From nobody Wed May 15 16:30:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=2; a=rsa-sha256; t=1682513918; cv=pass; d=zohomail.com; s=zohoarc; b=cETmmpewXJ59wcHw/P/VAyElFCFIDBE0YnRAlpfqHZHpE7qWi778sYH1oUpBVPXw7+7iy8g9TYbIPWM9BjE5ihckmW/Syg+2Z+DCRmIqnk/ucDPhl424H0W3DOYj6WY2CESJoHL1upJNTmwm6h1i2QDFKfkmql3bJI8tKUEKNQ4= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1682513918; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=OpLaqKMeaT1bmjVi3m3iJaeh3uX4cpagAbFfokRvcts=; b=gtWcbtpEjNgJmlR2cdNg6EAfgjmF+WBy5lFGZIPxkxbSX5pp4sVSUiNL+ouvHllnnzBJ9LM9Dtv5rd+0GPNQzLqXTxQG8ex8X18NCe6uB2WjfF1n5vdlXGki1LJxrrx9MIOCjS6jXmXQFBfxKfhhd44O14rs6qO+AeWE0fMv1Kw= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1682513918200763.4385086022401; Wed, 26 Apr 2023 05:58:38 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.526688.818563 (Exim 4.92) (envelope-from ) id 1preie-0008BZ-O6; Wed, 26 Apr 2023 12:58:00 +0000 Received: by outflank-mailman (output) from mailman id 526688.818563; Wed, 26 Apr 2023 12:58:00 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1preie-0008BS-LV; Wed, 26 Apr 2023 12:58:00 +0000 Received: by outflank-mailman (input) for mailman id 526688; Wed, 26 Apr 2023 12:57:59 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1preid-00087s-Ka for xen-devel@lists.xenproject.org; Wed, 26 Apr 2023 12:57:59 +0000 Received: from EUR03-DBA-obe.outbound.protection.outlook.com (mail-dbaeur03on2061a.outbound.protection.outlook.com [2a01:111:f400:fe1a::61a]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id f82e5e91-e431-11ed-b224-6b7b168915f2; Wed, 26 Apr 2023 14:57:59 +0200 (CEST) Received: from VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) by PAXPR04MB8799.eurprd04.prod.outlook.com (2603:10a6:102:20e::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6340.21; Wed, 26 Apr 2023 12:57:56 +0000 Received: from VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::52b2:f58:e19:56ae]) by VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::52b2:f58:e19:56ae%2]) with mapi id 15.20.6319.033; Wed, 26 Apr 2023 12:57:56 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: f82e5e91-e431-11ed-b224-6b7b168915f2 