From nobody Fri Dec 19 15:33:12 2025 Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E5CBF14F9EF for ; Thu, 25 Apr 2024 18:14:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068870; cv=none; b=qSKZQ0Kn0gK1ZHu+fHmZzCZZiW7zl5Tp7vKrosgceFmKrEuOZRTlvZRGlEW6/SzSvfCTh6NhpeXMFORKuiRZ8KnOST6XnIVYnNMF1hyhl+RefgUQp5mRlIHRK93xQwaMlMSq1ffBXADHEkw6H78Ru/UUYzh7lAvjaZ5ecJwfayk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068870; c=relaxed/simple; bh=puiewvMq7VQ3MSCBcWLocV/OvKUjYEGDnK6E7gHhlaY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=UKIdy6o/pcKkPetrfnEFAA9maZ8BgWDqEASBdp88i02+aIu4t5gVDM1p9PDR+ly/ecTZyYht14O2UNBP+RVw0Rg1jdWzQzoPeB2x65Ysm6/NJoF+Nn8IF92EKsxOBkNrXoAZ9/0zSAWwqg7okm6fNQgrPYZnW6FN+ufv/w7NkA4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=PruVeND5; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="PruVeND5" Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-de45c577ca9so3010970276.0 for ; Thu, 25 Apr 2024 11:14:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068868; x=1714673668; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=bwEBzadNGVu08MehwcHFWlb8XgA5vulEsBKMYAk18b4=; b=PruVeND5+AnfyRifT/iGvcEpJmvsSslyPJ8T9is1pNzWo2RndY2vJzjksAvSEAkqu8 PTKD1nWhRYPNLUsCN3+0D7cWn7ojHV5SXBNWLnfvC0ikxPJo9mGdQWHpXG/gp8ceO4ZN r13wgt/hoUd1AVpqFhVsj7DxzfGVXA0fLXzPRrc3vLyzIbF747bAV8AQ7KmqdwlD9fi+ dshyoVOrl0lMj/zJ/INlZsatik69rWlOP9WiGiZKMUXd676PDIscIEEmJIXb+O3sPWRu yac72LsadvWVBjJmSSKcDySy0knL+BmXZrqzW3c/vTqEeQ/esDGwu5RNz4IG335Gt8O6 KKtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068868; x=1714673668; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=bwEBzadNGVu08MehwcHFWlb8XgA5vulEsBKMYAk18b4=; b=GBd9sy1Bk4pPedkjwwucodvDSEqAksYL58MuQ355nqVn4Itz244hCFaLMm3AH1vH3W v67Q4zQmg4k+d9PuGJ1bhi3kT1hWvuYaENHUhVzRAFZTtwtEuE8T37GcLFGIIKaMsjl8 jaX6bBK3XuKnbAxKvD3AITKyeloc82yS/fM90BSXJoR5yJyF/Nr0QrUIPmNLH93iAHdU CW4i0FYH60Ulv7RJtX6I4N+E5Gce8WntJWRK4cb3n8iBAjyW6Tc/To1yVv/dMvAydjGz R6rgVRQgjT95vnC0r2AZ1rWLG2pNnbOVxXIS2GN2qGTuv8RGd9MVGXQYFj2+Q1+vS3Ft gfvw== X-Forwarded-Encrypted: i=1; AJvYcCV98RY/DUxifxtZnijlbQJPuaTku6Eqj/unzgE/bzoG4RXe2C61s5vr/ozmGwj9wmll1iKEyKOkagu2MYjrHqyQIDE0LtZXYvvGb4cb X-Gm-Message-State: AOJu0Yw0R3naazIfKtlqlt9Rv//Xfq3DmogWcfYOWjrVaTKBHfQcGSFV J9M6T7I+oa0ruE/2oUdOLCUX0JYzxVM2iWUYUAFVi2alflC+NJoI0cBkk6Qqn+/I9sxPVlkGQLr 61g== X-Google-Smtp-Source: AGHT+IEdr27nAL6TTBgRfhhpiXP0Na4QEfa+A2U/3wduykWma3sUjuk0A0CXUovCOClCtXc5FotAoWMmAq0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:1b0c:b0:dcc:2267:796e with SMTP id eh12-20020a0569021b0c00b00dcc2267796emr892328ybb.2.1714068868004; Thu, 25 Apr 2024 11:14:28 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:13 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-2-seanjc@google.com> Subject: [PATCH 01/10] KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Inject a #GP if the guest attempts to change MSR_AMD64_DE_CFG from its *current* value, not if the guest attempts to write a value other than KVM's set of supported bits. As per the comment and the changelog of the original code, the intent is to effectively make MSR_AMD64_DE_CFG read- only for the guest. Opportunistically use a more conventional equality check instead of an exclusive-OR check to detect attempts to change bits. Fixes: d1d93fa90f1a ("KVM: SVM: Add MSR-based feature support for serializi= ng LFENCE") Cc: Tom Lendacky Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 0f3b59da0d4a..00f0c0b506d4 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3142,8 +3142,13 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct= msr_data *msr) if (data & ~msr_entry.data) return 1; =20 - /* Don't allow the guest to change a bit, #GP */ - if (!msr->host_initiated && (data ^ msr_entry.data)) + /* + * Don't let the guest change the host-programmed value. The + * MSR is very model specific, i.e. contains multiple bits that + * are completely unknown to KVM, and the one bit known to KVM + * is simply a reflection of hardware capatibilies. + */ + if (!msr->host_initiated && data !=3D svm->msr_decfg) return 1; =20 svm->msr_decfg =3D data; --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 99083152501 for ; Thu, 25 Apr 2024 18:14:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068873; cv=none; b=kh9joTW9T6sxQ8YFRx0aZ0zkgM29ntWxuqIk+Dlik8B9ZzbYNpAW5rGkcmskyaErBfXEcy6NaubptAQHoUdYlLE8UnXuRAkNTDn2bjaVTK0ofjyQ+ekTtDoHCB0pyzY3VJvY46n7dJBlnKSrw+TA5jjiVeOw+wXnMXvsufJ26dA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068873; c=relaxed/simple; bh=GoixATPRkeo59e28tmuFvVP3/afktWu/87EHx44xjSI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=uiGPag8BsU/GJywqcm2jWdfCaA0MRDvjtD3i8Skxgw0ySUbRl6EcS3CGYMQU5Kf3+UJbIuVGc3LCMGvmYL0IJiT2kffNDYeCPfOk8S/BJpuOK4U3hdevf7dDwVx12Ezyp8gS9R8OVnDdhAK/AUb24w3YJWTdjgx95Gb9uRuVz3M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ktMJAweD; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ktMJAweD" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-de45dba157dso2149996276.1 for ; Thu, 25 Apr 2024 11:14:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068870; x=1714673670; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=LVg5nuhrtwhjBtsrJV2CSF5duP9EBWfXc7R02iwvnz8=; b=ktMJAweDPoYc7itWdEeY1kJk/uEageG8Hhg1pzu0wQxgl/lC4ewDnl3E8VfB73j+cc ClobG8/RIEXG3S9Ct5DBNPjyg3I9W4bTvMjdRIIyUjKaEvoe2fic4A0p4DH6XyrIi3RE xB5k4BXuTK45a+VqcmtKvvfa8LbU1a2fMpkikdLHLyxjGJjfUQXxy/5n6yEhj51Cu+m/ M5Ndu2G4J+6a90xPWzEKd6rYm6hXMUibnXG2g1FR2+ZAKLkpYsMcT5+iQUslRlHJc2ce RSESEm/tVtFu2DIIbiRtF0kBnYSAZim/YHNbmvRFzVZYuWvW0phJA9GB3lcJ93D4Kd86 Vd7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068870; x=1714673670; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LVg5nuhrtwhjBtsrJV2CSF5duP9EBWfXc7R02iwvnz8=; b=tRfWVu+nXF86uA6lps7TGZ/C8RDoDyF01TJmIfKd3A4T2l9RfmHijroFjWabpnz0HO rCmstk7qb4UX47MfXTIL28lDp7lgu+WVf7Ctfx7+onguBe9OWxNHgDJ77ftSia/AU5io 5OZJOu8EX6MGQfKoTF2X7rp0SrGiZJfHX8ZFv/PigfFrJ78Ki59bN723vQncQrhdL31E 5TUddKEEf8SvUdqQme2fCap/lam8eFv97xzW7bCCYlbqvAVN4iSHIeCNFSy07uE+ubNF gCgpufp5tHAaBsfAjMNqiv3VrRUlZCvWcnGhYSrkzM3Ravx8cxSE9G518nZkcEXEKOKg GUyw== X-Forwarded-Encrypted: i=1; AJvYcCXTo0uj2S8YRRm2qoes1nT7svNgzJ6PR6P8ZC45JHdHVZDn8uD5UGsk9Td3bVcN/VzW5hwBPDjNQXdFtBgGjYeuaKrRx4KLm3xDeUU7 X-Gm-Message-State: AOJu0YwQLjWaiLrETPKSfaHa1sbUdbOLC9FQ7riBPDzA3oJ9D0zgZj4M YuVQV4nHpTkgNOYM6G0VJNf9ggBwc8ZEOVImq83Ml4v8LfIthI4kKOsKVKNbMevt59c1qYv0hkZ FTg== X-Google-Smtp-Source: AGHT+IHCDwBc2r2TYqXQ9nf1YbD2mdDtQi6u0YYc4zNoU4v65TCevZQxfJIu9R7LSj/K/SiR1nBHzIwYJm4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:110e:b0:dcc:8927:7496 with SMTP id o14-20020a056902110e00b00dcc89277496mr52093ybu.5.1714068869932; Thu, 25 Apr 2024 11:14:29 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:14 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-3-seanjc@google.com> Subject: [PATCH 02/10] KVM: x86: Move MSR_TYPE_{R,W,RW} values from VMX to x86, as enums From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move VMX's MSR_TYPE_{R,W,RW} #defines to x86.h, as enums, so that they can be used by common x86 code, e.g. instead of doing "bool write". Opportunistically tweak the definitions to make it more obvious that the values are bitmasks, not arbitrary ascending values. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.h | 4 ---- arch/x86/kvm/x86.h | 6 ++++++ 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 90f9e4434646..243d2ab8f325 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -17,10 +17,6 @@ #include "run_flags.h" #include "../mmu.h" =20 -#define MSR_TYPE_R 1 -#define MSR_TYPE_W 2 -#define MSR_TYPE_RW 3 - #define X2APIC_MSR(r) (APIC_BASE_MSR + ((r) >> 4)) =20 #ifdef CONFIG_X86_64 diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index d80a4c6b5a38..a03829e9c6ac 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -497,6 +497,12 @@ int kvm_handle_memory_failure(struct kvm_vcpu *vcpu, i= nt r, int kvm_handle_invpcid(struct kvm_vcpu *vcpu, unsigned long type, gva_t gv= a); bool kvm_msr_allowed(struct kvm_vcpu *vcpu, u32 index, u32 type); =20 +enum kvm_msr_access { + MSR_TYPE_R =3D BIT(0), + MSR_TYPE_W =3D BIT(1), + MSR_TYPE_RW =3D MSR_TYPE_R | MSR_TYPE_W, +}; + /* * Internal error codes that are used to indicate that MSR emulation encou= ntered * an error that should result in #GP in the guest, unless userspace --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DAA3B152534 for ; Thu, 25 Apr 2024 18:14:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068875; cv=none; b=hvGW6bREZpsvI7KUOdB9lQLfpzcK1OpJeaJLxi4cCwT3jhAb50yr1x4+b4XmRGnEM+NIVtN26lZuFfYDwGitksdOuiHwgZ4KqdMTi50bLdDfd+5/MbVVzOxYjY1l7tUQpkFZBW2NFoY+1R3BX7GpZyU43RWYX8+QSjfYiQX6/jw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068875; c=relaxed/simple; bh=bdfjYgs716k1uC57XY7KT8AtVilTUrCEJVDOzBHxwqA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=q2jTQbveIfNlq3i9jt1ZPhYe5NVbV3WGcfbezMedBhBzzWrcwpXWN6DNlUs52xR3TjsPnk9wHmVG85lTCDjilPz6ppiMge5615zZBEPwZW4e7qZ6qp/ueDgjHb3mvZAhObNu2iKsdqEzBa+R1PSTqeALCh+VOy/UMVa9dR+k9O8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=vBM6aTcn; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="vBM6aTcn" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-de0b4063e59so1116840276.3 