From patchwork Wed Apr 27 10:47:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>
X-Patchwork-Id: 12828587
Return-Path: <xen-devel-bounces@lists.xenproject.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 548B0C433F5
	for <xen-devel@archiver.kernel.org>; Wed, 27 Apr 2022 10:48:04 +0000 (UTC)
Received: from list by lists.xenproject.org with
 outflank-mailman.314858.533121 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1njfD4-0002Mg-LS; Wed, 27 Apr 2022 10:47:50 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
Received: by outflank-mailman (output) from mailman id 314858.533121;
 Wed, 27 Apr 2022 10:47:50 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1njfD4-0002MV-Hy; Wed, 27 Apr 2022 10:47:50 +0000
Received: by outflank-mailman (input) for mailman id 314858;
 Wed, 27 Apr 2022 10:47:48 +0000
Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50]
 helo=se1-gles-flk1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=Ll0K=VF=citrix.com=prvs=1097e264f=roger.pau@srs-se1.protection.inumbo.net>)
 id 1njfD2-0002LY-Ix
 for xen-devel@lists.xenproject.org; Wed, 27 Apr 2022 10:47:48 +0000
Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com
 [216.71.155.144]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS
 id 785cc2eb-c617-11ec-8fc2-03012f2f19d4;
 Wed, 27 Apr 2022 12:47:46 +0200 (CEST)
Received: from mail-mw2nam08lp2168.outbound.protection.outlook.com (HELO
 NAM04-MW2-obe.outbound.protection.outlook.com) ([104.47.73.168])
 by ob1.hc3370-68.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256;
 27 Apr 2022 06:47:43 -0400
Received: from DS7PR03MB5608.namprd03.prod.outlook.com (2603:10b6:5:2c9::18)
 by DM5PR03MB3403.namprd03.prod.outlook.com (2603:10b6:4:43::27) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.21; Wed, 27 Apr
 2022 10:47:39 +0000
Received: from DS7PR03MB5608.namprd03.prod.outlook.com
 ([fe80::5df3:95ce:4dfd:134e]) by DS7PR03MB5608.namprd03.prod.outlook.com
 ([fe80::5df3:95ce:4dfd:134e%4]) with mapi id 15.20.5186.021; Wed, 27 Apr 2022
 10:47:39 +0000
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 785cc2eb-c617-11ec-8fc2-03012f2f19d4
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=citrix.com; s=securemail; t=1651056466;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:content-transfer-encoding:mime-version;
  bh=zdmBQ2lSYlZPiHjFHT8xjLwtwTyxFKhXvcBkDbhK3Fw=;
  b=Ix8rGebHY7LPRtQf09+9OOmN3bDQIlm/4iwMQ6VA0kiUNRL40DCnXgNN
   R7ZabUNGOEi0ZG/zplimcWsfIL1jaB7PgpWJJxcWAmdrhdCGJixCj5wuK
   4YstAmjlO1hU4wQ6U5dtMY4DlpmFrBwULOzJ2APPczWM4eTXR72XF4nqN
   k=;
X-IronPort-RemoteIP: 104.47.73.168
X-IronPort-MID: 72483394
X-IronPort-Reputation: None
X-IronPort-Listener: OutboundMail
X-IronPort-SenderGroup: RELAY_O365
X-IronPort-MailFlowPolicy: $RELAYED
IronPort-Data: A9a23:faaTva15ow74yeX14PbD5aRwkn2cJEfYwER7XKvMYLTBsI5bpzwFm
 zNNWDzUPv+OMWvyeIt/bt7nph5QsZHXndNjHFY9pC1hF35El5HIVI+TRqvS04J+DSFhoGZPt
 Zh2hgzodZhsJpPkjk7xdOCn9xGQ7InQLlbGILes1htZGEk1EE/NtTo5w7Rj2tIy34Dia++wk
 YiaT/P3aQfNNwFcagr424rbwP+4lK2v0N+wlgVWicFj5DcypVFMZH4sDfjZw0/DaptVBoaHq
 9Prl9lVyI97EyAFUbtJmp6jGqEDryW70QKm0hK6UID66vROS7BbPg/W+5PwZG8O4whlkeydx
 /1didvhZiA2BJHpws4PTD9eER4nY5N/reqvzXiX6aR/zmXgWl60n7BLMxtzOocVvOFqHWtJ6
 PoUbigXaQyOjP63x7T9TfRwgsMkL4/gO4Z3VnNIlGmFS6p5B8+YBfyUtbe03x9p7ixKNezZa
 McDLyJmcTzLYgFVO0dRA5U79AutrialL20D8wPJzUYxy0L0xxJ+/YPUDMHqftiqQM5Yrn2Vp
 W2TqgwVBTlfbrRz0wGt4n+qw+PCgy7/cIYTD6GjsO5nhkWJwW4eAwFQUkG0ydG7gEOjX9NUK
 2QP5zEj66M18SSDUd3VTxC+5nmesXYht8F4FuQ77ESI1fDS6gPBVmwcFGcfOJohqdM8QiEs2
 hmRhdT1CDdzsbqTD3WA6rOTqjD0Mi8QRYMfWRI5ocI+y4GLiOkOYtjnF4wL/HKd5jEtJQzN/
 g==
IronPort-HdrOrdr: A9a23:MSOXUqhO6BaGSCLB3iemP5s3knBQX0h13DAbv31ZSRFFG/FwyP
 rCoB1L73XJYWgqM03I+eruBEBPewK/yXcT2/hqAV7CZnichILMFu1fBOTZslnd8kHFltK1kJ
 0QCpSWa+eAcmSS8/yKhzVQeuxIqLfnzEnrv5an854Ed3AXV0gK1XYdNu/0KDwUeOEQbqBJaa
 Z0q/A37gaISDAyVICWF3MFV+/Mq5nik4/nWwcPA1oC5BOVhT2lxbbmG1zAty1uGA9n8PMHyy
 zoggb57qKsv7WSzQLd7Xba69BzlMH6wtVOKcSQgow+KynqiCyveIN9Mofy9AwdkaWK0hIHgd
 PMqxAvM4Ba7G7QRHi8pV/X1wzpwF8Vmgvf4G7dpUGmjd3yRTo8BcYEr5leaAHl500pu8w5+L
 5X3kqC3qAnQi/orWDY3ZzlRhtqnk27rT4JiugIlUFSVoMYdft4sZEfxkVIC50NdRiKpLzPKN
 MeTf002cwmMW9zNxvizypSKZ2XLzkO9y69MwY/Upf/6UkVoJh7p3FosfD30E1wsa7VcKM0lt
 gsAp4Y6o2mcfVmHZ6VfN1xJ/dfKla9Ni4kY1jiV2gOKsk8SgHwgq+yxokJz8eXX7FN5KcOuf
 36ISFlXCgJCgjTNfE=
X-IronPort-AV: E=Sophos;i="5.90,292,1643691600";
   d="scan'208";a="72483394"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Bwa/TuB4iODCqcpCNT00EGZCFmvZu9cKpUpbnilU+gvq9UEb8tjD/ULq9SLZErsZj4kkwWb1i3wjjeb+UGR9UZDLbmW1KN0sTdZjDViAe/6oz6H3wu0c/2RVEexfPFXzv5BAXn+FMfRfy1Jf/ogHjLzoMFBs3yzp2aUdP86PnXjziJK3Sc54Mj3QJDvL5lPp9IENKYVHbOwbmFboqpekN3jX26UEQ6aylxtYIlcbPIhPoVLxlNUCrmoUlqUmqb5HM5XRcrSZhL9NKhOYkvudICWpdYraYzDFufV0NlVoCOQX7djtC3TDyk5/bJY1MmJCqsOXcb9B7PxpC2f88gboOg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=9awa4GHJOZs7bmYCimKBd6r5RU7QuG94g/4ySbfQYEk=;
 b=LWb4Nt1NoXDuxRp6ZM6jskzLfeklXvQWt2rzHrpZdHmbcP4kPT6UgHOBhDOHG5RPZfngq5xtuthYLjHuz4dMX26N2KzWOwHsCpPFocBwCSiE4IE5pK4Oq3nRJfiNAEa7TkZqHZjsbBwr4zImvHr/tdkYRhWM8PXB+CEOcxWq8IdGfVBLEnNDo22jmdwP1Zzspr2ZJ0qv8sN4/bjnFozcINOhD9a1tBcGtruh9ELx1TJSLNPk6Um/n1+qyeSYpgMhtFNGh5AhB644lk6VDoXDf+GdxYo6uO2000Gr/lRxW58fHSWbmaFGHMi+J5GHKmfTXOEgQo7ge0/sXlz7ixMeJA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com;
 dkim=pass header.d=citrix.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=citrix.onmicrosoft.com; s=selector2-citrix-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=9awa4GHJOZs7bmYCimKBd6r5RU7QuG94g/4ySbfQYEk=;
 b=phHQhBv1fD0iB9Sz+emBSaW1sXPApp+vT9VqVyoeqPvaRUDe8gBfXck7BKzMSja/MjG2+Nuxz9LxbBzHDsHbpI3Doy6KrLMV35wTt5Eg+baQ+2CN6kcISlunIrgdV438VyPbVpaEnVXYrvy25j/f7o8yDX4M0hrOpBi9YIuW8yE=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=citrix.com;
From: Roger Pau Monne <roger.pau@citrix.com>
To: xen-devel@lists.xenproject.org
Cc: Roger Pau Monne <roger.pau@citrix.com>,
	Jan Beulich <jbeulich@suse.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	Wei Liu <wl@xen.org>
Subject: [PATCH v4 1/3] amd/msr: implement VIRT_SPEC_CTRL for HVM guests on
 top of SPEC_CTRL
Date: Wed, 27 Apr 2022 12:47:16 +0200
Message-Id: <20220427104718.81342-2-roger.pau@citrix.com>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20220427104718.81342-1-roger.pau@citrix.com>
References: <20220427104718.81342-1-roger.pau@citrix.com>
X-ClientProxiedBy: LO4P123CA0059.GBRP123.PROD.OUTLOOK.COM
 (2603:10a6:600:153::10) To DS7PR03MB5608.namprd03.prod.outlook.com
 (2603:10b6:5:2c9::18)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 192e296a-f008-49e7-2431-08da283b5960
X-MS-TrafficTypeDiagnostic: DM5PR03MB3403:EE_
X-Microsoft-Antispam-PRVS: 
	<DM5PR03MB3403F3953DDC3FB9A5369C288FFA9@DM5PR03MB3403.namprd03.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	ZSpWIjMQ/bMEvwZtJPIUV9LWgQiqDe4Kro155ClmkOcTteTLldz1Rj92xEm4vREXqjDDMdTv6j3VjODOeb5nv4HI/RM0QbrZe4hbAUmFuSjrjFECS+gpJ/eqI9vznaS8K6WQ1surCcRUMgobM1GIoVcJ20oj9udBNYtYXhMECtDi+HvXEsOWj0XwhhE7JFMIc/XsfIB4zZUmkeH0QyiiJNa0NHPGfF8faOXoKwmBusAZLJPkszSQWC+56q+w9Y3YLwZ1Z/VB/lbwqrm0eYAQR92QZxtyISRnl7ecIBr+BdJm34xMSTCQAKpQwdRLYMp6YHIUMLxT7/uV1daKmP843buACyuTo8ed+xIOjX29TjL9iRfLtMouNMHScKBeZHYpoj3Xp+1XXC3REGspxVXj4EsXms5We6yUqPwgknbcR8t24J7yxQ5I92aj4j70zMlt963sXxi7U/mCnEptnZX0tSijO/LcmJ9a4FfmR+ZbuPR+e9Rj283SlYUd/of8tYJJH29/p7owTkuXGERdnJmv2kwXkGnOsXgh10G9MgOgy7fCGYuuAma/7uxyVkz2xL6cmdrmcqMaW02WjdHVFjWkZL07FoCLyVr8hQNUG8C3Ouse3nXu7OQ8zPMJXJldGpUP6sPvbvQj3EQ6x8KutERGo6KNPuy0TzZVJzcdYms0Eql0ZK6tAxaw5qQxBotd9+5l
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR03MB5608.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(508600001)(6486002)(6666004)(8676002)(66476007)(66946007)(86362001)(4326008)(66556008)(6916009)(54906003)(38100700002)(36756003)(82960400001)(6506007)(1076003)(6512007)(316002)(83380400001)(2906002)(26005)(186003)(5660300002)(8936002)(2616005);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?ja98fanRb17JDFKzdQ7REtDe84nn?=
	=?utf-8?q?HXPDjJ9EIbfhEqvkqKcifvY6sQlyUKE2LwLHHnfzdQ9C+3mMMefzvs8MZH05CP5nE?=
	=?utf-8?q?7w9xKxiC9dnNJ51b7Bk5R9J/OAMXOFCmxCYxueGTtl2KVvk6wGeu8ZvjXJBoMLC/c?=
	=?utf-8?q?wIxlQuGNH52Sx9kj9Bj5uFuwZmeKRPJQSTrOvAQsmOXj4fjstdA1k5mb7EQ3+gyyw?=
	=?utf-8?q?Lodvs0pEBzECpaG9ScPKIpk1dk5bNVL10Uqvz1/a9hhIRmCWUGVbKChu+3UhAqp95?=
	=?utf-8?q?v/ciFU1ugCkEHTBDfXrYINehmZyO8pbIA8n5JqgYl9F2j49h4XsXmPobtesWEYw4w?=
	=?utf-8?q?ClaNULqNLw4mHoSoJxPo4kBLZzQvHLlHMypYTt3OAb3OYcfz2re2J4h9ZHYQmBkCh?=
	=?utf-8?q?ZwvJAXpcRfrMkgD03g+HS5qrO4O4qS0q+b7KkGJZuBxFPmhNwfU48CW//STbmTWdi?=
	=?utf-8?q?5GlXbGsKB2EXDMnxlq6biNZWudRnECa+lEfysWVCo5KgdM1BJjtzjIZhZ9TYh3wmT?=
	=?utf-8?q?MIKwwkoUBTuLbTEHkY5faCH38TJR/4kCqNtLxwQj4d62GtIzR6+DXB6X7WfwToh9n?=
	=?utf-8?q?AGkDmlXVtUCXxztog8VSQ7gpNIDf+wiFvDMZqHwovTNIXPODtrkD7Mlp31sxCoegm?=
	=?utf-8?q?l6wK7SeluJ3tjbmouJpxjb74XHEzQbqEyWVC8NIFnvDxdnHj0UPLcgn5Nse2VoDRN?=
	=?utf-8?q?p7DVSJwGGhDkTx7B5C8y3lw4nceKXFMZplCgc+HP3K0JYZ0utRW7C7DCZq8gIGo/H?=
	=?utf-8?q?SSq5ie/IbZ1hRPUX5NSSw+oYrQPM7p50pw+3o38x37uBNIs3/7/7oHbsCOIY9zsLT?=
	=?utf-8?q?/J3d6cEV3BVm6ktT1uKpnDJw9jnx4C+9qgmt/6UX6/VniYygzjXHpSmITpGfhuoPI?=
	=?utf-8?q?Z2k0XItWY2WDPAMnUcaPn+ATOyXMN2i481abInYWBuCkYin6xFvNjbT8ZAk/ndieV?=
	=?utf-8?q?mVlNKH8xv6+1UoWl6lAajjejQyMcAp4uK7bPq0dxsd+hwVO9MVRnRcrAJmS3L4MV8?=
	=?utf-8?q?1JtGjUgmPbXPQdlCdLC+yG33yHl3ZG261I4lqzHUWzgR4QzRfa+QwujlT8PvaQ+BR?=
	=?utf-8?q?Zd+cu4WpFo310sJx87TpPG7NvZDCMsSRJmNNRAbrNMRVYd9gkmYQy7ipLSp2F5z9Q?=
	=?utf-8?q?ejIkH8kk0/iXolpaFgw2PA2yxdfv8kreiEzSgYtHR8Vy6YzuZVCo9EBJofx/+JrDT?=
	=?utf-8?q?CrDlR5y3JMCjsxPSpclnLtlGsz3OYieSvrv4MIOkOj8Yqwv6Mvj1otdEPdcXunF2s?=
	=?utf-8?q?otDAJaM6eKFEhabH6R7WsSWH6NDONpYf4JjYAD1dcu69UxB7gqogKh5LY+Uo79/2P?=
	=?utf-8?q?WhT8pNEtE5wwwX91LnNh0Qv6B+1uXf+eHC7/gCa4IJozSeD7osc2nt52vj96qk+9K?=
	=?utf-8?q?LyekqvLJRRwuys5WYRwYTaNzRYWgVr23OWTbMhY+IgKEvDYwc3Jblt6ZD0wMEBzOO?=
	=?utf-8?q?R6aLLeyRpDS/UoHa2+wRYmnuT0QGfwE2kByoj5oD5xsCXS5WkVTR3AXdwtC0ESvlk?=
	=?utf-8?q?9YFtAUoI1P7l0gUsgsmu7nTnw8YSyugRL6Khh54u90Mu8rJMcSPMeNqTviixJTomJ?=
	=?utf-8?q?JWCztR/7L31xH7DStTTQRBFytSLC6owUl2r6fxV1FZmgugsyvTAqspQEQGSgpROBu?=
	=?utf-8?q?VRV8zdGGsREPH627sN18IXCVVhNJT3ZvzJFM3jzjTcf8BONchls8A=3D?=
X-OriginatorOrg: citrix.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 192e296a-f008-49e7-2431-08da283b5960
X-MS-Exchange-CrossTenant-AuthSource: DS7PR03MB5608.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2022 10:47:39.5094
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 335836de-42ef-43a2-b145-348c2ee9ca5b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 h3reVVk5mwrf2ZO43BL1KgjBCrk98wx1RlkHQHbBZm2N1mrljnrnbULsN05R4fQjvpvxDtY3UQBIECVFh8vGaQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR03MB3403