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VDyKX6YF40SxYygAlXF6rlt07fDgYTi7F7MMuVSHsqZyYehQ/AWT9pTmB8fWzoRe7beC/glhVkRazmuBjh4euEqQWsjJcXjIVwcSSJbWxafJ0ddXunPCa63JC1qN97MvF8L0vKrjCGH7vsFATFsKNyL/zFoD+V3GAdpfbZZyxp1fGrhySbRwxn8fNmZXPOxj0YBhHEFW1Hhbws0A0Pbp13CKij2+/tGVXDYmuJG/mJxF5Vod2zz8a1dp43BAsgEbOCc3wI5+Cz97yI0MgkV1lUq+os6rW2TtCa0vBQaz54oH4dqC0LCj6DtGs9bPVT1ZAq2yt8gi1ybDRZx2tBMBwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OpLaqKMeaT1bmjVi3m3iJaeh3uX4cpagAbFfokRvcts=; b=iL2tP/sn25sqST0bIBBOABKVMgYN1dQbk9N5alJcn19vlqxkQkS27efBuy3+5oKh22Xea1jTMn/+Zjf9ve9ZKyqXqG8/YKS/S1DhKMC5UqWjG7XbUfHMi/oHrIbcsOuo3WJxyZGMm5jUw6l8fLi+8/zf72lmx1NUSv33W1n/FGmtinkVSMRA+kEEHFrgmH0yTUMN5hcgNLqC/lBhx5eDNIWSEaXjPouNDLy6HCra6P4FqU0qAq1gK/hCUAPbBzObBWnjS2t/FvTJYH/M0RMlm5gq+jNgx0l975eCNEu1HVYb+JI57nZDsShoKNEyjNf69FdDNN463tWWZIIErI2WZg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OpLaqKMeaT1bmjVi3m3iJaeh3uX4cpagAbFfokRvcts=; b=Zn/VJmUdJF5HJ2QSpRhhT9B8U53NG6WvEBa4QkxDUg/wTMEdT6CbNiCo7YtsLNcYPXXS3vSW96ts1DzrZZIvpvadj86qveo1c6q7KM7RO7YzY97j+dYU+U1Q/5mCngojubOCJjo+f2TPXBea/BVivZlE5NZHY+XPlXzGbvX1FZouMFEjTHwS+MCXVREMCXhlcANueOUquMIf0BuJtQ261zug1s76FtVmsx5ZukTgPeT9GW8H0rCmCqZ4/JwZPSe+PP1kBaRGdzYbno9V4Et/wn0r+dkuCL34TnHcreEHLjKvHFbfGDqa2n5aWowuVus1/oEUbbRRDKtN0lca4a3wpw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: Date: Wed, 26 Apr 2023 14:57:53 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: [PATCH 1/2] VMX/cpu-policy: check availability of RDTSCP and INVPCID Content-Language: en-US From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= , Kevin Tian , Jun Nakajima References: In-Reply-To: Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: FR0P281CA0153.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:b3::12) To VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: VE1PR04MB6560:EE_|PAXPR04MB8799:EE_ X-MS-Office365-Filtering-Correlation-Id: 92ea104e-e69a-46c7-ce3e-08db4655dab6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: AfGQGd7ZrPjjq449pWTZYap5Zq7cdNlXj+0R61+4InXh6JcOOSCDTTEnTELVJxw48kcmO+e8hMBDks//7yRevRmgleSmWzomGGFz7N8EtNHIw+ohxxNy6/JYHBcy8dyMqrQHRAfdQeHwesMeuUWD8JSj78jSdlBpsKr36tUfVkf5rrVVcpZDoDCC05ZbUIZYD718nm/GMLqJTzAsx5vgWdY2VbhSMy4T+h/uTmZvWr5YdaK2yCx2L5CxkvZNkVmLIiw2tCFcW0Am2Fx+LOw2ZuBVY8OPsEukUz4tVeteBHERQCIsrk5wLYJvRtsl/Rrg0A6/R8geblVz6IFux15LfGvTjqA09DV6pNFF7KYqfX2kmrjNKC8VDBGW2zQFxUWkOj92W6tIf0tGV3K3o/DBilOmPeTm9Rzb+f+NcERMf8hRrt8EaerViulWCP8Zutv6kbpDBn8B10CVHTSXZoe0Qtu8oe8qB/YRZDe/3xaecgW8ibCd91q3AXJF1JBWYo3sVCi67JMWCx4wFbBwpd4jTssqcJmo5Vg4XhLEdMgGAWDXDSV6k42/N3vI5oqf1QfNLTGR62vquGWs0PY3/e1Ybbxo6RnvWKmlJ9UUHFw+pjXtSeevbMALMx/gBT2+Oqn0tlqZGXJy3i1kNHDPBU+EXQ== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VE1PR04MB6560.