT_CTL_TRACEEN) { wrmsrl(MSR_IA32_RTIT_CTL, 0); - pt_save_msr(&vmx->pt_desc.host, vmx->pt_desc.addr_range); - pt_load_msr(&vmx->pt_desc.guest, vmx->pt_desc.addr_range); + pt_save_msr(&vmx->pt_desc.host, vmx->pt_desc.nr_addr_ranges); + pt_load_msr(&vmx->pt_desc.guest, vmx->pt_desc.nr_addr_ranges); } } @@ -1070,8 +1070,8 @@ static void pt_guest_exit(struct vcpu_vmx *vmx) return; if (vmx->pt_desc.guest.ctl & RTIT_CTL_TRACEEN) { - pt_save_msr(&vmx->pt_desc.guest, vmx->pt_desc.addr_range); - pt_load_msr(&vmx->pt_desc.host, vmx->pt_desc.addr_range); + pt_save_msr(&vmx->pt_desc.guest, vmx->pt_desc.nr_addr_ranges); + pt_load_msr(&vmx->pt_desc.host, vmx->pt_desc.nr_addr_ranges); } /* @@ -1460,16 +1460,16 @@ static int vmx_rtit_ctl_check(struct kvm_vcpu *vcpu, u64 data) * cause a #GP fault. */ value = (data & RTIT_CTL_ADDR0) >> RTIT_CTL_ADDR0_OFFSET; - if ((value && (vmx->pt_desc.addr_range < 1)) || (value > 2)) + if ((value && (vmx->pt_desc.nr_addr_ranges < 1)) || (value > 2)) return 1; value = (data & RTIT_CTL_ADDR1) >> RTIT_CTL_ADDR1_OFFSET; - if ((value && (vmx->pt_desc.addr_range < 2)) || (value > 2)) + if ((value && (vmx->pt_desc.nr_addr_ranges < 2)) || (value > 2)) return 1; value = (data & RTIT_CTL_ADDR2) >> RTIT_CTL_ADDR2_OFFSET; - if ((value && (vmx->pt_desc.addr_range < 3)) || (value > 2)) + if ((value && (vmx->pt_desc.nr_addr_ranges < 3)) || (value > 2)) return 1; value = (data & RTIT_CTL_ADDR3) >> RTIT_CTL_ADDR3_OFFSET; - if ((value && (vmx->pt_desc.addr_range < 4)) || (value > 2)) + if ((value && (vmx->pt_desc.nr_addr_ranges < 4)) || (value > 2)) return 1; return 0; @@ -1889,7 +1889,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) case MSR_IA32_RTIT_ADDR0_A ... MSR_IA32_RTIT_ADDR3_B: index = msr_info->index - MSR_IA32_RTIT_ADDR0_A; if (!vmx_pt_mode_is_host_guest() || - (index >= 2 * vmx->pt_desc.addr_range)) + (index >= 2 * vmx->pt_desc.nr_addr_ranges)) return 1; if (index % 2) msr_info->data = vmx->pt_desc.guest.addr_b[index / 2]; @@ -2204,7 +2204,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) if (!pt_can_write_msr(vmx)) return 1; index = msr_info->index - MSR_IA32_RTIT_ADDR0_A; - if (index >= 2 * vmx->pt_desc.addr_range) + if (index >= 2 * vmx->pt_desc.nr_addr_ranges) return 1; if (is_noncanonical_address(data, vcpu)) return 1; @@ -3880,7 +3880,7 @@ void pt_update_intercept_for_msr(struct kvm_vcpu *vcpu) vmx_set_intercept_for_msr(vcpu, MSR_IA32_RTIT_OUTPUT_BASE, MSR_TYPE_RW, flag); vmx_set_intercept_for_msr(vcpu, MSR_IA32_RTIT_OUTPUT_MASK, MSR_TYPE_RW, flag); vmx_set_intercept_for_msr(vcpu, MSR_IA32_RTIT_CR3_MATCH, MSR_TYPE_RW, flag); - for (i = 0; i < vmx->pt_desc.addr_range; i++) { + for (i = 0; i < vmx->pt_desc.nr_addr_ranges; i++) { vmx_set_intercept_for_msr(vcpu, MSR_IA32_RTIT_ADDR0_A + i * 2, MSR_TYPE_RW, flag); vmx_set_intercept_for_msr(vcpu, MSR_IA32_RTIT_ADDR0_B + i * 2, MSR_TYPE_RW, flag); } @@ -7113,7 +7113,7 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) } /* Get the number of configurable Address Ranges for filtering */ - vmx->pt_desc.addr_range = intel_pt_validate_cap(vmx->pt_desc.caps, + vmx->pt_desc.nr_addr_ranges = intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_num_address_ranges); /* Initialize and clear the no dependency bits */ @@ -7161,7 +7161,7 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) vmx->pt_desc.ctl_bitmask &= ~RTIT_CTL_FABRIC_EN; /* unmask address range configure