From patchwork Fri Feb 4 20:46:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12735611 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 68751C433FE for ; Fri, 4 Feb 2022 20:47:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236733AbiBDUrM (ORCPT ); Fri, 4 Feb 2022 15:47:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52516 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236232AbiBDUrL (ORCPT ); Fri, 4 Feb 2022 15:47:11 -0500 Received: from mail-il1-x14a.google.com (mail-il1-x14a.google.com [IPv6:2607:f8b0:4864:20::14a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6010BC06173D for ; Fri, 4 Feb 2022 12:47:11 -0800 (PST) Received: by mail-il1-x14a.google.com with SMTP id i28-20020a056e021d1c00b002bdb4d7a848so3347794ila.16 for ; Fri, 04 Feb 2022 12:47:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ZzD3Qd5+UuG7KtmWYBVImdRfI9mhz2RqQAIMX8GTIfs=; b=VzmTT57UQrRncU8qeto8DeZbJQbtA0BTOZGSAljGg0xVtZ+rYGqdQ6Oh/4JCxeHh6t jlBIIyRIfGaif1Q7OSvhz10hoE8Q/HiEv6dgo5umfTdx6RXM9cP1AsKZGyshzMcxh2RL eKB7WwdrFCf4HRGWFzMJV2htSOsJCF659QKY+itizN2RvZQki5Cy1P21IwB8fDpFgTfQ GQFbGvujr9S/zdnJb80T4NULKv3g7ZxRE5rMig7De163xmlPrqV2UW89R8zWamQNVhFw YmZQ2QQ/ipA1kB2zHEaODeTzhilCCCsQ45xSYJ0TTf38vpViyEp0rb8fKnM241VyQPs6 K29g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ZzD3Qd5+UuG7KtmWYBVImdRfI9mhz2RqQAIMX8GTIfs=; b=ry4NtuAa1ph5vhn2U/71/is5FYV384i9w43sD3KGo0TD1z2Fq3KGfrSy7efzLdKlQM Tk9Z7TvGRNU/Q2VZUyuLqsMUenqkX83MenTPM+xrZrXNeLMC4wpGgK5xUjwZsKDzNmwI PK/q7vIFk36x5BGOaOGnKaspjTsNlAF1xX/qIBhG6gj/FOeDyO3eOSIlFPeT+ptbn0YF HFyqxQ1RZDG2hbIPqzQnYgoQzdF+O2EmzYkzSapHcY1rVY7kMHl4BTvLxX5ea/gtbdjZ FLs2H5SrQbolc+YclI+CvgPpyAH/X8DJ63F1zK/YtrZLITy2qYUpVNQ+3GMSCDSEQjue hzJA== X-Gm-Message-State: AOAM531O0On0GOg0u/hIu6u+ALjylWkonz5PPNkBXuUDmAK5BBLOB0X8 SFAbCHMLbiyhbcIRt7C98QXMAGjMLuY2f2zsNtEaGrrtx+J3CzaPyifEdaOunnm1jS/yInjoSiC Yu45cF02oxyn75sWF1v8o2pWmsAjFDSUIdJEb9q2jTn7xKVxnbTutN1uM7g== X-Google-Smtp-Source: ABdhPJznkZ+Ssj7CQPuYNsb8/U15o5Kq3Sx/nHARJvav4GGCg788syAR0J9SIFMhjcAvfSwXm19fr3FVwBM= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a92:2804:: with SMTP id l4mr509115ilf.292.1644007630737; Fri, 04 Feb 2022 12:47:10 -0800 (PST) Date: Fri, 4 Feb 2022 20:46:59 +0000 In-Reply-To: <20220204204705.3538240-1-oupton@google.com> Message-Id: <20220204204705.3538240-2-oupton@google.com> Mime-Version: 1.0 References: <20220204204705.3538240-1-oupton@google.com> X-Mailer: git-send-email 2.35.0.263.gb82422642f-goog Subject: [PATCH v2 1/7] KVM: nVMX: Keep KVM updates to BNDCFGS ctrl bits across MSR write From: Oliver Upton To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Oliver Upton Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Since commit 5f76f6f5ff96 ("KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled"), KVM has taken ownership of the "load IA32_BNDCFGS" and "clear IA32_BNDCFGS" VMX entry/exit controls. The ABI is that these bits must be set in the IA32_VMX_TRUE_{ENTRY,EXIT}_CTLS MSRs if the guest's CPUID supports MPX, and clear otherwise. However, KVM will only do so if userspace sets the CPUID before writing to the corresponding MSRs. Of course, there are no ordering requirements between these ioctls. Uphold the ABI regardless of ordering by reapplying KVMs tweaks to the VMX control MSRs after userspace has written to them. Fixes: 5f76f6f5ff96 ("KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled") Signed-off-by: Oliver Upton --- arch/x86/kvm/vmx/nested.c | 9 +++++++++ arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/kvm/vmx/vmx.h | 2 ++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index ba34e94049c7..59164394569f 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -1291,6 +1291,15 @@ vmx_restore_control_msr(struct vcpu_vmx *vmx, u32 msr_index, u64 data) *lowp = data; *highp = data >> 32; + + /* + * Ensure KVM fiddling with these MSRs is preserved after userspace + * write. + */ + if (msr_index == MSR_IA32_VMX_TRUE_ENTRY_CTLS || + msr_index == MSR_IA32_VMX_TRUE_EXIT_CTLS) + nested_vmx_entry_exit_ctls_update(&vmx->vcpu); + return 0; } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index aca3ae2a02f3..d63d6dfbadbf 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7227,7 +7227,7 @@ static void nested_vmx_cr_fixed1_bits_update(struct kvm_vcpu *vcpu) #undef cr4_fixed1_update } -static void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu) +void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 7f2c82e7f38f..e134e2763502 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -423,6 +423,8 @@ static inline void vmx_set_intercept_for_msr(struct kvm_vcpu *vcpu, u32 msr, void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcpu); +void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu); + /* * Note, early