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(366004)(396003)(136003)(39860400002)(376002)(346002)(451199021)(8936002)(38100700002)(2616005)(8676002)(66946007)(66556008)(66476007)(86362001)(31696002)(6916009)(316002)(4326008)(5660300002)(41300700001)(478600001)(6486002)(6666004)(54906003)(186003)(36756003)(26005)(31686004)(6506007)(6512007)(2906002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?NHRYYmpOM25lV3l0dDlPdEUrMVdIS3NOTE56b1NPNFRHeVZHbXdoazRmazNu?= =?utf-8?B?TTBLS2NzVWx3empwV1l6OVdpT2lHdkpBVGhOWURCaGpvMlZEcVhwVmpqd1BC?= =?utf-8?B?VEVjTWs5TVNLTEV1cUk5dUFzSk1aWE5vcFdaY2RJdXUvaXoxbmdGU0w0UTZJ?= =?utf-8?B?ek5XVEZoN3I3TEs5RmpDakxTWUJvNzBFcER4R0hLZHgxV3doOXh1RG5Zckcz?= =?utf-8?B?K1YzVWhQQTJnOVFWaloxaEprWjd4OVRVbC9BMmZkdUYzbFFHY25GQ1dNaUFP?= =?utf-8?B?S05RMHQrcmVZNEhtNGxmMTRKT0VlR2RXMTVrS2g2bHlCdTdVdXRwbXhOeGFH?= =?utf-8?B?TWF3aHZaQVZzQ2l6ZWFLMGJ0UHhDaWtsUE0zTEljVk0wSVJYYWs3RGtGd3BK?= =?utf-8?B?UnI2NExKOVhuVzMvZ2FUam03MXB0OExTTlBEUGhGRXozTHFHMmpuRWdBRGxS?= =?utf-8?B?ajA4NHA1SGpKMnR5Wk5Ba0Fla295aXlVclRYeVZMY1MranRBdG1rZHZwN1Mw?= =?utf-8?B?VkhzTXBSekhVcXVVeU41ZjhPbnNscWtQMlFsdktqeGc3eGVwUVUyTm1hRkF6?= =?utf-8?B?YXY4dWk0MzEvU285MDRWeW0ydnM2bDUzdzV2WVVsU2ZYOXdpSFQzSXhKME9w?= =?utf-8?B?OHpQNkVZcnpVRnZuYnR0ajRDcTVWVkxLRDVGKzdCVUQ2bk5yUkRMZ29xRVQv?= =?utf-8?B?TEF0bzBQU0ZqVjlVREhLUW85UklrOGNJN0NnN1NVS21SL3BhZ3VwS1ltMm9X?= =?utf-8?B?Y2twTE9pYSsxUkhuRjZPQ0RlSVpSSTliVDlhL1lKaW1ld085ajNwSXBlSm94?= =?utf-8?B?SkpGd2QzY2JnRWtmL2R1RVNnaDBXSlJ3aUdIYzlJaG4yUndRL2g5L0k3MkVa?= =?utf-8?B?UDdTUjZha1pkOU8zQzhRWHlMTDdXNEVadlNBOW56L0JhSG16U2N3VEM4UENk?= =?utf-8?B?MUxFZDBmczBpT2xjZFhPMjVpRTNkZ09laHNNZldpWjhKY1dPNUFyV2hIQkx1?= =?utf-8?B?RzliTGZrQ2ZtclRyU0F5WnZzN1hEWHRTK3BCekdUM0xuQTJycWJ0ZkYxNEpu?= =?utf-8?B?NXF4RTA0d2dnZ0pkRTdMM0lRVWFlc0RtZlhSZ2VwY3MzNGk0VlZqQUlJMSts?= =?utf-8?B?bHV1R0NlUkphbmpLK2ZFc293Vkh2TytqQ3cyWWV5TXZJTFdveFN3cTdQWFRB?= =?utf-8?B?T1loNmpJR1AvNTdweDh1VjNDOGdycGNRb2ZDTCtocmVSTEYxNWxaZ2tkc09B?= =?utf-8?B?RzRJQVYvK2tSdmpaZTlnYzg3SnF3ZjF0T2Iyc1lqV2kwZmxBczFGYWNKVmpQ?= =?utf-8?B?Z29SUExjQStFMHJUemNKYk0yOWpvVERMNU1ZVWFYTThNV2JiczVjZ0ovQ3ZY?= =?utf-8?B?dGdJbDYyVEV6Z3pzUFpBcytnUWEvZkRXWEhSOTIvTWpOdDJ2Q2hSR0xFR29U?= =?utf-8?B?VVg1YnFMOGxHV3RRMmN2WU9mMUl0aldHdmhMSnhCdStwR3Y3ZW44c0ZpZHJv?= =?utf-8?B?c1JmV0JoRE5MbHpZVFRxOWJrUGtlWWV6OEg1cWpBQWxGOE9hR2h0ZGhnUnNW?= =?utf-8?B?UDAyN0FScE5sbmU0V2ZSVnBVYUtOdHRwM0F0U05YU1JINHVCR29PWEZtMThC?= =?utf-8?B?R214OCtZcGRsY21iMVc2WWJJN3loZk1yTFhEL2NQT0phTVRkSUwyRVdjR2Ry?= =?utf-8?B?MlU2Q05ic0ZBSmRRT0o2TjZhNS9VZ0hDVlpmYjZRd09GS09rMlNjNHo2cUxW?= =?utf-8?B?aGhJaTJJSjNkRHFrSkhKbWoxMDRZT3EySlNoMFdEMUxUTHRLcFZ4cGU2dWpz?