Use the logic to set shadow SPEC_CTRL values in order to implement
support for VIRT_SPEC_CTRL (signaled by VIRT_SSBD CPUID flag) for HVM
guests. This includes using the spec_ctrl vCPU MSR variable to store
the guest set value of VIRT_SPEC_CTRL.SSBD, which will be OR'ed with
any SPEC_CTRL values being set by the guest.

On hardware having SPEC_CTRL VIRT_SPEC_CTRL will not be offered by
default to guests. VIRT_SPEC_CTRL will only be part of the max CPUID
policy so it can be enabled for compatibility purposes.

Use '!' to annotate the feature in order to express that the presence
of the bit is not directly tied to its value in the host policy.

Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
Changes since v3:
 - Use '!' to annotate the feature.

Changes since v2:
 - Reword reasoning for using '!s'.
 - Trim comment about only setting SSBD bit in spec_ctrl.raw.

Changes since v1:
 - Only expose VIRT_SSBD if AMD_SSBD is available on the host.
 - Revert change to msr-sc= command line option documentation.
 - Only set or clear the SSBD bit of spec_ctrl.
---
 xen/arch/x86/cpuid.c                        |  7 +++++++
 xen/arch/x86/hvm/hvm.c                      |  1 +
 xen/arch/x86/include/asm/msr.h              |  4 ++++
 xen/arch/x86/msr.c                          | 18 ++++++++++++++++++
 xen/arch/x86/spec_ctrl.c                    |  3 ++-
 xen/include/public/arch-x86/cpufeatureset.h |  2 +-
 6 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index 7e0b395698..979dcf8164 100644
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -550,6 +550,13 @@ static void __init calculate_hvm_max_policy(void)
         __clear_bit(X86_FEATURE_IBRSB, hvm_featureset);
         __clear_bit(X86_FEATURE_IBRS, hvm_featureset);
     }
+    else if ( boot_cpu_has(X86_FEATURE_AMD_SSBD) )
+        /*
+         * If SPEC_CTRL.SSBD is available VIRT_SPEC_CTRL.SSBD can be exposed
+         * and implemented using the former. Expose in the max policy only as
+         * the preference is for guests to use SPEC_CTRL.SSBD if available.
+         */
+        __set_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);
 
     /*
      * With VT-x, some features are only supported by Xen if dedicated
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 5b16fb4cd8..db8f95ef7c 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -1334,6 +1334,7 @@ static const uint32_t msrs_to_send[] = {
     MSR_INTEL_MISC_FEATURES_ENABLES,
     MSR_IA32_BNDCFGS,
     MSR_IA32_XSS,
+    MSR_VIRT_SPEC_CTRL,
     MSR_AMD64_DR0_ADDRESS_MASK,
     MSR_AMD64_DR1_ADDRESS_MASK,
     MSR_AMD64_DR2_ADDRESS_MASK,
diff --git a/xen/arch/x86/include/asm/msr.h b/xen/arch/x86/include/asm/msr.h
index ce4fe51afe..ab6fbb5051 100644
--- a/xen/arch/x86/include/asm/msr.h
+++ b/xen/arch/x86/include/asm/msr.h
@@ -291,6 +291,7 @@ struct vcpu_msrs
 {
     /*
      * 0x00000048 - MSR_SPEC_CTRL
+     * 0xc001011f - MSR_VIRT_SPEC_CTRL (if X86_FEATURE_AMD_SSBD)
      *
      * For PV guests, this holds the guest kernel value.  It is accessed on
      * every entry/exit path.
@@ -306,6 +307,9 @@ struct vcpu_msrs
      * We must clear/restore Xen's value before/after VMRUN to avoid unduly
      * influencing the guest.  In order to support "behind the guest's back"
      * protections, we load this value (commonly 0) before VMRUN.
+     *
+     * Once of such "behind the guest's back" usages is setting SPEC_CTRL.SSBD
+     * if the guest sets VIRT_SPEC_CTRL.SSBD.
      */
     struct {
         uint32_t raw;
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index 01a15857b7..72c175fd8b 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arch/x86/msr.c
@@ -381,6 +381,13 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val)
                ? K8_HWCR_TSC_FREQ_SEL : 0;
         break;
 