Intel manuals have the write-low and read-high bitmap offsets * the wrong way round. The bitmaps control MSRs 0x00000000-0x00001fff and From patchwork Fri Feb 4 20:47:00 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12735613 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D289EC4332F for ; Fri, 4 Feb 2022 20:47:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237737AbiBDUrO (ORCPT ); Fri, 4 Feb 2022 15:47:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52532 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236232AbiBDUrN (ORCPT ); Fri, 4 Feb 2022 15:47:13 -0500 Received: from mail-io1-xd4a.google.com (mail-io1-xd4a.google.com [IPv6:2607:f8b0:4864:20::d4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 54E44C061714 for ; Fri, 4 Feb 2022 12:47:13 -0800 (PST) Received: by mail-io1-xd4a.google.com with SMTP id a185-20020a6bcac2000000b00604c268546dso4842100iog.10 for ; Fri, 04 Feb 2022 12:47:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=TTxMhtKc3iSNKzWjOY2I8dsoN059H4oxNJpf8eFE8Yg=; b=L30f8wuRgkYJRCntCSdRfunN35fl0sV+6QU4kfAwqcoO0KLwd3tc41E8CCyhEusqJ/ Irsx6Qfdv2OaT0nwrmXupQPtw9AL4u2GoRQaYInkO73qbHcuVix5S5t/m4ZvHt055mNC U8mErcvl6Cml+iIBTUgSW2VYDnqsufNayPYxkZbqH/sTS7zfcM0D6uUvusY434ItL3OI dAFaCdVU0J4Zu8UTP8RDmnjzxy0SsCtthVE1/BaPaRNH6OfulcV312v5gTEbhBqoY15Z GnleGFOIMd/XZ9bwqLCqWb4leFp8UjLDnz8YZdgTkE0jvKTCzM2LDwbT2Auy/081S/RM aN1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=TTxMhtKc3iSNKzWjOY2I8dsoN059H4oxNJpf8eFE8Yg=; b=u2GddXL5FJ1SXprqZVjtPJ34QPJdDMooOe5bCjGAEC/7vmhl08I4JaoZ+yXEjDk5h3 vfOSyP1gfRAKAEJ3MUI29Aa0/yzu9pb+11ZyUljZ2g44K2auhgJpW4cO0cGKXjJCMxDd ChJ3+GCs15w1k/zskNsJKfMRZ0Gnx4xzu9ATUo8rSLkNj665ppwRB73vHvkjX8DkVbAv /78pnVx22Wv5IPn9G02nzWipjbuoiYvsA3eiBqUwNJJ9TKwjH5Kxji0j3XptPY27s+5R b1Th0NNTV/ipFoOovrHmpePViCZ9/BtsrS11ErxAmXzaDzLDWRXuQES26FGxCjkHrMMq DgoA== X-Gm-Message-State: AOAM531wQekLUdQ9LVMjVUtXIrwLDW6RtjO/5vTVWHxbHHXovm5VApE5 u7AYuF0fUMAV0Dj/gNi5HKLING5Qeti3Y+PHfvGRG9+G2SX0rXUfGbORCa1dWqeDuit4hoH2wqS zHcGBEHrdzpFDIjsDZxk0+9mE5uZYTQOh3MNU1ZKEKc0L+vl6wyksik9Eew== X-Google-Smtp-Source: ABdhPJzeXxQKi83eDIDSgeJRoHlM/tAPUyRt2nl5D+Q0Kbi2rN6mWlgm8DZr5aizCSC63LuSsjIW8Gt6IPc= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a05:6e02:c03:: with SMTP id d3mr450236ile.206.1644007631700; Fri, 04 Feb 2022 12:47:11 -0800 (PST) Date: Fri, 4 Feb 2022 20:47:00 +0000 In-Reply-To: <20220204204705.3538240-1-oupton@google.com> Message-Id: <20220204204705.3538240-3-oupton@google.com> Mime-Version: 1.0 References: <20220204204705.3538240-1-oupton@google.com> X-Mailer: git-send-email 2.35.0.263.gb82422642f-goog Subject: [PATCH v2 2/7] KVM: nVMX: Keep KVM updates to PERF_GLOBAL_CTRL ctrl bits across MSR write From: Oliver Upton To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Oliver Upton Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Since commit 03a8871add95 ("KVM: nVMX: Expose load IA32_PERF_GLOBAL_CTRL VM-{Entry,Exit} control"), KVM has taken ownership of the "load IA32_PERF_GLOBAL_CTRL" VMX entry/exit control bits. The ABI is that these bits will be set in the IA32_VMX_TRUE_{ENTRY,EXIT}_CTLS MSRs if the guest's CPUID exposes a vPMU that supports the IA32_PERF_GLOBAL_CTRL MSR (CPUID.0AH:EAX[7:0] > 1), and clear otherwise. However, KVM will only do so if userspace sets the CPUID before writing to the corresponding MSRs. Of course, there are no ordering requirements between these ioctls. Uphold the ABI regardless of ordering by reapplying KVMs tweaks to the VMX control MSRs after userspace has written to them. Note that older kernels without commit c44d9b34701d ("KVM: x86: Invoke vendor's vcpu_after_set_cpuid() after all common updates") still require that the entry/exit controls be updated from kvm_pmu_refresh(). Leave the benign call in place to allow for cleaner backporting and punt the cleanup to a later change. Fixes: 03a8871add95 ("KVM: nVMX: Expose load IA32_PERF_GLOBAL_CTRL VM-{Entry,Exit} control") Reported-by: Jim Mattson Signed-off-by: Oliver Upton --- arch/x86/kvm/vmx/vmx.