From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D0A1A1537CE for ; Fri, 2 Aug 2024 18:19:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622782; cv=none; b=Edr7fz0aX5841GzmGzcJIZ05cLuvanckawoEJqUcOzF0gd1oVC3YkDO3h8dhSxKt+lLZhM31KHwEzv7hFAWlDXItwHqw6/vbM4Twlxxznd2xnuwT9EaF5XiCRWuKm7JZswiuaO9YsePeYp7CbaFwspStAyA+Zlxq6j9qS597VBc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622782; c=relaxed/simple; bh=PqAkbeX46Q/uqruzqqUfbvSnJ64882JvtNzQyytCBAs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=c/hdSN9cw05brZM5ev9aNnkrGjC+HgscOk+4YvIewLa7Ss7tJ/PqBU5rVstmnNMJOsvIqJiyHaGuYNc4wB7XCyMbGqx/ORNCNtc8YsQK3RzBtjUOOxhCDR8wh/+XXZBh8GtSRdNSXNNoH1KOI8L8PcHt49046htXsV2iXZs99lM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=hiqnT3b/; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="hiqnT3b/" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2cb4e6725ccso10459839a91.1 for ; Fri, 02 Aug 2024 11:19:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622780; x=1723227580; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=jQvD2XFUOoXKh/qvHzE0oWtyWzaKX7emTzrWlGmUYVU=; b=hiqnT3b//4qEz60ZslEs2FYz1j2vX05lU6bI4eOSCbB608l5M2wq9W9cY1Ggi9Nexl 2B6XQvhIEgfF7Mq86iWVM2zNmfhvHUF4b6D2C7cViz4tRFuLm/d6/Zo928TXsCztE0ol b2Hc5T6XGaXKbr/lVb9TDca8tpq3v6pIWuKawRmdPsLl5WUlvscmPuFjjKDAF2XNAYJl MTJjUe1Hqd2X+SepUWGtuSCg1PhDvH0VzDBKRYeGYxpACX8apFYIbKmt2j/pr3N7nNiH naFJeCeriNxNg8DedqBgx/x7jSiA7EqZDYQffQAnAankoNhUl/zlb0NPiCvot9H6x0mS wy7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622780; x=1723227580; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jQvD2XFUOoXKh/qvHzE0oWtyWzaKX7emTzrWlGmUYVU=; b=mGqFAbodsnYIYXXyQ9K65simStvOB8zhGBI9ydIT8gGUQbcNtscWcr5whid5URd9sk OmqPGpuS03U1MdRMdbMNVuNXtU9TKJumnHiUh8I+hZyMNNvGr4YYFnd5GbvdKo40/lHg MJZl4QG2bBFJyaOZSllxa7Z1p+Lpah/9JOnVV469pmZSellet1L4KdKss/lGnbBp/wgs lX05Iy6Y/udHkCdVo7RWaXfz3rkzN3Ai682DIJ36eZSXKK3KFj3PiommT03aEgYc42dG 5E06mmAOZYkJY5nlbEIs4x01ZR/Jr/fF40cNiRNMSFTUfjKC7TnxlB5v2VTLTW1ewYAu F82A== X-Forwarded-Encrypted: i=1; AJvYcCUjL/hiIJyz9jLdsmSGC/k3vBrIpQxY4lFa0+D+HUOU4THJANt5PGnyVQPVLFLFB5wxUL35L+8jSOSKngtKJQvnkxyKz6V0FkGb1ymT X-Gm-Message-State: AOJu0YwaLZS6KbuoVPrL7Bw/RWkPhL94BEwadgEjBDvbXJdSs9cL/so+ bRE0Z8zp9CLqSVWzBawwbDVg2f4XYE7k1CK8xofCpYLX3FemsT3/1AqraGFLOpzHNwiPNDRHI1A kNA== X-Google-Smtp-Source: AGHT+IG6uu1lx5JAUSYw/bNj45a08OL8ZJ97prbP8I5rSjynR6V2S9qofwrzh1JA+MVBjXVGnS3x1i7++1I= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:2354:b0:2c9:7fb8:ef1d with SMTP id 98e67ed59e1d1-2cff952b45fmr67521a91.6.1722622780012; Fri, 02 Aug 2024 11:19:40 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:26 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-2-seanjc@google.com> Subject: [PATCH v2 01/10] KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Inject a #GP if the guest attempts to change MSR_AMD64_DE_CFG from its *current* value, not if the guest attempts to write a value other than KVM's set of supported bits. As per the comment and the changelog of the original code, the intent is to effectively make MSR_AMD64_DE_CFG read- only for the guest. Opportunistically use a more conventional equality check instead of an exclusive-OR check to detect attempts to change bits. Fixes: d1d93fa90f1a ("KVM: SVM: Add MSR-based feature support for serializi= ng LFENCE") Cc: Tom Lendacky Signed-off-by: Sean Christopherson Reviewed-by: Tom Lendacky --- arch/x86/kvm/svm/svm.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c115d26844f7..550ead197543 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3189,8 +3189,13 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct= msr_data *msr) if (data & ~msr_entry.data) return 1; =20 - /* Don't allow the guest to change a bit, #GP */ - if (!msr->host_initiated && (data ^ msr_entry.data)) + /* + * Don't let the guest change the host-programmed value. The + * MSR is very model specific, i.e. contains multiple bits that + * are completely unknown to KVM, and the one bit known to KVM + * is simply a reflection of hardware capatibilies. + */ + if (!msr->host_initiated && data !=3D svm->msr_decfg) return 1; =20 svm->msr_decfg =3D data; --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ADA69165F07 for ; Fri, 2 Aug 2024 18:19:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622784; cv=none; b=XefD6rXdzCInG/QDHU6LZUJhtIaatvWttgdT0s102Jj2F5yv8jOdHdeaAppHq3J9jsRmasTN8Vuq/koj+lkZYkfTWpnO5CUV/bdyDTR2pMu+0tguSU71yXDpSX3jJyjk6dEGhmBa4PKCvlYT+d5+yGy2jrF6IzSMbpBEgFYdL9o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622784; c=relaxed/simple; bh=hkR6QEr+WLoDq3xFNE6eHV98zpNeTguqeGIsqeOvNJA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=rmNbF0B6hICSJmDjn+SjqR8aLF/vBdRtJB2LvwxslxMArgCiW6aQYBWoZlcQ2/xqtEgWVJullSt1ncgN5ivOEipCLHKn8o0yBSdaCvHq1z4vP5wYmuDrAcBv4ke+olXl6pB4aFzVDJEOnITDNVvuLzX9B2yITo3Mvu934BP4ErI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=qUbjaSmt; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="qUbjaSmt" Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-7a242496897so6609287a12.2 for ; Fri, 02 Aug 2024 11:19:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622782; x=1723227582; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=j/AuksRw4eRbr1UmkMXYc3JTMMOK1vQLnbFBUZIHu+k=; b=qUbjaSmtDzLUyisDRt9YLwEL4LMl9q0mEedHKeOLJS/7HWGAl4IslbUd7hO8m9d3t3 OALMeeOC1sSlKvF3YLBO+2uhD5iyNsuitisDctY/haJP83hwSnDqPrLJb35g2/KKgP7r qmJ+zhYUomzvKPGeOLiHX8NqFeJ5Lf47DFvLanNP/0Ic5lnwB/zXisNn46fa+Ex1Znf9 OuykVn19yz6IdDX6OM2g4BZ2k9Xg5YWKD0AOG983/i7Y9V6swaPINeWnQLPymnDJYioc UsgRjQVxSXa0+jDEUeorBMTRGII0m4bRYskju/k1O6wrZuGlcLDaUHygbSxU1QyAPeHW RMRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622782; x=1723227582; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=j/AuksRw4eRbr1UmkMXYc3JTMMOK1vQLnbFBUZIHu+k=; b=b+/4tnikvahXbDkCn2l+kXABX8etD4RyHLLPP5AL8Pbvz+1sutsNAQ7aS/IduUFJdP bvgvxE0gqvPtHWyM+1/uJCnPGv13NoB1spmndT1WEeEjCGTws7KPdUvvMnyux4+dTZFy c8KOl4pUe9twoZ3lnKx/p/UzpPVvArehScvcm474KF2t96o2kpGqoXEfxySX1pQQOP6z +voLAAbwmH1xyz5CZsWmRiJYnti/fqeMeZ/XHAq21c1dMGZ7Z5EZOs2VAtdomFt5C/Cq 9wL2fscB0ZQAwYdBIOWxQJ2C8J7DAkeCgVJCIh8aorLe2HHDnGu4r67hdyOtZYhTQmns +a9A== X-Forwarded-Encrypted: i=1; AJvYcCV1MQBdTnaOMc71dcfbyE1pX83WS0ljHj2nR2nDCn+V9wVlzzzZ7338+5KIFwXBKPV4kKPLd+DabL0q2MDKzcrdZinYhK7GVrlXkR9s X-Gm-Message-State: AOJu0Yx8FOpdrBp1C84tEIRqapiZRuGDId9ayOBB+rrMKWERTlO+/qah IRJZxT9i6mKJNXy0shmLzlXXfsxFsw1KdWOsP9tdMw5mT+TenOKXNffEos+SSlmX/82qeayH4z1 5TQ== X-Google-Smtp-Source: AGHT+IHLj8X+lZRtIC24TP4NuRlObpH/Kd495L+iYe6/wJIc4BaC8JUsz1rCyorY9vbGmn7x9ISQkirN3fU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a02:494:b0:79d:9ea1:e03f with SMTP id 41be03b00d2f7-7b74a2fde72mr7518a12.8.1722622781900; Fri, 02 Aug 2024 11:19:41 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:27 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-3-seanjc@google.com> Subject: [PATCH v2 02/10] KVM: x86: Move MSR_TYPE_{R,W,RW} values from VMX to x86, as enums From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move VMX's MSR_TYPE_{R,W,RW} #defines to x86.h, as enums, so that they can be used by common x86 code, e.g. instead of doing "bool write". Opportunistically tweak the definitions to make it more obvious that the values are bitmasks, not arbitrary ascending values. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.h | 4 ---- arch/x86/kvm/x86.h | 6 ++++++ 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 42498fa63abb..3839afb921e2 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -17,10 +17,6 @@ #include "run_flags.h" #include "../mmu.h" =20 -#define MSR_TYPE_R 1 -#define MSR_TYPE_W 2 -#define MSR_TYPE_RW 3 - #define X2APIC_MSR(r) (APIC_BASE_MSR + ((r) >> 4)) =20 #ifdef CONFIG_X86_64 diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index 50596f6f8320..499adef96038 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -504,6 +504,12 @@ int kvm_handle_memory_failure(struct kvm_vcpu *vcpu, i= nt r, int kvm_handle_invpcid(struct kvm_vcpu *vcpu, unsigned long type, gva_t gv= a); bool kvm_msr_allowed(struct kvm_vcpu *vcpu, u32 index, u32 type); =20 +enum kvm_msr_access { + MSR_TYPE_R =3D BIT(0), + MSR_TYPE_W =3D BIT(1), + MSR_TYPE_RW =3D MSR_TYPE_R | MSR_TYPE_W, +}; + /* * Internal error codes that are used to indicate that MSR emulation encou= ntered * an error that should result in #GP in the guest, unless userspace --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7F5F7166F15 for ; Fri, 2 Aug 2024 18:19:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622785; cv=none; b=JizNV/Qhg3lTPqb5XkBnaqePUAuBr3FMWHtKwn/bRPtaarb1NTG6FRTWwetHDVSUSfZ/a4o7EghnIaAlZ7KoLrftjnyGyYTs32YVXLvVco05G0i9aBNCcH9DbkJE4zzs5jepXBIkMbw2Ms6yIvPsrMSxjm8ilRBO3PvWWmrXZgo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622785; c=relaxed/simple; bh=7mpv0WRXnriZ+ipajLIvZWgSDl6S0mMqoBXa5xqtiV8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=DwNQquTKl0DIdzi3DhZjUIK6cLeaHyyWz1JK0EybaA1xhC7eN0RZXk61U6sq7RWw5y0wjw3/ZK3C7JDy5eDita9jDbkj0lk8v5C5e1zUAoEn3LSgE9HQ5Se7SawWp0xs6XXM0+ieoFzB0DADkgNCHLNyhIKfsr4qEvijakX+9D4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Xk7fgdCi; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Xk7fgdCi" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2cf13d7f5b9so10470711a91.0 for ; Fri, 02 Aug 2024 11:19:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622784; x=1723227584; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=5QRnNh3YRBJv0dAIk1Fm70RjmCsyrcZMMCD1sVPx4ww=; b=Xk7fgdCiQWqNCT0M//tJhA6qVv4NWwlpUYOcQ6i613cAXrjczJdSDRkVpyM1RfKDVp H/srua34f22qTVXZ37OEP//otbP7XyfBabMyoIvdXRbTyN9FqaNq9sJ42ILWdZ47XKyj uFqr3Lt7WfwqHeJC/hcuNf1rracnKu+Rl//tuggIHI4fIxEJTaE+xv+ZYINnCJ5ci0vw q1CHiyqJVh6jRSf5pIYIuF1/fixlFiG7jupFkqr6s5eO9ic4uWw8OHYXHyOZg+6bh1Ie kO0FWPg+HXYjA1NzCCttYHsof2IYpLxcZisClXuHH88vWuNKRX+ph/EryCwVfOW2LhRu CT3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622784; x=1723227584; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=5QRnNh3YRBJv0dAIk1Fm70RjmCsyrcZMMCD1sVPx4ww=; b=YXzhIGf4LvS3/PyeV5K9IJADAFFxPBMm2nlP9ERFQa0q3uYN0buEq9Y5mtNXdivuWp jhxM3ChyO6fCRmWLzht6m9MaUURAeatT5pVMbKacpOBwdQGN4l+Wp4pPik5sPfHm9UzX rCOUsRgYntU+pz6Fpqm0mGPP/19WX59CfFpcujV1ebXlfpyLkI0MsOvGkzF9g0x8xPZi sdYITT19mWldPZSY/6s5hr7S0GoKTgG1wYhJ220mlv8KnsfI7kadniJz9UNThDy6fspX ktDtlcixZ6R3kTPYp0iyzs1mmTThXuTEedJglT9PHrtEQpSghVrFZpUgv6ZGhV5RKQ07 nNeg== X-Forwarded-Encrypted: i=1; AJvYcCXArDwL0PgkQF3BKRCSpAQ79az2kuuKUTe3uBHY1jOdnjiC3qRKCTjszVMVyFfbK/tLlKzvUxRitR/BlgbsXWKMlftjzD351uwlabVz X-Gm-Message-State: AOJu0YwrS5FlmQ+WT7Xcc8tFiajXFGBPzLyTfwu1gIwwLKnkyi4GmkPT gt68spvd+PfqU+asxqCQkQoDDcfft0iQQRduGIu2qHn5Vlib6GyBPzknYbXXO+EPjOnNuCRJ5U0 IeQ== X-Google-Smtp-Source: AGHT+IG9EtujUXdUt9x1n6wGTS9FhvTMc2FM7+sO8N3xBRvblPza38AzfxzYkyAXy2wLoSzLwyGHfK9p5f4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:3a90:b0:2cd:1e0d:a4c7 with SMTP id 98e67ed59e1d1-2cff93c4f4dmr67783a91.1.1722622783676; Fri, 02 Aug 2024 11:19:43 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:28 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-4-seanjc@google.com> Subject: [PATCH v2 03/10] KVM: x86: Rename KVM_MSR_RET_INVALID to KVM_MSR_RET_UNSUPPORTED From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rename the "INVALID" internal MSR error return code to "UNSUPPORTED" to try and make it more clear that access was denied because the MSR itself is unsupported/unknown. "INVALID" is too ambiguous, as it could just as easily mean the value for WRMSR as invalid. Avoid UNKNOWN and UNIMPLEMENTED, as the error code is used for MSRs that _are_ actually implemented by KVM, e.g. if the MSR is unsupported because an associated feature flag is not present in guest CPUID. Opportunistically beef up the comments for the internal MSR error codes. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/kvm/x86.c | 12 ++++++------ arch/x86/kvm/x86.h | 15 +++++++++++---- 4 files changed, 19 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 550ead197543..909ba79067f8 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2835,7 +2835,7 @@ static int svm_get_msr_feature(struct kvm_msr_entry *= msr) msr->data |=3D MSR_AMD64_DE_CFG_LFENCE_SERIALIZE; break; default: - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } =20 return 0; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f18c2d8c7476..e5b253e4d421 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2006,7 +2006,7 @@ int vmx_get_msr_feature(struct kvm_msr_entry *msr) return 1; return vmx_get_vmx_msr(&vmcs_config.nested, msr->index, &msr->data); default: - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } } =20 diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index af6c8cf6a37a..a55f73ce7b2e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1690,7 +1690,7 @@ static int do_get_msr_feature(struct kvm_vcpu *vcpu, = unsigned index, u64 *data) msr.index =3D index; r =3D kvm_get_msr_feature(&msr); =20 - if (r =3D=3D KVM_MSR_RET_INVALID && kvm_msr_ignored_check(index, 0, false= )) + if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) r =3D 0; =20 *data =3D msr.data; @@ -1887,7 +1887,7 @@ static int kvm_set_msr_ignored_check(struct kvm_vcpu = *vcpu, { int ret =3D __kvm_set_msr(vcpu, index, data, host_initiated); =20 - if (ret =3D=3D KVM_MSR_RET_INVALID) + if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) if (kvm_msr_ignored_check(index, data, true)) ret =3D 0; =20 @@ -1932,7 +1932,7 @@ static int kvm_get_msr_ignored_check(struct kvm_vcpu = *vcpu, { int ret =3D __kvm_get_msr(vcpu, index, data, host_initiated); =20 - if (ret =3D=3D KVM_MSR_RET_INVALID) { + if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) { /* Unconditionally clear *data for simplicity */ *data =3D 0; if (kvm_msr_ignored_check(index, 0, false)) @@ -2001,7 +2001,7 @@ static int complete_fast_rdmsr(struct kvm_vcpu *vcpu) static u64 kvm_msr_reason(int r) { switch (r) { - case KVM_MSR_RET_INVALID: + case KVM_MSR_RET_UNSUPPORTED: return KVM_MSR_EXIT_REASON_UNKNOWN; case KVM_MSR_RET_FILTERED: return KVM_MSR_EXIT_REASON_FILTER; @@ -4149,7 +4149,7 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) kvm_is_msr_to_save(msr)) break; =20 - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } return 0; } @@ -4510,7 +4510,7 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) break; } =20 - return KVM_MSR_RET_INVALID; + return KVM_MSR_RET_UNSUPPORTED; } return 0; } diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h index 499adef96038..f47b9905ba78 100644 --- a/arch/x86/kvm/x86.h +++ b/arch/x86/kvm/x86.h @@ -512,11 +512,18 @@ enum kvm_msr_access { =20 /* * Internal error codes that are used to indicate that MSR emulation encou= ntered - * an error that should result in #GP in the guest, unless userspace - * handles it. + * an error that should result in #GP in the guest, unless userspace handl= es it. + * Note, '1', '0', and negative numbers are off limits, as they are used b= y KVM + * as part of KVM's lightly documented internal KVM_RUN return codes. + * + * UNSUPPORTED - The MSR isn't supported, either because it is completely + * unknown to KVM, or because the MSR should not exist according + * to the vCPU model. + * + * FILTERED - Access to the MSR is denied by a userspace MSR filter. */ -#define KVM_MSR_RET_INVALID 2 /* in-kernel MSR emulation #GP condition */ -#define KVM_MSR_RET_FILTERED 3 /* #GP due to userspace MSR filter */ +#define KVM_MSR_RET_UNSUPPORTED 2 +#define KVM_MSR_RET_FILTERED 3 =20 #define __cr4_reserved_bits(__cpu_has, __c) \ ({ \ --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4777F166F3D for ; Fri, 2 Aug 2024 18:19:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622787; cv=none; b=ubZMkMolunJU/ZgD6wR+MM/oqlD+H1h9Pzzqk0T8wljxrHmjKrkQ8D/erAEkkvbK03xJp5lCc6liGjKgqWST+zheN58ebuI4KuqHCuONMvI3CCw3H2j5SIaZorgJXrylXp3O30j7M0avzV1K3im4qLCEXEsg3DN8DF/qNbSCDJc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622787; c=relaxed/simple; bh=o0OvfNa5TpmsX8GVsOCn2kcjYNVuMe77RFBY2fipKjU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=nznXKo5TDt5UsEOYx/bJq8BO+jkWD+/zMR3KOGyhxhiFd2fHqUgLuKehREvXqgp76vZ/ic6K1OZrND86spqY75l5K7fR+f0yerd6aSCcjGRAwHeSjlpxa2esAU19n2gnF39zXM9tpBtIRd8T/uqEnyk8wAzi8T9kuI2B8WJgHEM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ItA1+hrQ; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ItA1+hrQ" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-5e4df21f22dso3436855a12.0 for ; Fri, 02 Aug 2024 11:19:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622785; x=1723227585; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=3y7jhtRlBTUq2gZloEWogl61U5BQZHywuh8wmJ36c2A=; b=ItA1+hrQfOj8ahl0x1LEoApTdaOmkWUxzAFL7dC4P3Wodi4TC+dZghMWvIltivRop3 bLlcPHKpFzAAWNjrxb/FfiOiHMOmnxyIcLJTHKVA+u11zQHVv+Yaah5PRAoIcUJfFWio XFXEgm2AC78b0tcgDE5ZK8qxJlti5J2nNi77fzIbyXCoijKww7mXE5jOoAHR+gBSMWad LftwIEZXrob8vsQAxKPGJCNXHdW/ft5y0ik5FO79CcbhsWeDEZOfqnZkwG2xvmrtGJof LO+/3ZlG+cYEPRVAUNR/Wml4jvo94pK1BrQ/nYmmASK0Dfd6DiuQVBmDB0JgEeNQnuJO 3J5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622785; x=1723227585; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3y7jhtRlBTUq2gZloEWogl61U5BQZHywuh8wmJ36c2A=; b=JZtxfNkornY9qf14H5KBMGmIS5EujXOK8rdLL3ShHS9p7ie91TTwTxmXOvlV9hoxhE lBUBccCTuE/9XaMK5e7TulYY2/bCd6CtY8FKR/aVf5lO4k2MLV1/Pwn91r91UXdB01nB ErJ/q96SvuiIznfXaV6KjmM6qInCd5NTiwoCYURw5tmzZ57nKaYs2tjy+toJKPA5RYZe FI1qEANizQw7KaZ/L9vox65BRdoui3E4MrkFioKQVEGAZS67kApIlvovuZD19PSRlz3S VTxSG0Vo+AzOxcSdR22HBOTWiYrFXUXDeHFrLo8yrvMOZHOSEaX+Bt0ThgP160HSkc5T nZmw== X-Forwarded-Encrypted: i=1; AJvYcCXFSv4LgGgnNm1Wa16OovP/kE1btaDFKj3RNIOZCE4KJZK6Er+Wfth6RHz1k5LNzQzOMKO4hvwEZlcbi4qGSs/vbdPGXDMHlh5i7yMB X-Gm-Message-State: AOJu0YwFQSVLTuMfJ7/+ibHVm2VQv9yw0PNVmQy3ooOFKl074zq1M0Ae O7qV8gL//2dCPf/oig/Y50NVXqv3GWMYzR2Fc+4ixG1UZfaAKBYNd5Fd/lwuIA+U2vq4W5HCv2L jLA== X-Google-Smtp-Source: AGHT+IEnR7i5h9GNP0b4HLxTbsab2+f+GhoQsBoGgFUbEDCtwj1dHd6r6rZ8ZUS1NBOf3ABpFabYiQn18+A= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:6704:0:b0:7b8:b174:3200 with SMTP id 41be03b00d2f7-7b8b1743d58mr1457a12.5.1722622785368; Fri, 02 Aug 2024 11:19:45 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:29 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-5-seanjc@google.com> Subject: [PATCH v2 04/10] KVM: x86: Refactor kvm_x86_ops.get_msr_feature() to avoid kvm_msr_entry From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Refactor get_msr_feature() to take the index and data pointer as distinct parameters in anticipation of eliminating "struct kvm_msr_entry" usage further up the primary callchain. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/svm/svm.c | 16 +++++++--------- arch/x86/kvm/vmx/vmx.c | 6 +++--- arch/x86/kvm/vmx/x86_ops.h | 2 +- arch/x86/kvm/x86.c | 2 +- 5 files changed, 13 insertions(+), 15 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 950a03e0181e..ac7a1387a9a0 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1805,7 +1805,7 @@ struct kvm_x86_ops { int (*vm_move_enc_context_from)(struct kvm *kvm, unsigned int source_fd); void (*guest_memory_reclaimed)(struct kvm *kvm); =20 - int (*get_msr_feature)(struct kvm_msr_entry *entry); + int (*get_msr_feature)(u32 msr, u64 *data); =20 int (*check_emulate_instruction)(struct kvm_vcpu *vcpu, int emul_type, void *insn, int insn_len); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 909ba79067f8..c22e2b235882 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2825,14 +2825,14 @@ static int efer_trap(struct kvm_vcpu *vcpu) return kvm_complete_insn_gp(vcpu, ret); } =20 -static int svm_get_msr_feature(struct kvm_msr_entry *msr) +static int svm_get_msr_feature(u32 msr, u64 *data) { - msr->data =3D 0; + *data =3D 0; =20 - switch (msr->index) { + switch (msr) { case MSR_AMD64_DE_CFG: if (cpu_feature_enabled(X86_FEATURE_LFENCE_RDTSC)) - msr->data |=3D MSR_AMD64_DE_CFG_LFENCE_SERIALIZE; + *data |=3D MSR_AMD64_DE_CFG_LFENCE_SERIALIZE; break; default: return KVM_MSR_RET_UNSUPPORTED; @@ -3179,14 +3179,12 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struc= t msr_data *msr) kvm_pr_unimpl_wrmsr(vcpu, ecx, data); break; case MSR_AMD64_DE_CFG: { - struct kvm_msr_entry msr_entry; + u64 supported_de_cfg; =20 - msr_entry.index =3D msr->index; - if (svm_get_msr_feature(&msr_entry)) + if (svm_get_msr_feature(ecx, &supported_de_cfg)) return 1; =20 - /* Check the supported bits */ - if (data & ~msr_entry.data) + if (data & ~supported_de_cfg) return 1; =20 /* diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index e5b253e4d421..3d24eb4aeca2 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1998,13 +1998,13 @@ static inline bool is_vmx_feature_control_msr_valid= (struct vcpu_vmx *vmx, return !(msr->data & ~valid_bits); } =20 -int vmx_get_msr_feature(struct kvm_msr_entry *msr) +int vmx_get_msr_feature(u32 msr, u64 *data) { - switch (msr->index) { + switch (msr) { case KVM_FIRST_EMULATED_VMX_MSR ... KVM_LAST_EMULATED_VMX_MSR: if (!nested) return 1; - return vmx_get_vmx_msr(&vmcs_config.nested, msr->index, &msr->data); + return vmx_get_vmx_msr(&vmcs_config.nested, msr, data); default: return KVM_MSR_RET_UNSUPPORTED; } diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index ce3221cd1d01..9a0304eb847b 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -56,7 +56,7 @@ bool vmx_has_emulated_msr(struct kvm *kvm, u32 index); void vmx_msr_filter_changed(struct kvm_vcpu *vcpu); void vmx_prepare_switch_to_guest(struct kvm_vcpu *vcpu); void vmx_update_exception_bitmap(struct kvm_vcpu *vcpu); -int vmx_get_msr_feature(struct kvm_msr_entry *msr); +int vmx_get_msr_feature(u32 msr, u64 *data); int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info); u64 vmx_get_segment_base(struct kvm_vcpu *vcpu, int seg); void vmx_get_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int s= eg); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index a55f73ce7b2e..e64aba978380 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1675,7 +1675,7 @@ static int kvm_get_msr_feature(struct kvm_msr_entry *= msr) rdmsrl_safe(msr->index, &msr->data); break; default: - return kvm_x86_call(get_msr_feature)(msr); + return kvm_x86_call(get_msr_feature)(msr->index, &msr->data); } return 0; } --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1F69B16BE39 for ; Fri, 2 Aug 2024 18:19:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622789; cv=none; b=sL7rcJZ5s3DnIoG+690ch2QGlRM/Sge7BqyhWAPS8vyZMilS79hX6L/ONPVYbWP/PSPLtRR4AzeFKNYwaZ1Uz67SgaUsOYO2096Pr0NfFKf0WH95R+vB7JAoW8fFdzbOkUMsJdgIMw9+bWLLb2Gh+vd+RBp+NcCt3H5PkcUyx4k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622789; c=relaxed/simple; bh=BA66R9Ebk8eXc5BH6WLPIwNH02pf5d0FxWZLPIRPGQQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ZtH//RfQNk7FqFqSlvwrwv1uWXUwT8IAGqToL+a4qAyWu4fEnbvB6QUXgrb2I3eYqNXPhTobO4IlZsVlSSLAryLAmt3hd5sozCtOyXkJEe5HW4leWSAu4qZY4Q8iUMiC6huuoWX4UwuLpHyx4S9mC0NMZ/AXy91nehCY6aahVu8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=OkpdkXmP; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="OkpdkXmP" Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-66628e9ec89so169187457b3.1 for ; Fri, 02 Aug 2024 11:19:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622787; x=1723227587; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=6CcQw+sZl9HHBbK/x6F/462tx1D0J2Pp0TQp6+Gv7TY=; b=OkpdkXmPe/9lOtMyj5ISasmWkw9e/tuCIfyxXCxxnihcAPMG1RTEmhXpQpAw2iuW2j 8mI/8dyNQHyxLq4dVK3XIJT6WfzxvUCbYXuEq1ROGl0LZzYBdvHpZTRBXQ9w0p5E8j+1 R1o58UhTObtH0Yt/MGGR37s7baYk4MvyQuUsrhu7EEIwwp6F+rQkHWXQ2LH5I0a24vtA ddV8S4ZXt4HMABExGn6QGZFx0LpKiyW33mjRfA6ZCIIwBoCeVN0AGuHn31Q1aZUyLrYC MVoNcmZbIRFyo9MmQIm6J6OOwfzOoHHHmTCJ65B6rSb88khzX9itRbYFbDucOEak3S7l 082Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622787; x=1723227587; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6CcQw+sZl9HHBbK/x6F/462tx1D0J2Pp0TQp6+Gv7TY=; b=OAh8Db0PvuqP9ZJ5Qg3eHsIB4TUxYCtXY+kw5XwzFhwbKmUQcA3vdDGSHjqhAzq2+6 xirjaVEj5Pb0VNOErFkkYPk/B2AbcCjask2guL9qFJNKH1M9e9RZJGuKBTGdzK2d99kf qX+lWMpc34Dv81EDFV4GNmVi2hqawSH5bDomvMf11ll35HMzaD7BvJ/G7Ruu+88TUk/n fI0HGoWJGtHN4a9mUDiFdL/6V0t20yBRjrVXWk05EyMsLsusrM2OJ/vzcOHASBHH9i5r KO3+KGr0fdhiSvZWVfEdcpkBJYfwuaBi8yga8VFgtPGw+jP2Tx9dvHn/9uicKGeigZng x1xg== X-Forwarded-Encrypted: i=1; AJvYcCVH+riSHJ4lJdS4hIMolDl+Am9cErB8fpDBPdA303gfVN24WQdQWQ9W13yOwRbfclZCKHUTop4OEW3PPorblJ6dtsqnEhhCDJ1G5UPm X-Gm-Message-State: AOJu0YxwK1AVW0VrHWIcIA/hPFWnUxV/R6heqw3KJLdC6o40/FsLPi37 CU4Im9RplllfhH4lNnLontPlkjcl2S+zQscuxMLj+r//6XsycGvhsAy7xs5bANwsExgKOtKQSUX 5/g== X-Google-Smtp-Source: AGHT+IGw4ZhGgrmIy6+WxThtXS+JJCwlzxwXpHkLAHzBUXLadkseKLJaMvAPHEo3QNqDVXWlCta56cGr+go= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:690c:f8c:b0:64b:6aaa:2593 with SMTP id 00721157ae682-68963bd9077mr2368087b3.6.1722622787234; Fri, 02 Aug 2024 11:19:47 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:30 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-6-seanjc@google.com> Subject: [PATCH v2 05/10] KVM: x86: Rename get_msr_feature() APIs to get_feature_msr() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rename all APIs related to feature MSRs from get_feature_msr() to get_feature_msr(). The APIs get "feature MSRs", not "MSR features". And unlike kvm_{g,s}et_msr_common(), the "feature" adjective doesn't describe the helper itself. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm-x86-ops.h | 2 +- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/svm/svm.c | 6 +++--- arch/x86/kvm/vmx/main.c | 2 +- arch/x86/kvm/vmx/vmx.c | 2 +- arch/x86/kvm/vmx/x86_ops.h | 2 +- arch/x86/kvm/x86.c | 12 ++++++------ 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index 68ad4f923664..9afbf8bcb521 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -125,7 +125,7 @@ KVM_X86_OP_OPTIONAL(mem_enc_unregister_region) KVM_X86_OP_OPTIONAL(vm_copy_enc_context_from) KVM_X86_OP_OPTIONAL(vm_move_enc_context_from) KVM_X86_OP_OPTIONAL(guest_memory_reclaimed) -KVM_X86_OP(get_msr_feature) +KVM_X86_OP(get_feature_msr) KVM_X86_OP(check_emulate_instruction) KVM_X86_OP(apic_init_signal_blocked) KVM_X86_OP_OPTIONAL(enable_l2_tlb_flush) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index ac7a1387a9a0..b9d784abafdf 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1805,7 +1805,7 @@ struct kvm_x86_ops { int (*vm_move_enc_context_from)(struct kvm *kvm, unsigned int source_fd); void (*guest_memory_reclaimed)(struct kvm *kvm); =20 - int (*get_msr_feature)(u32 msr, u64 *data); + int (*get_feature_msr)(u32 msr, u64 *data); =20 int (*check_emulate_instruction)(struct kvm_vcpu *vcpu, int emul_type, void *insn, int insn_len); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c22e2b235882..f6980e0d2941 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2825,7 +2825,7 @@ static int efer_trap(struct kvm_vcpu *vcpu) return kvm_complete_insn_gp(vcpu, ret); } =20 -static int svm_get_msr_feature(u32 msr, u64 *data) +static int svm_get_feature_msr(u32 msr, u64 *data) { *data =3D 0; =20 @@ -3181,7 +3181,7 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr) case MSR_AMD64_DE_CFG: { u64 supported_de_cfg; =20 - if (svm_get_msr_feature(ecx, &supported_de_cfg)) + if (svm_get_feature_msr(ecx, &supported_de_cfg)) return 1; =20 if (data & ~supported_de_cfg) @@ -5001,7 +5001,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .vcpu_unblocking =3D avic_vcpu_unblocking, =20 .update_exception_bitmap =3D svm_update_exception_bitmap, - .get_msr_feature =3D svm_get_msr_feature, + .get_feature_msr =3D svm_get_feature_msr, .get_msr =3D svm_get_msr, .set_msr =3D svm_set_msr, .get_segment_base =3D svm_get_segment_base, diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 0bf35ebe8a1b..4f6023a0deb3 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -41,7 +41,7 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .vcpu_put =3D vmx_vcpu_put, =20 .update_exception_bitmap =3D vmx_update_exception_bitmap, - .get_msr_feature =3D vmx_get_msr_feature, + .get_feature_msr =3D vmx_get_feature_msr, .get_msr =3D vmx_get_msr, .set_msr =3D vmx_set_msr, .get_segment_base =3D vmx_get_segment_base, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 3d24eb4aeca2..cf85f8d50ccb 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1998,7 +1998,7 @@ static inline bool is_vmx_feature_control_msr_valid(s= truct vcpu_vmx *vmx, return !(msr->data & ~valid_bits); } =20 -int vmx_get_msr_feature(u32 msr, u64 *data) +int vmx_get_feature_msr(u32 msr, u64 *data) { switch (msr) { case KVM_FIRST_EMULATED_VMX_MSR ... KVM_LAST_EMULATED_VMX_MSR: diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 9a0304eb847b..eeafd121fb08 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -56,7 +56,7 @@ bool vmx_has_emulated_msr(struct kvm *kvm, u32 index); void vmx_msr_filter_changed(struct kvm_vcpu *vcpu); void vmx_prepare_switch_to_guest(struct kvm_vcpu *vcpu); void vmx_update_exception_bitmap(struct kvm_vcpu *vcpu); -int vmx_get_msr_feature(u32 msr, u64 *data); +int vmx_get_feature_msr(u32 msr, u64 *data); int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info); u64 vmx_get_segment_base(struct kvm_vcpu *vcpu, int seg); void vmx_get_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int s= eg); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index e64aba978380..660ff8795d92 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1662,7 +1662,7 @@ static u64 kvm_get_arch_capabilities(void) return data; } =20 -static int kvm_get_msr_feature(struct kvm_msr_entry *msr) +static int kvm_get_feature_msr(struct kvm_msr_entry *msr) { switch (msr->index) { case MSR_IA32_ARCH_CAPABILITIES: @@ -1675,12 +1675,12 @@ static int kvm_get_msr_feature(struct kvm_msr_entry= *msr) rdmsrl_safe(msr->index, &msr->data); break; default: - return kvm_x86_call(get_msr_feature)(msr->index, &msr->data); + return kvm_x86_call(get_feature_msr)(msr->index, &msr->data); } return 0; } =20 -static int do_get_msr_feature(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) +static int do_get_feature_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) { struct kvm_msr_entry msr; int r; @@ -1688,7 +1688,7 @@ static int do_get_msr_feature(struct kvm_vcpu *vcpu, = unsigned index, u64 *data) /* Unconditionally clear the output for simplicity */ msr.data =3D 0; msr.index =3D index; - r =3D kvm_get_msr_feature(&msr); + r =3D kvm_get_feature_msr(&msr); =20 if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) r =3D 0; @@ -4946,7 +4946,7 @@ long kvm_arch_dev_ioctl(struct file *filp, break; } case KVM_GET_MSRS: - r =3D msr_io(NULL, argp, do_get_msr_feature, 1); + r =3D msr_io(NULL, argp, do_get_feature_msr, 1); break; #ifdef CONFIG_KVM_HYPERV case KVM_GET_SUPPORTED_HV_CPUID: @@ -7385,7 +7385,7 @@ static void kvm_probe_feature_msr(u32 msr_index) .index =3D msr_index, }; =20 - if (kvm_get_msr_feature(&msr)) + if (kvm_get_feature_msr(&msr)) return; =20 msr_based_features[num_msr_based_features++] =3D msr_index; --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D4BAB175D5E for ; Fri, 2 Aug 2024 18:19:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622791; cv=none; b=trzfTTan4zdhplYHG/IRMaF/cye4BDwnhe+uOyA+vLR0+NlDxBOaA5LfWoZuW3D58zPIXUNNGbo57QHUUwjPBmSqj7AsFxbXefBhludAQAntWoTKumFjRlsctJboP2xsCoLVUAGET/3GyuwNaGYSf5uUAVA2bKfs2pchxcVaI+s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622791; c=relaxed/simple; bh=/bvTtQNRkvNsH1xfdg1QYCugiedxqxo4QB5+ISIcE1g=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=XrRO6/QVLWbOg2ZujpCjbJOP7c9/qOVcST/A9lpr4U8I1IzErjoUP00oz+MNuMdtFm/mgHnIf3vwlf4FWR5So0TC9/+fn0lzdDH4R3lWXLFwB6J8UHN8MIg14YFJFjDkUwNXhaECt/K/bw2DgS9UChyMdJbwPfQ3Tkm//VAIP/g= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=deW1Ykhf; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="deW1Ykhf" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-781cc721188so7486963a12.0 for ; Fri, 02 Aug 2024 11:19:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622789; x=1723227589; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=ljUnkMiG++SY4Qp4y5L/vw9gXfBRTB4h0f2GdA4zH0E=; b=deW1YkhfcZ4lt/MKeTgzCZDFoQxStrEMZZMS5uoSH3+6O+0dXSoUvMt+rVspGLt95n 6axoVWQE4O0nWHZ4ATVXW6n7xUTCuCGwKcgvUJI2Reg4lmsLG12hFiQ+h5rupA7yb+9e Ma+EF/jDjaZzDIFZMCy7FLK3qxMCx6FSNdyfUWCI7GsSmJjPkzA0EFV4VE0Yv/j/muN7 aMo6iEVQ2HYBLL/TTYrKGbMHLd1C7tXoAXUv+2g5qwW4tpPDiy9pb/0QKqs/C09mY6iF TlOwjkSAQ2DnFGIgd8CQX6QwvhVNY2vbGxhEqq/MSVn6MqByxTdz3DzKE28hDCqegq/y SuaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622789; x=1723227589; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ljUnkMiG++SY4Qp4y5L/vw9gXfBRTB4h0f2GdA4zH0E=; b=hvaIOeqDq4YKFTEEX1IHN8mN5Ud8MFfdqKX5qG2ovwT6lCRECpH3MAmGS1rIPzpQZO fNvUSF+9P9Skr6/rEsvAcvkyyzVpxmdB2nLbaeCNdIXO3Cfhb64tIUBE4VSdR/CdbhpI jSjr6IByDVNkMDxbh558JkWDiIx5dmc71Oqg8I3UsC8FaqySle7rTPxI4mxjMdhCP2GH dJPFKcJCzH7Q5XnSs47jETv2xQRw6mkg62+nZV3HnYzzy5j7y222Sxn0x+f00Z6oPpPr lfya+Wn7eSieCH2z+IeH+E6S4SJEfi1MDKu3+Gp0mb8XH8uDAY/pW4ZQZutXQ18rrMPI rcgw== X-Forwarded-Encrypted: i=1; AJvYcCV7mjjxjbCreS+1wq597kl8EHHvL4BK7jVOskMpPXj2xUelL0OYPMdZRsWKmn+1uuyK+WYAlskjl18RhRWhHjpV+QJ2Tcuh0R8Rhz++ X-Gm-Message-State: AOJu0YyL3k+n6zFLWs9QVbFd00XVSOdpRt+msKqSycamteuwswMi8nvu FEtoR8nXJxRLP/BtCCdaLFzuFjNGDyo7FweBw0PmE0I/YDSVe3Hi2nNE3YRG0oXm5eoY8nynSnH jUg== X-Google-Smtp-Source: AGHT+IGkexDJJzr/ldNDkgj7g3TvnPn669xg/DKex/JnoQk0mnOKpuGLpI7/QDSdq77MIzwNH38n3eRvpKc= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:9d02:0:b0:5dc:2d1c:43c6 with SMTP id 41be03b00d2f7-7b74a1f8ec5mr7609a12.9.1722622789133; Fri, 02 Aug 2024 11:19:49 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:31 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-7-seanjc@google.com> Subject: [PATCH v2 06/10] KVM: x86: Refactor kvm_get_feature_msr() to avoid struct kvm_msr_entry From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Refactor kvm_get_feature_msr() to take the components of kvm_msr_entry as separate parameters, along with a vCPU pointer, i.e. to give it the same prototype as kvm_{g,s}et_msr_ignored_check(). This will allow using a common inner helper for handling accesses to "regular" and feature MSRs. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 660ff8795d92..52f11682dd09 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1662,39 +1662,38 @@ static u64 kvm_get_arch_capabilities(void) return data; } =20 -static int kvm_get_feature_msr(struct kvm_msr_entry *msr) +static int kvm_get_feature_msr(struct kvm_vcpu *vcpu, u32 index, u64 *data, + bool host_initiated) { - switch (msr->index) { + WARN_ON_ONCE(!host_initiated); + + switch (index) { case MSR_IA32_ARCH_CAPABILITIES: - msr->data =3D kvm_get_arch_capabilities(); + *data =3D kvm_get_arch_capabilities(); break; case MSR_IA32_PERF_CAPABILITIES: - msr->data =3D kvm_caps.supported_perf_cap; + *data =3D kvm_caps.supported_perf_cap; break; case MSR_IA32_UCODE_REV: - rdmsrl_safe(msr->index, &msr->data); + rdmsrl_safe(index, data); break; default: - return kvm_x86_call(get_feature_msr)(msr->index, &msr->data); + return kvm_x86_call(get_feature_msr)(index, data); } return 0; } =20 static int do_get_feature_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) { - struct kvm_msr_entry msr; int r; =20 /* Unconditionally clear the output for simplicity */ - msr.data =3D 0; - msr.index =3D index; - r =3D kvm_get_feature_msr(&msr); + *data =3D 0; + r =3D kvm_get_feature_msr(vcpu, index, data, true); =20 if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) r =3D 0; =20 - *data =3D msr.data; - return r; } =20 @@ -7381,11 +7380,9 @@ int kvm_arch_vm_ioctl(struct file *filp, unsigned in= t ioctl, unsigned long arg) =20 static void kvm_probe_feature_msr(u32 msr_index) { - struct kvm_msr_entry msr =3D { - .index =3D msr_index, - }; + u64 data; =20 - if (kvm_get_feature_msr(&msr)) + if (kvm_get_feature_msr(NULL, msr_index, &data, true)) return; =20 msr_based_features[num_msr_based_features++] =3D msr_index; --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CC87315C153 for ; Fri, 2 Aug 2024 18:19:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622793; cv=none; b=MRSsIpIe49fNspNQ2YYjcjvy60me8OLbKZbXz40F7hEbbxbUbwIUGBhpA7lez4OMktnlFZAkAZcpIGcTMlI2rCuQ5xeMHuAoLi5rSg7jlhlcN7F4i+xBhAt5CRt+PSPZCIkN1RckIlkq2S0wfWpb+XAcpTV8mwlb1JnL9ZUeq2k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622793; c=relaxed/simple; bh=rb4xVIVY12PSC4y2haLtDlo9YGZcnbCa7i6qL/X40NM=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=etS4g1N6DDRxx9cCuZHZEInA2t4Ja7I8RT3xkyHz2MRa12/iO/fikyRyy6mKLQpqQ05Ud3AapRvXR9VWFXeGqkmhokmfEc5Dy9H5YrgTdjCJE8IdzqTckhvolCSF+cP7qd21HJe5ZZ1wZQojpgRu577UAD7G8JXnkZ3hZlHEdT8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=0Xww6kSm; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="0Xww6kSm" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1fc5f04f356so65924075ad.1 for ; Fri, 02 Aug 2024 11:19:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622791; x=1723227591; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=liDh8TaOioVIlAl31U6Easr9NJIvPr0hlSoyEcDP6UE=; b=0Xww6kSm+NM6D6+poBthSBRbfoW6SAnZYFV37gYD/vgqomcqPMHIVB8Jrix9hoJgwi poFX2B+8Nt9egjVvUPevUyMdxohuRn0n7Uu7CwOsllnLvWEeBLezkROdqpNmDzFLxNx9 aj+smqjqpxkdQrLWhyHGIVxS+YoL4Fe9JjS4g8VB9/fa+MtJjQonfY9aFLYN4dzDO2XL IUtOoyeiYhxuOkSqNhxLCWn+1i9oNPXA/0FhYYUCXgJt6uivdYy1xtI51zZ/++8U95iW UdX9k+wCbprDtXlqdlas+epOBtzB2jmIMsNCzJZ0snTfLkVllKuOKNtn+irTAFSfG7XP MWoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622791; x=1723227591; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=liDh8TaOioVIlAl31U6Easr9NJIvPr0hlSoyEcDP6UE=; b=ck6FtvAN5OxPHTn5hV+UFzLetj2Zpvr47OmwR5R5miQ7IiPuJXeEkLiBFuE/perG2A t6R87Vq7SXejL2cd+bH1ALBLVL5RR2JDSvXNWYOSJzPII5fXdiALb9C4FUkuRkYZBw6r HMT6Liqw7zdhZWOOjIcouVg21R4fGkWyHqhgiPHHhESlXpDH1ZiwJdSx3Kj0D9A5EzJX ZPe2r9iny0w4Wga/Io3d8HrtErh2Vxn6wutuyPVkgkCB7KZZYBEB5TTgGrUb1W6nMphd cgCfJgGcqp4p5GK1/Xc38DaSfBvy8de/OnflEsYefQ8HBKgpktxV8FUmDPf7uZVaYKld xgpg== X-Forwarded-Encrypted: i=1; AJvYcCW4j+AAJIkXdRR1AYt5yomjFWMc/we26e3Hh4pbrSDxTPOLoCuyqiRS3vESQO8NHqRKiSJFIYrUNvXHrqCjfkFifIQOA7SYHwYhcwx1 X-Gm-Message-State: AOJu0Yz+HeEpo9Y2e/gKctn7fFYV2BW32+g5lotwUmSn8kIu3KKOGdsl kNoX52MdnaVz7+YQ4KRX4OpEJPVhSiA4zbSFjJhMnORRZiTOQ96aGj5QeNzzXSFm/wYB2xMqAWb p6w== X-Google-Smtp-Source: AGHT+IHrMYkp+Sv0Ir8/V6sg9voPRnli4M+1aNojNmkpNZwkU3BYmG8QxRHCV+CafGj4pShbs7Gk5NQON2g= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:ea08:b0:1fc:6ebf:9095 with SMTP id d9443c01a7336-1ff570da24dmr2269805ad.0.1722622791041; Fri, 02 Aug 2024 11:19:51 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:32 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-8-seanjc@google.com> Subject: [PATCH v2 07/10] KVM: x86: Funnel all fancy MSR return value handling into a common helper From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a common helper, kvm_do_msr_access(), to invoke the "leaf" APIs that are type and access specific, and more importantly to handle errors that are returned from the leaf APIs. I.e. turn kvm_msr_ignored_check() from a a helper that is called on an error, into a trampoline that detects errors *and* applies relevant side effects, e.g. logging unimplemented accesses. Because the leaf APIs are used for guest accesses, userspace accesses, and KVM accesses, and because KVM supports restricting access to MSRs from userspace via filters, the error handling is subtly non-trivial. E.g. KVM has had at least one bug escape due to making each "outer" function handle errors. See commit 3376ca3f1a20 ("KVM: x86: Fix KVM_GET_MSRS stack info leak"). Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 86 +++++++++++++++++++++++----------------------- 1 file changed, 43 insertions(+), 43 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 52f11682dd09..4de1d7f17109 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -304,25 +304,40 @@ const struct kvm_stats_header kvm_vcpu_stats_header = =3D { =20 static struct kmem_cache *x86_emulator_cache; =20 -/* - * When called, it means the previous get/set msr reached an invalid msr. - * Return true if we want to ignore/silent this failed msr access. - */ -static bool kvm_msr_ignored_check(u32 msr, u64 data, bool write) +typedef int (*msr_access_t)(struct kvm_vcpu *vcpu, u32 index, u64 *data, + bool host_initiated); + +static __always_inline int kvm_do_msr_access(struct kvm_vcpu *vcpu, u32 ms= r, + u64 *data, bool host_initiated, + enum kvm_msr_access rw, + msr_access_t msr_access_fn) { - const char *op =3D write ? "wrmsr" : "rdmsr"; - - if (ignore_msrs) { - if (report_ignored_msrs) - kvm_pr_unimpl("ignored %s: 0x%x data 0x%llx\n", - op, msr, data); - /* Mask the error */ - return true; - } else { + const char *op =3D rw =3D=3D MSR_TYPE_W ? "wrmsr" : "rdmsr"; + int ret; + + BUILD_BUG_ON(rw !=3D MSR_TYPE_R && rw !=3D MSR_TYPE_W); + + /* + * Zero the data on read failures to avoid leaking stack data to the + * guest and/or userspace, e.g. if the failure is ignored below. + */ + ret =3D msr_access_fn(vcpu, msr, data, host_initiated); + if (ret && rw =3D=3D MSR_TYPE_R) + *data =3D 0; + + if (ret !=3D KVM_MSR_RET_UNSUPPORTED) + return ret; + + if (!ignore_msrs) { kvm_debug_ratelimited("unhandled %s: 0x%x data 0x%llx\n", - op, msr, data); - return false; + op, msr, *data); + return ret; } + + if (report_ignored_msrs) + kvm_pr_unimpl("ignored %s: 0x%x data 0x%llx\n", op, msr, *data); + + return 0; } =20 static struct kmem_cache *kvm_alloc_emulator_cache(void) @@ -1685,16 +1700,8 @@ static int kvm_get_feature_msr(struct kvm_vcpu *vcpu= , u32 index, u64 *data, =20 static int do_get_feature_msr(struct kvm_vcpu *vcpu, unsigned index, u64 *= data) { - int r; - - /* Unconditionally clear the output for simplicity */ - *data =3D 0; - r =3D kvm_get_feature_msr(vcpu, index, data, true); - - if (r =3D=3D KVM_MSR_RET_UNSUPPORTED && kvm_msr_ignored_check(index, 0, f= alse)) - r =3D 0; - - return r; + return kvm_do_msr_access(vcpu, index, data, true, MSR_TYPE_R, + kvm_get_feature_msr); } =20 static bool __kvm_valid_efer(struct kvm_vcpu *vcpu, u64 efer) @@ -1881,16 +1888,17 @@ static int __kvm_set_msr(struct kvm_vcpu *vcpu, u32= index, u64 data, return kvm_x86_call(set_msr)(vcpu, &msr); } =20 +static int _kvm_set_msr(struct kvm_vcpu *vcpu, u32 index, u64 *data, + bool host_initiated) +{ + return __kvm_set_msr(vcpu, index, *data, host_initiated); +} + static int kvm_set_msr_ignored_check(struct kvm_vcpu *vcpu, u32 index, u64 data, bool host_initiated) { - int ret =3D __kvm_set_msr(vcpu, index, data, host_initiated); - - if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) - if (kvm_msr_ignored_check(index, data, true)) - ret =3D 0; - - return ret; + return kvm_do_msr_access(vcpu, index, &data, host_initiated, MSR_TYPE_W, + _kvm_set_msr); } =20 /* @@ -1929,16 +1937,8 @@ int __kvm_get_msr(struct kvm_vcpu *vcpu, u32 index, = u64 *data, static int kvm_get_msr_ignored_check(struct kvm_vcpu *vcpu, u32 index, u64 *data, bool host_initiated) { - int ret =3D __kvm_get_msr(vcpu, index, data, host_initiated); - - if (ret =3D=3D KVM_MSR_RET_UNSUPPORTED) { - /* Unconditionally clear *data for simplicity */ - *data =3D 0; - if (kvm_msr_ignored_check(index, 0, false)) - ret =3D 0; - } - - return ret; + return kvm_do_msr_access(vcpu, index, data, host_initiated, MSR_TYPE_R, + __kvm_get_msr); } =20 static int kvm_get_msr_with_filter(struct kvm_vcpu *vcpu, u32 index, u64 *= data) --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A72AC1A83B4 for ; Fri, 2 Aug 2024 18:19:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622795; cv=none; b=LA9o3h2nFcolnRvlFBo4A2dbyN2xWPzbgMsqCk8Hm7mvh1DezmYIUugwJSXxscE8VxktQojyc/1uIJdTzz7ZZOnr/0NMT4/TsBT+iBGYbBNyw5kwzCOOabSqqcwPdN7dBR7dWdkLkncuBWGev8PvGPsaRC4Xakefl4Ddemp8cTg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622795; c=relaxed/simple; bh=Me8Eo+MvIzPMLzI320ZRHVctlxzYT40aoDeS1tIVUcU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Rmn8gFJiu6B9FzWEwYGWj1lDMIIdwYdYwKACVcc4HqTIPSvm13OLgGDxsL24KUYLbPQF5+AHg4tHYtuKOFKzjbYZMHuiMPjZkPlCZ+5VqugnP19Zin2JOOURD78gphZ112e2NO7LLbag9aGVusLhuGGBE0u6aeoPu1WCkcxL3J4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=dE5EUyAs; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="dE5EUyAs" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-1fc51ea72abso81535475ad.1 for ; Fri, 02 Aug 2024 11:19:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622793; x=1723227593; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=LkWS5JYANXD4WC3fP+ZndYoHRMqSIM9FlXyYtLSkfM8=; b=dE5EUyAs99EQ7TB8h5Ta50ke/lKEHlNLBF3NXiol2u4261Y8aRjVq41VI8pw2jVm75 y3h3Ah3PRjFdlE339Gs9JnwiqH3FlGuzvfC+9u8kTRmyQsWMLZW1YyiYvP4qKnkCKBoy voMYR6fM8AMsmzRSC/cOk2PmycVKjPdmRi0Zwf5Tc7Y6+4CiCcSj5rIZG1Q4Pnf/bWDF l+ZqtktZTjOXC5PYc57LIqBsW+iQgBj/0b8auQk7KtMVICQg3gxLoG9yjWz5uzTUmXVF MXuKvIFJAuhztU/QCAXvm1rwRCEJkLgcr7YTiEXR18UL1BvRXSsUWbhV2QOBF8Aaz7Ap 8EWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622793; x=1723227593; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LkWS5JYANXD4WC3fP+ZndYoHRMqSIM9FlXyYtLSkfM8=; b=e98ZU1BBEvz4S4LCC4LFyKSCOdxPqhUpZStjsVDuHowZ/8qKur6WCw/0bxR6meFjjM 03X8W31WDovXyIXMIbcyqjI84R6Oj9W4OPKD1x9cNmVbtbHK3mozHYg/BY6bONiKEN2O Fx7DDFSNk4rKHy+nJRwm7dLyth8Snjw1ff27qHGvfNW+THM1RS7+GqmmMvRbdOLoxBDD om+YrJdQTwIZgz5XAqZGxwX0y72FH2lxz7sKArZFT1rDMNyr0ArZVuNWrILpAEUGyEyc ruQw19QkGbdeoH+7ZMLEJJqGSujs6L3qA/uQZ9MvF5kpj7scAOgmOxVE+qqn5Ts0j9dc