for ; Thu, 25 Apr 2024 11:14:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068872; x=1714673672; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=OjCdRp9zkD3arq1XZ7abaeTHNnTRhOgDmoPo22LWgTM=; b=vBM6aTcn0cp9LR8aq330B1adP7JVCqXuZepHx/Wm/1kc/GiyLB8iRJkUFm7/l8LAXh r4DzaM+7J4xKCjRsvuwM9/T4BfGyk9OcFTvzjoSKVH5jKPDMx7fc0a5KovrQBa1pirLH JMH4A7hwUOMEC5gwizVcTGBN8twl3AWHUjUKzSVWZ9AY71efpguWA5iz9txnDFCaEQpL +rzYYwZUiARQL45zQ1XlXcqy84hfAixZxkzM9oNlkgsDSmwwyzEVQ25AVKILbdEQm348 +2YekEfm4xgEsu/2jKBZWiUuPDCJNKiHBOJv1S5pYa6IyE8YGJ+oJM10CTCyqLhK61iz Xpvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068872; x=1714673672; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OjCdRp9zkD3arq1XZ7abaeTHNnTRhOgDmoPo22LWgTM=; b=uFX+DMNIgu1Lh/HTh2QMMM6208WzhPH8A3X/C/bMtGPH7C581T8JJz//ICCgES/ZNW P6FgqUUsvco2RK5yH+hcoR6FNPhzlyZeue5hsJZePfMFd7e2kP16ROT7VSdGWO3bbqll gMpY86I04VDkN6sSYR5aMah51je8UVwU86JaWC+b5g0ZNX71wLYhCdyzW0ItD71pepoL 56L490jBdU7tabOUzdFM5UuOSAuozl8JHq0Qq0Kmuz2kEUvIxLcc2qFDMe0+F118vvRO 9TuWcJnArdmxIqLpOX1C1OmQxP+7FQ/fJGNcHt17eyJ7MshJMV+d2jNxGC+0d4DGdLLc 1B5A== X-Forwarded-Encrypted: i=1; AJvYcCX1H1ZLaXv9BQZ8AorGSy7qTc9ybDO0v49EgxXQF7lhrrKFkElbK9dyX7j3u60ZAdyR6ZqwQCiotXk6jzE//RIIwmJhGWFCHyWjArdS X-Gm-Message-State: AOJu0Yyh8dvAOkgYLLZyCS7X7Plsls1tM8UKcJY+Fr35wUATpcUOkk2N pPrUBYj6eyjCU2guHB8xCZLiZ2VRRgnwnQ4KmwpLBpu2LLOQhxsPuzWJpPD6UXLxyIsd5ltJRx4 uoA== X-Google-Smtp-Source: AGHT+IH5cTJqQnUYTxkvi9tU0uXTyJy7rXI5hE74upFYWxYI5XkmyoXp4+CkOaVX5KDJzYcFg4u1nyGwWmQ= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:150d:b0:dda:ce5f:b4c3 with SMTP id q13-20020a056902150d00b00ddace5fb4c3mr125683ybu.1.1714068871887; Thu, 25 Apr 2024 11:14:31 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:15 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-4-seanjc@google.com> Subject: [PATCH 03/10] KVM: x86: Rename KVM_MSR_RET_INVALID to KVM_MSR_RET_UNSUPPORTED From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rename the "INVALID" internal MSR error return code to "UNSUPPORTED" to try and make it more clear that access was denied because the MSR itself is unsupported/unknown. "INVALID" is too ambiguous, as it could just as easily mean the value for WRMSR as invalid. Avoid UNKNOWN and UNIMPLEMENTED, as the error code is used for MSRs that _are_ actually implemented by KVM, e.g. if the MSR is unsupported because an associated feature flag is not present in guest CPUID. Opportunistically beef up the comments for the internal MSR error codes. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/kvm/x86.c | 12 ++++++------ arch/x86/kvm/x86.h | 15 +++++++++++---- 4 files changed, 19 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 00f0c0b506d4..6e518edbd2aa 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2806,7 +2806,7 @@ static int svm_get_msr_feature(struct kvm_msr_entry *= msr) msr->data |=3D MSR_AMD64_DE_CFG_LFENCE_SERIALIZE; break; default: - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } =20 return 0; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f10b5f8f364b..0ad2e7545de3 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1963,7 +1963,7 @@ int vmx_get_msr_feature(struct kvm_msr_entry *msr) return 1; return vmx_get_vmx_msr(&vmcs_config.nested, msr->index, &msr->data); default: - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } } =20 diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index e9ef1fa4b90b..2b07f0f11aeb 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1710,7 +1710,7 @@ static int do_get_msr_feature(struct kvm_vcpu *vcpu, = unsigned index, u64 *data) msr.index =3D index; r =3D kvm_get_msr_feature(&msr); =20 - if (r =3D=3D KVM_MSR_RET_INVALID && kvm_msr_ignored_check(index, 0, false= )) + if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) r =3D 0; =20 *data =3D msr.data; @@ -1907,7 +1907,7 @@ static int kvm_set_msr_ignored_check(struct kvm_vcpu = *vcpu, { int ret =3D __kvm_set_msr(vcpu, index, data, host_initiated); =20 - if (ret =3D=3D KVM_MSR_RET_INVALID) + if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) if (kvm_msr_ignored_check(index, data, true)) ret =3D 0; =20 @@ -1952,7 +1952,7 @@ static int kvm_get_msr_ignored_check(struct kvm_vcpu = *vcpu, { int ret =3D __kvm_get_msr(vcpu, index, data, host_initiated); =20 - if (ret =3D=3D KVM_MSR_RET_INVALID) { + if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) { /* Unconditionally clear *data for simplicity */ *data =3D 0; if (kvm_msr_ignored_check(index, 0, false)) @@ -2021,7 +2021,7 @@ static int complete_fast_rdmsr(struct kvm_vcpu *vcpu) static u64 kvm_msr_reason(int r) { switch (r) { - case KVM_MSR_RET_INVALID: + case KVM_MSR_RET_UNSUPPORTED: return KVM_MSR_EXIT_REASON_UNKNOWN; case KVM_MSR_RET_FILTERED: return KVM_MSR_EXIT_REASON_FILTER; @@ -4172,7 +4172,7 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) kvm_is_msr_to_save(msr)) break; =20 - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } return 0; } @@ -4533,7 +4533,7 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) break; } =20 - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } return 0; } diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index a03829e9c6ac..ba54028af2df 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -505,11 +505,18 @@ enum kvm_msr_access { =20 /* * Internal error codes that are used to indicate that MSR emulation encou= ntered - * an error that should result in #GP in the guest, unless userspace - * handles it. + * an error that should result in #GP in the guest, unless userspace handl= es it. + * Note, '1', '0', and negative numbers are off limits, as they are used b= y KVM + * as part of KVM's lightly documented internal KVM_RUN return codes. + * + * UNSUPPORTED - The MSR isn't supported, either because it is completely + * unknown to KVM, or because the MSR should not exist according + * to the vCPU model. + * + * FILTERED - Access to the MSR is denied by a userspace MSR filter. */ -#define KVM_MSR_RET_INVALID 2 /* in-kernel MSR emulation #GP condition */ -#define KVM_MSR_RET_FILTERED 3 /* #GP due to userspace MSR filter */ +#define KVM_MSR_RET_UNSUPPORTED 2 +#define KVM_MSR_RET_FILTERED 3 =20 #define __cr4_reserved_bits(__cpu_has, __c) \ ({ \ --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A081C1534E1 for ; Thu, 25 Apr 2024 18:14:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068876; cv=none; b=cCOHV37mS5PKatweBvyJgTLMQUVfg+xPIk/Xd+fPUMrzcStIQLuADMsnDB9HiC0AOaZrAEuUV7hPcL/urbIFK415CFRwGtPx0+YQfkrXnYPC5nnsiDuYeyJ0MwEko0ezAscJZSHO9Lrd2Yr87FeqkbtI2EzkW3vxIrp2Z4zdZjI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068876; c=relaxed/simple; bh=DB6Jd2NjWz9pOSph2qkilj87Mzk/nYMpk36QDZDFgt8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=eP1Z1VXXzU4MLIT3WG4i8Sa+a5eqgctM0n0gCVyE5NFcOgtzLnGLXYxE4M7O0rfoHthZ6FBlbuElO20TG5/ZtnmEkLXSNR69FdLX4M/HKYpVvH85L1IUXGQ59qncOBK1nvijhnldyRf+7GiMkQ+8PNADPMs3lSdWH8nUNp2nIAk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=QVTCfVvG; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="QVTCfVvG" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2a4b48d7a19so1215822a91.1 for ; Thu, 25 Apr 2024 11:14:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068874; x=1714673674; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=TM/ux6sNDcuTFLWtKCdREtCzy9peSbD7s84cr1LzYAg=; b=QVTCfVvGwZ8lMlHnUHs3kA0JQpUXrpX6OOS3v9QiNZEIugTrAFpVfNXEncIbwxWR8b uLTmNIcNwpKwKfghe7+EU+TVOJCgJR0nK3r2n2+hAKxMZB4vrTEN56/W0UCfNe7UguZF 9Ku046w1bWWCV6IjbNF4rOvsVR0ALe79pd2dv46+lhy877s+5XR/Aob9xrUpCWJtrtwo km1ckHhx+lJf/i27QCwQex8ERMNjQW+48DwMY75mUTAQmhgfLMaKBMKOr4bEFKkyC27t Y6cIZQ4Jb2XB4KvPnwPZm7PPSGm8jWd56fHeKpGhi0S5MKMDv+c+27Pz8hChl7jZumTA emmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068874; x=1714673674; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TM/ux6sNDcuTFLWtKCdREtCzy9peSbD7s84cr1LzYAg=; b=oIRbdZqiUWrq0iSUqbTMdw8MCX8bw+zaaBPDQYX6TmRYFIMpHffLWk52Pni/YRFKzH L2ngkXut4jUOMsiDWVDdrMo1A79Zt8EjoWaJEHd1rgb65c/F89p8n6hsdungq5WcFdi/ H1xOO0vsnrYHjBWk3q7kkqnIKNbMAXFQCsnV9YYo0TCe9vQIrg75dv2tlhNcUem3DgPM 4/C5I55wZSHtaeUChJiNBv3eJcNTz4A2+AL5Cel3pCigKWE26kNoeKZ0ratR4o5GwLGd AK/HwxW+MeT5yQgjvOkaihqTTDl1EudIUSyKQ0GX72LqeU7Gr5FDOC0YKXtwdH24QhHp InPw== X-Forwarded-Encrypted: i=1; AJvYcCU9C3TSL2+EOb+S7tET9ImIur3ntA3Iifzwg845MCxDV6sAR2TV4fu8BC/Wj9h2fUTBj6O/CtaLYapq3XFWTcrmnTvGCQkoLGtmBwOS X-Gm-Message-State: AOJu0YyWqv2BebZRDu13QdYQ4rwOCJlVIsh1kAF8lSfymi5OhpY27YzG 0hfO/qaP9GFCXyXli/8FQlBLU70zXiFow4PdjaPWX3WYBB0WR4IhT8UqWtfM2cHw+w0x2GQP2mZ ung== X-Google-Smtp-Source: AGHT+IFjcGcs2XNvvQqSdiEyKjpfUTGo9LUj5jTc0SVxdhv4fkQg8q3VSLriRIuKTK/itzvw9AvHu7Z+2D8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:68c2:b0:2a2:bcae:83c1 with SMTP id q2-20020a17090a68c200b002a2bcae83c1mr46654pjj.3.1714068873926; Thu, 25 Apr 2024 11:14:33 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:16 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-5-seanjc@google.com> Subject: [PATCH 04/10] KVM: x86: Refactor kvm_x86_ops.get_msr_feature() to avoid kvm_msr_entry From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Refactor get_msr_feature() to take the index and data pointer as distinct parameters in anticipation of eliminating "struct kvm_msr_entry" usage further up the primary callchain. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/svm/svm.c | 16 +++++++--------- arch/x86/kvm/vmx/vmx.c | 6 +++--- arch/x86/kvm/vmx/x86_ops.h | 2 +- arch/x86/kvm/x86.c | 2 +- 5 files changed, 13 insertions(+), 15 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 1d13e3cd1dc5..7d56e5a52ae3 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1785,7 +1785,7 @@ struct kvm_x86_ops { int (*vm_move_enc_context_from)(struct kvm *kvm, unsigned int source_fd); void (*guest_memory_reclaimed)(struct kvm *kvm); =20 - int (*get_msr_feature)(struct kvm_msr_entry *entry); + int (*get_msr_feature)(u32 msr, u64 *data); =20 int (*check_emulate_instruction)(struct kvm_vcpu *vcpu, int emul_type, void *insn, int insn_len); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 6e518edbd2aa..15422b7d9149 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2796,14 +2796,14 @@ static int efer_trap(struct kvm_vcpu *vcpu) return kvm_complete_insn_gp(vcpu, ret); } =20 -static int svm_get_msr_feature(struct kvm_msr_entry *msr) +static int svm_get_msr_feature(u32 msr, u64 *data) { - msr->data =3D 0; + *data =3D 0; =20 - switch (msr->index) { + switch (msr) { case MSR_AMD64_DE_CFG: if (cpu_feature_enabled(X86_FEATURE_LFENCE_RDTSC)) - msr->data |=3D MSR_AMD64_DE_CFG_LFENCE_SERIALIZE; + *data |=3D MSR_AMD64_DE_CFG_LFENCE_SERIALIZE; break; default: return KVM_MSR_RET_UNSUPPORTED; @@ -3132,14 +3132,12 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struc= t msr_data *msr) kvm_pr_unimpl_wrmsr(vcpu, ecx, data); break; case MSR_AMD64_DE_CFG: { - struct kvm_msr_entry msr_entry; + u64 supported_de_cfg; =20 - msr_entry.index =3D msr->index; - if (svm_get_msr_feature(&msr_entry)) + if (svm_get_msr_feature(ecx, &supported_de_cfg)) return 1; =20 - /* Check the supported bits */ - if (data & ~msr_entry.data) + if (data & ~supported_de_cfg) return 1; =20 /* diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 0ad2e7545de3..25b0a838abd6 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1955,13 +1955,13 @@ static inline bool is_vmx_feature_control_msr_valid= (struct vcpu_vmx *vmx, return !(msr->data & ~valid_bits); } =20 -int vmx_get_msr_feature(struct kvm_msr_entry *msr) +int vmx_get_msr_feature(u32 msr, u64 *data) { - switch (msr->index) { + switch (msr) { case KVM_FIRST_EMULATED_VMX_MSR ... KVM_LAST_EMULATED_VMX_MSR: if (!nested) return 1; - return vmx_get_vmx_msr(&vmcs_config.nested, msr->index, &msr->data); + return vmx_get_vmx_msr(&vmcs_config.nested, msr, data); default: return KVM_MSR_RET_UNSUPPORTED; } diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 502704596c83..504d56d6837d 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -58,7 +58,7 @@ bool vmx_has_emulated_msr(struct kvm *kvm, u32 index); void vmx_msr_filter_changed(struct kvm_vcpu *vcpu); void vmx_prepare_switch_to_guest(struct kvm_vcpu *vcpu); void vmx_update_exception_bitmap(struct kvm_vcpu *vcpu); -int vmx_get_msr_feature(struct kvm_msr_entry *msr); +int vmx_get_msr_feature(u32 msr, u64 *data); int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info); u64 vmx_get_segment_base(struct kvm_vcpu *vcpu, int seg); void vmx_get_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int s= eg); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2b07f0f11aeb..03e50812ab33 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1695,7 +1695,7 @@ static int kvm_get_msr_feature(struct kvm_msr_entry *= msr) rdmsrl_safe(msr->index, &msr->data); break; default: - return static_call(kvm_x86_get_msr_feature)(msr); + return static_call(kvm_x86_get_msr_feature)(msr->index, &msr->data); } return 0; } --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2EE091552F9 for ; Thu, 25 Apr 2024 18:14:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068880; cv=none; b=mcWVYWd+a47n3uWNTe8CAR4wsCSh44EERcegYE5Gcw4ruGSBjAqGJUZ8QVT396RaavzqQxoTZcDFDNy6rriOQh3CVDw0WPwGFGSPXoArcKwLfKX6pE/ERVuyMSzwV6t6Vpa2ZktdcGTfbYmrbIHgwA6SiNaMb3Lc2rmG2kKecKQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068880; c=relaxed/simple; bh=StvXIkZ3US0m9kMQ9Q9JfdVme37W4KFKyCQZH7rfLnI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ZuSLeg7IKMGqtWMiC1v0Kjd9tyt8o8oY2VHpkEmfXjFDRdiQDX00bLV/Ib21/WlfE/k52nB3yXrqy8kiLxsa9PmHmcXN2R3fYqxo828hBy3IPFAZ6w5hjHmRfYokhRD3A5O3inDrQtBU6vDXiRQB8LRnXeeL5VEV91GueqxV0FY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=tR1pcMVR; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="tR1pcMVR" Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-61b330409b7so24739497b3.0 for ; Thu, 25 Apr 2024 11:14:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068877; x=1714673677; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=tixZAupWcHJk0+Ih8AFgTTyczfrfxCg1OkitEmBkTm8=; b=tR1pcMVRF5RQPt7Ok2wl3Q6jnpVwa+q60tszFQtjusRR3CYs2XCvWZHb+1Qvrg8LAg USJii9a1H5/xFdrXeWM4G00bo81iRu7sVtngls9TnjUBMeXu/xKvwSs1mAPIUfyqWP+1 89GLveFtKmVJ2DvKzfZNiBSlVpP5T1d6H4/GTJW4eDgJzDO98Ern4fQkIwElLItZzbIS 5RtweVpkkc8QC1UIdLCMR0IKKgU+jmNYk/kov5GRT+Zyrg0jtGPiXCQL4gUS0Jedkb/6 p1LHRusLsdGc5IQGO7rnBq1uK7fdiNn3V21b5Pym+YJtQ8319+bz3Thxx7B7KDaAWBPv Z3dw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068877; x=1714673677; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=tixZAupWcHJk0+Ih8AFgTTyczfrfxCg1OkitEmBkTm8=; b=sttj3EsLOk8Kl93YknIMbKZ/rWstKxakBI2y/Pjt8/Wt9ewC1O0Z1xOQ44OHwQz0Y1 se18+lTGN2YjS5cL4Vfep28E3SSpPa0NE+daY6WNA78GWuzU+3IgLveKNXouJovH7nGU aYGxI+AmqaPQBL1J4OcktKWKyecsLV541dSiPM5sHwkr84VEV+KwPT6HyQH2bmRyh8YS g1WSR1jtaDJ70e8n60S2+6LWvdDPMpbpfwxVHXIUvm6cSRsHXm1a4P0tUIFghkHFsmbl CeEx9tZCJeFznZlT5bfbOB3B8WOE7sR/rMHYXgq5HzqPtzniEpZeJi8cH0Y+0GKJ0nLd RBVw== X-Forwarded-Encrypted: i=1; AJvYcCVCNp4AlSPpmb91ncMGSFixhaBPTzA/cMMo4JnIWN3h7GGtqQgR/sbPB4SIUwBMeiquPBGf0vLOUUhrcI9qZRQ8fVGYa3qqf3PpoUj1 X-Gm-Message-State: AOJu0YzdgwXCj2Qhdr8ET2kof9bSb6PVep4vUxTZ/CiOHz8ely/DTdD2 vuZbLqACGnL1zP2SOelaDP1Xh5NKa7z6qaafDrw7dIVBNwIPUjOY+CfzucQEnw4OdUBHs95eaHq oIw== X-Google-Smtp-Source: AGHT+IGitSnpLRruha2mGLEVNnW3UwIoXpPe8MsEM+FZOOpjpgq9++sJJlL2SPUFErP7kldSMaVP1xeihoE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a0d:cacc:0:b0:615:130a:2503 with SMTP id m195-20020a0dcacc000000b00615130a2503mr50202ywd.8.1714068877189; Thu, 25 Apr 2024 11:14:37 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:17 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-6-seanjc@google.com> Subject: [PATCH 05/10] KVM: x86: Rename get_msr_feature() APIs to get_feature_msr() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rename all APIs related to feature MSRs from get_feature_msr() to get_feature_msr(). The APIs get "feature MSRs", not "MSR features". And unlike kvm_{g,s}et_msr_common(), the "feature" adjective doesn't describe the helper itself. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm-x86-ops.h | 2 +- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/svm/svm.c | 6 +++--- arch/x86/kvm/vmx/main.c | 2 +- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/kvm/vmx/x86_ops.h | 2 +- arch/x86/kvm/x86.c | 12 ++++++------ 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index 5187fcf4b610..9f25b4a49d6b 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -128,7 +128,7 @@ KVM_X86_OP_OPTIONAL(mem_enc_unregister_region) KVM_X86_OP_OPTIONAL(vm_copy_enc_context_from) KVM_X86_OP_OPTIONAL(vm_move_enc_context_from) KVM_X86_OP_OPTIONAL(guest_memory_reclaimed) -KVM_X86_OP(get_msr_feature) +KVM_X86_OP(get_feature_msr) KVM_X86_OP(check_emulate_instruction) KVM_X86_OP(apic_init_signal_blocked) KVM_X86_OP_OPTIONAL(enable_l2_tlb_flush) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 7d56e5a52ae3..cc04ab0c234e 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1785,7 +1785,7 @@ struct kvm_x86_ops { int (*vm_move_enc_context_from)(struct kvm *kvm, unsigned int source_fd); void (*guest_memory_reclaimed)(struct kvm *kvm); =20 - int (*get_msr_feature)(u32 msr, u64 *data); + int (*get_feature_msr)(u32 msr, u64 *data); =20 int (*check_emulate_instruction)(struct kvm_vcpu *vcpu, int emul_type, void *insn, int insn_len); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 15422b7d9149..d95cd230540d 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2796,7 +2796,7 @@ static int efer_trap(struct kvm_vcpu *vcpu) return kvm_complete_insn_gp(vcpu, ret); } =20 -static int svm_get_msr_feature(u32 msr, u64 *data) +static int svm_get_feature_msr(u32 msr, u64 *data) { *data =3D 0; =20 @@ -3134,7 +3134,7 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr) case MSR_AMD64_DE_CFG: { u64 supported_de_cfg; =20 - if (svm_get_msr_feature(ecx, &supported_de_cfg)) + if (svm_get_feature_msr(ecx, &supported_de_cfg)) return 1; =20 if (data & ~supported_de_cfg) @@ -4944,7 +4944,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .vcpu_unblocking =3D avic_vcpu_unblocking, =20 .update_exception_bitmap =3D svm_update_exception_bitmap, - .get_msr_feature =3D svm_get_msr_feature, + .get_feature_msr =3D svm_get_feature_msr, .get_msr =3D svm_get_msr, .set_msr =3D svm_set_msr, .get_segment_base =3D svm_get_segment_base, diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 7c546ad3e4c9..c670f4cf6d94 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -40,7 +40,7 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .vcpu_put =3D vmx_vcpu_put, =20 .update_exception_bitmap =3D vmx_update_exception_bitmap, - .get_msr_feature =3D vmx_get_msr_feature, + .get_feature_msr =3D vmx_get_feature_msr, .get_msr =3D vmx_get_msr, .set_msr =3D vmx_set_msr, .get_segment_base =3D vmx_get_segment_base, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 25b0a838abd6..fe2bf8f31d7c 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1955,7 +1955,7 @@ static inline bool is_vmx_feature_control_msr_valid(s= truct vcpu_vmx *vmx, return !(msr->data & ~valid_bits); } =20 -int vmx_get_msr_feature(u32 msr, u64 *data) +int vmx_get_feature_msr(u32 msr, u64 *data) { switch (msr) { case KVM_FIRST_EMULATED_VMX_MSR ... KVM_LAST_EMULATED_VMX_MSR: diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 504d56d6837d..4b81c85e9357 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -58,7 +58,7 @@ bool vmx_has_emulated_msr(struct kvm *kvm, u32 index); void vmx_msr_filter_changed(struct kvm_vcpu *vcpu); void vmx_prepare_switch_to_guest(struct kvm_vcpu *vcpu); void vmx_update_exception_bitmap(struct kvm_vcpu *vcpu); -int vmx_get_msr_feature(u32 msr, u64 *data); +int vmx_get_feature_msr(u32 msr, u64 *data); int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info); u64 vmx_get_segment_base(struct kvm_vcpu *vcpu, int seg); void vmx_get_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int s= eg); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 03e50812ab33..8f58181f2b6d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1682,7 +1682,7 @@ static u64 kvm_get_arch_capabilities(void) return data; } =20 -static int kvm_get_msr_feature(struct kvm_msr_entry *msr) +static int kvm_get_feature_msr(struct kvm_msr_entry *msr) { switch (msr->index) { case MSR_IA32_ARCH_CAPABILITIES: @@ -1695,12 +1695,12 @@ static int kvm_get_msr_feature(struct kvm_msr_entry= *msr) rdmsrl_safe(msr->index, &msr->data); break; default: - return static_call(kvm_x86_get_msr_feature)(msr->index, &msr->data); + return static_call(kvm_x86_get_feature_msr)(msr->index, &msr->data); } return 0; } =20 -static int do_get_msr_feature(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) +static int do_get_feature_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) { struct kvm_msr_entry msr; int r; @@ -1708,7 +1708,7 @@ static int do_get_msr_feature(struct kvm_vcpu *vcpu, = unsigned index, u64 *data) /* Unconditionally clear the output for simplicity */ msr.data =3D 0; msr.index =3D index; - r =3D kvm_get_msr_feature(&msr); + r =3D kvm_get_feature_msr(&msr); =20 if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) r =3D 0; @@ -4962,7 +4962,7 @@ long kvm_arch_dev_ioctl(struct file *filp, break; } case KVM_GET_MSRS: - r =3D msr_io(NULL, argp, do_get_msr_feature, 1); + r =3D msr_io(NULL, argp, do_get_feature_msr, 1); break; #ifdef CONFIG_KVM_HYPERV case KVM_GET_SUPPORTED_HV_CPUID: @@ -7367,7 +7367,7 @@ static void kvm_probe_feature_msr(u32 msr_index) .index =3D msr_index, }; =20 - if (kvm_get_msr_feature(&msr)) + if (kvm_get_feature_msr(&msr)) return; =20 msr_based_features[num_msr_based_features++] =3D msr_index; --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D6D681553A7 for ; Thu, 25 Apr 2024 18:14:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068881; cv=none; b=SN3E2M7wZ1sIOlylGNp9E90UCW0iTe/t72dLaeGF09KERg0nvaOoXEW1A9IOWyiANskev89yctl/Bps8xL1pc+JDw5UsxONYQXofIU3uQVfbskjBTMHTNsrqwjqu3YTU6tHxAw3NQ57yMOc5oQpxHjN3kftIsQe4JLzEXqBAauE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068881; c=relaxed/simple; bh=f3EI68Y4u3S5p2Gr6qnqBE5dIZOO6y93604kqUrylvg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=On9jRuYb9WM02NTX/653VMKoYzpw54UkSvnF3vY8BfOk/08ixRjjQZlijahSEz1VADd3fZXAFL1cv7cvz6wCsTCu27mgNkZQbPe7E9RLwQs6/vuV8bAx+cEfeZNfTb/ab/7u7f5UKQiz8BAYONbLOPGZODzv5FN+G5pmGJ5VHRk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=FvS8+0Sm; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="FvS8+0Sm" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-6ed4203cafdso1102125b3a.0 for ; Thu, 25 Apr 2024 11:14:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068879; x=1714673679; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=1pE+NlQrWikaS0Ef4GTiz1FqV5zA81OBkfDPnBRhty0=; b=FvS8+0SmoLYzwsiGeENR0v0AArYVwWiqBWkMK8PMwRnH7rX8VbsplGvOKOJREIgFk0 vGeKSK1Sey++VdAic0zhC2nqRx0aO0mTNZmn6SyRwhamGrV9ZAG56w14HK+Fug3YHNAt trpoJC5QeAHJRS9077CXUyo3SySFh9QBy3ZEpTNG4zTA9N/AkLKhTQggQFwjhSQsGDQ5 3p0TZLWstppPLGcDBUsRBQ8sIystqvKGx1vJK+pwkRG+ELAcTMc1QB8KS6myqcJmgO/r jLXz0+Q0ceqnLESCxSEPw//oXlVXqwn77PNarj8N6nCDqW/MT7EnIi0t7wq+sS0j9B6g sSQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068879; x=1714673679; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1pE+NlQrWikaS0Ef4GTiz1FqV5zA81OBkfDPnBRhty0=; b=AKa/BCHPwP9jgUaSoYcDezFSklMZbppcrkkWcpZowtTIRi9ueQO9zjQOhZ5h6Q/jQl pvtgmwUfP0W0bPj2aZ0RpmMktHqDfv8IMfmxCkLBhVoZFgLyZaPLI20vxyC+BQq4YkAQ hHB/aogklJLVPGNsqB5qxQeM0Ft5qT0rW01pBqVEGqSGZZns00IuC9v9W/ZlrDOcJ4nx y/q5w+fUNFAK+f/R7UxDWyZlUtYBWCAntExveH+MZsShZiUkbgkyDkFSpZLHYgHtCZo1 H7Akn90UiueZCONjSp+H7WfiT4pUCT+ncpcsMCmSsWZyqRm0Q/lDdFjQtVQW6mq/ueFy MeTQ== X-Forwarded-Encrypted: i=1; AJvYcCWzMaBSV2ZAdMX+gIzl9+v+Zgt0t2BPzKs8v/pp22IxnovZ+dKJ7wen8lssdIS5cuavczvRmszFphnBxLZUzTu7Wtbppep+B7VOZc0r X-Gm-Message-State: AOJu0YzLoLvK4QFVqAPPEazuyslqW1pFt76jp3IdQHSV5ZOxOTSgnOYi cMW9J5wDWrgDH5kK/rycjMqPOsrY3BtuByDqh9JBdz8/cAq/u773pqYCalmKhljazxS/2YSYgW7 0Kw== X-Google-Smtp-Source: AGHT+IG2E3aEmJmlQoT8edNXPRMopCObRwvdkiWT36JpsssrfVhnOfWDGtvwVqtEA/RucxPkw7Wb3EbhZ7c= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:3994:b0:6ea:d61b:ec8d with SMTP id fi20-20020a056a00399400b006ead61bec8dmr46363pfb.5.1714068879185; Thu, 25 Apr 2024 11:14:39 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:18 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-7-seanjc@google.com> Subject: [PATCH 06/10] KVM: x86: Refactor kvm_get_feature_msr() to avoid struct kvm_msr_entry From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Refactor kvm_get_feature_msr() to take the components of kvm_msr_entry as separate parameters, along with a vCPU pointer, i.e. to give it the same prototype as kvm_{g,s}et_msr_ignored_check(). This will allow using a common inner helper for handling accesses to "regular" and feature MSRs. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 8f58181f2b6d..c0727df18e92 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1682,39 +1682,38 @@ static u64 kvm_get_arch_capabilities(void) return data; } =20 -static int kvm_get_feature_msr(struct kvm_msr_entry *msr) +static int kvm_get_feature_msr(struct kvm_vcpu *vcpu, u32 index, u64 *data, + bool host_initiated) { - switch (msr->index) { + WARN_ON_ONCE(!host_initiated); + + switch (index) { case MSR_IA32_ARCH_CAPABILITIES: - msr->data =3D kvm_get_arch_capabilities(); + *data =3D kvm_get_arch_capabilities(); break; case MSR_IA32_PERF_CAPABILITIES: - msr->data =3D kvm_caps.supported_perf_cap; + *data =3D kvm_caps.supported_perf_cap; break; case MSR_IA32_UCODE_REV: - rdmsrl_safe(msr->index, &msr->data); + rdmsrl_safe(index, data); break; default: - return static_call(kvm_x86_get_feature_msr)(msr->index, &msr->data); + return static_call(kvm_x86_get_feature_msr)(index, data); } return 0; } =20 static int do_get_feature_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) { - struct kvm_msr_entry msr; int r; =20 /* Unconditionally clear the output for simplicity */ - msr.data =3D 0; - msr.index =3D index; - r =3D kvm_get_feature_msr(&msr); + *data =3D 0; + r =3D kvm_get_feature_msr(vcpu, index, data, true); =20 if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) r =3D 0; =20 - *data =3D msr.data; - return r; } =20 @@ -7363,11 +7362,9 @@ int kvm_arch_vm_ioctl(struct file *filp, unsigned in= t ioctl, unsigned long arg) =20 static void kvm_probe_feature_msr(u32 msr_index) { - struct kvm_msr_entry msr =3D { - .index =3D msr_index, - }; + u64 data; =20 - if (kvm_get_feature_msr(&msr)) + if (kvm_get_feature_msr(NULL, msr_index, &data, true)) return; =20 msr_based_features[num_msr_based_features++] =3D msr_index; --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1B03D15574E for ; Thu, 25 Apr 2024 18:14:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068883; cv=none; b=EyGlvj4sOx6rpNGtWPVR3CemY8Aym1SetLrL3T1AbAVk85ybFj/ADTD3KuA5M5vcSWyp+jTiMAhBsIVfdWeq44ieBF6RybruDKoNFtDHwnBtwwILbr83VnljkL1cMAJTPbUXFL83Db+b64edl4anzqgz+BCGK/AkWqMaJQbn3F4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068883; c=relaxed/simple; bh=XQbuCE10iEXL6Hj41mbGLp/9CQA2+KEDclppIVQzUqI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=NwUq0nzgNvkEsSr9+OKWun8VW+7Vgtj2HI5HFAV9Tv+EAS+oKYq6MyuFHu2ueTjbVwDhHtZuZntCiNw2g4A5W/SShi0rbQe3kJCnldQSmgdmQAP6pgaENYL3sWKIc5oxR2GzVum3GQgUKupacKol9xy1YuDyy+3IyoTHvBacSPw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=eDAfGkxY; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="eDAfGkxY" Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-de59e612376so838968276.3 for ; Thu, 25 Apr 2024 11:14:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068881; x=1714673681; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=iXAD1gTtiwO6R5kc5FsGGbiVN1kl1k4gITxMp5dXiKA=; b=eDAfGkxYy589HlReu2v+v08ULFTE4L3nA7ftceBq/ImSOM76BJzAUpdvc1MNml4n7w V/mi9B06kW/rRx0U9zQJw7izsrek0FlhNT2mPLWxCe0roEjOiPveIaT1X5bm4PpcDDap m4K7SrI1pbjfjrlM8H9JnCQ9tfBlR5kb1FFlElcUDZhoMxOsZtVQVc5tugIdjzBEbmc4 UEs6VV3FQs4eyv+hPNcBAVueCp9k6pjnULvxl8CeGu0dCVAIbSQDBMi94tvfrY0VgizL Sig8zYO4L8sYK9HnTLmhrTPgPVwAdYrE+8CiJU6M3ZKy//JWnIkJ0ZVcaXny+BlaYYVP NwfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068881; x=1714673681; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=iXAD1gTtiwO6R5kc5FsGGbiVN1kl1k4gITxMp5dXiKA=; b=nAzIAHNXIRvahFoW4pu94UHAQij8Clsbq8kDPgNbNAzhdHErn8IMpcyZs7XtNYlGzn NjUOXzxXVUPzMyRptq4yxRg1XDE9v6VRuCGkR+pR/pgztwVCpQULr38mcaqmrGqUccwb UozNIKvKDdGuAQdoHMy1J89RfbAvka6qozs4DUrVHKGbs+Anm+q0ODRI35cqYwVp68lq ZmruExyJTIc2++QJk5k7uU5oRmjdcOsvoqM7TQ9/dVlWDQTBBQyOnraKG+hfhN7jEbxw TIKtqjXAuzQrdw68SOxeHbx94OL+C0Fu4Dtu2QB019/ggcWdNVcLBSKgk3tECWv3q5S+ xK4Q== X-Forwarded-Encrypted: i=1; AJvYcCXMhQfSF+7DpeIXAIy7zv7onnPtKdAG99ZnbW0zEtQ8WiAwxTPZdEjAZKW10LFuXiP+3ibdvlNl46TIt7L/lMEj6BnGi4zPhSKZO7mL X-Gm-Message-State: AOJu0Yz9jYy0cv9damDOmBVzhGAB2oq9w1PzK/h4n7y6IGFu6a/WMNeI gEeo+1NgWK5828enj3RuApexXp1NFLRul2g0rmGDdzfjqFZRjzQVHpVLvDI8diWiYfNXZdbpQKO odw== X-Google-Smtp-Source: AGHT+IGUU5V15PYJLb/rvGrpR2O7b0dqV3NWp9gPiWq1USgUBru2IcuP3QcVb64fWJwVI+urhXDfqHkISlY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:1006:b0:dcd:3a37:65 with SMTP id w6-20020a056902100600b00dcd3a370065mr55877ybt.7.1714068881182; Thu, 25 Apr 2024 11:14:41 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:19 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-8-seanjc@google.com> Subject: [PATCH 07/10] KVM: x86: Funnel all fancy MSR return value handling into a common helper From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a common helper, kvm_do_msr_access(), to invoke the "leaf" APIs that are type and access specific, and more importantly to handle errors that are returned from the leaf APIs. I.e. turn kvm_msr_ignored_check() from a a helper that is called on an error, into a trampoline that detects errors *and* applies relevant side effects, e.g. logging unimplemented accesses. Because the leaf APIs are used for guest accesses, userspace accesses, and KVM accesses, and because KVM supports restricting access to MSRs from userspace via filters, the error handling is subtly non-trivial. E.g. KVM has had at least one bug escape due to making each "outer" function handle errors. See commit 3376ca3f1a20 ("KVM: x86: Fix KVM_GET_MSRS stack info leak"). Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 86 +++++++++++++++++++++++----------------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index c0727df18e92..a0506878d58e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -319,25 +319,40 @@ u64 __read_mostly host_xcr0; =20 static struct kmem_cache *x86_emulator_cache; =20 -/* - * When called, it means the previous get/set msr reached an invalid msr. - * Return true if we want to ignore/silent this failed msr access. - */ -static bool kvm_msr_ignored_check(u32 msr, u64 data, bool write) +typedef int (*msr_access_t)(struct kvm_vcpu *vcpu, u32 index, u64 *data, + bool host_initiated); + +static __always_inline int kvm_do_msr_access(struct kvm_vcpu *vcpu, u32 ms= r, + u64 *data, bool host_initiated, + enum kvm_msr_access rw, + msr_access_t msr_access_fn) { - const char *op =3D write ? "wrmsr" : "rdmsr"; - - if (ignore_msrs) { - if (report_ignored_msrs) - kvm_pr_unimpl("ignored %s: 0x%x data 0x%llx\n", - op, msr, data); - /* Mask the error */ - return true; - } else { + const char *op =3D rw =3D=3D MSR_TYPE_W ? "wrmsr" : "rdmsr"; + int ret; + + BUILD_BUG_ON(rw !=3D MSR_TYPE_R && rw !=3D MSR_TYPE_W); + + /* + * Zero the data on read failures to avoid leaking stack data to the + * guest and/or userspace, e.g. if the failure is ignored below. + */ + ret =3D msr_access_fn(vcpu, msr, data, host_initiated); + if (ret && rw =3D=3D MSR_TYPE_R) + *data =3D 0; + + if (ret !=3D KVM_MSR_RET_UNSUPPORTED) + return ret; + + if (!ignore_msrs) { kvm_debug_ratelimited("unhandled %s: 0x%x data 0x%llx\n", - op, msr, data); - return false; + op, msr, *data); + return ret; } + + if (report_ignored_msrs) + kvm_pr_unimpl("ignored %s: 0x%x data 0x%llx\n", op, msr, *data); + + return 0; } =20 static struct kmem_cache *kvm_alloc_emulator_cache(void) @@ -1705,16 +1720,8 @@ static int kvm_get_feature_msr(struct kvm_vcpu *vcpu= , u32 index, u64 *data, =20 static int do_get_feature_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) { - int r; - - /* Unconditionally clear the output for simplicity */ - *data =3D 0; - r =3D kvm_get_feature_msr(vcpu, index, data, true); - - if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) - r =3D 0; - - return r; + return kvm_do_msr_access(vcpu, index, data, true, MSR_TYPE_R, + kvm_get_feature_msr); } =20 static bool __kvm_valid_efer(struct kvm_vcpu *vcpu, u64 efer) @@ -1901,16 +1908,17 @@ static int __kvm_set_msr(struct kvm_vcpu *vcpu, u32= index, u64 data, return static_call(kvm_x86_set_msr)(vcpu, &msr); } =20 +static int _kvm_set_msr(struct kvm_vcpu *vcpu, u32 index, u64 *data, + bool host_initiated) +{ + return __kvm_set_msr(vcpu, index, *data, host_initiated); +} + static int kvm_set_msr_ignored_check(struct kvm_vcpu *vcpu, u32 index, u64 data, bool host_initiated) { - int ret =3D __kvm_set_msr(vcpu, index, data, host_initiated); - - if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) - if (kvm_msr_ignored_check(index, data, true)) - ret =3D 0; - - return ret; + return kvm_do_msr_access(vcpu, index, &data, host_initiated, MSR_TYPE_W, + _kvm_set_msr); } =20 /* @@ -1949,16 +1957,8 @@ int __kvm_get_msr(struct kvm_vcpu *vcpu, u32 index, = u64 *data, static int kvm_get_msr_ignored_check(struct kvm_vcpu *vcpu, u32 index, u64 *data, bool host_initiated) { - int ret =3D __kvm_get_msr(vcpu, index, data, host_initiated); - - if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) { - /* Unconditionally clear *data for simplicity */ - *data =3D 0; - if (kvm_msr_ignored_check(index, 0, false)) - ret =3D 0; - } - - return ret; + return kvm_do_msr_access(vcpu, index, data, host_initiated, MSR_TYPE_R, + __kvm_get_msr); } =20 static int kvm_get_msr_with_filter(struct kvm_vcpu *vcpu, u32 index, u64 *= data) --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E2CEB155A4E for ; Thu, 25 Apr 2024 18:14:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068885; cv=none; b=Qku98BVXO7Zd9xc6rcImmOQ8FrAI9+iAJnMJu/hh3BYqIkvazvRuzM5QETHFAoLDjx/pXQQE3dkkr+PIiy3gPVj1koBuhqN6zgitiSyHHqoxIyGfy0iUSYmyD0jrkNb6qdmZyeyaWv6ThpFZ8dmFJZl5kCVG6JRDielay1COpUo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068885; c=relaxed/simple; bh=EBMKPetibCe1fk8IIl6DuzqE13SDO5ENAO3qdArUqpw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=I19nfbRGIVYG9wzdEEGD1R9fuf7NYQAll4nLLNv7+RXQNOLnnqWJiOWyLqg/zmuWWfDH/dc1N+xE9M3xyqBvTgIwx8J7S/cLubl7DBLJAE4rLaxXhn8XjOknCEfw19h7oNLz0W2/9LPcEFm6Kk6flbi/uodPuPTypux9RWGLw40= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=BpoEmEE/; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="BpoEmEE/" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-6ed2f4e685bso1273732b3a.0 for ; Thu, 25 Apr 2024 