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index d63d6dfbadbf..54ac382a0b73 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7242,6 +7242,8 @@ void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu) vmx->nested.msrs.exit_ctls_high &= ~VM_EXIT_CLEAR_BNDCFGS; } } + + nested_vmx_pmu_entry_exit_ctls_update(vcpu); } static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) From patchwork Fri Feb 4 20:47:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12735614 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AAF05C433F5 for ; Fri, 4 Feb 2022 20:47:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238117AbiBDUrO (ORCPT ); Fri, 4 Feb 2022 15:47:14 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52534 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237301AbiBDUrO (ORCPT ); Fri, 4 Feb 2022 15:47:14 -0500 Received: from mail-il1-x14a.google.com (mail-il1-x14a.google.com [IPv6:2607:f8b0:4864:20::14a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5D2B7C06173D for ; Fri, 4 Feb 2022 12:47:13 -0800 (PST) Received: by mail-il1-x14a.google.com with SMTP id z11-20020a056e0217cb00b002bab54d8254so4839195ilu.18 for ; Fri, 04 Feb 2022 12:47:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=t3bi6FbPBwbvFSpb5eud1+ec03s+bf56QCIyPFsES0U=; b=mpqMxckHGLPsT+uHuy09F7pFKbqRjBmE6sLIY6YD6HPx9DYJtDSyziIxfisKAIkFAF uUd3OLCFvbDgF9C1aAxkAJGDkUDZ73wRroRNoEWXz/waip1Fbx9xk54+ovf9+JRQGjgU nS50h1LsenI+hdnImHkLJiXUTNyiNKLLcTvTDpAi64jhKD3Ki5CZg4pOHImaGHEIaWFw RL3AZejhcKyZMeyshJ2kWNwuCd0CaGXyrsop7JUyxra7LlH+AcGnjZwLebjckjEMkNvg Q8Pq4xZ2LZf7hVXFaO+maWq6H8Kmqhpd+FGn6J9GG1S1ZnQCv470UAP1D9liQv/hasxf R+Hg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=t3bi6FbPBwbvFSpb5eud1+ec03s+bf56QCIyPFsES0U=; b=Lway4v5wti8NoPfFksXpBk6mmviG8OlGmc4d+YYkP3FCmrZ8rmuH7kSxQN8V42GrKS jgo2oDhxfQJVarxmp4q8VjDKeHSSHcSvfprrDyPo2He10oe/uKKmPq0b7uxvmm9evRII zxowry/2/huL5TYkQ6N1jEkJvedL0eKLo1e6AoT7Ttch+U+TZk6dU0l1af7r5B0jNLw5 gSWq6VUJDddwlkcfR3g/GFj9/iMBkT55fA5/YRavGuyYV5n+6FOHrpeXZs9EivyaVuQd vIVfSRYM9Q0wXsu+k7I7vgmMFMjJGf22p0CHvzWBU1z7Wmz0Gj3V1fmI730AtrHHqCEf kEDQ== X-Gm-Message-State: AOAM532CRgBlKSq3sEUw8HQJLrG26P9Z3ywuolFUCziE99DwlVQB8H5X QKPBwjRl8tyB/JeCZESEWFmrKegL3znkkDUzk1fztmD34COzGuZuQbxVh6+FRWRmeRilUWqQP6V CUFz05Skn+tzVym0GwwtGO3i8/7GXZpBHU9IBxnDC4puy/HJX111YzFTooQ== X-Google-Smtp-Source: ABdhPJz68v1EL2eR2+Ct0VcHGf11IEXNE7eQ64dRIRCyEsK2OO17lW5RuOO6z5DFi5ACny/1AYQacP4PDek= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a05:6602:1407:: with SMTP id t7mr407600iov.82.1644007632693; Fri, 04 Feb 2022 12:47:12 -0800 (PST) Date: Fri, 4 Feb 2022 20:47:01 +0000 In-Reply-To: <20220204204705.3538240-1-oupton@google.com> Message-Id: <20220204204705.3538240-4-oupton@google.com> Mime-Version: 1.0 References: <20220204204705.3538240-1-oupton@google.com> X-Mailer: git-send-email 2.35.0.263.gb82422642f-goog Subject: [PATCH v2 3/7] KVM: nVMX: Roll all entry/exit ctl updates into a single helper From: Oliver Upton To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Oliver Upton Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org nested_vmx_pmu_entry_exit_ctls_update() is no longer useful; updating the entry/exit ctrl bits in the vendor vcpu_after_set_cpuid() hook is sufficient as KVM has already recalculated the vPMU version. Keep all of KVM's bad behavior with regards to the VMX entry/exit control MSRs in one place. Remove all traces of the PMU helper and inline the bit twiddling to nested_vmx_entry_exit_ctls_update(). Signed-off-by: Oliver Upton Reported-by: kernel test robot --- arch/x86/kvm/vmx/nested.c | 21 --------------------- arch/x86/kvm/vmx/nested.h | 1 - arch/x86/kvm/vmx/pmu_intel.c | 2 -- arch/x86/kvm/vmx/vmx.c | 8 +++++++- 4 files changed, 7 insertions(+), 25 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 59164394569f..2e8facff93f8 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -4806,27 +4806,6 @@ int get_vmx_mem_address(struct kvm_vcpu *vcpu, unsigned long exit_qualification, return 0; } -void nested_vmx_pmu_entry_exit_ctls_update(struct kvm_vcpu *vcpu) -{ - struct vcpu_vmx *vmx; - - if (!nested_vmx_allowed(vcpu)) - return; - - vmx = to_vmx(vcpu); - if (kvm_x86_ops.pmu_ops->is_valid_msr(vcpu, MSR_CORE_PERF_GLOBAL_CTRL)) { - vmx->nested.msrs.entry_ctls_high |= - VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; - vmx->nested.msrs.exit_ctls_high |= - VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; - } else { - vmx->nested.msrs.entry_ctls_high &= - ~VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; - vmx->nested.msrs.exit_ctls_high &= - ~VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; - } -} - static int nested_vmx_get_vmptr(struct kvm_vcpu *vcpu, gpa_t *vmpointer, int *ret) { diff --git a/arch/x86/kvm/vmx/nested.h b/arch/x86/kvm/vmx/nested.h index b69a80f43b37..14ad756aac46 100644 --- a/arch/x86/kvm/vmx/nested.h +++ b/arch/x86/kvm/vmx/nested.h @@ -32,7 +32,6 @@ int vmx_set_vmx_msr(struct kvm_vcpu *vcpu, u32 msr_index, u64 data); int vmx_get_vmx_msr(struct nested_vmx_msrs *msrs, u32 msr_index, u64 *pdata); int get_vmx_mem_address(struct kvm_vcpu *vcpu, unsigned long exit_qualification, u32 vmx_instruction_info, bool wr, int len, gva_t *ret); -void nested_vmx_pmu_entry_exit_ctls_update(struct kvm_vcpu *vcpu); void nested_mark_vmcs12_pages_dirty(struct