area */ - for (i = 0; i < vmx->pt_desc.addr_range; i++) + for (i = 0; i < vmx->pt_desc.nr_addr_ranges; i++) vmx->pt_desc.ctl_bitmask &= ~(0xfULL << (32 + i * 4)); } diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 4858c5fd95f2..f48eafbbed0e 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -62,7 +62,7 @@ struct pt_ctx { struct pt_desc { u64 ctl_bitmask; - u32 addr_range; + u32 nr_addr_ranges; u32 caps[PT_CPUID_REGS_NUM * PT_CPUID_LEAVES]; struct pt_ctx host; struct pt_ctx guest; From patchwork Fri Aug 27 07:02:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12461307 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34AE9C432BE for ; Fri, 27 Aug 2021 07:03:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1D3B760FD8 for ; Fri, 27 Aug 2021 07:03:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244370AbhH0HER (ORCPT ); Fri, 27 Aug 2021 03:04:17 -0400 Received: from mga18.intel.com ([134.134.136.126]:6124 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244307AbhH0HEQ (ORCPT ); Fri, 27 Aug 2021 03:04:16 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="205045901" X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="205045901" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 00:03:12 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="495553077" Received: from lxy-dell.sh.intel.com ([10.239.159.31]) by fmsmga008.fm.intel.com with ESMTP; 27 Aug 2021 00:03:09 -0700 From: Xiaoyao Li To: Paolo Bonzini Cc: Xiaoyao Li , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 4/7] KVM: VMX: RTIT_CTL_BRANCH_EN has no dependency on other CPUID bit Date: Fri, 27 Aug 2021 15:02:46 +0800 Message-Id: <20210827070249.924633-5-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210827070249.924633-1-xiaoyao.li@intel.com> References: <20210827070249.924633-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Per Intel SDM, RTIT_CTL_BRANCH_EN bit has no dependency on any CPUID leaf 0x14. Signed-off-by: Xiaoyao Li --- arch/x86/kvm/vmx/vmx.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index c54b99cec0e6..b9d640029c40 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7118,7 +7118,8 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) /* Initialize and clear the no dependency bits */ vmx->pt_desc.ctl_bitmask = ~(RTIT_CTL_TRACEEN | RTIT_CTL_OS | - RTIT_CTL_USR | RTIT_CTL_TSC_EN | RTIT_CTL_DISRETC); + RTIT_CTL_USR | RTIT_CTL_TSC_EN | RTIT_CTL_DISRETC | + RTIT_CTL_BRANCH_EN); /* * If CPUID.(EAX=14H,ECX=0):EBX[0]=1 CR3Filter can be set otherwise @@ -7136,12 +7137,11 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) RTIT_CTL_CYC_THRESH | RTIT_CTL_PSB_FREQ); /* - * If CPUID.(EAX=14H,ECX=0):EBX[3]=1 MTCEn BranchEn and - * MTCFreq can be set + * If CPUID.(EAX=14H,ECX=0):EBX[3]=1 MTCEn and MTCFreq can be set */ if (intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_mtc)) vmx->pt_desc.ctl_bitmask &= ~(RTIT_CTL_MTC_EN | - RTIT_CTL_BRANCH_EN | RTIT_CTL_MTC_RANGE); + RTIT_CTL_MTC_RANGE); /* If CPUID.