11:14:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068883; x=1714673683; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=FIOMYYhe7hoUfRGO54+WDBb/x/QzKRVyKe5KVJBy8Sk=; b=BpoEmEE/+S2erZHCXyjCcY0SnRUnsOZguR8+YaV9tp8SSoDCL0qBAMhWvyQ7FB32f2 lAb2VO52Qd5eokg8mDofg7aBaRDActr4TvYf6Q80i26Rusoc7nTPPAKaTmH+BaYN+6NI 0OZtZ4RByoya/zyHOeBVs8G2p81JVdNWEVt50dFFJis5EXpdDs8byMMofOpHhK6sfPkO nCurIXxMED2TKir4XB6Ei1UtkuIjdBNsjdJMHkiDxLW45lilM0Eve1Zx3o9TJwE0kCOE wuOJBOfVBcOqY+sprYvw3ADYwRFv5e10SAUC5kjP2+m/ITCFYZLNKy4qQXbWy2RvBh/Y KK3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068883; x=1714673683; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=FIOMYYhe7hoUfRGO54+WDBb/x/QzKRVyKe5KVJBy8Sk=; b=MsLso1HvjCWTkXL3Ig5JknHQbcHdzsnkNFoeh5nG5mS6LJxP7+n/9J3hcmOyc/8Zsl ygCdATbbzAeyi+ocQiUTtPo5ScGQsI8xm3Z+ack39ekbKfWR9ttdq5ys2GkFAjYXJCor M4hf2vDWlY2DbBKOjBzsSQ6uYIHx0IOTQp+dBJmyFsiAmpCx3A39/FNZaKr7Qh5p++v8 MjjYziubKSFda6mM+TlFRq/BqYFa+3dH7Ubpc4HzVi3m22jGzfR7i8HGVy66+dh8+DyX UVxRsGGLVqUHdSOlA1IgZvb0TapnMzNCqycebURKWIflsWKKSexIKtFIzmnjNPJwUHJ/ x3tQ== X-Forwarded-Encrypted: i=1; AJvYcCVaknj9Qw7pAYxOfdJnz85qEC4xFaf7z0fqeJ3fuZI85imZJP8ZiLFq/7lLMDs4+05qyHJrZ7AHh1Gp4p7GXPn5seuRWcH9jlgfN/d2 X-Gm-Message-State: AOJu0YwKxdvclnZveu28zLDxGTn2KwBszVKGuDSNzOl6NQU8Bhs2jepX mTUEbPylV5o1moCiojaiJoZg4IZds2/4gjDRmEuQLQgglsVvyK6CokD6jdiYbN+TJAfGPHwmmvQ /JQ== X-Google-Smtp-Source: AGHT+IHAReYHzQ+UaXLGIDLEHp2zod/ikcL6IlTa1/Jlexj3BDRolEdIdLsCPfxdpltJjtWg17vzoLARWeg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:8cc6:b0:6ec:f3e8:46a8 with SMTP id ij6-20020a056a008cc600b006ecf3e846a8mr38817pfb.1.1714068883127; Thu, 25 Apr 2024 11:14:43 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:20 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-9-seanjc@google.com> Subject: [PATCH 08/10] KVM: x86: Hoist x86.c's global msr_* variables up above kvm_do_msr_access() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move the definitions of the various MSR arrays above kvm_do_msr_access() so that kvm_do_msr_access() can query the arrays when handling failures, e.g. to squash errors if userspace tries to read an MSR that isn't fully supported, but that KVM advertised as being an MSR-to-save. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 368 ++++++++++++++++++++++----------------------- 1 file changed, 184 insertions(+), 184 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index a0506878d58e..04a5ae853774 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -319,6 +319,190 @@ u64 __read_mostly host_xcr0; =20 static struct kmem_cache *x86_emulator_cache; =20 +/* + * The three MSR lists(msrs_to_save, emulated_msrs, msr_based_features) tr= ack + * the set of MSRs that KVM exposes to userspace through KVM_GET_MSRS, + * KVM_SET_MSRS, and KVM_GET_MSR_INDEX_LIST. msrs_to_save holds MSRs that + * require host support, i.e. should be probed via RDMSR. emulated_msrs h= olds + * MSRs that KVM emulates without strictly requiring host support. + * msr_based_features holds MSRs that enumerate features, i.e. are effecti= vely + * CPUID leafs. Note, msr_based_features isn't mutually exclusive with + * msrs_to_save and emulated_msrs. + */ + +static const u32 msrs_to_save_base[] =3D { + MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP, + MSR_STAR, +#ifdef CONFIG_X86_64 + MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR, +#endif + MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA, + MSR_IA32_FEAT_CTL, MSR_IA32_BNDCFGS, MSR_TSC_AUX, + MSR_IA32_SPEC_CTRL, MSR_IA32_TSX_CTRL, + MSR_IA32_RTIT_CTL, MSR_IA32_RTIT_STATUS, MSR_IA32_RTIT_CR3_MATCH, + MSR_IA32_RTIT_OUTPUT_BASE, MSR_IA32_RTIT_OUTPUT_MASK, + MSR_IA32_RTIT_ADDR0_A, MSR_IA32_RTIT_ADDR0_B, + MSR_IA32_RTIT_ADDR1_A, MSR_IA32_RTIT_ADDR1_B, + MSR_IA32_RTIT_ADDR2_A, MSR_IA32_RTIT_ADDR2_B, + MSR_IA32_RTIT_ADDR3_A, MSR_IA32_RTIT_ADDR3_B, + MSR_IA32_UMWAIT_CONTROL, + + MSR_IA32_XFD, MSR_IA32_XFD_ERR, +}; + +static const u32 msrs_to_save_pmu[] =3D { + MSR_ARCH_PERFMON_FIXED_CTR0, MSR_ARCH_PERFMON_FIXED_CTR1, + MSR_ARCH_PERFMON_FIXED_CTR0 + 2, + MSR_CORE_PERF_FIXED_CTR_CTRL, MSR_CORE_PERF_GLOBAL_STATUS, + MSR_CORE_PERF_GLOBAL_CTRL, MSR_CORE_PERF_GLOBAL_OVF_CTRL, + MSR_IA32_PEBS_ENABLE, MSR_IA32_DS_AREA, MSR_PEBS_DATA_CFG, + + /* This part of MSRs should match KVM_INTEL_PMC_MAX_GENERIC. */ + MSR_ARCH_PERFMON_PERFCTR0, MSR_ARCH_PERFMON_PERFCTR1, + MSR_ARCH_PERFMON_PERFCTR0 + 2, MSR_ARCH_PERFMON_PERFCTR0 + 3, + MSR_ARCH_PERFMON_PERFCTR0 + 4, MSR_ARCH_PERFMON_PERFCTR0 + 5, + MSR_ARCH_PERFMON_PERFCTR0 + 6, MSR_ARCH_PERFMON_PERFCTR0 + 7, + MSR_ARCH_PERFMON_EVENTSEL0, MSR_ARCH_PERFMON_EVENTSEL1, + MSR_ARCH_PERFMON_EVENTSEL0 + 2, MSR_ARCH_PERFMON_EVENTSEL0 + 3, + MSR_ARCH_PERFMON_EVENTSEL0 + 4, MSR_ARCH_PERFMON_EVENTSEL0 + 5, + MSR_ARCH_PERFMON_EVENTSEL0 + 6, MSR_ARCH_PERFMON_EVENTSEL0 + 7, + + MSR_K7_EVNTSEL0, MSR_K7_EVNTSEL1, MSR_K7_EVNTSEL2, MSR_K7_EVNTSEL3, + MSR_K7_PERFCTR0, MSR_K7_PERFCTR1, MSR_K7_PERFCTR2, MSR_K7_PERFCTR3, + + /* This part of MSRs should match KVM_AMD_PMC_MAX_GENERIC. */ + MSR_F15H_PERF_CTL0, MSR_F15H_PERF_CTL1, MSR_F15H_PERF_CTL2, + MSR_F15H_PERF_CTL3, MSR_F15H_PERF_CTL4, MSR_F15H_PERF_CTL5, + MSR_F15H_PERF_CTR0, MSR_F15H_PERF_CTR1, MSR_F15H_PERF_CTR2, + MSR_F15H_PERF_CTR3, MSR_F15H_PERF_CTR4, MSR_F15H_PERF_CTR5, + + MSR_AMD64_PERF_CNTR_GLOBAL_CTL, + MSR_AMD64_PERF_CNTR_GLOBAL_STATUS, + MSR_AMD64_PERF_CNTR_GLOBAL_STATUS_CLR, +}; + +static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_base) + + ARRAY_SIZE(msrs_to_save_pmu)]; +static unsigned num_msrs_to_save; + +static const u32 emulated_msrs_all[] =3D { + MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK, + MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW, + +#ifdef CONFIG_KVM_HYPERV + HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL, + HV_X64_MSR_TIME_REF_COUNT, HV_X64_MSR_REFERENCE_TSC, + HV_X64_MSR_TSC_FREQUENCY, HV_X64_MSR_APIC_FREQUENCY, + HV_X64_MSR_CRASH_P0, HV_X64_MSR_CRASH_P1, HV_X64_MSR_CRASH_P2, + HV_X64_MSR_CRASH_P3, HV_X64_MSR_CRASH_P4, HV_X64_MSR_CRASH_CTL, + HV_X64_MSR_RESET, + HV_X64_MSR_VP_INDEX, + HV_X64_MSR_VP_RUNTIME, + HV_X64_MSR_SCONTROL, + HV_X64_MSR_STIMER0_CONFIG, + HV_X64_MSR_VP_ASSIST_PAGE, + HV_X64_MSR_REENLIGHTENMENT_CONTROL, HV_X64_MSR_TSC_EMULATION_CONTROL, + HV_X64_MSR_TSC_EMULATION_STATUS, HV_X64_MSR_TSC_INVARIANT_CONTROL, + HV_X64_MSR_SYNDBG_OPTIONS, + HV_X64_MSR_SYNDBG_CONTROL, HV_X64_MSR_SYNDBG_STATUS, + HV_X64_MSR_SYNDBG_SEND_BUFFER, HV_X64_MSR_SYNDBG_RECV_BUFFER, + HV_X64_MSR_SYNDBG_PENDING_BUFFER, +#endif + + MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME, + MSR_KVM_PV_EOI_EN, MSR_KVM_ASYNC_PF_INT, MSR_KVM_ASYNC_PF_ACK, + + MSR_IA32_TSC_ADJUST, + MSR_IA32_TSC_DEADLINE, + MSR_IA32_ARCH_CAPABILITIES, + MSR_IA32_PERF_CAPABILITIES, + MSR_IA32_MISC_ENABLE, + MSR_IA32_MCG_STATUS, + MSR_IA32_MCG_CTL, + MSR_IA32_MCG_EXT_CTL, + MSR_IA32_SMBASE, + MSR_SMI_COUNT, + MSR_PLATFORM_INFO, + MSR_MISC_FEATURES_ENABLES, + MSR_AMD64_VIRT_SPEC_CTRL, + MSR_AMD64_TSC_RATIO, + MSR_IA32_POWER_CTL, + MSR_IA32_UCODE_REV, + + /* + * KVM always supports the "true" VMX control MSRs, even if the host + * does not. The VMX MSRs as a whole are considered "emulated" as KVM + * doesn't strictly require them to exist in the host (ignoring that + * KVM would refuse to load in the first place if the core set of MSRs + * aren't supported). + */ + MSR_IA32_VMX_BASIC, + MSR_IA32_VMX_TRUE_PINBASED_CTLS, + MSR_IA32_VMX_TRUE_PROCBASED_CTLS, + MSR_IA32_VMX_TRUE_EXIT_CTLS, + MSR_IA32_VMX_TRUE_ENTRY_CTLS, + MSR_IA32_VMX_MISC, + MSR_IA32_VMX_CR0_FIXED0, + MSR_IA32_VMX_CR4_FIXED0, + MSR_IA32_VMX_VMCS_ENUM, + MSR_IA32_VMX_PROCBASED_CTLS2, + MSR_IA32_VMX_EPT_VPID_CAP, + MSR_IA32_VMX_VMFUNC, + + MSR_K7_HWCR, + MSR_KVM_POLL_CONTROL, +}; + +static u32 emulated_msrs[ARRAY_SIZE(emulated_msrs_all)]; +static unsigned num_emulated_msrs; + +/* + * List of MSRs that control the existence of MSR-based features, i.e. MSRs + * that are effectively CPUID leafs. VMX MSRs are also included in the se= t of + * feature MSRs, but are handled separately to allow expedited lookups. + */ +static const u32 msr_based_features_all_except_vmx[] =3D { + MSR_AMD64_DE_CFG, + MSR_IA32_UCODE_REV, + MSR_IA32_ARCH_CAPABILITIES, + MSR_IA32_PERF_CAPABILITIES, +}; + +static u32 msr_based_features[ARRAY_SIZE(msr_based_features_all_except_vmx= ) + + (KVM_LAST_EMULATED_VMX_MSR - KVM_FIRST_EMULATED_VMX_MSR + 1)]; +static unsigned int num_msr_based_features; + +/* + * All feature MSRs except uCode revID, which tracks the currently loaded = uCode + * patch, are immutable once the vCPU model is defined. + */ +static bool kvm_is_immutable_feature_msr(u32 msr) +{ + int i; + + if (msr >=3D KVM_FIRST_EMULATED_VMX_MSR && msr <=3D KVM_LAST_EMULATED_VMX= _MSR) + return true; + + for (i =3D 0; i < ARRAY_SIZE(msr_based_features_all_except_vmx); i++) { + if (msr =3D=3D msr_based_features_all_except_vmx[i]) + return msr !