kvm_vcpu *vcpu); bool nested_vmx_check_io_bitmaps(struct kvm_vcpu *vcpu, unsigned int port, int size); diff --git a/arch/x86/kvm/vmx/pmu_intel.c b/arch/x86/kvm/vmx/pmu_intel.c index 466d18fc0c5d..ad1adbaa7d9e 100644 --- a/arch/x86/kvm/vmx/pmu_intel.c +++ b/arch/x86/kvm/vmx/pmu_intel.c @@ -541,8 +541,6 @@ static void intel_pmu_refresh(struct kvm_vcpu *vcpu) bitmap_set(pmu->all_valid_pmc_idx, INTEL_PMC_MAX_GENERIC, pmu->nr_arch_fixed_counters); - nested_vmx_pmu_entry_exit_ctls_update(vcpu); - if (intel_pmu_lbr_is_compatible(vcpu)) x86_perf_get_lbr(&lbr_desc->records); else diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 54ac382a0b73..395787b7e7ac 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7243,7 +7243,13 @@ void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu) } } - nested_vmx_pmu_entry_exit_ctls_update(vcpu); + if (kvm_pmu_is_valid_msr(vcpu, MSR_CORE_PERF_GLOBAL_CTRL)) { + vmx->nested.msrs.entry_ctls_high |= VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; + vmx->nested.msrs.exit_ctls_high |= VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; + } else { + vmx->nested.msrs.entry_ctls_high &= ~VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL; + vmx->nested.msrs.exit_ctls_high &= ~VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL; + } } static void update_intel_pt_cfg(struct kvm_vcpu *vcpu) From patchwork Fri Feb 4 20:47:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12735615 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BA51FC433EF for ; Fri, 4 Feb 2022 20:47:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238929AbiBDUrP (ORCPT ); Fri, 4 Feb 2022 15:47:15 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52548 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238376AbiBDUrP (ORCPT ); Fri, 4 Feb 2022 15:47:15 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 884CCC061714 for ; Fri, 4 Feb 2022 12:47:14 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id 2-20020a251302000000b006118f867dadso15337010ybt.12 for ; Fri, 04 Feb 2022 12:47:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=wNEW0r3i/yh83WCbI4vGD4iW/NFLvLf/uskgDDYubyU=; b=lgiQcgh1u5e3NMCAjj06zrynEs5CTxVHFTw0NCCQvGgSZ9OVdxp8IAQoIIMjqYS8qE fyZRkR4vCH09+PiErMKnXoyBU6zN3ScDmMsuJcM0ZyOyp+Kstwh9YpueargozAgbjJpG xZHHfQw7Wr5bWLmg1BOnkge6i5yYYIrnTlMuX4ct90IRqgtLLUqseHFEDiOBJYCRpIag Kf9Ku09vF7bY9AmEJH0vOtxswhrEVKQM7GoqPRBag4MGQ12G+IsYoSucvGiK+40HaMNh 1hOYKRgwyAPeBaSinGL+fGCz1mS2SctUbs3LLQwJxEmgTPBedoqvmSfhCKDz33McdmxF OelQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=wNEW0r3i/yh83WCbI4vGD4iW/NFLvLf/uskgDDYubyU=; b=XHlbiP9jT14rfEpzlSOwkmSEsfRZkoPg2/K+nUPryR1ojFgYPtCHvD4xDbsie4g4fu jMA+/DGxVto/5uImCrxBwod/tK7Q6BEkMQfy1fK7P7AFvDXzAyHxfVHmtr8LdVqWpgOx BZCv3g/pvzzNH8PJ2MO5iAcjH7Lrg1+6ob8lqUAyBKk+nN6pg+lwt28OGUEpoOPWU616 vgHDInhI2ChT7b9QBB6k2z1vSoYwlaIcnhwfAAlVGQ17hP7VvTImFHcJ5hKW3mtOLwjA PHUJEP2ILadQjFbZwZVFCqJwZR95ViKD8PqWx4KaxHgol7YUCD5PpFGGyGBg/B+b9LxW MhuA== X-Gm-Message-State: AOAM5304hDaS9JbEUTZesFf2eYArnFANN8ESyWKqCaZfHE1NR6vS2j1P OQuGbg50vRHqjBvJll9KDMbxv3PcmqOdjNkGAqUSIuksKH6YryFuXNU+DPyHZvnVFRTJn+8GiJu 4gZ1odFwOnjGuhPxac8XgAum4Lt45jqHKUZn9LYuydkMqt5JG6Tnzu7W7hQ== X-Google-Smtp-Source: ABdhPJy6vD0hnzI7gYy8ASHpyxgqi8zQXXCmGl6zTD9fo3y9iT6maUpZwKD2KrEi7loIPIKBit/8lC5cGuw= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a5b:486:: with SMTP id n6mr999671ybp.547.1644007633725; Fri, 04 Feb 2022 12:47:13 -0800 (PST) Date: Fri, 4 Feb 2022 20:47:02 +0000 In-Reply-To: <20220204204705.3538240-1-oupton@google.com> Message-Id: <20220204204705.3538240-5-oupton@google.com> Mime-Version: 1.0 References: <20220204204705.3538240-1-oupton@google.com> X-Mailer: git-send-email 2.35.0.263.gb82422642f-goog Subject: [PATCH v2 4/7] KVM: nVMX: Add a quirk for KVM tweaks to VMX control MSRs From: Oliver Upton To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Oliver Upton Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org KVM really has no business messing with the vCPU state. Nonetheless, it has become ABI for KVM to adjust certain bits of the VMX entry/exit control MSRs depending on the guest CPUID. Namely, the bits associated with the IA32_PERF_GLOBAL_CTRL and IA32_BNDCFGS MSRs were conditionally enabled if the guest CPUID allows for it. Allow userspace to opt-out of changes to VMX control MSRs by adding a new KVM quirk. Suggested-by: Sean Christopherson Signed-off-by: Oliver Upton --- arch/x86/include/uapi/asm/kvm.h | 11 ++++++----- arch/x86/kvm/vmx/vmx.c | 3 +++ 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index bf6e96011dfe..acbab6a97fae 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -428,11 +428,12 @@ struct kvm_sync_regs { struct kvm_vcpu_events