(EAX=14H,ECX=0):EBX[4]=1 FUPonPTW and PTWEn can be set */ if (intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_ptwrite)) From patchwork Fri Aug 27 07:02:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12461309 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.0 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, UNWANTED_LANGUAGE_BODY,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 23E74C432BE for ; Fri, 27 Aug 2021 07:03:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 071DB60FD8 for ; Fri, 27 Aug 2021 07:03:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244385AbhH0HEY (ORCPT ); Fri, 27 Aug 2021 03:04:24 -0400 Received: from mga18.intel.com ([134.134.136.126]:6124 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244360AbhH0HER (ORCPT ); Fri, 27 Aug 2021 03:04:17 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="205045908" X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="205045908" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 00:03:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="495553108" Received: from lxy-dell.sh.intel.com ([10.239.159.31]) by fmsmga008.fm.intel.com with ESMTP; 27 Aug 2021 00:03:13 -0700 From: Xiaoyao Li To: Paolo Bonzini Cc: Xiaoyao Li , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 5/7] KVM: VMX: Disallow PT MSRs accessing if PT is not exposed to guest Date: Fri, 27 Aug 2021 15:02:47 +0800 Message-Id: <20210827070249.924633-6-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210827070249.924633-1-xiaoyao.li@intel.com> References: <20210827070249.924633-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Per SDM, it triggers #GP for all the accessing of PT MSRs, if X86_FEATURE_INTEL_PT is not available. Signed-off-by: Xiaoyao Li --- Changes in v2: - allow userspace/host access regradless of PT bit, (Sean) --- arch/x86/kvm/vmx/vmx.c | 38 +++++++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index b9d640029c40..394ef4732838 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1007,10 +1007,21 @@ static unsigned long segment_base(u16 selector) } #endif -static inline bool pt_can_write_msr(struct vcpu_vmx *vmx) +static inline bool pt_can_write_msr(struct vcpu_vmx *vmx, + struct msr_data *msr_info) { return vmx_pt_mode_is_host_guest() && - !(vmx->pt_desc.guest.ctl & RTIT_CTL_TRACEEN); + !(vmx->pt_desc.guest.ctl & RTIT_CTL_TRACEEN) && + (msr_info->host_initiated || + guest_cpuid_has(&vmx->vcpu, X86_FEATURE_INTEL_PT)); +} + +static inline bool pt_can_read_msr(struct kvm_vcpu *vcpu, + struct msr_data *msr_info) +{ + return vmx_pt_mode_is_host_guest() && + (msr_info->host_initiated || + guest_cpuid_has(vcpu, X86_FEATURE_INTEL_PT)); } static inline bool pt_output_base_valid(struct kvm_vcpu *vcpu, u64 base) @@ -1852,24 +1863,24 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) &msr_info->data); break; case MSR_IA32_RTIT_CTL: - if (!vmx_pt_mode_is_host_guest()) + if (!pt_can_read_msr(vcpu, msr_info)) return 1; msr_info->data = vmx->pt_desc.guest.ctl; break; case MSR_IA32_RTIT_STATUS: - if (!vmx_pt_mode_is_host_guest()) + if (!pt_can_read_msr(vcpu, msr_info)) return 1; msr_info->data = vmx->pt_desc.guest.status; break; case MSR_IA32_RTIT_CR3_MATCH: - if (!vmx_pt_mode_is_host_guest() || + if (!pt_can_read_msr(vcpu, msr_info) || !intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_cr3_filtering)) return 1; msr_info->data = vmx->pt_desc.guest.cr3_match; break; case MSR_IA32_RTIT_OUTPUT_BASE: - if (!vmx_pt_mode_is_host_guest() || + if (!pt_can_read_msr(vcpu, msr_info) || (!intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_topa_output) && !intel_pt_validate_cap(vmx->pt_desc.caps, @@ -1878,7 +1889,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) msr_info->data = vmx->pt_desc.guest.output_base; break; case MSR_IA32_RTIT_OUTPUT_MASK: - if (!vmx_pt_mode_is_host_guest() || + if (!pt_can_read_msr(vcpu, msr_info) || (!intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_topa_output) && !intel_pt_validate_cap(vmx->pt_desc.caps, @@ -1888,7 +1899,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) break; case MSR_IA32_RTIT_ADDR0_A ... MSR_IA32_RTIT_ADDR3_B: index = msr_info->index - MSR_IA32_RTIT_ADDR0_A; - if (!vmx_pt_mode_is_host_guest() || + if (!pt_can_read_msr(vcpu, msr_info) || (index >= 2 * vmx->pt_desc.nr_addr_ranges)) return 1; if (index % 2) @@ -2156,6 +2167,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) return vmx_set_vmx_msr(vcpu, msr_index, data); case MSR_IA32_RTIT_CTL: if (!vmx_pt_mode_is_host_guest() || + !guest_cpuid_has(vcpu, X86_FEATURE_INTEL_PT) || vmx_rtit_ctl_check(vcpu, data) || vmx->nested.vmxon) return 1; @@ -2164,14 +2176,14 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) pt_update_intercept_for_msr(vcpu); break; case MSR_IA32_RTIT_STATUS: - if (!pt_can_write_msr(vmx)) + if (!pt_can_write_msr(vmx, msr_info)) return 1; if (data & MSR_IA32_RTIT_STATUS_MASK) return 1; vmx->pt_desc.guest.status = data; break; case MSR_IA32_RTIT_CR3_MATCH: - if (!pt_can_write_msr(vmx)) + if (!pt_can_write_msr(vmx, msr_info)) return 1; if (!intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_cr3_filtering)) @@ -2179,7 +2191,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) vmx->pt_desc.guest.cr3_match = data; break; case MSR_IA32_RTIT_OUTPUT_BASE: - if (!pt_can_write_msr(vmx)) + if (!pt_can_write_msr(vmx, msr_info)) return 1; if (!intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_topa_output) && @@ -2191,7 +2203,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) vmx->pt_desc.guest.output_base = data; break; case MSR_IA32_RTIT_OUTPUT_MASK: - if (!pt_can_write_msr(vmx)) + if (!pt_can_write_msr(vmx, msr_info)) return 1; if (!intel_pt_validate_cap(vmx->pt_desc.caps, PT_CAP_topa_output) && @@ -2201,7 +2213,7 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) vmx->pt_desc.guest.output_mask = data; break; case MSR_IA32_RTIT_ADDR0_A ... MSR_IA32_RTIT_ADDR3_B: - if (!pt_can_write_msr(vmx)) + if (!pt_can_write_msr(vmx, msr_info)) return 1; index = msr_info->index - MSR_IA32_RTIT_ADDR0_A; if (index >= 2 * vmx->pt_desc.nr_addr_ranges) From patchwork Fri Aug 27 07:02:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12461311 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id ECD71C4320E for ; Fri, 27 Aug 2021 07:03:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CAAB660FD9 for ; Fri, 27 Aug 2021 07:03:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244347AbhH0HEZ (ORCPT ); Fri, 27 Aug 2021 03:04:25 -0400 Received: from mga18.intel.com ([134.134.136.126]:6124 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244387AbhH0HEU (ORCPT ); Fri, 27 Aug 2021 03:04:20 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="205045920" X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="205045920" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 00:03:18 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="495553126" Received: from lxy-dell.sh.intel.com ([10.239.159.31]) by fmsmga008.fm.intel.com with ESMTP; 27 Aug 2021 00:03:15 -0700 From: Xiaoyao Li To: Paolo Bonzini Cc: Xiaoyao Li , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 6/7] KVM: VMX: Check Intel PT related CPUID leaves Date: Fri, 27 Aug 2021 