=3D MSR_IA32_UCODE_REV; + } + + return false; +} + +static bool kvm_is_msr_to_save(u32 msr_index) +{ + unsigned int i; + + for (i =3D 0; i < num_msrs_to_save; i++) { + if (msrs_to_save[i] =3D=3D msr_index) + return true; + } + + return false; +} + typedef int (*msr_access_t)(struct kvm_vcpu *vcpu, u32 index, u64 *data, bool host_initiated); =20 @@ -1448,178 +1632,6 @@ int kvm_emulate_rdpmc(struct kvm_vcpu *vcpu) } EXPORT_SYMBOL_GPL(kvm_emulate_rdpmc); =20 -/* - * The three MSR lists(msrs_to_save, emulated_msrs, msr_based_features) tr= ack - * the set of MSRs that KVM exposes to userspace through KVM_GET_MSRS, - * KVM_SET_MSRS, and KVM_GET_MSR_INDEX_LIST. msrs_to_save holds MSRs that - * require host support, i.e. should be probed via RDMSR. emulated_msrs h= olds - * MSRs that KVM emulates without strictly requiring host support. - * msr_based_features holds MSRs that enumerate features, i.e. are effecti= vely - * CPUID leafs. Note, msr_based_features isn't mutually exclusive with - * msrs_to_save and emulated_msrs. - */ - -static const u32 msrs_to_save_base[] =3D { - MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP, - MSR_STAR, -#ifdef CONFIG_X86_64 - MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR, -#endif - MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA, - MSR_IA32_FEAT_CTL, MSR_IA32_BNDCFGS, MSR_TSC_AUX, - MSR_IA32_SPEC_CTRL, MSR_IA32_TSX_CTRL, - MSR_IA32_RTIT_CTL, MSR_IA32_RTIT_STATUS, MSR_IA32_RTIT_CR3_MATCH, - MSR_IA32_RTIT_OUTPUT_BASE, MSR_IA32_RTIT_OUTPUT_MASK, - MSR_IA32_RTIT_ADDR0_A, MSR_IA32_RTIT_ADDR0_B, - MSR_IA32_RTIT_ADDR1_A, MSR_IA32_RTIT_ADDR1_B, - MSR_IA32_RTIT_ADDR2_A, MSR_IA32_RTIT_ADDR2_B, - MSR_IA32_RTIT_ADDR3_A, MSR_IA32_RTIT_ADDR3_B, - MSR_IA32_UMWAIT_CONTROL, - - MSR_IA32_XFD, MSR_IA32_XFD_ERR, -}; - -static const u32 msrs_to_save_pmu[] =3D { - MSR_ARCH_PERFMON_FIXED_CTR0, MSR_ARCH_PERFMON_FIXED_CTR1, - MSR_ARCH_PERFMON_FIXED_CTR0 + 2, - MSR_CORE_PERF_FIXED_CTR_CTRL, MSR_CORE_PERF_GLOBAL_STATUS, - MSR_CORE_PERF_GLOBAL_CTRL, MSR_CORE_PERF_GLOBAL_OVF_CTRL, - MSR_IA32_PEBS_ENABLE, MSR_IA32_DS_AREA, MSR_PEBS_DATA_CFG, - - /* This part of MSRs should match KVM_INTEL_PMC_MAX_GENERIC. */ - MSR_ARCH_PERFMON_PERFCTR0, MSR_ARCH_PERFMON_PERFCTR1, - MSR_ARCH_PERFMON_PERFCTR0 + 2, MSR_ARCH_PERFMON_PERFCTR0 + 3, - MSR_ARCH_PERFMON_PERFCTR0 + 4, MSR_ARCH_PERFMON_PERFCTR0 + 5, - MSR_ARCH_PERFMON_PERFCTR0 + 6, MSR_ARCH_PERFMON_PERFCTR0 + 7, - MSR_ARCH_PERFMON_EVENTSEL0, MSR_ARCH_PERFMON_EVENTSEL1, - MSR_ARCH_PERFMON_EVENTSEL0 + 2, MSR_ARCH_PERFMON_EVENTSEL0 + 3, - MSR_ARCH_PERFMON_EVENTSEL0 + 4, MSR_ARCH_PERFMON_EVENTSEL0 + 5, - MSR_ARCH_PERFMON_EVENTSEL0 + 6, MSR_ARCH_PERFMON_EVENTSEL0 + 7, - - MSR_K7_EVNTSEL0, MSR_K7_EVNTSEL1, MSR_K7_EVNTSEL2, MSR_K7_EVNTSEL3, - MSR_K7_PERFCTR0, MSR_K7_PERFCTR1, MSR_K7_PERFCTR2, MSR_K7_PERFCTR3, - - /* This part of MSRs should match KVM_AMD_PMC_MAX_GENERIC. */ - MSR_F15H_PERF_CTL0, MSR_F15H_PERF_CTL1, MSR_F15H_PERF_CTL2, - MSR_F15H_PERF_CTL3, MSR_F15H_PERF_CTL4, MSR_F15H_PERF_CTL5, - MSR_F15H_PERF_CTR0, MSR_F15H_PERF_CTR1, MSR_F15H_PERF_CTR2, - MSR_F15H_PERF_CTR3, MSR_F15H_PERF_CTR4, MSR_F15H_PERF_CTR5, - - MSR_AMD64_PERF_CNTR_GLOBAL_CTL, - MSR_AMD64_PERF_CNTR_GLOBAL_STATUS, - MSR_AMD64_PERF_CNTR_GLOBAL_STATUS_CLR, -}; - -static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_base) + - ARRAY_SIZE(msrs_to_save_pmu)]; -static unsigned num_msrs_to_save; - -static const u32 emulated_msrs_all[] =3D { - MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK, - MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW, - -#ifdef CONFIG_KVM_HYPERV - HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL, - HV_X64_MSR_TIME_REF_COUNT, HV_X64_MSR_REFERENCE_TSC, - HV_X64_MSR_TSC_FREQUENCY, HV_X64_MSR_APIC_FREQUENCY, - HV_X64_MSR_CRASH_P0, HV_X64_MSR_CRASH_P1, HV_X64_MSR_CRASH_P2, - HV_X64_MSR_CRASH_P3, HV_X64_MSR_CRASH_P4, HV_X64_MSR_CRASH_CTL, - HV_X64_MSR_RESET, - HV_X64_MSR_VP_INDEX, - HV_X64_MSR_VP_RUNTIME, - HV_X64_MSR_SCONTROL, - HV_X64_MSR_STIMER0_CONFIG, - HV_X64_MSR_VP_ASSIST_PAGE, - HV_X64_MSR_REENLIGHTENMENT_CONTROL, HV_X64_MSR_TSC_EMULATION_CONTROL, - HV_X64_MSR_TSC_EMULATION_STATUS, HV_X64_MSR_TSC_INVARIANT_CONTROL, - HV_X64_MSR_SYNDBG_OPTIONS, - HV_X64_MSR_SYNDBG_CONTROL, HV_X64_MSR_SYNDBG_STATUS, - HV_X64_MSR_SYNDBG_SEND_BUFFER, HV_X64_MSR_SYNDBG_RECV_BUFFER, - HV_X64_MSR_SYNDBG_PENDING_BUFFER, -#endif - - MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME, - MSR_KVM_PV_EOI_EN, MSR_KVM_ASYNC_PF_INT, MSR_KVM_ASYNC_PF_ACK, - - MSR_IA32_TSC_ADJUST, - MSR_IA32_TSC_DEADLINE, - MSR_IA32_ARCH_CAPABILITIES, - MSR_IA32_PERF_CAPABILITIES, - MSR_IA32_MISC_ENABLE, - MSR_IA32_MCG_STATUS, - MSR_IA32_MCG_CTL, - MSR_IA32_MCG_EXT_CTL, - MSR_IA32_SMBASE, - MSR_SMI_COUNT, - MSR_PLATFORM_INFO, - MSR_MISC_FEATURES_ENABLES, - MSR_AMD64_VIRT_SPEC_CTRL, - MSR_AMD64_TSC_RATIO, - MSR_IA32_POWER_CTL, - MSR_IA32_UCODE_REV, - - /* - * KVM always supports the "true" VMX control MSRs, even if the host - * does not. The VMX MSRs as a whole are considered "emulated" as KVM - * doesn't strictly require them to exist in the host (ignoring that - * KVM would refuse to load in the first place if the core set of MSRs - * aren't supported). - */ - MSR_IA32_VMX_BASIC, - MSR_IA32_VMX_TRUE_PINBASED_CTLS, - MSR_IA32_VMX_TRUE_PROCBASED_CTLS, - MSR_IA32_VMX_TRUE_EXIT_CTLS, - MSR_IA32_VMX_TRUE_ENTRY_CTLS, - MSR_IA32_VMX_MISC, - MSR_IA32_VMX_CR0_FIXED0, - MSR_IA32_VMX_CR4_FIXED0, - MSR_IA32_VMX_VMCS_ENUM, - MSR_IA32_VMX_PROCBASED_CTLS2, - MSR_IA32_VMX_EPT_VPID_CAP, - MSR_IA32_VMX_VMFUNC, - - MSR_K7_HWCR, - MSR_KVM_POLL_CONTROL, -}; - -static u32 emulated_msrs[ARRAY_SIZE(emulated_msrs_all)]; -static unsigned num_emulated_msrs; - -/* - * List of MSRs that control the existence of MSR-based features, i.e. MSRs - * that are effectively CPUID leafs. VMX MSRs are also included in the se= t of - * feature MSRs, but are handled separately to allow expedited lookups. - */ -static const u32 msr_based_features_all_except_vmx[] =3D { - MSR_AMD64_DE_CFG, - MSR_IA32_UCODE_REV, - MSR_IA32_ARCH_CAPABILITIES, - MSR_IA32_PERF_CAPABILITIES, -}; - -static u32 msr_based_features[ARRAY_SIZE(msr_based_features_all_except_vmx= ) + - (KVM_LAST_EMULATED_VMX_MSR - KVM_FIRST_EMULATED_VMX_MSR + 1)]; -static unsigned int num_msr_based_features; - -/* - * All feature MSRs except uCode revID, which tracks the currently loaded = uCode - * patch, are immutable once the vCPU model is defined. - */ -static bool kvm_is_immutable_feature_msr(u32 msr) -{ - int i; - - if (msr >=3D KVM_FIRST_EMULATED_VMX_MSR && msr <=3D KVM_LAST_EMULATED_VMX= _MSR) - return true; - - for (i =3D 0; i < ARRAY_SIZE(msr_based_features_all_except_vmx); i++) { - if (msr =3D=3D msr_based_features_all_except_vmx[i]) - return msr !=3D MSR_IA32_UCODE_REV; - } - - return false; -} - /* * Some IA32_ARCH_CAPABILITIES bits have dependencies on MSRs that KVM * does not yet virtualize. These include: @@ -3770,18 +3782,6 @@ static void record_steal_time(struct kvm_vcpu *vcpu) mark_page_dirty_in_slot(vcpu->kvm, ghc->memslot, gpa_to_gfn(ghc->gpa)); } =20 -static bool kvm_is_msr_to_save(u32 msr_index) -{ - unsigned int i; - - for (i =3D 0; i < num_msrs_to_save; i++) { - if (msrs_to_save[i] =3D=3D msr_index) - return true; - } - - return false; -} - int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) { u32 msr =3D msr_info->index; --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA60915624B for ; Thu, 25 Apr 2024 18:14:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068887; cv=none; b=qUFF1hNOIaiSvNCjNKqAXzg3BH5iKZ6506TeMGSkyYHAomOzvrCI0lY293mu7XqUr5Zm1X1Fn2d9B+9n/oyFw23GSIafmvOZphe5OMQKZO6/wirZ6/qfQKRWujuzzYZql2so5epOwNkLYcXy5xwlF5qEBiQ8FYTKGnOVPmCka+M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068887; c=relaxed/simple; bh=247P5YIdaIT018imI0/FIsolw28zSgLr6OXAMGjYu4k=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=iG9zELxCBJi3dqpTCLiOx14YF2Eay2veBIVoDIasJylXG6I5cT1uMwd97+kfxZZZHv/1IflJbChFxh/7kFH34M2igCV0Tv7EVpMBAOAQQvYkMtURdPE6MHAFUxNk8HgCRmwIuiAi00OORDkVMv82ZwPzVLTTuQmZ6v8sEHkVCLk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=GUjHHqXX; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="GUjHHqXX" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-5e4f312a995so1129387a12.2 for ; Thu, 25 Apr 2024 11:14:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068885; x=1714673685; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=aNpP1eW5DP+TAfE/NjGLi9NUaYZsZjI/uTGRPzZPo4M=; b=GUjHHqXX8gP+CwPGBOYzK9I7kFPOLFy8gUhL3rM4BtNb1lfCnrBlpJrtXf8OBq+Yvi zXHtNofv/WBOwl+YHZMo8chv2MN1MNk8HyKm94WNmlPqXzg/Hf1hOF0wd+QUQeJrHKaA ycKSohc0mAL5x8Srj8oTC4JYa3pXlA76W9gIdU4bZoRtKXLEPlh7oEYNKoYsl29j83Qj T+WhOcOldOviG7QLjtjvIVPEq6zJ/mh0v5F5JLqSqVjwZcHLSeGsO0L6V3xDCpnzcD8p