events; }; -#define KVM_X86_QUIRK_LINT0_REENABLED (1 << 0) -#define KVM_X86_QUIRK_CD_NW_CLEARED (1 << 1) -#define KVM_X86_QUIRK_LAPIC_MMIO_HOLE (1 << 2) -#define KVM_X86_QUIRK_OUT_7E_INC_RIP (1 << 3) -#define KVM_X86_QUIRK_MISC_ENABLE_NO_MWAIT (1 << 4) +#define KVM_X86_QUIRK_LINT0_REENABLED (1 << 0) +#define KVM_X86_QUIRK_CD_NW_CLEARED (1 << 1) +#define KVM_X86_QUIRK_LAPIC_MMIO_HOLE (1 << 2) +#define KVM_X86_QUIRK_OUT_7E_INC_RIP (1 << 3) +#define KVM_X86_QUIRK_MISC_ENABLE_NO_MWAIT (1 << 4) +#define KVM_X86_QUIRK_TWEAK_VMX_CTRL_MSRS (1 << 5) #define KVM_STATE_NESTED_FORMAT_VMX 0 #define KVM_STATE_NESTED_FORMAT_SVM 1 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 395787b7e7ac..60b1b76782e1 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7231,6 +7231,9 @@ void nested_vmx_entry_exit_ctls_update(struct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx = to_vmx(vcpu); + if (!kvm_check_has_quirk(vcpu->kvm, KVM_X86_QUIRK_TWEAK_VMX_CTRL_MSRS)) + return; + if (kvm_mpx_supported()) { bool mpx_enabled = guest_cpuid_has(vcpu, X86_FEATURE_MPX); From patchwork Fri Feb 4 20:47:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12735616 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE842C433F5 for ; Fri, 4 Feb 2022 20:47:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239409AbiBDUrR (ORCPT ); Fri, 4 Feb 2022 15:47:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52554 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239025AbiBDUrP (ORCPT ); Fri, 4 Feb 2022 15:47:15 -0500 Received: from mail-il1-x14a.google.com (mail-il1-x14a.google.com [IPv6:2607:f8b0:4864:20::14a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 79806C06173D for ; Fri, 4 Feb 2022 12:47:15 -0800 (PST) Received: by mail-il1-x14a.google.com with SMTP id 20-20020a056e020cb400b002b93016fbccso4896254ilg.4 for ; Fri, 04 Feb 2022 12:47:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=mYdQuuQjNg3olGZ4TYpyId10vffH51o4bIKR3rvAWAU=; b=f6Eaua2Lr1p4KNKFksZp3uwcpeu2EpH6Q78D1FVfxabRWvngaq42+NlCqv7okP2v8C vQMeTjSGz6C7NyUbrPZk7MwbtyZs1ipw4k2vQqiMkE5uR5HQrrdwdzJOtdnejdlshtuC 6kr+7hkeeVgZiMMEGJzkAJPunrfnhdcZ9dBPx2PaFA/3zD86s2TDn3HzXKHyOpDVRvIh DWZtqxjvB2/3dWVY2KTRXxWtTBLg//c70AXr6QjIoqt8krAotiJ0324h1HEaD82fkg1a LNjt5vwh9SiSWbx6TrVic7KpRYAVS/W0ytRv2xVlG6sNzHRHI9kU11U7ZD+EPWkQ3pNP CQrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=mYdQuuQjNg3olGZ4TYpyId10vffH51o4bIKR3rvAWAU=; b=F7LjWprcDp1+O92PaYSaG5U71Bz9DAaNUxuVj/lpJqICFUptNJnfGEwJbh+7hAUlCQ vjBJCUaA1nMHWZIC7jn4fiICFrva2x9LwaoaESpQFwPM5ODzQn4R23qRsGRALiOaSleB xAeSkJiVQCr+kF5YyPfSHbQWunLDcJ1MyL2RGgILwcFulvVQaFdFrOcnzrF3egiCnypN 0vNmCTsQJA2iRshWCEozYlLoXW/mEzvf8LOJHOeeU5cXEJRomLDFW6t9EWrDv9alpKHG RJQ1AC+y7polmFkOqKUdX6yDleqavF1qcW/0oU0sRzmIzyg38sywKni5wlctQgbyAspN 6CnQ== X-Gm-Message-State: AOAM533FHRgBJZnHUKnfVjWIIUeNfLHOjci6bFUGVtoTUxW8/a4hsshJ wnmTqUWxnWZzHXZeUpkNfBvfHHV3Q+65KNfpcDd9F0Y84YMe/42mq7fcA1H58kTxn47cYFWre4X v+fu3oGuZFD1KLGOJVn2xPguMDzBv10f/2CqttH4XptFG1Het3MS/xjt73w== X-Google-Smtp-Source: ABdhPJy2YZi6zlt/xR8dve7osJIsGH7Itr7DSWsQElsnFqEBKuqjkKZJ8ZcLyUKcNOtCEZKqyGhol9kQnss= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a05:6602:2c44:: with SMTP id x4mr396033iov.111.1644007634835; Fri, 04 Feb 2022 12:47:14 -0800 (PST) Date: Fri, 4 Feb 2022 20:47:03 +0000 In-Reply-To: <20220204204705.3538240-1-oupton@google.com> Message-Id: <20220204204705.3538240-6-oupton@google.com> Mime-Version: 1.0 References: <20220204204705.3538240-1-oupton@google.com> X-Mailer: git-send-email 2.35.0.263.gb82422642f-goog Subject: [PATCH v2 5/7] selftests: KVM: Add test for PERF_GLOBAL_CTRL VMX control MSR bits From: Oliver Upton To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Oliver Upton Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Test that the default behavior of KVM is to ignore userspace MSR writes and conditionally expose the "load IA32_PERF_GLOBAL_CTRL" bits in the VMX control MSRs if the guest CPUID exposes a supporting vPMU. Additionally, test that when the corresponding quirk is disabled, userspace can still clear these bits regardless of what is exposed in CPUID. Signed-off-by: Oliver Upton --- tools/testing/selftests/kvm/.gitignore | 1 + tools/testing/selftests/kvm/Makefile | 1 + .../kvm/x86_64/vmx_control_msrs_test.c | 113 ++++++++++++++++++ 3 files changed, 115 insertions(+) create mode 100644 tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftests/kvm/.gitignore index dce7de7755e6..044aef3a8574 100644 --- a/tools/testing/selftests/kvm/.gitignore +++ b/tools/testing/selftests/kvm/.gitignore @@ -36,6 +36,7 @@ /x86_64/userspace_io_test /x86_64/userspace_msr_exit_test /x86_64/vmx_apic_access_test +/x86_64/vmx_control_msrs_test /x86_64/vmx_close_while_nested_test /x86_64/vmx_dirty_log_test /x86_64/vmx_exception_with_invalid_guest_state diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 0e4926bc9a58..88b99d9de373 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -68,6 +68,7 @@ TEST_GEN_PROGS_x86_64 += x86_64/sync_regs_test TEST_GEN_PROGS_x86_64 += x86_64/userspace_io_test TEST_GEN_PROGS_x86_64 += x86_64/userspace_msr_exit_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_apic_access_test +TEST_GEN_PROGS_x86_64 += x86_64/vmx_control_msrs_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_close_while_nested_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_dirty_log_test TEST_GEN_PROGS_x86_64 += x86_64/vmx_exception_with_invalid_guest_state diff --git a/tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c b/tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c new file mode 100644 index 000000000000..ac5fdeb50eee --- /dev/null +++ b/tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c @@ -0,0 +1,113 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * VMX control MSR test + * + * Copyright (C) 2022 Google LLC. + * + * Tests for KVM ownership of bits in the VMX entry/exit control MSRs. Checks + * that KVM will set owned bits where appropriate, and will not if + * KVM_X86_QUIRK_TWEAK_VMX_CTRL_MSRS is disabled. + */ + +#include "kvm_util.h" +#include "vmx.h" + +#define VCPU_ID 0 + +static void get_vmx_control_msr(struct kvm_vm *vm, uint32_t msr_index, + uint32_t *low, uint32_t *high) +{ + uint64_t val; + + val = vcpu_get_msr(vm, VCPU_ID, msr_index); + *low = val; + *high = val >> 32; +} + +static void set_vmx_control_msr(struct kvm_vm *vm, uint32_t msr_index, + uint32_t low, uint32_t high) +{ + uint64_t val = (((uint64_t) high) << 32) | low; + + vcpu_set_msr(vm, VCPU_ID, msr_index, val); +} + +static void test_vmx_control_msr(struct kvm_vm *vm, uint32_t msr_index, uint32_t set, + uint32_t clear, uint32_t exp_set, uint32_t exp_clear) +{ + uint32_t low, high; + + get_vmx_control_msr(vm, msr_index, &low, &high); + + high &= ~clear; + high |= set; + + set_vmx_control_msr(vm, msr_index, low, high); + + get_vmx_control_msr(vm, msr_index, &low, &high); + ASSERT_EQ(high & exp_set, exp_set); + ASSERT_EQ(~high & exp_clear, exp_clear); +} + +static void load_perf_global_ctrl_test(struct kvm_vm *vm) +{ + uint32_t entry_low, entry_high, exit_low, exit_high; + struct kvm_enable_cap cap = {0}; + + get_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_ENTRY_CTLS, &entry_low, &entry_high); + get_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_EXIT_CTLS, &exit_low, &exit_high); + + if (!(entry_high & VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL) || + !(exit_high & VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL)) { + print_skip("\"load IA32_PERF_GLOBAL_CTRL\" VM-{Entry,Exit} controls not supported"); + return; + } + + /* + * Test that KVM will set these bits regardless of userspace if the + * guest CPUID exposes a supporting vPMU. + */ + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_ENTRY_CTLS, 0, + VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL, + VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL, + 0); + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_EXIT_CTLS, 0, + VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL, + VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL, + 0); + + /* + * Disable the quirk, giving userspace control of the VMX capability + * MSRs. + */ + cap.cap = KVM_CAP_DISABLE_QUIRKS; + cap.args[0] = KVM_X86_QUIRK_TWEAK_VMX_CTRL_MSRS; + vm_enable_cap(vm, &cap); + + /* + * Test that userspace can clear these bits, even if it exposes a vPMU + * that supports IA32_PERF_GLOBAL_CTRL. + */ + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_ENTRY_CTLS, 0, + VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL, + 0, + VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL); + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_EXIT_CTLS, 0, + VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL, + 0, + VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL); +} + +int main(void) +{ + struct kvm_vm *vm; + + nested_vmx_check_supported(); + + /* No need to run a guest for these tests */ + vm = vm_create_default(VCPU_ID, 0, NULL); + + load_perf_global_ctrl_test(vm); + + kvm_vm_free(vm); +} From patchwork Fri Feb 4 20:47:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12735617 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 57918C433EF for ; Fri, 4 Feb 2022 20:47:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238376AbiBDUrR (ORCPT ); Fri, 4 Feb 2022 15:47:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52568 