= =?utf-8?B?N0haUk43eXA0NTFGWGcrSDFId0s4ZzlvaW53ZlRkVVk1dG5RUG93TlhmNDJF?= =?utf-8?B?dm9OS25WVEVicURpTCtqdjJPeEJRczBNZDFIV0JmTWdBMmtrU0UyWW1hR3V4?= =?utf-8?B?c2wwZDBqcFJuZ0pVeGlaL2JZb1lTNVJJdmJqb3huTXlybDBDVWZLdHlVMjNy?= =?utf-8?B?OXdsS1N5RUdlOGM5R1IxRXdHWDFobWlBU3gxT0EvOE5FdWk2QXdTR2RLcTJu?= =?utf-8?B?REFwaFI2VjFjVWh6MVZtanY5SE9MTDU1K0JZazI4SForcDRjNjMyRjhrZVpF?= =?utf-8?Q?/7oawOXlhdbrLvFRvA7JorVYB?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 92ea104e-e69a-46c7-ce3e-08db4655dab6 X-MS-Exchange-CrossTenant-AuthSource: VE1PR04MB6560.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Apr 2023 12:57:56.0061 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 5Lx6bsEtSOzq7NcktbXZwL2FTPrUjWrNjBJz5juj4yg6ObYpm5HR8bBgC5mI+rJZGM/tiddFEJ0EQDw4C2MZ7Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR04MB8799 X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1682513918970100001 Content-Type: text/plain; charset="utf-8" Both have separate enable bits, which are optional. While on real hardware we can perhaps expect these VMX controls to be available if (and only if) the base CPU feature is available, when running virtualized ourselves this may not be the case. Signed-off-by: Jan Beulich --- Afaics we don't ourselves expose the 1-setting of the two enables. (We also don't constrain guests to set only bits we report as available to set; there's a respective TODO comment in set_vvmcs_virtual_safe().) --- a/xen/arch/x86/cpu-policy.c +++ b/xen/arch/x86/cpu-policy.c @@ -594,6 +594,12 @@ static void __init calculate_hvm_max_pol */ if ( cpu_has_vmx ) { + if ( !cpu_has_vmx_rdtscp ) + __clear_bit(X86_FEATURE_RDTSCP, fs); + + if ( !cpu_has_vmx_invpcid ) + __clear_bit(X86_FEATURE_INVPCID, fs); + if ( !cpu_has_vmx_mpx ) __clear_bit(X86_FEATURE_MPX, fs); =20 --- a/xen/arch/x86/include/asm/hvm/vmx/vmcs.h +++ b/xen/arch/x86/include/asm/hvm/vmx/vmcs.h @@ -299,6 +299,8 @@ extern u64 vmx_ept_vpid_cap; (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_EPT) #define cpu_has_vmx_dt_exiting \ (vmx_secondary_exec_control & SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING) +#define cpu_has_vmx_rdtscp \ + (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_RDTSCP) #define cpu_has_vmx_vpid \ (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_VPID) #define cpu_has_monitor_trap_flag \ @@ -314,6 +316,8 @@ extern u64 vmx_ept_vpid_cap; SECONDARY_EXEC_UNRESTRICTED_GUEST) #define cpu_has_vmx_ple \ (vmx_secondary_exec_control & SECONDARY_EXEC_PAUSE_LOOP_EXITING) +#define cpu_has_vmx_invpcid \ + (vmx_secondary_exec_control & SECONDARY_EXEC_ENABLE_INVPCID) #define cpu_has_vmx_apic_reg_virt \ (vmx_secondary_exec_control & SECONDARY_EXEC_APIC_REGISTER_VIRT) #define cpu_has_vmx_virtual_intr_delivery \ From nobody Wed May 15 16:30:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=2; a=rsa-sha256; t=1682513930; cv=pass; d=zohomail.com; s=zohoarc; b=ZEdiiQRnmhEu+VfwXMfQeFz0xowCRE2wiH3jYDchmNsVc6k1+4y0VoSpdu3QcOD/AKxI8EY83KE8WTqR710v89ZGOTOB5ilycOCZtLSXuO84ui/JvdTm8cFkolQtwKmlvxTlbPwmWgtW5yUcBCv/a6XbUrCnOUMzajoAE1Gb7sA= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1682513930; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=uCLLEbpWgJusYs/t7RT986NWsS87zkp4TQOhZfhkS8s=; b=jtLXf2YafsfC0dV41gXH5xXxb+3kCkBQCXRczRZZHG5aFcUQXrjsD2/jPFS1t9AY+6yHKru4LWcmX26AGocKU63Qz3cPZ36d7xQDdNs3FGv/lXQkfF0jHhZ2xZ/sNsPi5e7IkKdJgFqEW4ruLH+4JZoCL1BEIUgGxbgmOyJ2Ivk= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1682513930071990.3051625524695; Wed, 26 Apr 2023 05:58:50 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.526691.818575 (Exim 4.92) (envelope-from ) id 1prej7-0000Ch-2q; Wed, 26 Apr 2023 12:58:29 +0000 Received: by outflank-mailman (output) from mailman id 526691.818575; Wed, 26 Apr 2023 12:58:29 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1prej6-0000Ca-U4; Wed, 26 Apr 2023 12:58:28 +0000 Received: by outflank-mailman (input) for mailman id 526691; Wed, 26 Apr 2023 12:58:28 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1prej6-0000C2-1N for xen-devel@lists.xenproject.org; Wed, 26 Apr 2023 12:58:28 +0000 Received: from EUR03-DBA-obe.outbound.protection.outlook.com (mail-dbaeur03on2060e.outbound.protection.outlook.com [2a01:111:f400:fe1a::60e]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 085f2683-e432-11ed-8611-37d641c3527e; Wed, 26 Apr 2023 14:58:26 +0200 (CEST) Received: from VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) by PAXPR04MB8799.eurprd04.prod.outlook.com (2603:10a6:102:20e::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6340.21; Wed, 26 Apr 2023 12:58:24 +0000 Received: from VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::52b2:f58:e19:56ae]) by VE1PR04MB6560.eurprd04.prod.outlook.com ([fe80::52b2:f58:e19:56ae%2]) with mapi id 15.20.6319.033; Wed, 26 Apr 2023 12:58:24 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 085f2683-e432-11ed-8611-37d641c3527e ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ORN+xLgr0lLUhcJP7FXsrmJQR311RJRO9i510VZO8H3+bnf5AxQVXgAKidEC1J/7EkwHPPvT10NFob/GD9B5jRqLsD6FD+1ZCiqsiSKj9c1zUAeE63wUzVvVVEudtplmegnrZjVlNe5wTMf/a+G36iZRvVUexHpCr83yKyacyV+anlElWewLchewf+vkYud1EIXzRBwDidtOL92iS49AVs6H3YHKvYNDy9FAHnGGfhJVMdwDfFIbdt758xyo/4JFWFmNyu8YtT+CTBcmZg3evBk1Op/PISsCNY59p9aF8tSZLrN3rj0B89sZtXibI5BQ20q1w5O1FYr6Mldtpzus/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uCLLEbpWgJusYs/t7RT986NWsS87zkp4TQOhZfhkS8s=; b=RCGJHLukDiZdoPnLPsUv0pqlO1pca2RT8tBRMvG3Otzsrm+00D2gvkz6J/P3QME1BaV/HfvxqxSzCMR3CMit9E1IGx8S8xdGdKRGEsUJ87u/+7wVwTWXRisq9rBaoU38mrbRg4nuS/+M/G39z9hhQTjkJxVWpx9ZbblzyJVimr7groFg65eloI32v8PxdSGn76EwMCqd5m4zLE7y17BC7aoRGs0fPuKsyq7I9k/Mb0EhH6hArMyTkYA9kHAx2CoPlPq0qblNEQYwe++TA9sFnai5YSXzzv5+CPqda9ZKADctxcVw6OargIQbZ5wr1xQq7ntNBY2UMoepZKs2uvON9g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uCLLEbpWgJusYs/t7RT986NWsS87zkp4TQOhZfhkS8s=; b=vA0ySRO9nFWScDA3zD5c/7EIEWikOp+dGgZ3CMijzG5fqtRrJT+9nlEVo+OA2F789oQAOg9AfXW1vVCfp3WI6Z4LXzRUiXyM335lNPNhARApml4tfBeo29/e14w8RW4KobmN7YkfrpRMyYgecQmfiRbCzmLcnzl5zqhkqhFi4qHZLu0FmSSHdM2DMQ7jIvrvAYEI/kV45a7B1RIfEjLerIfoVzUqSFhwhloTv8L1EXYoU22V2NHnE5JJ3KV0Uj7pm9/mTtDv/M5+OvJdETyAnfzdDFe3CZvKufjTM0mAAvCFPdaxxxOB01yGI9KcCuN9/y8kRnXnsOpIDfm3YFuZwg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: Date: Wed, 26 Apr 2023 14:58:23 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: [PATCH 2/2] VMX/cpu-policy: disable RDTSCP and INVPCID insns as needed Content-Language: en-US From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= , Kevin Tian , Jun Nakajima References: In-Reply-To: Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: FR0P281CA0151.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:b3::19) To VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: VE1PR04MB6560:EE_|PAXPR04MB8799:EE_ X-MS-Office365-Filtering-Correlation-Id: ced1774d-3f67-4fa3-6fcc-08db4655ebba X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: PBxy5op1H1AtA5GPjJHpLsfteFVc0Ms9pOQDVi2utmWAqUk/AKODPo4tUzSFBtoAb+WD4Bc0dAnXXJQU4OiYmY0r0XoUFk4ljYq6IQNtU9p/S88cc6wDTMNJWLtbILbrhz9BYN0d1CfmuJsoc1Hy65nlA5jN+zcdFBKkb2Ci7qxayWnLmeyEt2KdubDaVV/R8mohNMqur4upkXqVqfJ5g0lN0CWedFJNSHPlyTVUg7uzw8dx3AfN+kvqQ3ACjr18r9/d2Aw2uchJkfNXz0wmSk9MCK1YvTu+Xpz+6F/2Y9ehy+MQqu9KbwOrImkF2ws10vIZPoPTT3hQSyJbV9C8ZdeQDNfER39IQaXzmjrtjTv2bhlM74ZWyx2eTBMk/F6yreZ8/oYmnuTjy8yqaZji+G10ccVVvKOft2/cjglpVe7LmbFdtMFv+hsKagEHDKigVl2UMhm6NARsO++tNJtIL0fDvhO+ohvkOKy97rMP9GA+aLDtWw2vu8LIEVCiUZrYqJD1W1LvJVK9jWkCOIJb8NZfhTrO1AQbqLRjOHMCEggDMrs4rJn6bLNK16rjQlNpaWCA7EZOOZZHktvF30OPEz6ORNtPxAZkU2hCySfNxwBivy3zZ9ZDF3kqdYu60MhP36qeh1H7tIf1zlEsyyDisQ== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VE1PR04MB6560.