c2rhKGOskRFAu1OFj7ORkG+tX1n19O+npMSNl3cejrl4JH2OFb9mqbt5x8Z/1mPG7a2/ aJ7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068885; x=1714673685; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=aNpP1eW5DP+TAfE/NjGLi9NUaYZsZjI/uTGRPzZPo4M=; b=KrbpzHwqS6f/vG+CPKED2kvsUHNhUEud/qyWZaN/T0WWpAHUAOgmNGgBImgOl2+yRS bdudptKY/wcPBAWDiZ3o84IYTkMsCzZihf80pXZFxcevwxeU15Rhz6g5sGJA7WBaJF5w ttgRYElKTQhP2F8Ind11XKFKNGEx8cK1ziBk1L8m8qQSbbUEB+yQqnfnAmuxdCyPB9R6 zr+6BIYg7AqrMdUuPZylC7N+nc1679xu69FLx7TMwculVxHd9Pi3YoFOhv0Mb//ixOza hhbXy1mEVN5OBHtBAy0qE6rgtf4fVlEaxXpIgakbigaC/Ez/rjoobNoePjoNm/t+3OFe yx9Q== X-Forwarded-Encrypted: i=1; AJvYcCVwa6+5L/4h5Pu4TqGAUGbMqEI7VenxUWqJVeto3polIzkeK5/ZJcnyElwJo4LxsXrfx0UOAshn2P0XUI59NqovKq5H22CsKaZi/mPn X-Gm-Message-State: AOJu0YwuN9MdXFg2hjD4H8YSwJvkMj+abx0JmvtNRQPWMfxlkfd/3luB mSygC4wE4ElPKppvgTXUh94NEP0Gw+lK1Vui+2c7gvuK6f0MBCUUNBJwa8iRMV9NnRT+jG8xI/f Dfw== X-Google-Smtp-Source: AGHT+IF+pktbKA5ERhhI9ACh0DvxCWS2IxmYMfxElb+yYd48b/kvPmDGRCometGGY/kYmjTT7Oe1ih0b4Y0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a65:6556:0:b0:5dc:1b0a:48e1 with SMTP id a22-20020a656556000000b005dc1b0a48e1mr1095pgw.1.1714068885143; Thu, 25 Apr 2024 11:14:45 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:21 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-10-seanjc@google.com> Subject: [PATCH 09/10] KVM: x86: Suppress failures on userspace access to advertised, unsupported MSRs From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Extend KVM's suppression of failures due to a userspace access to an unsupported, but advertised as a "to save" MSR to all MSRs, not just those that happen to reach the default case statements in kvm_get_msr_common() and kvm_set_msr_common(). KVM's soon-to-be-established ABI is that if an MSR is advertised to userspace, then userspace is allowed to read the MSR, and write back the value that was read, i.e. why an MSR is unsupported doesn't change KVM's ABI. Practically speaking, this is very nearly a nop, as the only other paths that return KVM_MSR_RET_UNSUPPORTED are {svm,vmx}_get_feature_msr(), and it's unlikely, though not impossible, that userspace is using KVM_GET_MSRS on unsupported MSRs. The primary goal of moving the suppression to common code is to allow returning KVM_MSR_RET_UNSUPPORTED as appropriate throughout KVM, without having to manually handle the "is userspace accessing an advertised" waiver. I.e. this will allow formalizing KVM's ABI without incurring a high maintenance cost. Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 04a5ae853774..4c91189342ff 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -527,6 +527,15 @@ static __always_inline int kvm_do_msr_access(struct kv= m_vcpu *vcpu, u32 msr, if (ret !=3D KVM_MSR_RET_UNSUPPORTED) return ret; =20 + /* + * Userspace is allowed to read MSRs, and write '0' to MSRs, that KVM + * reports as to-be-saved, even if an MSR isn't fully supported. + * Simply check that @data is '0', which covers both the write '0' case + * and all reads (in which case @data is zeroed on failure; see above). + */ + if (host_initiated && !*data && kvm_is_msr_to_save(msr)) + return 0; + if (!ignore_msrs) { kvm_debug_ratelimited("unhandled %s: 0x%x data 0x%llx\n", op, msr, *data); @@ -4163,14 +4172,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct= msr_data *msr_info) if (kvm_pmu_is_valid_msr(vcpu, msr)) return kvm_pmu_set_msr(vcpu, msr_info); =20 - /* - * Userspace is allowed to write '0' to MSRs that KVM reports - * as to-be-saved, even if an MSRs isn't fully supported. - */ - if (msr_info->host_initiated && !data && - kvm_is_msr_to_save(msr)) - break; - return KVM_MSR_RET_UNSUPPORTED; } return 0; @@ -4522,16 +4523,6 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct= msr_data *msr_info) if (kvm_pmu_is_valid_msr(vcpu, msr_info->index)) return kvm_pmu_get_msr(vcpu, msr_info); =20 - /* - * Userspace is allowed to read MSRs that KVM reports as - * to-be-saved, even if an MSR isn't fully supported. - */ - if (msr_info->host_initiated && - kvm_is_msr_to_save(msr_info->index)) { - msr_info->data =3D 0; - break; - } - return KVM_MSR_RET_UNSUPPORTED; } return 0; --=20 2.44.0.769.g3c40516874-goog From nobody Fri Dec 19 15:33:12 2025 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 39C02150990 for ; Thu, 25 Apr 2024 18:14:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068889; cv=none; b=JsO4X7RNYutxhp8vcxBAqqdFufcrDj5sTQ/8YYxMgKfgSiK5syBSOH7r6Vc8xv48Rw/JMV99Xi768Ha6X2kCowkCZ+t12ZpdfgfQO9Nr/qXdLkBHgOvS8F0IQAE8+uMNeEnlnK6OBDH02EsAkwVW01IluZzJWG0nRzBCK2wUVqs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714068889; c=relaxed/simple; bh=h3nH2RXwDRleABI7UvTpJNwiSjFJO/iubybYunLFYQY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=M5xB7pIkVNNr+fuOSDnv4X7FGFhvpshf35sf7lPZirrO7XiaRV55FXEXR/+9f9/NWY7/sFzkpiswKqIdAnVfccqGy7c2ueSWvIUvQ09vro67UXUmLnrWBo/BgIPJAL0+HpmHPlRzP8+3jiod9c10E0KXuVA5C/gt9W8Fgs97D0M= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=f6jRa0OD; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="f6jRa0OD" Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-6150e36ca0dso23829217b3.1 for ; Thu, 25 Apr 2024 11:14:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1714068887; x=1714673687; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=7x2xDm7ORIVYu8+DJIH/haFx3NIITex91VRf9yc3OHU=; b=f6jRa0ODT67ORWX27GVK/+mTZ31jdHbXp/6k3hpIfU/jHbO8lCsZAAGv8q6TDhrwnt iGlQdIiqywZdu8dD5gZSdyqYjXuGKkJhCy5DuFfcf8ZCG3gNuSJpTz6a5SZGZIJUrLnB XUHPvzcNBNIqNru0lO1hPsf02GKQrU7y9s4eXm7swjbYswE+UOp5jWWTtBkFRulndO7f F5hQbSwxevLP4xxsPF3U1N35v9yyPGyHDL0IU5+3p2BZdthJ7ZDDTaH7MMkg6SgQ81Xf 9jqp3FZQo43e5Je8X6t32xRuPg1MSz9Qm/vgRi2EECB1PUJ/TzJA58TdDk0ONWNB2Scm g8Lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714068887; x=1714673687; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7x2xDm7ORIVYu8+DJIH/haFx3NIITex91VRf9yc3OHU=; b=Cy082AkguOVPdJjxeeip4K7FNo6LTuSRGoyEG2sHA6UTuBU8bZDvUpKbLP/b8zjG7f sp/uek9dRL89kbCW2iRDQnXh666uK+rOcCNyU1/9xH1DKlvwpTk3a82fUf9Gww6DwD0R INP+ySUsABhztJN7rhC17NTIgRAUtMiSKfpxUzQbQpdPRHlpOoF1YxfetyfkcCj3s3yg HOIkZEZG5oU4c2cO4k17J3itGHzj+D6Od0KGVlfAaVs6clXeWvRhPRh/WvLvnrL/kOT+ J7+hPrenXuL57fMn+Tvc0w86BBVyNT1Hv0oOHzklE99/KgYc3Z8MQ4PKZQL+TyPSbTkK xnKQ== X-Forwarded-Encrypted: i=1; AJvYcCXclZMwCOfmvfeo4E014G5beWW27xo1Dnk/FSyX96yJcrFd0qTe+vtQyxULyLlo8wQHlRrA9jZyFs4Km/qxFp69DP5VSP+k0mKdT9b0 X-Gm-Message-State: AOJu0YxpjEgR9gBpFoVQJQshWrwT2H/mNlVr+j8McrC1RsLG81wUYUIb Ag2WV0rrsFoBkWk9KOd9Oji5cKJwglAa6ff52V1nR0hIzHJ0AAv3wimf0/7K4SuDq704IMYoHZ8 39Q== X-Google-Smtp-Source: AGHT+IHGxfcO/CIV3+AB7r4yk31j4bBnsDca+v9/E+BSPM3jBz9ZdrHoD7SFSvI0zaKSkrDLyCCPkzvrZLU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:a106:0:b0:61a:d016:60ff with SMTP id y6-20020a81a106000000b0061ad01660ffmr36102ywg.2.1714068887134; Thu, 25 Apr 2024 11:14:47 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 25 Apr 2024 11:14:22 -0700 In-Reply-To: <20240425181422.3250947-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240425181422.3250947-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.769.g3c40516874-goog Message-ID: <20240425181422.3250947-11-seanjc@google.com> Subject: [PATCH 10/10] KVM: x86: Suppress userspace access failures on unsupported, "emulated" MSRs From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Extend KVM's suppression of userspace MSR access failures to MSRs that KVM reports as emulated, but are ultimately unsupported, e.g. if the VMX MSRs are emulated by KVM, but are unsupported given the vCPU model. Suggested-by: Weijiang Yang Signed-off-by: Sean Christopherson Reviewed-by: Weijiang Yang --- arch/x86/kvm/x86.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 4c91189342ff..14cfa25ef0e7 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -491,7 +491,7 @@ static bool kvm_is_immutable_feature_msr(u32 msr) return false; } =20 -static bool kvm_is_msr_to_save(u32 msr_index) +static bool kvm_is_advertised_msr(u32 msr_index) { unsigned int i; =20 @@ -500,6 +500,11 @@ static bool kvm_is_msr_to_save(u32 msr_index) return true; } =20 + for (i =3D 0; i < num_emulated_msrs; i++) { + if (emulated_msrs[i] =3D=3D msr_index) + return true; + } + return false; } =20 @@ -529,11 +534,11 @@ static __always_inline int kvm_do_msr_access(struct k= vm_vcpu *vcpu, u32 msr, =20 /* * Userspace is allowed to read MSRs, and write '0' to MSRs, that KVM - * reports as to-be-saved, even if an MSR isn't fully supported. + * advertises to userspace, even if an MSR isn't fully supported. * Simply check that @data is '0', which covers both the write '0' case * and all reads (in which case @data is zeroed on failure; see above). */ - if (host_initiated && !*data && kvm_is_msr_to_save(msr)) + if (host_initiated && !*data && kvm_is_advertised_msr(msr)) return 0; =20 if (!ignore_msrs) { --=20 2.44.0.769.g3c40516874-goog