15:02:48 +0800 Message-Id: <20210827070249.924633-7-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210827070249.924633-1-xiaoyao.li@intel.com> References: <20210827070249.924633-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org CPUID 0xD leaves reports the capabilities of Intel PT, e.g. it decides which bits are valid to be set in MSR_IA32_RTIT_CTL, and reports the number of PT ADDR ranges. KVM needs to check that guest CPUID values set by userspace doesn't enable any bit which is not supported by bare metal. Otherwise, 1. it will trigger vm-entry failure if hardware unsupported bit is exposed to guest and set by guest. 2. it triggers #GP when context switch PT MSRs if exposing more RTIT_ADDR* MSRs than hardware capacity. Signed-off-by: Xiaoyao Li --- There is bit 31 of CPUID(0xD, 0).ECX that doesn't restrict any bit in MSR_IA32_RTIT_CTL. If guest has different value than host, it won't cause any vm-entry failure, but guest will parse the PT packet with wrong format. I also check it to be same as host to ensure the virtualization correctness. Changes in v2: - Call out that if configuring more PT ADDR MSRs than hardware, it can cause #GP when context switch. --- arch/x86/kvm/cpuid.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 739be5da3bca..0c8e06a24156 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -76,6 +76,7 @@ static inline struct kvm_cpuid_entry2 *cpuid_entry2_find( static int kvm_check_cpuid(struct kvm_cpuid_entry2 *entries, int nent) { struct kvm_cpuid_entry2 *best; + u32 eax, ebx, ecx, edx; /* * The existing code assumes virtual address is 48-bit or 57-bit in the @@ -89,6 +90,30 @@ static int kvm_check_cpuid(struct kvm_cpuid_entry2 *entries, int nent) return -EINVAL; } + /* + * CPUID 0xD leaves tell Intel PT capabilities, which decides + * pt_desc.ctl_bitmask in later update_intel_pt_cfg(). + * + * pt_desc.ctl_bitmask decides the legal value for guest + * MSR_IA32_RTIT_CTL. KVM cannot support PT capabilities beyond native, + * otherwise it will trigger vm-entry failure if guest sets native + * unsupported bits in MSR_IA32_RTIT_CTL. + */ + best = cpuid_entry2_find(entries, nent, 0xD, 0); + if (best) { + cpuid_count(0xD, 0, &eax, &ebx, &ecx, &edx); + if (best->ebx & ~ebx || best->ecx & ~ecx) + return -EINVAL; + } + best = cpuid_entry2_find(entries, nent, 0xD, 1); + if (best) { + cpuid_count(0xD, 0, &eax, &ebx, &ecx, &edx); + if (((best->eax & 0x7) > (eax & 0x7)) || + ((best->eax & ~eax) >> 16) || + (best->ebx & ~ebx)) + return -EINVAL; + } + return 0; } From patchwork Fri Aug 27 07:02:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12461313 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HK_RANDOM_FROM,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 30D05C43216 for ; Fri, 27 Aug 2021 07:03:40 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 186CE60FD9 for ; Fri, 27 Aug 2021 07:03:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244404AbhH0HE1 (ORCPT ); Fri, 27 Aug 2021 03:04:27 -0400 Received: from mga18.intel.com ([134.134.136.126]:6132 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244378AbhH0HEV (ORCPT ); Fri, 27 Aug 2021 03:04:21 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="205045925" X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="205045925" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 00:03:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,355,1620716400"; d="scan'208";a="495553148" Received: from lxy-dell.sh.intel.com ([10.239.159.31]) by fmsmga008.fm.intel.com with ESMTP; 27 Aug 2021 00:03:18 -0700 From: Xiaoyao Li To: Paolo Bonzini Cc: Xiaoyao Li , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v2 7/7] KVM: VMX: Only context switch some PT MSRs when they exist Date: Fri, 27 Aug 2021 15:02:49 +0800 Message-Id: <20210827070249.924633-8-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210827070249.924633-1-xiaoyao.li@intel.com> References: <20210827070249.924633-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org The enumeration of Intel PT feature doesn't guarantee the existence of MSR_IA32_RTIT_OUTPUT_BASE, MSR_IA32_RTIT_OUTPUT_MASK and MSR_IA32_RTIT_CR3_MATCH. They need to be detected from CPUID 0x14 PT leaves. Detect the existence of them in hardware_setup() and only context switch them when they exist. Otherwise it will cause #GP when access them. Signed-off-by: Xiaoyao Li --- arch/x86/kvm/vmx/vmx.c | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 394ef4732838..6819fc470072 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -204,6 +204,9 @@ module_param(ple_window_max, uint, 0444); int __read_mostly pt_mode = PT_MODE_SYSTEM; module_param(pt_mode, int, S_IRUGO); +static bool has_msr_rtit_cr3_match; +static bool has_msr_rtit_output_x; + static DEFINE_STATIC_KEY_FALSE(vmx_l1d_should_flush); static DEFINE_STATIC_KEY_FALSE(vmx_l1d_flush_cond); static DEFINE_MUTEX(vmx_l1d_flush_mutex); @@ -1035,9 +1038,12 @@ static inline void pt_load_msr(struct pt_ctx *ctx, u32 addr_range) u32 i; wrmsrl(MSR_IA32_RTIT_STATUS, ctx->status); - wrmsrl(MSR_IA32_RTIT_OUTPUT_BASE, ctx->output_base); - wrmsrl(MSR_IA32_RTIT_OUTPUT_MASK, ctx->output_mask); - wrmsrl(MSR_IA32_RTIT_CR3_MATCH, ctx->cr3_match); + if (has_msr_rtit_output_x) { + wrmsrl(MSR_IA32_RTIT_OUTPUT_BASE, ctx->output_base); + wrmsrl(MSR_IA32_RTIT_OUTPUT_MASK, ctx->output_mask); + } + if (has_msr_rtit_cr3_match) + wrmsrl(MSR_IA32_RTIT_CR3_MATCH, ctx->cr3_match); for (i = 0; i < addr_range; i++) { wrmsrl(MSR_IA32_RTIT_ADDR0_A + i * 2, ctx->addr_a[i]); wrmsrl(MSR_IA32_RTIT_ADDR0_B + i * 2, ctx->addr_b[i]); @@ -1049,9 +1055,12 @@ static inline void pt_save_msr(struct pt_ctx *ctx, u32 addr_range) u32 i; rdmsrl(MSR_IA32_RTIT_STATUS, ctx->status); - rdmsrl(MSR_IA32_RTIT_OUTPUT_BASE, ctx->output_base); - rdmsrl(MSR_IA32_RTIT_OUTPUT_MASK, ctx->output_mask); - rdmsrl(MSR_IA32_RTIT_CR3_MATCH, ctx->cr3_match); + if (has_msr_rtit_output_x) { + rdmsrl(MSR_IA32_RTIT_OUTPUT_BASE, ctx->output_base); + rdmsrl(MSR_IA32_RTIT_OUTPUT_MASK, ctx->output_mask); + } + if (has_msr_rtit_cr3_match) + rdmsrl(MSR_IA32_RTIT_CR3_MATCH, ctx->cr3_match); for (i = 0; i < addr_range; i++) { rdmsrl(MSR_IA32_RTIT_ADDR0_A + i * 2, ctx->addr_a[i]); rdmsrl(MSR_IA32_RTIT_ADDR0_B + i * 2, ctx->addr_b[i]); @@ -7883,8 +7892,13 @@ static __init int hardware_setup(void) if (pt_mode != PT_MODE_SYSTEM && pt_mode != PT_MODE_HOST_GUEST) return -EINVAL; - if (!enable_ept || !cpu_has_vmx_intel_pt()) + if (!enable_ept || !cpu_has_vmx_intel_pt()) { pt_mode = PT_MODE_SYSTEM; + } else if (boot_cpu_has(X86_FEATURE_INTEL_PT)) { + has_msr_rtit_cr3_match = intel_pt_validate_hw_cap(PT_CAP_cr3_filtering); + has_msr_rtit_output_x = intel_pt_validate_hw_cap(PT_CAP_topa_output) || + intel_pt_validate_hw_cap(PT_CAP_single_range_output); + } setup_default_sgx_lepubkeyhash();