+    case MSR_VIRT_SPEC_CTRL:
+        if ( !cp->extd.virt_ssbd )
+            goto gp_fault;
+
+        *val = msrs->spec_ctrl.raw & SPEC_CTRL_SSBD;
+        break;
+
     case MSR_AMD64_DE_CFG:
         if ( !(cp->x86_vendor & (X86_VENDOR_AMD | X86_VENDOR_HYGON)) )
             goto gp_fault;
@@ -666,6 +673,17 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val)
             wrmsr_tsc_aux(val);
         break;
 
+    case MSR_VIRT_SPEC_CTRL:
+        if ( !cp->extd.virt_ssbd )
+            goto gp_fault;
+
+        /* Only supports SSBD bit, the rest are ignored. */
+        if ( val & SPEC_CTRL_SSBD )
+            msrs->spec_ctrl.raw |= SPEC_CTRL_SSBD;
+        else
+            msrs->spec_ctrl.raw &= ~SPEC_CTRL_SSBD;
+        break;
+
     case MSR_AMD64_DE_CFG:
         /*
          * OpenBSD 6.7 will panic if writing to DE_CFG triggers a #GP:
diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
index 1408e4c7ab..f338bfe292 100644
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -402,12 +402,13 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps)
      * mitigation support for guests.
      */
 #ifdef CONFIG_HVM
-    printk("  Support for HVM VMs:%s%s%s%s%s\n",
+    printk("  Support for HVM VMs:%s%s%s%s%s%s\n",
            (boot_cpu_has(X86_FEATURE_SC_MSR_HVM) ||
             boot_cpu_has(X86_FEATURE_SC_RSB_HVM) ||
             boot_cpu_has(X86_FEATURE_MD_CLEAR)   ||
             opt_eager_fpu)                           ? ""               : " None",
            boot_cpu_has(X86_FEATURE_SC_MSR_HVM)      ? " MSR_SPEC_CTRL" : "",
+           boot_cpu_has(X86_FEATURE_SC_MSR_HVM)      ? " MSR_VIRT_SPEC_CTRL" : "",
            boot_cpu_has(X86_FEATURE_SC_RSB_HVM)      ? " RSB"           : "",
            opt_eager_fpu                             ? " EAGER_FPU"     : "",
            boot_cpu_has(X86_FEATURE_MD_CLEAR)        ? " MD_CLEAR"      : "");
diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h
index 9cee4b439e..5aa3c82fc6 100644
--- a/xen/include/public/arch-x86/cpufeatureset.h
+++ b/xen/include/public/arch-x86/cpufeatureset.h
@@ -265,7 +265,7 @@ XEN_CPUFEATURE(IBRS_SAME_MODE, 8*32+19) /*S  IBRS provides same-mode protection
 XEN_CPUFEATURE(NO_LMSL,       8*32+20) /*S  EFER.LMSLE no longer supported. */
 XEN_CPUFEATURE(AMD_PPIN,      8*32+23) /*   Protected Processor Inventory Number */
 XEN_CPUFEATURE(AMD_SSBD,      8*32+24) /*S  MSR_SPEC_CTRL.SSBD available */
-XEN_CPUFEATURE(VIRT_SSBD,     8*32+25) /*   MSR_VIRT_SPEC_CTRL.SSBD */
+XEN_CPUFEATURE(VIRT_SSBD,     8*32+25) /*!  MSR_VIRT_SPEC_CTRL.SSBD */
 XEN_CPUFEATURE(SSB_NO,        8*32+26) /*A  Hardware not vulnerable to SSB */
 XEN_CPUFEATURE(PSFD,          8*32+28) /*S  MSR_SPEC_CTRL.PSFD */
 