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(366004)(396003)(136003)(39860400002)(376002)(346002)(451199021)(8936002)(38100700002)(2616005)(8676002)(66946007)(66556008)(66476007)(86362001)(31696002)(6916009)(316002)(4326008)(5660300002)(83380400001)(41300700001)(478600001)(6486002)(54906003)(186003)(36756003)(26005)(31686004)(6506007)(6512007)(2906002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?TEt3VU1tRGp0aDhFcm15STFQSjk3TUE2aDVoNEc1VFdnUGxicklPalJCYmww?= =?utf-8?B?UU5hVUFVa1RiQzdPcnJIejRqcmtaN3UrVkZQcU9KZlhSMWsrb3ZHaGV5NjRi?= =?utf-8?B?R2tKdmNrZmwvTVFrR1BJcUFTb1FlbFkzOGwzZ2xUQ0hzVll1aUxyRW44MUJL?= =?utf-8?B?ZFBRK3JJaXJzaHFDSkVSUjlKL0lhV1dyZmJVWDZDdnQ2dEhqLzdTZzJjdy9y?= =?utf-8?B?TlZ2eGJMcXdQSC9hVFZUNTRZV2FaWFBnVWVjbGJHZ2dUNWR4alpMcTdHVkFk?= =?utf-8?B?b2ZEbGw1cE93UVVWNmw5RGpSOTU4azdNRFhVdHhJZ3JrL3pnbWRqUUhYeWFa?= =?utf-8?B?R01wS3ZpeXFUVUtSSEJ4V2ZUb05ZOUNIS1FJNFdidjJWelp6b1VLUGtxelVk?= =?utf-8?B?ZnFqUjFPcFZLU0Nia2VQWm5Oak44YXQxc01OY1JxT2VRNFoxbG41K0tLd2xU?= =?utf-8?B?M2JMWkZNblRtT0JJUHFDTGlSdnVja2Z3YnY2R3I4amc4NEk3aHJZbmhsbEw4?= =?utf-8?B?WGgwV2xDRGtVaGZNSUNRZk45ZUFDS3Y1YWFZazZOM000cURsb2hkcFZiQTU1?= =?utf-8?B?aGhTUE4zdDVOUHM4c0h6cG9hOTM1eEZFSTl4M2FCT2hmeGtmaUpQb0htUC9Q?= =?utf-8?B?enVsQ3gwUTk0dFA5bFhLRHNvRGk5UE9iSzVuSzA4TXdsaVdDVTU5TWVSd3Bz?= =?utf-8?B?cmlmMWhpNm1XU3VySUhmb2dLQzQ5dVNCQm5wSDRWSzZTZDdOWmRvNXZCd0pH?= =?utf-8?B?QkVScEtadlZzQkRjdUtQZjBKdXU0TVVhMDJsMzNWTm5TV2lBa3Jpd0N6emdl?= =?utf-8?B?eG1GdmVDVWdGVUFXR3lOYW9rR1JYMFdiVG1VU3RrUnlpRHRCSFpocHlDa0oy?= =?utf-8?B?TklJeTVNTzVsRk04Q1dDeTloT3oyanloNDBKbGJML0RmcUxlVG1CRXBhWEl3?= =?utf-8?B?ODZhaE5pVWlpUnRzajA4M3pUS3UyNlBQa3R5OGNQemtyaTQ1MEtHSVdQbzJy?= =?utf-8?B?eTRiTVhLVVNsRVEyUHgydnJHeU5laXgvRmVQZ1JQTDY5OGFoRWxGZXlrOXV6?= =?utf-8?B?UUhsOURWWndweXJXNkJkY1ZNZE1PQzNMVU1KQUxIMkhacktOUkpzQmRIb3Jm?= =?utf-8?B?MFZnTXhIMGNPNmZEc2toZklZUGZwWXBTczNLbmxaUnZsRnlGaTF3d0xaWnNY?= =?utf-8?B?SWtBS09IS3ZWZ2lnTmh0OE0yWEphNmJSdlVHaGxSMEFsRUhGd0NBTmpzU2w5?= =?utf-8?B?Mk5XY2RSU1B2VGNXbHVGendEOWhCNHBWVVMzUUhBVU9KUTVsTGhtcUxDNmpu?= =?utf-8?B?c053S1BxWmpyV2orNUZNZk50NEdqYms1d254OEpWU0pjUG5IUWNwS1BiLzA2?= =?utf-8?B?bkFHS21yUnNvcjJzRUpoNnJJTjVRMmVmSnlRdjVacWdneDdGUGFaMVZTOVJr?= =?utf-8?B?b2tKeUVUb2g0OGN6bGVmUmFJNCtwTVVGNXV0QWlEajNwVC9jdzRuNlhuQjRo?= =?utf-8?B?QmhNVlNKSXRQUTJTWEpNNGlUSEdKVzUyaGRNcXdpVTIyK1RZS2s0ZUpJOGpx?