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239447AbiBDUrQ (ORCPT ); Fri, 4 Feb 2022 15:47:16 -0500 Received: from mail-io1-xd49.google.com (mail-io1-xd49.google.com [IPv6:2607:f8b0:4864:20::d49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 710F8C06173E for ; Fri, 4 Feb 2022 12:47:16 -0800 (PST) Received: by mail-io1-xd49.google.com with SMTP id n20-20020a6bed14000000b0060faa0aefd3so4802796iog.20 for ; Fri, 04 Feb 2022 12:47:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=q10VHDqouM37rkQYh0IkgU78Cyb+1oPxEBNHNGRfjiI=; b=L2A1PGzRbcIHMAFpP+fX1zTc7oSeyHkj12iiVi53T/B3NYVjyG8e87fjnoMru7ohY2 Srev44iYY6Qi/uOwvUFwu+wDP3DTrkhaBHU+/dIdIFufoJ5x5LE8CKxVi6XgbAhQIZqn pPbyeayySefRylWA/hkdQHXDWaZACGJxUB5P+9wt6Sa1zgFBNBoHyQxjDV+qPV2saVKK WLzLzc8X5jPO8RnPTqXVZRHID2m9b/uFaHNycHinkSikUCeWIa7T7t1lFP9lGLWG1YFf +kcxufIzg/2Riq2gKoEAysbBZaQuUPlDMt5zxkTjRXtD29sHtvy6n/nbMXEwogtK2Kqi uckw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=q10VHDqouM37rkQYh0IkgU78Cyb+1oPxEBNHNGRfjiI=; b=WzD0cnJnI/3cQ9yYUx6foal8A/D++AtzyVp/MHVyosfTZoljRRXWbPUFtZV58AHc2b fA/seN40do9rQKUOF2ob9j1p8t9r3gImEmKgIv0rvRs1OBwnsFbQZTqC7LOvgLdlzJkR DguJsMNJI+pyZzrwZMfK9vtSFMd42vzvgKIJZR5P72rN+v6D4lv1EkfQtLa+bYgzM2DL ppsgPPdwjowhvGy9iSILiYvQlFxxSuNG8OquCXY+Xc+lbSCAcZZdBg5hFeA3xS5ukjfc R0PtiXfySmv6WNW30yRUipVzng2du5jMbg1gLA4BgCL1cAKC37wFQ60gHsfetxDf/TGS rnmQ== X-Gm-Message-State: AOAM532UVd0kPDvLyqF00LcuVkrQRC3yeiGTb27ioRoaoRtwlpzUkAAN teRX1UPd7ZybqGtcF510tFb3fCxdFD8oCa3aIr+J8HXhO79OLjSaxFGIRQimasXiu9DZxaBaSvQ QLs/oYLKsnZ8hfbAI9gXj5jT8F01cJUVpHafrmFrDHzEUjU+6n02idQQvCQ== X-Google-Smtp-Source: ABdhPJw8/0UYmMtC4/WTYuUeyPluXrZz6iZ6IRmBiRvMgFdTcEOL/NS4Y1fFSa5jSqBKcYCWdtiNhqW0HQU= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a6b:dd0c:: with SMTP id f12mr385116ioc.203.1644007635787; Fri, 04 Feb 2022 12:47:15 -0800 (PST) Date: Fri, 4 Feb 2022 20:47:04 +0000 In-Reply-To: <20220204204705.3538240-1-oupton@google.com> Message-Id: <20220204204705.3538240-7-oupton@google.com> Mime-Version: 1.0 References: <20220204204705.3538240-1-oupton@google.com> X-Mailer: git-send-email 2.35.0.263.gb82422642f-goog Subject: [PATCH v2 6/7] selftests: KVM: Add test for BNDCFGS VMX control MSR bits From: Oliver Upton To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Oliver Upton Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Test that the default behavior of KVM is to ignore userspace MSR writes and conditionally expose the "{load,clear} IA32_BNDCFGS" bits in the VMX control MSRs if the guest CPUID exposes MPX. Additionally, test that when the corresponding quirk is disabled, userspace can still clear these bits regardless of what is exposed in CPUID. Signed-off-by: Oliver Upton --- .../selftests/kvm/include/x86_64/vmx.h | 2 + .../kvm/x86_64/vmx_control_msrs_test.c | 53 +++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/vmx.h b/tools/testing/selftests/kvm/include/x86_64/vmx.h index 583ceb0d1457..811c66d9be74 100644 --- a/tools/testing/selftests/kvm/include/x86_64/vmx.h +++ b/tools/testing/selftests/kvm/include/x86_64/vmx.h @@ -80,6 +80,7 @@ #define VM_EXIT_SAVE_IA32_EFER 0x00100000 #define VM_EXIT_LOAD_IA32_EFER 0x00200000 #define VM_EXIT_SAVE_VMX_PREEMPTION_TIMER 0x00400000 +#define VM_EXIT_CLEAR_BNDCFGS 0x00800000 #define VM_EXIT_ALWAYSON_WITHOUT_TRUE_MSR 0x00036dff @@ -90,6 +91,7 @@ #define VM_ENTRY_LOAD_IA32_PERF_GLOBAL_CTRL 0x00002000 #define VM_ENTRY_LOAD_IA32_PAT 0x00004000 #define VM_ENTRY_LOAD_IA32_EFER 0x00008000 +#define VM_ENTRY_LOAD_BNDCFGS 0x00010000 #define VM_ENTRY_ALWAYSON_WITHOUT_TRUE_MSR 0x000011ff diff --git a/tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c b/tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c index ac5fdeb50eee..21e1dee0f83f 100644 --- a/tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c +++ b/tools/testing/selftests/kvm/x86_64/vmx_control_msrs_test.c @@ -96,6 +96,58 @@ static void load_perf_global_ctrl_test(struct kvm_vm *vm) VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL, 0, VM_EXIT_LOAD_IA32_PERF_GLOBAL_CTRL); + + /* cleanup, enable the quirk again */ + cap.args[0] = 0; + vm_enable_cap(vm, &cap); +} + +static void bndcfgs_test(struct kvm_vm *vm) +{ + uint32_t entry_low, entry_high, exit_low, exit_high; + struct kvm_enable_cap cap = {0}; + + get_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_ENTRY_CTLS, &entry_low, &entry_high); + get_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_EXIT_CTLS, &exit_low, &exit_high); + + if (!(entry_high & VM_ENTRY_LOAD_BNDCFGS) || + !