From patchwork Wed Apr 27 10:47:17 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>
X-Patchwork-Id: 12828588
Return-Path: <xen-devel-bounces@lists.xenproject.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 4055AC433FE
	for <xen-devel@archiver.kernel.org>; Wed, 27 Apr 2022 10:48:06 +0000 (UTC)
Received: from list by lists.xenproject.org with
 outflank-mailman.314859.533127 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1njfD5-0002T3-7X; Wed, 27 Apr 2022 10:47:51 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
Received: by outflank-mailman (output) from mailman id 314859.533127;
 Wed, 27 Apr 2022 10:47:51 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1njfD5-0002Q2-0j; Wed, 27 Apr 2022 10:47:51 +0000
Received: by outflank-mailman (input) for mailman id 314859;
 Wed, 27 Apr 2022 10:47:50 +0000
Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50]
 helo=se1-gles-flk1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=Ll0K=VF=citrix.com=prvs=1097e264f=roger.pau@srs-se1.protection.inumbo.net>)
 id 1njfD3-0002LY-Rf
 for xen-devel@lists.xenproject.org; Wed, 27 Apr 2022 10:47:49 +0000
Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com
 [216.71.155.144]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS
 id 7a5636d0-c617-11ec-8fc2-03012f2f19d4;
 Wed, 27 Apr 2022 12:47:48 +0200 (CEST)
Received: from mail-bn7nam10lp2104.outbound.protection.outlook.com (HELO
 NAM10-BN7-obe.outbound.protection.outlook.com) ([104.47.70.104])
 by ob1.hc3370-68.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256;
 27 Apr 2022 06:47:46 -0400
Received: from DS7PR03MB5608.namprd03.prod.outlook.com (2603:10b6:5:2c9::18)
 by DM5PR03MB3403.namprd03.prod.outlook.com (2603:10b6:4:43::27) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.21; Wed, 27 Apr
 2022 10:47:44 +0000
Received: from DS7PR03MB5608.namprd03.prod.outlook.com
 ([fe80::5df3:95ce:4dfd:134e]) by DS7PR03MB5608.namprd03.prod.outlook.com
 ([fe80::5df3:95ce:4dfd:134e%4]) with mapi id 15.20.5186.021; Wed, 27 Apr 2022
 10:47:44 +0000
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 7a5636d0-c617-11ec-8fc2-03012f2f19d4
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=citrix.com; s=securemail; t=1651056468;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:content-transfer-encoding:mime-version;
  bh=gJk53F/q9++Yykf3w3/00zdaz/po9ma+zUHwq6eUR9k=;
  b=N2ce/Ltwa2UFCmG8uHh8BJoZzdb14cnWbQMxycjpba797bovQzWSbPTo
   lJilv6pQfFKfSyQlqYk0rTalPbDJGAQM6DDEn+uze++an2+TTkZGiscYX
   mo834jXkVKcQV97RGTYlx2sD90s/lVp/5yoyYEvBHkDvTr5QEen8aHVUL
   k=;
X-IronPort-RemoteIP: 104.47.70.104
X-IronPort-MID: 72483420
X-IronPort-Reputation: None
X-IronPort-Listener: OutboundMail
X-IronPort-SenderGroup: RELAY_O365
X-IronPort-MailFlowPolicy: $RELAYED
IronPort-Data: A9a23:OrmLmKK0Hh6ltIjpFE+RpZQlxSXFcZb7ZxGr2PjKsXjdYENSgzxVx
 2UeWGGBOfbYMWWmL4sgOork/U5TvMPXyN8xQAVlqX01Q3x08seUXt7xwmUcns+xwm8vaGo9s
 q3yv/GZdJhcokf0/0vrav67xZVF/fngqoDUUYYoAQgsA148IMsdoUg7wbRh3tQ22YPR7z6l4
 rseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3fMldG0DQUIhMdtNWc
 s6YpF2PEsE1yD92Yj+tuu6TnkTn2dc+NyDW4pZdc/DKbhSvOkXee0v0XRYRQR4/ttmHozx+4
 NBD6KC+ZDsWAvfdivQ7UD5CTi9bFoQTrdcrIVDn2SCS52vvViK0ht9IUwQxN4Be/ftrC2ZT8
 /BeMCoKch2Im+OxxvS8V/VogcMgasLsOevzuFk5lW2fUalgHsiFGv2WjTNb9G5YasRmB/HRa
 tBfcTNyRB/BfwdOKhEcD5dWcOKA2SOjI2YE8gr9Sawf2lfZllVf2ZfWFtPOYdCAGv4Es0qqu
 TeTl4j+KlRAXDCF8hKV/3TpiuLRkCfTXIMJCKb+5vNsmEeUxGEYFFsRT1TTifuzh1O6WtlfA
 1cJ4Sdopq83nGS0SvHtUhv+p2SL1iPwQPJVGuw+rQuLlazd5l/BAnBeF2YdLts7qMUxWDomk
 EeTmM/kDiBut7vTTm+B8rCTrnW5Pi19wXI+WBLohDAtu7HLyLzfRDqWJjq/OMZZVuHIJAw=
IronPort-HdrOrdr: A9a23:sCAOg6FcOh3nffhzpLqFepHXdLJyesId70hD6qkvc3Fom52j/f
 xGws5x6faVslkssb8b6LK90c67MAnhHP9OkPIs1NKZMDUO11HYSL2KgbGD/9SkIVyGygc/79
 YeT0EBMqyWMbESt6+TjmiF+pQbsaG6GciT9JvjJhxWPGRXgs9bnmRE4lHxKDwKeOAKP+txKL
 Osou584xawc3Ueacq2QlEDQuj4vtXO0LbrewQPCRIL4BSHyWrA0s+wLzGomjMlFx9fy7Yr9m
 bI1yT/+6WYqvm+jjvRzXXa4Zh6kMbojvFDGMuPoM4ILSiEsHfhWK1RH5m5+BwlquCm71gn1P
 HKvhcbJsx2r0jce2mkyCGdrzXI4XIL0TvP2FWYiXzsrYjSXzQhEfdMgopfb1/w91cglMsU6t
 MF40up875sST/QliX04NbFEztwkFCvnHYkmekPy1RCTIolbqNLp4B3xjIYLH45JlO61GkbKp
 gvMCmFj8wmMm9yLkqp81WH+ebcEEjaRXy9Mwo/Us/86UkioJk29Tpc+CUlpAZwyHsMceg72w
 36CNUZqFg3dL5xUUtcPpZ3fSLlMB26ffrzWFjiUmjPJeUgB0/njaLRzfEc2NyKEaZ4vqfa3q
 6xGm9liQ==
X-IronPort-AV: E=Sophos;i="5.90,292,1643691600";
   d="scan'208";a="72483420"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=BAt4R7JdivKYP02Pfr+PP2bQYaU/8bJpVNg2l87fmR4wWyi8fg3vfAiNXH+Of3hW1B5WqZ+Y5oflAlFR2dmiVgT3K40NNz+Mon+cgGAXiM20jm68CNGMI1VAs1+3bSiTYx4zkScMfbbPGbMNWIjxQr48Xjo107itTGMuxkflG83fPkwSXr5rF6e/cVjwb5TMG5vEqgpMGTHgs00NF+LWWBArotERRcvcRGx8w/lqZi3Gy3p5Iopn29WcpDhWzvvXWeoVKCcwmajKBVLzw50WXcBUMSMH1up/6mcP4cUSwyzjWODrA+54uqUEA1I+StAKVk8VObVYCu+EPSvaBjMAyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=0nJcqzCrAaZuoAasqr/4AZsjYRE4vPluffqUl2JGCbs=;
 b=ImE8XNoMUZp2Q0lI7TiwwTougptENsgf3RAyELoUEx7GlBxNdfkswffY8NIPKOIDhPsj27TPIx4byM+OSK/8ikMkwx8KJRfy5k/wDE4onjPd7gmGp/7hj5gkBFr7uxAwNMixdbr+PGaK9T1fxAK7rJkjh7jA7URZH9Xbtgzkt8X0TgwbZEd+96iIQsQ79zeRz5cQqk6n3PGuLsKhJRvNjnn++05GG7NNCmzGl4hZ7BRDIt+Dr0wkh8TUrRXW0ilRY4l7ZCeekhunpB+uHCB3jF9cY1ULE6tjVYUuqlMMXIweZ0xFgVr4WZvPYMLOH+dYPNtXmwKvcLpjhwgO9pXQ8g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com;
 dkim=pass header.d=citrix.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=citrix.onmicrosoft.com; s=selector2-citrix-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=0nJcqzCrAaZuoAasqr/4AZsjYRE4vPluffqUl2JGCbs=;
 b=L4YFGQ7A6/IUvNNkiIq9MZHsWvHKkPCb+1DwAZgY2Po5514/SPrq3uBt14zjIAflmNOPWKCpppFPfzF2bBH95bfzNYzX7Lc7w/40HJitJ6pttNG853fxLYmcrmeueNa6DfVljmAfBUiVlfFyhtqmbObcswSqmyfZ0IzqxPO3Ddk=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=citrix.com;
From: Roger Pau Monne <roger.pau@citrix.com>
To: xen-devel@lists.xenproject.org
Cc: Roger Pau Monne <roger.pau@citrix.com>,
	Jan Beulich <jbeulich@suse.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	Wei Liu <wl@xen.org>
Subject: [PATCH v4 2/3] amd/msr: allow passthrough of VIRT_SPEC_CTRL for HVM
 guests
Date: Wed, 27 Apr 2022 12:47:17 +0200
Message-Id: <20220427104718.81342-3-roger.pau@citrix.com>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20220427104718.81342-1-roger.pau@citrix.com>
References: <20220427104718.81342-1-roger.pau@citrix.com>
X-ClientProxiedBy: LO2P265CA0514.GBRP265.PROD.OUTLOOK.COM
 (2603:10a6:600:13b::21) To DS7PR03MB5608.namprd03.prod.outlook.com
 (2603:10b6:5:2c9::18)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 37c19f4d-ef8f-4210-e66a-08da283b5c15
X-MS-TrafficTypeDiagnostic: DM5PR03MB3403:EE_
X-Microsoft-Antispam-PRVS: 
	<DM5PR03MB3403953B1442249953D3DD128FFA9@DM5PR03MB3403.namprd03.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	gvqwvbdkP5cws7KFNWhMZAdGgfpuE9A04vLPGe27MKjmrka9hZ0RistC183jx6pOCg1MEbJ8dR2ixs3snUo+rWq6cwUJF/cI3mNNUVR2Hmr/uJU3YM8isJY+Ra8kTE4R47qyK0AOJ4dvp8rmAiBv9KfTasBpC0QZmUiEIq+nSOwdE+HW8s3v/zLPJYzliwTxuRdfVdxcg8rTbL/zMJs73TtblLsfSeMr472WsnA6jG2/i0Rycx8Yw+W9/SRID6WeRvFxzBtCj+JW1gmfSLkAr28VKL6VkLIMub+4JPYFtzGELp1+108FaqqanoJIKO6HMkBwVMQHBf+NxJcRtY2I8R5TtmYOE5gzY9+LIWuatBTD/HggV+eKGI+Y5L4hCbQIcy+xUY3swa15BF5P9v1I8b1F5EjwEK7zf/C2mG4UV02YA0EstTa+qoLsJoSTtCynJR+HFMeNFafzTq7Z607df9nqP0yY1d3Bj0Q9xEw0sOvjqwqxbmemGjJNNo/y+ZyvRQGo6YIMV5SjmmicOAvsettRw/Dc0wtFMYjkcAfw13nGHhxzBcx2gLI2+v8//fKI8gk6+XWz2ZwpoF0Pi6QegLrUeK0cYJkXk7FYeLOI70PwaPFKup0/bn1mLIfbwbYcT8ea/uUZfHdU9L4pYivPbtnLIKxdOMoMR1yA33JtoK4VPhKRTNU7Px2QBSO2iEot
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR03MB5608.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(508600001)(6486002)(6666004)(8676002)(66476007)(66946007)(86362001)(4326008)(66556008)(6916009)(54906003)(38100700002)(36756003)(82960400001)(6506007)(1076003)(6512007)(316002)(83380400001)(2906002)(26005)(186003)(5660300002)(8936002)(2616005);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?xVG3q8yphMg27yFK/A7GsqPN9vNP?=
	=?utf-8?q?OjtfYN9T0PnmIo0w2hIa/WA2XVwf415yu8EfbV02SH94jATQTlWVpa+we5SejdduR?=
	=?utf-8?q?1MMyY6vPRoYkEhrvSAw/b2zZ9caRPtElkeYiJcjq2AIh8RwejK6WWa9vsmqszegKa?=
	=?utf-8?q?zItUtbJ6Bh25seT7FYL4Edv1sOFQphVZhrMeB1uUFGa3oEdKtSBO4aCniV5H9Ted3?=
	=?utf-8?q?HbdEXWa5oqBoTM5YcJ5xucICY4ZedFXUOu+IXGRQWQr7//lLvTlFAmkW5/p0SiQIB?=
	=?utf-8?q?trkg4k3KWlj7VRzFodeBl01gZotUtvxpcsHWJGwpUsBdwzWQeNoovMxvfymQhh2ZC?=
	=?utf-8?q?ftGgsvnuhT9meHv1eDkSahUwxY05eZ12qUAyUtqWHG6gYZBY4Z1BaT1TE90fSX8ow?=
	=?utf-8?q?VUT+YDB5dFijInlARiB/LvH0l0IxH90ggRriQ3rsk4g7ybdR9rMQlL4ptZewzpX7K?=
	=?utf-8?q?TgOrdHvkNKCr+Yb7OjFxmouKzFGQM3Kv7xeKHZvXa9TacpojxY+w00/36xOnJMNLI?=
	=?utf-8?q?hTXm6s5J/uAmitdcTPTAXHrD2FV8AGAdiRpp7jzsIgC/CxeKAOo2agRoQIb3rzyFa?=
	=?utf-8?q?BmuQ5XRw/HToKQ+pqA2L00dfTkpmbuW/3w7YFHv51WO11VA2HiJmZmgU4ylaRlcqD?=
	=?utf-8?q?3UklVjydEuM6mNLEAqoH5uis4JlofZOhgDoRcAmpLTS5y4B1VaLQEVeAJ8w9uZ8/6?=
	=?utf-8?q?83HPhByVxp8I5tydolKcLi6crpS9wT7dytVpDysYqjcIi6Y1zOL1fTqqvnWhJcdqr?=
	=?utf-8?q?mxVslRkFFaMyEFt3nJUasjKheCVHbAkOW9Z4c2D7KzWHUdleUwl3rPf1en2WYABkg?=
	=?utf-8?q?OSPkaA0XFVVfm3AdAGVOVnxVqGE0oTx6VbVGk96reIgXeUY4iFiWkDg+nVjz9yPqG?=
	=?utf-8?q?Wp3Atc7hPjn0CCjbZoS2yddr0vM9YaqfwQ0PkTDcenH7d5KRHwAGvYl0EcQfucDSv?=
	=?utf-8?q?yDhVdW4x9Al7c5khOFrmzuOfzBJb0TNYW/ofupMYYp/CeuIq32yAiF87Kx04Wcb+U?=
	=?utf-8?q?vfzKhuvyssHEXjezHnoyDlqIf96/2TokR/IX7y+l6dG3MpV6W5/j867whXRQ34ixx?=
	=?utf-8?q?Ey0kvCKokcL8nb+xag6mNZp8ccHryNRfUjYQto6f6YdE07ZavCZvo44ojnl2k8++I?=
	=?utf-8?q?6PR2U7QXV5mS+41kwqJe3AUyiaYodCQlWEL6sJN+slJno9V7imjbpqQn5F8eOQVtc?=
	=?utf-8?q?L1vKq5DN3KBro9z0YQu/HSXgBXPqrGOCFDkUFySqMe0ZBNe+TtXMLs9hrluYC7ONq?=
	=?utf-8?q?olVVMsKdELUSpJLA4zdSY762eIGO6v2FkerHS1P15uSptMQZtK9QNNX1g//GiOusC?=
	=?utf-8?q?FogS146GYL7WFNz4f4JykuoWGv0qkWmc6bza9cyoTiRvci4G3ZGoA5os+Tn7Cak7O?=
	=?utf-8?q?UdNLpl34YRRWzOl5wpM8+0cVSbtPVlNVo/GN9pnmQCFpT3Zj8ycMvBtz/s3vuDFoc?=
	=?utf-8?q?BK2WXzrk3m3H4QHOHVwg+3NkTzDpCQQf3U4f+YSBypFGv080Ly8E8plUxB5buNQNu?=
	=?utf-8?q?UEC3IHC/gXIHmuOql87yeMCxgvu7kq3FNaCC+p3nRCCCyEIkW8zQZOuKsrV7BCzmP?=
	=?utf-8?q?zt6WW2tMyI7mWtRyoACc30+cgqWVm1dfmfX5e4V7lL8QXpH7k1BwGECgB0Vgy5yKm?=
	=?utf-8?q?pMfJdTSoKkTFyc5eBoetxFM6Qu/v2ofaxURCPVFLr2lgNjJMDedlY=3D?=
X-OriginatorOrg: citrix.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 37c19f4d-ef8f-4210-e66a-08da283b5c15
X-MS-Exchange-CrossTenant-AuthSource: DS7PR03MB5608.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2022 10:47:44.0644
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 335836de-42ef-43a2-b145-348c2ee9ca5b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 kGhaQnmsyibjR4xWwdvCx+D1vk4uazPcBynnb5L7R8H3qqqB1rLW9gtoDDrWMj7yjFMNwfkQ6sLooIZbcSPgeg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR03MB3403

Allow HVM guests access to MSR_VIRT_SPEC_CTRL if the platform Xen is
running on has support for it.  This requires adding logic in the
vm{entry,exit} paths for SVM in order to context switch between the
hypervisor value and the guest one.  The added handlers for context
switch will also be used for the legacy SSBD support.