= =?utf-8?B?Wng3WVZxSVpGR3ZpWXVic0NMOW0vZGxkQ00rYkFFaDdHejZQZ3BUUjU5VUZ6?= =?utf-8?B?MklxRjUrV2JjU2tlUmxUQ2RHaTRub0lGeTZSOS9mZ0ZXSmlTd2owcE5EditZ?= =?utf-8?B?UVRFdHRVQ3RxRnNZR1p0U0pZa1IrOGpqcmtobmg5ODFWRkMzdjRRY1lRUEtC?= =?utf-8?B?OHhtbEhIbXFsWE10d3Q1NmxMUWFyZ01hM2orcm5TS2tRNXdOazVITktCSU55?= =?utf-8?B?eWlGR0RPU2tYZWFITEhUR1ZQdzJsbG10eTJiWFNqQ2h0RkhBR3VhcEVaa1hG?= =?utf-8?B?cmczUzlhaXMyM3V2TTNRb1JrZUtYY3dlQmZ5a0JRSm9seG5XcU44SnVXV0lo?= =?utf-8?B?cE1SK2JTMjFLZDA4NUFpaS9VM2NWdmhvTHlsSWNoTGJqV3k0Y2JtSjA5K0tW?= =?utf-8?B?YittazRSR3dwcThLbHRyZDI4QmtVaUtDNEhpWTNPaTlMN016bTFNZFE1aWla?= =?utf-8?B?aVhOcUM1L2piM2IrQ0FZQXJsM3AyWjQwYzVGYmlsRFRicWgwa1RCWTcybzBH?= =?utf-8?Q?UhMrgxpZ+79wgguURX8DwN7Gc?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: ced1774d-3f67-4fa3-6fcc-08db4655ebba X-MS-Exchange-CrossTenant-AuthSource: VE1PR04MB6560.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Apr 2023 12:58:24.5815 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: O1ZZ10yQjFzMJrIpOLDTc7m0qbiqcAX0l17FMwG5uLPuYVAUczzayjblNM+Tn9c6E2ofvVtGtmv/IM+PxcWXhw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR04MB8799 X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1682513930991100001 Content-Type: text/plain; charset="utf-8" When either feature is available in hardware, but disabled for a guest, the respective insn would better cause #UD if attempted to be used. Signed-off-by: Jan Beulich --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -785,6 +785,30 @@ static void cf_check vmx_cpuid_policy_ch vmx_vmcs_enter(v); vmx_update_exception_bitmap(v); =20 + if ( cp->extd.rdtscp ) + { + v->arch.hvm.vmx.secondary_exec_control |=3D SECONDARY_EXEC_ENABLE_= RDTSCP; + vmx_update_secondary_exec_control(v); + } + else if ( v->arch.hvm.vmx.secondary_exec_control & + SECONDARY_EXEC_ENABLE_RDTSCP ) + { + v->arch.hvm.vmx.secondary_exec_control &=3D ~SECONDARY_EXEC_ENABLE= _RDTSCP; + vmx_update_secondary_exec_control(v); + } + + if ( cp->feat.invpcid ) + { + v->arch.hvm.vmx.secondary_exec_control |=3D SECONDARY_EXEC_ENABLE_= INVPCID; + vmx_update_secondary_exec_control(v); + } + else if ( v->arch.hvm.vmx.secondary_exec_control & + SECONDARY_EXEC_ENABLE_INVPCID ) + { + v->arch.hvm.vmx.secondary_exec_control &=3D ~SECONDARY_EXEC_ENABLE= _INVPCID; + vmx_update_secondary_exec_control(v); + } + /* * We can safely pass MSR_SPEC_CTRL through to the guest, even if STIBP * isn't enumerated in hardware, as SPEC_CTRL_STIBP is ignored.