(exit_high & VM_EXIT_CLEAR_BNDCFGS)) { + print_skip("\"load/clear IA32_BNDCFGS\" VM-{Entry,Exit} controls not supported"); + return; + } + + /* + * Test that KVM will set these bits regardless of userspace if the + * guest CPUID exposes MPX. + */ + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_ENTRY_CTLS, 0, + VM_ENTRY_LOAD_BNDCFGS, + VM_ENTRY_LOAD_BNDCFGS, + 0); + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_EXIT_CTLS, 0, + VM_EXIT_CLEAR_BNDCFGS, + VM_EXIT_CLEAR_BNDCFGS, + 0); + + /* + * Disable the quirk, giving userspace control of the VMX capability + * MSRs. + */ + cap.cap = KVM_CAP_DISABLE_QUIRKS; + cap.args[0] = KVM_X86_QUIRK_TWEAK_VMX_CTRL_MSRS; + vm_enable_cap(vm, &cap); + + /* + * Test that userspace can clear these bits, even if it exposes MPX. + */ + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_ENTRY_CTLS, 0, + VM_ENTRY_LOAD_BNDCFGS, + 0, + VM_ENTRY_LOAD_BNDCFGS); + test_vmx_control_msr(vm, MSR_IA32_VMX_TRUE_EXIT_CTLS, 0, + VM_EXIT_CLEAR_BNDCFGS, + 0, + VM_EXIT_CLEAR_BNDCFGS); } int main(void) @@ -108,6 +160,7 @@ int main(void) vm = vm_create_default(VCPU_ID, 0, NULL); load_perf_global_ctrl_test(vm); + bndcfgs_test(vm); kvm_vm_free(vm); } From patchwork Fri Feb 4 20:47:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Oliver Upton X-Patchwork-Id: 12735618 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2A2C7C433FE for ; Fri, 4 Feb 2022 20:47:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239657AbiBDUrT (ORCPT ); Fri, 4 Feb 2022 15:47:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52586 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239221AbiBDUrR (ORCPT ); Fri, 4 Feb 2022 15:47:17 -0500 Received: from mail-io1-xd49.google.com (mail-io1-xd49.google.com [IPv6:2607:f8b0:4864:20::d49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 80265C061714 for ; Fri, 4 Feb 2022 12:47:17 -0800 (PST) Received: by mail-io1-xd49.google.com with SMTP id p65-20020a6bbf44000000b00604c0757591so4854267iof.6 for ; Fri, 04 Feb 2022 12:47:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=rsswlX+UvlYccSGce2sEL3Rhnd+1PR9SHvxy/DfsgGo=; b=RI9RDa0cfMdk1v41yqxVJaH5iac9PnS/y2Z1FFUA64f9pGmvV30BNJ6jEPAX9tFdcM vmELrgqcHIpsK/vPW89oZNhzfmrpYUlKOp9N3DkzfGwxviQW1HgRYUGjBuyvWhvSKhtB AutccaCh0Jge+Ld4TWgw44WjZubawPG9Kkti00dOw9TppzsFKVp5S5oeBYWHovJeMmn0 txmyLbgaTQ8T6U2Yr5yAA5ZEe3HUBBEm1JWmH/VXtwWFXU8uaa3oGjvEaw5yuMpzsq16 dN8nue46WVgNxtVI+gfbDGDCB3zXeimRurKMSAGlKcQxmOcmnzmiyo41dTRCFPCKjgce bfVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=rsswlX+UvlYccSGce2sEL3Rhnd+1PR9SHvxy/DfsgGo=; b=qdbAIlNeC6xRKBj180HWSKXnYVE8jjj0Yf4Y4MP+RwZ3lEa6suI6zDEwCEOBb1ieiH R/Fk6SiuSFerk0ZozVj7hKz3aRzu5Zk7vi3vD5ZET1LIbMqbvgSBbQxk8xsSWJtYrPmK V0LATW54vXLvUcE27Oey3YjGTcvqbvsED9zLFruwr3kKwQJw+03kLk5LK7vO6Sf1njgM AcywSXDfLEyepGHLtdFVzXr5HeLUGje1/lJjR4ia6TmaiJQWALDjhTiixWf5rFAoi7aY wgO0P68cmZtkaOCSGGUpl0otySSGLLP24dEcj9Z3B0J1TW5wWB4xx+RBZI1l1RDZFeM9 p+6w== X-Gm-Message-State: AOAM532D69A77OgoK0s6YPQ+zroacV7Dcf3VNNIKbRhFpOnCM3pv1v5P HKNq84GsRHlJct9qWFawcRJGRGG0mQCdAxTIRwDAvLVyw0w2aZ+JuBnlhU8c3peXx2Gssaec1XR J0O6QsC6eF9eTkp/cZ1x3sVYa9UD4AwKWuPquC/0FHzdRrXMywjODAUcvUQ== X-Google-Smtp-Source: ABdhPJzY892ZLEETUy9a2omGBdoFS5FIxhQimmV1c/ntaOpKAs+9OWqng8Jkw+oisJtczcrCZSBjtyj6egs= X-Received: from oupton.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:404]) (user=oupton job=sendgmr) by 2002:a05:6e02:1aa2:: with SMTP id l2mr468664ilv.111.1644007636881; Fri, 04 Feb 2022 12:47:16 -0800 (PST) Date: Fri, 4 Feb 2022 20:47:05 +0000 In-Reply-To: <20220204204705.3538240-1-oupton@google.com> Message-Id: <20220204204705.3538240-8-oupton@google.com> Mime-Version: 1.0 References: <20220204204705.3538240-1-oupton@google.com> X-Mailer: git-send-email 2.35.0.263.gb82422642f-goog Subject: [PATCH v2 7/7] KVM: VMX: Use local pointer to vcpu_vmx in vmx_vcpu_after_set_cpuid() From: Oliver Upton To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Oliver Upton Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org There is a local that contains a pointer to vcpu_vmx already. Just use that instead to get at the structure directly instead of doing pointer arithmetic. No functional change intended. Signed-off-by: Oliver Upton --- arch/x86/kvm/vmx/vmx.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 60b1b76782e1..11b6332769c5 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7338,11 +7338,11 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) vmx_secondary_exec_control(vmx)); if (nested_vmx_allowed(vcpu)) - to_vmx(vcpu)->msr_ia32_feature_control_valid_bits |= + vmx->msr_ia32_feature_control_valid_bits |= FEAT_CTL_VMX_ENABLED_INSIDE_SMX | FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX; else - to_vmx(vcpu)->msr_ia32_feature_control_valid_bits &= + vmx->msr_ia32_feature_control_valid_bits &= ~(FEAT_CTL_VMX_ENABLED_INSIDE_SMX | FEAT_CTL_VMX_ENABLED_OUTSIDE_SMX);