Introduce a new synthetic feature leaf (X86_FEATURE_VIRT_SC_MSR_HVM)
to signal whether VIRT_SPEC_CTRL needs to be handled on guest
vm{entry,exit}.

Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
---
Changes since v3:
 - Always trap write accesses to VIRT_SPEC_CTRL in order to cache the
   guest setting.
 - Do not use the 'S' annotation for the VIRT_SSBD feature.

Changes since v2:
 - Reword part of the commit message regarding annotation change.
 - Fix MSR intercept.
 - Add handling of VIRT_SPEC_CTRL to guest_{rd,wr}msr when using
   VIRT_SSBD also.

Changes since v1:
 - Introduce virt_spec_ctrl vCPU field.
 - Context switch VIRT_SPEC_CTRL on vmentry/vmexit separately from
   SPEC_CTRL.
---
 xen/arch/x86/cpuid.c                   | 11 ++++++++
 xen/arch/x86/hvm/svm/entry.S           |  8 ++++++
 xen/arch/x86/hvm/svm/svm.c             | 35 ++++++++++++++++++++++++++
 xen/arch/x86/include/asm/cpufeatures.h |  1 +
 xen/arch/x86/include/asm/msr.h         | 10 ++++++++
 xen/arch/x86/msr.c                     | 16 +++++++++---
 xen/arch/x86/spec_ctrl.c               |  9 ++++++-
 7 files changed, 85 insertions(+), 5 deletions(-)

diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index 979dcf8164..9a8c73f067 100644
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -541,6 +541,10 @@ static void __init calculate_hvm_max_policy(void)
          raw_cpuid_policy.basic.sep )
         __set_bit(X86_FEATURE_SEP, hvm_featureset);
 
+    if ( !boot_cpu_has(X86_FEATURE_VIRT_SC_MSR_HVM) )
+        /* Clear VIRT_SSBD if VIRT_SPEC_CTRL is not exposed to guests. */
+        __clear_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);
+
     /*
      * If Xen isn't virtualising MSR_SPEC_CTRL for HVM guests (functional
      * availability, or admin choice), hide the feature.
@@ -597,6 +601,13 @@ static void __init calculate_hvm_def_policy(void)
     guest_common_feature_adjustments(hvm_featureset);
     guest_common_default_feature_adjustments(hvm_featureset);
 
+    /*
+     * Only expose VIRT_SSBD if AMD_SSBD is not available, and thus
+     * VIRT_SC_MSR_HVM is set.
+     */
+    if ( boot_cpu_has(X86_FEATURE_VIRT_SC_MSR_HVM) )
+        __set_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);
+
     sanitise_featureset(hvm_featureset);
     cpuid_featureset_to_policy(hvm_featureset, p);
     recalculate_xstate(p);
diff --git a/xen/arch/x86/hvm/svm/entry.S b/xen/arch/x86/hvm/svm/entry.S
index 4ae55a2ef6..2f63a2e3c6 100644
--- a/xen/arch/x86/hvm/svm/entry.S
+++ b/xen/arch/x86/hvm/svm/entry.S
@@ -19,6 +19,8 @@
 
         .file "svm/entry.S"
 
+#include <xen/lib.h>
+
 #include <asm/asm_defns.h>
 #include <asm/page.h>
 
@@ -57,6 +59,9 @@ __UNLIKELY_END(nsvm_hap)
 
         clgi
 
+        ALTERNATIVE "", STR(call vmentry_virt_spec_ctrl), \
+                        X86_FEATURE_VIRT_SC_MSR_HVM
+
         /* WARNING! `ret`, `call *`, `jmp *` not safe beyond this point. */
         /* SPEC_CTRL_EXIT_TO_SVM       Req: b=curr %rsp=regs/cpuinfo, Clob: acd */
         .macro svm_vmentry_spec_ctrl
@@ -114,6 +119,9 @@ __UNLIKELY_END(nsvm_hap)
         ALTERNATIVE "", svm_vmexit_spec_ctrl, X86_FEATURE_SC_MSR_HVM
         /* WARNING! `ret`, `call *`, `jmp *` not safe before this point. */
 
+        ALTERNATIVE "", STR(call vmexit_virt_spec_ctrl), \
+                        X86_FEATURE_VIRT_SC_MSR_HVM
+
         stgi
 GLOBAL(svm_stgi_label)
         mov  %rsp,%rdi
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index 2455835eda..e15c9754d7 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -52,6 +52,7 @@
 #include <asm/hvm/svm/svmdebug.h>
 #include <asm/hvm/svm/nestedsvm.h>
 #include <asm/hvm/nestedhvm.h>
+#include <asm/spec_ctrl.h>
 #include <asm/x86_emulate.h>
 #include <public/sched.h>
 #include <asm/hvm/vpt.h>
@@ -610,6 +611,16 @@ static void cf_check svm_cpuid_policy_changed(struct vcpu *v)
     svm_intercept_msr(v, MSR_SPEC_CTRL,
                       cp->extd.ibrs ? MSR_INTERCEPT_NONE : MSR_INTERCEPT_RW);
 
+    /*
+     * Always trap write accesses to VIRT_SPEC_CTRL in order to cache the guest
+     * setting and avoid having to perform a rdmsr on vmexit to get the guest
+     * setting even if VIRT_SSBD is offered to Xen itself.
+     */
+    svm_intercept_msr(v, MSR_VIRT_SPEC_CTRL,
+                      cp->extd.virt_ssbd && cpu_has_virt_ssbd &&
+                      !cpu_has_amd_ssbd ?
+                      MSR_INTERCEPT_WRITE : MSR_INTERCEPT_RW);
+
     /* Give access to MSR_PRED_CMD if the guest has been told about it. */
     svm_intercept_msr(v, MSR_PRED_CMD,
                       cp->extd.ibpb ? MSR_INTERCEPT_NONE : MSR_INTERCEPT_RW);
@@ -3105,6 +3116,30 @@ void svm_vmexit_handler(struct cpu_user_regs *regs)
     vmcb_set_vintr(vmcb, intr);
 }
 
+/* Called with GIF=0. */
+void vmexit_virt_spec_ctrl(void)
+{
+    unsigned int val = opt_ssbd ? SPEC_CTRL_SSBD : 0;
+
+    if ( val == current->arch.msrs->virt_spec_ctrl.raw )
+        return;
+
+    if ( cpu_has_virt_ssbd )
+        wrmsr(MSR_VIRT_SPEC_CTRL, val, 0);
+}
+
+/* Called with GIF=0. */
+void vmentry_virt_spec_ctrl(void)
+{
+    unsigned int val = opt_ssbd ? SPEC_CTRL_SSBD : 0;
+
+    if ( val == current->arch.msrs->virt_spec_ctrl.raw )
+        return;
+
+    if ( cpu_has_virt_ssbd )
+        wrmsr(MSR_VIRT_SPEC_CTRL, current->arch.msrs->virt_spec_ctrl.raw, 0);
+}
+
 /*
  * Local variables:
  * mode: C
diff --git a/xen/arch/x86/include/asm/cpufeatures.h b/xen/arch/x86/include/asm/cpufeatures.h
index 7413febd7a..2240547b64 100644
--- a/xen/arch/x86/include/asm/cpufeatures.h
+++ b/xen/arch/x86/include/asm/cpufeatures.h
@@ -40,6 +40,7 @@ XEN_CPUFEATURE(SC_VERW_HVM,       X86_SYNTH(24)) /* VERW used by Xen for HVM */
 XEN_CPUFEATURE(SC_VERW_IDLE,      X86_SYNTH(25)) /* VERW used by Xen for idle */
 XEN_CPUFEATURE(XEN_SHSTK,         X86_SYNTH(26)) /* Xen uses CET Shadow Stacks */
 XEN_CPUFEATURE(XEN_IBT,           X86_SYNTH(27)) /* Xen uses CET Indirect Branch Tracking */
+XEN_CPUFEATURE(VIRT_SC_MSR_HVM,   X86_SYNTH(28)) /* MSR_VIRT_SPEC_CTRL exposed to HVM */
 
 /* Bug words follow the synthetic words. */
 #define X86_NR_BUG 1
diff --git a/xen/arch/x86/include/asm/msr.h b/xen/arch/x86/include/asm/msr.h
index ab6fbb5051..460aabe84f 100644
--- a/xen/arch/x86/include/asm/msr.h
+++ b/xen/arch/x86/include/asm/msr.h
@@ -375,6 +375,16 @@ struct vcpu_msrs
      */
     uint32_t tsc_aux;
 
+    /*
+     * 0xc001011f - MSR_VIRT_SPEC_CTRL (if !X86_FEATURE_AMD_SSBD)
+     *
+     * AMD only. Guest selected value, saved and restored on guest VM
+     * entry/exit.
+     */
+    struct {
+        uint32_t raw;
+    } virt_spec_ctrl;
+
     /*
      * 0xc00110{27,19-1b} MSR_AMD64_DR{0-3}_ADDRESS_MASK
      *
diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
index 72c175fd8b..a1e268eea9 100644
--- a/xen/arch/x86/msr.c
+++ b/xen/arch/x86/msr.c
@@ -385,7 +385,10 @@ int guest_rdmsr(struct vcpu *v, uint32_t msr, uint64_t *val)
         if ( !cp->extd.virt_ssbd )
             goto gp_fault;
 
-        *val = msrs->spec_ctrl.raw & SPEC_CTRL_SSBD;
+        if ( cpu_has_amd_ssbd )
+            *val = msrs->spec_ctrl.raw & SPEC_CTRL_SSBD;
+        else
+            *val = msrs->virt_spec_ctrl.raw;
         break;
 
     case MSR_AMD64_DE_CFG:
@@ -678,10 +681,15 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val)
             goto gp_fault;
 
         /* Only supports SSBD bit, the rest are ignored. */
-        if ( val & SPEC_CTRL_SSBD )
-            msrs->spec_ctrl.raw |= SPEC_CTRL_SSBD;
+        if ( cpu_has_amd_ssbd )
+        {
+            if ( val & SPEC_CTRL_SSBD )
+                msrs->spec_ctrl.raw |= SPEC_CTRL_SSBD;
+            else
+                msrs->spec_ctrl.raw &= ~SPEC_CTRL_SSBD;
+        }
         else
-            msrs->spec_ctrl.raw &= ~SPEC_CTRL_SSBD;
+            msrs->virt_spec_ctrl.raw = val & SPEC_CTRL_SSBD;
         break;
 
     case MSR_AMD64_DE_CFG:
diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
index f338bfe292..0d5ec877d1 100644
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -406,9 +406,12 @@ static void __init print_details(enum ind_thunk thunk, uint64_t caps)
            (boot_cpu_has(X86_FEATURE_SC_MSR_HVM) ||
             boot_cpu_has(X86_FEATURE_SC_RSB_HVM) ||
             boot_cpu_has(X86_FEATURE_MD_CLEAR)   ||
+            boot_cpu_has(X86_FEATURE_VIRT_SC_MSR_HVM) ||
             opt_eager_fpu)                           ? ""               : " None",
            boot_cpu_has(X86_FEATURE_SC_MSR_HVM)      ? " MSR_SPEC_CTRL" : "",
-           boot_cpu_has(X86_FEATURE_SC_MSR_HVM)      ? " MSR_VIRT_SPEC_CTRL" : "",
+           (boot_cpu_has(X86_FEATURE_SC_MSR_HVM) ||
+            boot_cpu_has(X86_FEATURE_VIRT_SC_MSR_HVM)) ? " MSR_VIRT_SPEC_CTRL"
+                                                       : "",
            boot_cpu_has(X86_FEATURE_SC_RSB_HVM)      ? " RSB"           : "",
            opt_eager_fpu                             ? " EAGER_FPU"     : "",
            boot_cpu_has(X86_FEATURE_MD_CLEAR)        ? " MD_CLEAR"      : "");
@@ -1069,6 +1072,10 @@ void __init init_speculation_mitigations(void)
             setup_force_cpu_cap(X86_FEATURE_SC_MSR_HVM);
     }
 
+    /* Support VIRT_SPEC_CTRL.SSBD if AMD_SSBD is not available. */
+    if ( opt_msr_sc_hvm && !cpu_has_amd_ssbd && cpu_has_virt_ssbd )
+        setup_force_cpu_cap(X86_FEATURE_VIRT_SC_MSR_HVM);
+
     /* If we have IBRS available, see whether we should use it. */
     if ( has_spec_ctrl && ibrs )
         default_xen_spec_ctrl |= SPEC_CTRL_IBRS;

From patchwork Wed Apr 27 10:47:18 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>
X-Patchwork-Id: 12828589
Return-Path: <xen-devel-bounces@lists.xenproject.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 09F82C433F5
	for <xen-devel@archiver.kernel.org>; Wed, 27 Apr 2022 10:48:09 +0000 (UTC)
Received: from list by lists.xenproject.org with
 outflank-mailman.314860.533143 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1njfD9-0002y8-FI; Wed, 27 Apr 2022 10:47:55 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
Received: by outflank-mailman (output) from mailman id 314860.533143;
 Wed, 27 Apr 2022 10:47:55 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1njfD9-0002y0-Br; Wed, 27 Apr 2022 10:47:55 +0000
Received: by outflank-mailman (input) for mailman id 314860;
 Wed, 27 Apr 2022 10:47:54 +0000
Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50]
 helo=se1-gles-flk1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from
 <SRS0=Ll0K=VF=citrix.com=prvs=1097e264f=roger.pau@srs-se1.protection.inumbo.net>)
 id 1njfD8-0002LY-Bc
 for xen-devel@lists.xenproject.org; Wed, 27 Apr 2022 10:47:54 +0000
Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com
 [216.71.155.144]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS
 id 7c427951-c617-11ec-8fc2-03012f2f19d4;
 Wed, 27 Apr 2022 12:47:52 +0200 (CEST)
Received: from mail-bn7nam10lp2109.outbound.protection.outlook.com (HELO
 NAM10-BN7-obe.outbound.protection.outlook.com) ([104.47.70.109])
 by ob1.hc3370-68.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES128-GCM-SHA256;
 27 Apr 2022 06:47:50 -0400
Received: from DS7PR03MB5608.namprd03.prod.outlook.com (2603:10b6:5:2c9::18)
 by DM5PR03MB3403.namprd03.prod.outlook.com (2603:10b6:4:43::27) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.21; Wed, 27 Apr
 2022 10:47:48 +0000
Received: from DS7PR03MB5608.namprd03.prod.outlook.com
 ([fe80::5df3:95ce:4dfd:134e]) by DS7PR03MB5608.namprd03.prod.outlook.com
 ([fe80::5df3:95ce:4dfd:134e%4]) with mapi id 15.20.5186.021; Wed, 27 Apr 2022
 10:47:48 +0000
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 7c427951-c617-11ec-8fc2-03012f2f19d4
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=citrix.com; s=securemail; t=1651056472;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:content-transfer-encoding:mime-version;
  bh=BpP0m7aKbLABzlgc2LX2HlH4wa0142cM46ZjDoJX6eY=;
  b=htk4p4878Gp0Xzb52RijzVkziUAAxCBKEjTtC7aouZLEAVUV3cSbWppu
   9G0Y563Xi/luvZ3LUKmHLkSuHu537MTqykIFAHUvxOdipH0XT2sK1ZL/Y
   p/KDWZeMkNr2aPZ/CG4ewE8eO0OvLG4v6EPzWot7p1XHzBZ57WymMS2xL
   Y=;
X-IronPort-RemoteIP: 104.47.70.109
X-IronPort-MID: 72483422
X-IronPort-Reputation: None
X-IronPort-Listener: OutboundMail
X-IronPort-SenderGroup: RELAY_O365
X-IronPort-MailFlowPolicy: $RELAYED
IronPort-Data: A9a23:mECP9KMFyhjdZP/vrR3RlsFynXyQoLVcMsEvi/4bfWQNrUoj0zBTn
 DAYWzyGPf7cZDDwfNtwPNiw8ENU6pCAzYdjHgto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h
 ynLQoCYdKjYdleF+lH1dOKJQUBUjclkfJKlYAL/En03FFcMpBsJ00o5wbZl2NAw2rBVPivW0
 T/Mi5yHULOa82Yc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pGTU2FFFPqQ5E8IwKPb
 72rIIdVXI/u10xF5tuNyt4Xe6CRK1LYFVDmZnF+A8BOjvXez8CbP2lS2Pc0MC9qZzu1c99Z4
 tRdt7juTVsTNZLFlsgTA0MFHxhMMvgTkFPHCSDXXc276WTjKiOp6dMxSUY8MMsf5/p9BnxI+
 boAMjcRYxufhuWwhrWmVu1rgcdlJ87uVG8dkig4kXeFUrB5GdaaG/SiCdxwhV/cguhUGvnTf
 YwBYCdHZxXceRxffFwQDfrSmc/33CWvKGEC8jp5o4It+mL80RRe4oHcPYPQWoKIfeEMgF6X8
 zeuE2PRR0ty2Mak4SqI9Degi/HCmQv/WZkOD/uo+/hymlqRy2cPThoMWjOTo/O0l0q/UNJ3M
 FEP92wlqq1a3FOvZsnwWVu/unHsg/IHc99ZEul/4gfSzKPRul6dHjJdFm8Hb8E6vsgrQzBsz
 kWOg97iGT1otvuSVG6Z8bCX6zi1PED5MFM/WMPNdiNdi/GLnW35pkunogpLeEJtsuDIJA==
IronPort-HdrOrdr: A9a23:VabN8KyG9kkuYdfKA2OQKrPxvuskLtp133Aq2lEZdPULSKGlfp
 GV9sjziyWetN9wYh4dcB67Scu9qBTnhORICOgqTMyftWzd1FdAQ7sSibcKrweBJ8S6zJ8l6U
 4CSdkANDSPNykcsS+S2mDRfbcdKZu8gdiVbI/lvgtQpGpRGsRdBmlCe2Wm+hocfng6OXN1Lu
 vU2uN34x6bPVgHZMWyAXcIG8DFut3wjZrjJToLHQQu5gWihS6hrOeSKWnS4j4uFxd0hZsy+2
 nMlAL0oo2lrvGA0xfZk0ve9Y5fltfNwsZKQOaMls8WADPxjRvAXvUoZ5Sy+BQO5M2/4lcjl9
 fB5z8mIsRI8nvUOlq4pBP8sjOQpAoG2jvH8xu1kHHjqcv2SHYREMxan79UdRPf9g4JoMx8+L
 gj5RPXi7NnSTf72Ajt7dnBUB9n0mCup2A5rOIVh3tDFaMDdb5qq5AF9k89KuZNIMvD0vFnLA
 BSNrCd2B4PGmnqLEwx/1MfjeBEZ05DUCtvGSM5y46oOzs/pgEN86JX/r1bop46zuNNd3B13Z
 W7Dk1WrsA/ciZvV9MaOA4ge7rBNoWfe2O7DIqtSW6XZ50vCjbql6PdxokTyaWDRKEopaFC6q
 gpFmko/1IPRw==
X-IronPort-AV: E=Sophos;i="5.90,292,1643691600";
   d="scan'208";a="72483422"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=CwL18PuxYiUSYXw1mfZo4CE9EtW1nAdyiz3XuNCS5OVi5J4JGH/qVW2iN5ApP4EhO7gi9kdPJANq9G73Rk5KiibkqsmkABWTsX5Bet+iXJMmKZkMD5oVRWpz0K3/sdGmu/Syg2jSMfV9D6NqqJa99Mnv5oGaFKlZOd1+YNnVFXhtwLpAiwhT5KvzXC/6QXj2ZloEWXwy7WQW335vcmMo40lEAy4uPvxBM8+DICuh+2FAjg+n5yfY506ZhCb4niuWTWU0PVha7DMyiVauYLwU7vQFfZ881+4huJZfX9KAbLeCN8BrZHpGtxe1HmVkPdtw25tHUxabcYavdeneQEnQ3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=z12lg9DG0wvGLeF3XX3a2VomQuQ550jjqifJz8ePXvE=;
 b=RtTXLaPO4GF1HsvCHr0+FINX809520fZj/k46blPLVnmhSp6oMjo3de++nYb93R+lzleBeSJy1Ju6RoXE9Ct/X/NJfJCsRvyHdQ+n0kGpmcE+GoFljdrpND1tnZb3Uxli5XfEhJfZU+YIGfjX3exw9bKSPphhj/CedYTVhh636RJiITW0gzbKScmru5a8QhEd/Npja4IDmx7mCHN5x9njqsjD33QmNU3MEFFzRHtdfPhCy9IMTKyeOgHMyV9uS2AJdQRUQY0outcctOMYBbhQLhId9Va2+onsHk1YKb911IJspHWc2oe0DMx9tKizC+h16GoPYl/jIW1pq3XK7SYrw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com;
 dkim=pass header.d=citrix.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=citrix.onmicrosoft.com; s=selector2-citrix-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=z12lg9DG0wvGLeF3XX3a2VomQuQ550jjqifJz8ePXvE=;
 b=I7538quEMle03dYlt9D3+d/sCUZkioAkjlYB+X/y+t+uG5W7YWNunn/vZpWw5ynJyedkOW+cJp90wYI6nzYvw5noBkHi6Kzh0kiQILcZwaQHnSCTWARQfbGJtbR3bUoOEjvQ9fImAvKCNWsfwobb87otP4QbQu9lRZClEo9P94o=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=citrix.com;
From: Roger Pau Monne <roger.pau@citrix.com>
To: xen-devel@lists.xenproject.org
Cc: Roger Pau Monne <roger.pau@citrix.com>,
	Jan Beulich <jbeulich@suse.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	Wei Liu <wl@xen.org>
Subject: [PATCH v4 3/3] amd/msr: implement VIRT_SPEC_CTRL for HVM guests using
 legacy SSBD
Date: Wed, 27 Apr 2022 12:47:18 +0200
Message-Id: <20220427104718.81342-4-roger.pau@citrix.com>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <20220427104718.81342-1-roger.pau@citrix.com>
References: <20220427104718.81342-1-roger.pau@citrix.com>
X-ClientProxiedBy: LO2P265CA0304.GBRP265.PROD.OUTLOOK.COM
 (2603:10a6:600:a5::28) To DS7PR03MB5608.namprd03.prod.outlook.com
 (2603:10b6:5:2c9::18)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 04e68e45-9edc-42a3-f8cc-08da283b5e8f
X-MS-TrafficTypeDiagnostic: DM5PR03MB3403:EE_
X-Microsoft-Antispam-PRVS: 
	<DM5PR03MB340300BE1E5AB1B4F898065D8FFA9@DM5PR03MB3403.namprd03.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	+KX6jJb0kutyHhzD0I8J+waPvkHnUStq10QFwfq3DvlPGvwNrBQS+ORF0daBa8ucZucHHpnYWDGx34e+IpzS+mXMmfr8ARhPo8Fi3E0PGOZCk6iainldPrFXWhSTQTIAXd6dpmo1vNU2InTdztS4vtkbcZ4N0c3/L36Gz2eLW2J/Y3MvT4gSsM3WC2yUl9FI8OkiRrriJY8A4Ymrh84VOt3Cmd8if/LLImOcWP7v9xCGYGWx6Oygw7B6UFUbbXZUt/Iatmkv+iKTY59+cwHLKPW5npPXrWIIguGq24+j581SvYAfS6l/3eizaxHvYhcJG2mEqbbbjmcrCHt1y4rLfT3nwxIq8gtkTMOb8XcfciUS+gwBW3WIDYocyFAkGlu0PCMj4xFQDFXD4RZaIjGNz1lyzAu4TDfhEcujDzuX/oyYEpc1dPACB78696UWtbnsPEtbzCYFA7Eh7+j1dFDNaKZTGFtmvRyGdSWtU5XjiLslR8deduYCxj/UnHBqF5/OQRfXguA2QWBPZPN1dmcB/9fzXK6IhzI1NHHGSX5QWiP6DWIKfyGMK7vQFd6YFHyviG4VHh8wzetMbsmkaNQFE1IvxHiZrOnalNcokv2bgmeUrL+bYleCln+Z0tejd75qp2Fa0MVB18EqQDVP4RyWukjoYs1uKqDqADKwd8guLdo7zAKYgpvhGvIrpoK36M0nUMTJL/MXzygODz3b1PTlGEAXKwsSYnnpy6lEltmxadxnI1NPZzNwr/zk6SNuxG8hgs9wc2Bph903INSPXEdsiItYcaKqEi1TEZdEBKpxPqA=
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS7PR03MB5608.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(508600001)(966005)(6486002)(6666004)(8676002)(66476007)(66946007)(86362001)(4326008)(66556008)(6916009)(54906003)(38100700002)(36756003)(82960400001)(6506007)(1076003)(6512007)(316002)(83380400001)(2906002)(26005)(186003)(5660300002)(8936002)(2616005);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?0EyLlmXr4TUWPpeiH+6YuPtPqovO?=
	=?utf-8?q?S4JGbMXzpeKCJHtXKblN8fDRgIZlitOpnNPfl0kafEHZgHqVuaeV92XvpH8w4F1+I?=
	=?utf-8?q?nf701vyiqPOlm0Sx8pRBVAlAAtfprlFBBk/2bmvnfOFng5POd1S5dJfXM4uAddseC?=
	=?utf-8?q?U3BDp9yTwaxDlEKeeYPk/rcSHPiJVI6hsmATTI//hNOtvObzYAUhLaE0PW6iZNDhS?=
	=?utf-8?q?3RMqGE+MGvsF7fun7dQ16ubAAqIFB432TwZfw7ROizjfYgFMMnu/sO/GmoL7FenX6?=
	=?utf-8?q?b6KUuZhoNRj5l8uchviGpMNpvbcMQtWXxNxqPSicXpCevpfb3aLu7xO4kJ917oC6q?=
	=?utf-8?q?I4PgGeWheSxzeXkoiVYRfuz8FleDmv+MMufKZ0WQ6n3kWsr0Uo4hxS7ffQ6jSIAxO?=
	=?utf-8?q?Z4rtwlYjh+tNjOOHuwTnvQEc+5Llp2Kx3Wp90Xv/muqBros5/9HD2/3kgbdfaAb/M?=
	=?utf-8?q?2c7hvqzYrrk5Zy6EBnVAykLOBs6I4aVIVEaMK+nICV5hAq/wAP9MkdQEaTyXz5qz4?=
	=?utf-8?q?mx8gzwfvs7oxJVFPKWULzSuVw1fQmhj1GQvSpH4f4WUUKSTug13B2TIbj0tsnp4p0?=
	=?utf-8?q?YBHO/sYyEmmKpkvk6KZkvfZG6KORdEjfXEkhTmTCOc60Zz/wu1PzVcs2xlUqfcAgI?=
	=?utf-8?q?doZLIvO+nsLz0GzDFpnmmP1a2HfZEiMhmFuT7VPwNL8qtIURdeuzWY9RJr7g1vyRf?=
	=?utf-8?q?bj1ywbPFHWKGTkoQyyFm825YPY6CquhheD2ATiusOQSNptnix6JdX4IBcMmflqneN?=
	=?utf-8?q?C/L1z2wbnsmI0kO30Gj7R9cOgwvKv/2O9u0U3ecv0KPejOaWaqpQxPEcWNz3BSWvL?=
	=?utf-8?q?HsTjiUXK0rDvsL1OBRSRiOyye/pIvOMQaASwoLjaHgTH0wfdM7iF6RPjznnt6vz0Q?=
	=?utf-8?q?uPGQn7ui2xbRdN24b8296hqwuUyk2mQUijPC6VtrM8QyS1HcdqoIBc9qLsqdCA650?=
	=?utf-8?q?GGtc1hC0H2BYFL3XooTd/GUWLvyI/ctaDyVdh7wBzImM8I8/uCsv2AQQBjyjy5cyB?=
	=?utf-8?q?4i+/TNXbokC4JsmJQmcMynHFp2TFnHaD4aoCIa4lqL8qZNHSUJJzA74PPHnkPyk8Q?=
	=?utf-8?q?65+YdIZGqbY3gJwhC9dOhsY85uEG8ixmdCWc6hfH9g/61/WD9pIq6yfQ3iz40878o?=
	=?utf-8?q?ziLMuU+m+5fgK+vaF/+dQarwQfKwW3+EjF+AUft1QuHnEhhVwe2NenHvs3342nCKn?=
	=?utf-8?q?xTXIFlc2bXrZzO1VzNwBAERE67aH5O5OvM5uELHMhF3nR6KQgPv8N6sUrO2BSnla2?=
	=?utf-8?q?MSo8siYivlaziILvTQxrsHaoU9S8Furb/Dqib6VoETzN8zW+h8WhY/YfQ0FD5/jmB?=
	=?utf-8?q?zVZ4wFXPs3IkuSOVKGwrR+jwjmheic+nCDZP0YW7YR7lDnn6ndUHMCL/x9wI04Sv9?=
	=?utf-8?q?17yoTBDlA4Rfnyyx6En2BhQVfK2gsECAQk3yyl/eKbwB8CuAdLHYO+m/XdWsZDZ0u?=
	=?utf-8?q?jIwyKpVsQQf0BDvho8F353NlxVe7oIBtphw7ZQ9/X/PPT3t8xajoSonuF4FxhLTCF?=
	=?utf-8?q?5ZN1qZXsgg9eVty1iZgAj9W4Q+0wIJWrXdUD9xOPpw0hYsjI9INMcCkBlApVmwsUF?=
	=?utf-8?q?ohKWXucXJOEXVvQ3ivgW99mTiW2+N6CF7QWJ+C/WhNTq46ptG7gW3+pg7/RLwTCRw?=
	=?utf-8?q?2UUCPQ7Xq33Va45DmZqVXK8ICx0uvzO8G2IxBsyxRIgWj0yGfpRJ8=3D?=
X-OriginatorOrg: citrix.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 04e68e45-9edc-42a3-f8cc-08da283b5e8f
X-MS-Exchange-CrossTenant-AuthSource: DS7PR03MB5608.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2022 10:47:48.2583
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 335836de-42ef-43a2-b145-348c2ee9ca5b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 gji5NHHtghA0t5WwpjUQspkvClDM+SVBFsO/I2asCS566eGvuV402ZeyforX/brpyZm9lu+J5qxoUzkOPJsOfg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR03MB3403

Expose VIRT_SSBD to guests if the hardware supports setting SSBD in
the LS_CFG MSR (a.k.a. non-architectural way). Different AMD CPU
families use different bits in LS_CFG, so exposing VIRT_SPEC_CTRL.SSBD
allows for an unified way of exposing SSBD support to guests on AMD
hardware that's compatible migration wise, regardless of what
underlying mechanism is used to set SSBD.

Note that on AMD Family 17h and Hygon Family 18h processors the value
of SSBD in LS_CFG is shared between threads on the same core, so
there's extra logic in order to synchronize the value and have SSBD
set as long as one of the threads in the core requires it to be set.
Such logic also requires extra storage for each thread state, which is
allocated at initialization time.

Do the context switching of the SSBD selection in LS_CFG between
hypervisor and guest in the same handler that's already used to switch
the value of VIRT_SPEC_CTRL.

Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
---
Changes since v3:
 - Align ssbd per-core struct to a cache line.
 - Open code a simple spinlock to avoid playing tricks with the lock
   detector.
 - s/ssbd_core/ssbd_ls_cfg/.
 - Fix log message wording.
 - Fix define name and remove comment.
 - Also handle Hygon processors (Fam18h).
 - Add changelog entry.

Changes since v2:
 - Fix codding style issues.
 - Use AMD_ZEN1_MAX_SOCKETS to define the max number of possible
   sockets in Zen1 systems.

Changes since v1:
 - Report legacy SSBD support using a global variable.
 - Use ro_after_init for ssbd_max_cores.
 - Handle boot_cpu_data.x86_num_siblings < 1.
 - Add comment regarding _irqsave usage in amd_set_legacy_ssbd.
---
 xen/arch/x86/cpu/amd.c         | 119 ++++++++++++++++++++++++++++-----
 xen/arch/x86/cpuid.c           |  10 +++
 xen/arch/x86/hvm/svm/svm.c     |   5 ++
 xen/arch/x86/include/asm/amd.h |   4 ++
 xen/arch/x86/spec_ctrl.c       |   4 +-
 5 files changed, 124 insertions(+), 18 deletions(-)

diff --git a/xen/arch/x86/cpu/amd.c b/xen/arch/x86/cpu/amd.c
index 4999f8be2b..a911e2e50a 100644
--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
@@ -48,6 +48,7 @@ boolean_param("allow_unsafe", opt_allow_unsafe);
 
 /* Signal whether the ACPI C1E quirk is required. */
 bool __read_mostly amd_acpi_c1e_quirk;
+bool __ro_after_init amd_legacy_ssbd;
 
 static inline int rdmsr_amd_safe(unsigned int msr, unsigned int *lo,
 				 unsigned int *hi)
@@ -685,23 +686,10 @@ void amd_init_lfence(struct cpuinfo_x86 *c)
  * Refer to the AMD Speculative Store Bypass whitepaper:
  * https://developer.amd.com/wp-content/resources/124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf
  */
-void amd_init_ssbd(const struct cpuinfo_x86 *c)
+static bool set_legacy_ssbd(const struct cpuinfo_x86 *c, bool enable)
 {
 	int bit = -1;
 
-	if (cpu_has_ssb_no)
-		return;
-
-	if (cpu_has_amd_ssbd) {
-		/* Handled by common MSR_SPEC_CTRL logic */
-		return;
-	}
-
-	if (cpu_has_virt_ssbd) {
-		wrmsrl(MSR_VIRT_SPEC_CTRL, opt_ssbd ? SPEC_CTRL_SSBD : 0);
-		return;
-	}
-
 	switch (c->x86) {
 	case 0x15: bit = 54; break;
 	case 0x16: bit = 33; break;
@@ -715,20 +703,117 @@ void amd_init_ssbd(const struct cpuinfo_x86 *c)
 		if (rdmsr_safe(MSR_AMD64_LS_CFG, val) ||
 		    ({
 			    val &= ~mask;
-			    if (opt_ssbd)
+			    if (enable)
 				    val |= mask;
 			    false;
 		    }) ||
 		    wrmsr_safe(MSR_AMD64_LS_CFG, val) ||
 		    ({
 			    rdmsrl(MSR_AMD64_LS_CFG, val);
-			    (val & mask) != (opt_ssbd * mask);
+			    (val & mask) != (enable * mask);
 		    }))
 			bit = -1;
 	}
 
-	if (bit < 0)
+	return bit >= 0;
+}
+
+void amd_init_ssbd(const struct cpuinfo_x86 *c)
+{
+	if (cpu_has_ssb_no)
+		return;
+
+	if (cpu_has_amd_ssbd) {
+		/* Handled by common MSR_SPEC_CTRL logic */
+		return;
+	}
+
+	if (cpu_has_virt_ssbd) {
+		wrmsrl(MSR_VIRT_SPEC_CTRL, opt_ssbd ? SPEC_CTRL_SSBD : 0);
+		return;
+	}
+
+	if (!set_legacy_ssbd(c, opt_ssbd)) {
 		printk_once(XENLOG_ERR "No SSBD controls available\n");
+		if (amd_legacy_ssbd)
+			panic("CPU feature mismatch: no legacy SSBD\n");
+	} else if (c == &boot_cpu_data)
+		amd_legacy_ssbd = true;
+}
+
+static struct ssbd_ls_cfg {
+    bool locked;
+    unsigned int count;
+} __cacheline_aligned *ssbd_ls_cfg;
+static unsigned int __ro_after_init ssbd_max_cores;
+#define AMD_FAM17H_MAX_SOCKETS 2
+
+bool __init amd_setup_legacy_ssbd(void)
+{
+	unsigned int i;
+
+	if ((boot_cpu_data.x86 != 0x17 && boot_cpu_data.x86 != 0x18) ||
+	    boot_cpu_data.x86_num_siblings <= 1)
+		return true;
+
+	/*
+	 * One could be forgiven for thinking that c->x86_max_cores is the
+	 * correct value to use here.
+	 *
+	 * However, that value is derived from the current configuration, and
+	 * c->cpu_core_id is sparse on all but the top end CPUs.  Derive
+	 * max_cpus from ApicIdCoreIdSize which will cover any sparseness.
+	 */
+	if (boot_cpu_data.extended_cpuid_level >= 0x80000008) {
+		ssbd_max_cores = 1u << MASK_EXTR(cpuid_ecx(0x80000008), 0xf000);
+		ssbd_max_cores /= boot_cpu_data.x86_num_siblings;
+	}
+	if (!ssbd_max_cores)
+		return false;
+
+	ssbd_ls_cfg = xzalloc_array(struct ssbd_ls_cfg,
+	                            ssbd_max_cores * AMD_FAM17H_MAX_SOCKETS);
+	if (!ssbd_ls_cfg)
+		return false;
+
+	for (i = 0; i < ssbd_max_cores * AMD_FAM17H_MAX_SOCKETS; i++)
+		/* Record initial state, also applies to any hotplug CPU. */
+		if (opt_ssbd)
+			ssbd_ls_cfg[i].count = boot_cpu_data.x86_num_siblings;
+
+	return true;
+}
+
+void amd_set_legacy_ssbd(bool enable)
+{
+	const struct cpuinfo_x86 *c = &current_cpu_data;
+	struct ssbd_ls_cfg *status;
+
+	if (c->x86 != 0x17 || c->x86_num_siblings <= 1) {
+		BUG_ON(!set_legacy_ssbd(c, enable));
+		return;
+	}
+
+	BUG_ON(c->phys_proc_id >= AMD_FAM17H_MAX_SOCKETS);
+	BUG_ON(c->cpu_core_id >= ssbd_max_cores);
+	status = &ssbd_ls_cfg[c->phys_proc_id * ssbd_max_cores +
+	                      c->cpu_core_id];
+
+	/*
+	 * Open code a very simple spinlock: this function is used with GIF==0
+	 * and different IF values, so would trigger the checklock detector.
+	 * Instead of trying to workaround the detector, use a very simple lock
+	 * implementation: it's better to reduce the amount of code executed
+	 * with GIF==0.
+	 */
+	while ( test_and_set_bool(status->locked) )
+	    cpu_relax();
+	status->count += enable ? 1 : -1;
+	ASSERT(status->count <= c->x86_num_siblings);
+	if (enable ? status->count == 1 : !status->count)
+		BUG_ON(!set_legacy_ssbd(c, enable));
+	barrier();
+	write_atomic(&status->locked, false);
 }
 
 void __init detect_zen2_null_seg_behaviour(void)
diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index 9a8c73f067..7607155875 100644
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -544,6 +544,16 @@ static void __init calculate_hvm_max_policy(void)
     if ( !boot_cpu_has(X86_FEATURE_VIRT_SC_MSR_HVM) )
         /* Clear VIRT_SSBD if VIRT_SPEC_CTRL is not exposed to guests. */
         __clear_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);
+    else
+        /*
+         * Expose VIRT_SSBD if VIRT_SPEC_CTRL is supported, as that implies the
+         * underlying hardware is capable of setting SSBD using
+         * non-architectural way or VIRT_SSBD is available.
+         *
+         * Note that if the hardware supports VIRT_SSBD natively this setting
+         * will just override an already set bit.
+         */
+        __set_bit(X86_FEATURE_VIRT_SSBD, hvm_featureset);
 
     /*
      * If Xen isn't virtualising MSR_SPEC_CTRL for HVM guests (functional
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c
index e15c9754d7..cee11bb244 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -3126,6 +3126,8 @@ void vmexit_virt_spec_ctrl(void)
 
     if ( cpu_has_virt_ssbd )
         wrmsr(MSR_VIRT_SPEC_CTRL, val, 0);
+    else
+         amd_set_legacy_ssbd(opt_ssbd);
 }
 
 /* Called with GIF=0. */
@@ -3138,6 +3140,9 @@ void vmentry_virt_spec_ctrl(void)
 
     if ( cpu_has_virt_ssbd )
         wrmsr(MSR_VIRT_SPEC_CTRL, current->arch.msrs->virt_spec_ctrl.raw, 0);
+    else
+        amd_set_legacy_ssbd(current->arch.msrs->virt_spec_ctrl.raw &
+                            SPEC_CTRL_SSBD);
 }
 
 /*
diff --git a/xen/arch/x86/include/asm/amd.h b/xen/arch/x86/include/asm/amd.h
index a82382e6bf..6a42f68542 100644
--- a/xen/arch/x86/include/asm/amd.h
+++ b/xen/arch/x86/include/asm/amd.h
@@ -151,4 +151,8 @@ void check_enable_amd_mmconf_dmi(void);
 extern bool amd_acpi_c1e_quirk;
 void amd_check_disable_c1e(unsigned int port, u8 value);
 
+extern bool amd_legacy_ssbd;
+bool amd_setup_legacy_ssbd(void);
+void amd_set_legacy_ssbd(bool enable);
+
 #endif /* __AMD_H__ */
diff --git a/xen/arch/x86/spec_ctrl.c b/xen/arch/x86/spec_ctrl.c
index 0d5ec877d1..495e6f9405 100644
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -22,6 +22,7 @@
 #include <xen/param.h>
 #include <xen/warning.h>
 
+#include <asm/amd.h>
 #include <asm/hvm/svm/svm.h>
 #include <asm/microcode.h>
 #include <asm/msr.h>
@@ -1073,7 +1074,8 @@ void __init init_speculation_mitigations(void)
     }
 
     /* Support VIRT_SPEC_CTRL.SSBD if AMD_SSBD is not available. */
-    if ( opt_msr_sc_hvm && !cpu_has_amd_ssbd && cpu_has_virt_ssbd )
+    if ( opt_msr_sc_hvm && !cpu_has_amd_ssbd &&
+         (cpu_has_virt_ssbd || (amd_legacy_ssbd && amd_setup_legacy_ssbd())) )
         setup_force_cpu_cap(X86_FEATURE_VIRT_SC_MSR_HVM);
 
     /* If we have IBRS available, see whether we should use it. */