QjkQ== X-Forwarded-Encrypted: i=1; AJvYcCV+sV/t6B823BputO/hL73+qE1myrZ4DrnHWSnoyQ/D/i8TN/dzMag8Kqt/Adbw9EP6MuOsYW4W0poKn0GMzVS4Pt5u5jOQ9v4WVYw1 X-Gm-Message-State: AOJu0YzxgQwaeV0G2Uz+ZWDPGe7eseW+POmbUtOJVAOqWjxqsMOnsarw z8f+Tlvepok7iizCeZBh8015Xqk2VIq1Yu4Agflc6lsuRyr0NWPMMmvU4XeUZf5VKaHo1Uzl6AQ R7Q== X-Google-Smtp-Source: AGHT+IEvAsK4EUpCMeEdJPk5PiekcGKdsfmP8xBhi3WPsHryQw1Txod98VcPIvaBrEy2nbAm7QkW3nrWvFQ= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:d502:b0:1f9:b35f:a2b6 with SMTP id d9443c01a7336-1ff5725095fmr2433365ad.1.1722622792947; Fri, 02 Aug 2024 11:19:52 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:33 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-9-seanjc@google.com> Subject: [PATCH v2 08/10] KVM: x86: Hoist x86.c's global msr_* variables up above kvm_do_msr_access() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move the definitions of the various MSR arrays above kvm_do_msr_access() so that kvm_do_msr_access() can query the arrays when handling failures, e.g. to squash errors if userspace tries to read an MSR that isn't fully supported, but that KVM advertised as being an MSR-to-save. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 368 ++++++++++++++++++++++----------------------- 1 file changed, 184 insertions(+), 184 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 4de1d7f17109..d0ea6340fba1 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -304,6 +304,190 @@ const struct kvm_stats_header kvm_vcpu_stats_header = =3D { =20 static struct kmem_cache *x86_emulator_cache; =20 +/* + * The three MSR lists(msrs_to_save, emulated_msrs, msr_based_features) tr= ack + * the set of MSRs that KVM exposes to userspace through KVM_GET_MSRS, + * KVM_SET_MSRS, and KVM_GET_MSR_INDEX_LIST. msrs_to_save holds MSRs that + * require host support, i.e. should be probed via RDMSR. emulated_msrs h= olds + * MSRs that KVM emulates without strictly requiring host support. + * msr_based_features holds MSRs that enumerate features, i.e. are effecti= vely + * CPUID leafs. Note, msr_based_features isn't mutually exclusive with + * msrs_to_save and emulated_msrs. + */ + +static const u32 msrs_to_save_base[] =3D { + MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP, + MSR_STAR, +#ifdef CONFIG_X86_64 + MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR, +#endif + MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA, + MSR_IA32_FEAT_CTL, MSR_IA32_BNDCFGS, MSR_TSC_AUX, + MSR_IA32_SPEC_CTRL, MSR_IA32_TSX_CTRL, + MSR_IA32_RTIT_CTL, MSR_IA32_RTIT_STATUS, MSR_IA32_RTIT_CR3_MATCH, + MSR_IA32_RTIT_OUTPUT_BASE, MSR_IA32_RTIT_OUTPUT_MASK, + MSR_IA32_RTIT_ADDR0_A, MSR_IA32_RTIT_ADDR0_B, + MSR_IA32_RTIT_ADDR1_A, MSR_IA32_RTIT_ADDR1_B, + MSR_IA32_RTIT_ADDR2_A, MSR_IA32_RTIT_ADDR2_B, + MSR_IA32_RTIT_ADDR3_A, MSR_IA32_RTIT_ADDR3_B, + MSR_IA32_UMWAIT_CONTROL, + + MSR_IA32_XFD, MSR_IA32_XFD_ERR, +}; + +static const u32 msrs_to_save_pmu[] =3D { + MSR_ARCH_PERFMON_FIXED_CTR0, MSR_ARCH_PERFMON_FIXED_CTR1, + MSR_ARCH_PERFMON_FIXED_CTR0 + 2, + MSR_CORE_PERF_FIXED_CTR_CTRL, MSR_CORE_PERF_GLOBAL_STATUS, + MSR_CORE_PERF_GLOBAL_CTRL, + MSR_IA32_PEBS_ENABLE, MSR_IA32_DS_AREA, MSR_PEBS_DATA_CFG, + + /* This part of MSRs should match KVM_MAX_NR_INTEL_GP_COUNTERS. */ + MSR_ARCH_PERFMON_PERFCTR0, MSR_ARCH_PERFMON_PERFCTR1, + MSR_ARCH_PERFMON_PERFCTR0 + 2, MSR_ARCH_PERFMON_PERFCTR0 + 3, + MSR_ARCH_PERFMON_PERFCTR0 + 4, MSR_ARCH_PERFMON_PERFCTR0 + 5, + MSR_ARCH_PERFMON_PERFCTR0 + 6, MSR_ARCH_PERFMON_PERFCTR0 + 7, + MSR_ARCH_PERFMON_EVENTSEL0, MSR_ARCH_PERFMON_EVENTSEL1, + MSR_ARCH_PERFMON_EVENTSEL0 + 2, MSR_ARCH_PERFMON_EVENTSEL0 + 3, + MSR_ARCH_PERFMON_EVENTSEL0 + 4, MSR_ARCH_PERFMON_EVENTSEL0 + 5, + MSR_ARCH_PERFMON_EVENTSEL0 + 6, MSR_ARCH_PERFMON_EVENTSEL0 + 7, + + MSR_K7_EVNTSEL0, MSR_K7_EVNTSEL1, MSR_K7_EVNTSEL2, MSR_K7_EVNTSEL3, + MSR_K7_PERFCTR0, MSR_K7_PERFCTR1, MSR_K7_PERFCTR2, MSR_K7_PERFCTR3, + + /* This part of MSRs should match KVM_MAX_NR_AMD_GP_COUNTERS. */ + MSR_F15H_PERF_CTL0, MSR_F15H_PERF_CTL1, MSR_F15H_PERF_CTL2, + MSR_F15H_PERF_CTL3, MSR_F15H_PERF_CTL4, MSR_F15H_PERF_CTL5, + MSR_F15H_PERF_CTR0, MSR_F15H_PERF_CTR1, MSR_F15H_PERF_CTR2, + MSR_F15H_PERF_CTR3, MSR_F15H_PERF_CTR4, MSR_F15H_PERF_CTR5, + + MSR_AMD64_PERF_CNTR_GLOBAL_CTL, + MSR_AMD64_PERF_CNTR_GLOBAL_STATUS, + MSR_AMD64_PERF_CNTR_GLOBAL_STATUS_CLR, +}; + +static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_base) + + ARRAY_SIZE(msrs_to_save_pmu)]; +static unsigned num_msrs_to_save; + +static const u32 emulated_msrs_all[] =3D { + MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK, + MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW, + +#ifdef CONFIG_KVM_HYPERV + HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL, + HV_X64_MSR_TIME_REF_COUNT, HV_X64_MSR_REFERENCE_TSC, + HV_X64_MSR_TSC_FREQUENCY, HV_X64_MSR_APIC_FREQUENCY, + HV_X64_MSR_CRASH_P0, HV_X64_MSR_CRASH_P1, HV_X64_MSR_CRASH_P2, + HV_X64_MSR_CRASH_P3, HV_X64_MSR_CRASH_P4, HV_X64_MSR_CRASH_CTL, + HV_X64_MSR_RESET, + HV_X64_MSR_VP_INDEX, + HV_X64_MSR_VP_RUNTIME, + HV_X64_MSR_SCONTROL, + HV_X64_MSR_STIMER0_CONFIG, + HV_X64_MSR_VP_ASSIST_PAGE, + HV_X64_MSR_REENLIGHTENMENT_CONTROL, HV_X64_MSR_TSC_EMULATION_CONTROL, + HV_X64_MSR_TSC_EMULATION_STATUS, HV_X64_MSR_TSC_INVARIANT_CONTROL, + HV_X64_MSR_SYNDBG_OPTIONS, + HV_X64_MSR_SYNDBG_CONTROL, HV_X64_MSR_SYNDBG_STATUS, + HV_X64_MSR_SYNDBG_SEND_BUFFER, HV_X64_MSR_SYNDBG_RECV_BUFFER, + HV_X64_MSR_SYNDBG_PENDING_BUFFER, +#endif + + MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME, + MSR_KVM_PV_EOI_EN, MSR_KVM_ASYNC_PF_INT, MSR_KVM_ASYNC_PF_ACK, + + MSR_IA32_TSC_ADJUST, + MSR_IA32_TSC_DEADLINE, + MSR_IA32_ARCH_CAPABILITIES, + MSR_IA32_PERF_CAPABILITIES, + MSR_IA32_MISC_ENABLE, + MSR_IA32_MCG_STATUS, + MSR_IA32_MCG_CTL, + MSR_IA32_MCG_EXT_CTL, + MSR_IA32_SMBASE, + MSR_SMI_COUNT, + MSR_PLATFORM_INFO, + MSR_MISC_FEATURES_ENABLES, + MSR_AMD64_VIRT_SPEC_CTRL, + MSR_AMD64_TSC_RATIO, + MSR_IA32_POWER_CTL, + MSR_IA32_UCODE_REV, + + /* + * KVM always supports the "true" VMX control MSRs, even if the host + * does not. The VMX MSRs as a whole are considered "emulated" as KVM + * doesn't strictly require them to exist in the host (ignoring that + * KVM would refuse to load in the first place if the core set of MSRs + * aren't supported). + */ + MSR_IA32_VMX_BASIC, + MSR_IA32_VMX_TRUE_PINBASED_CTLS, + MSR_IA32_VMX_TRUE_PROCBASED_CTLS, + MSR_IA32_VMX_TRUE_EXIT_CTLS, + MSR_IA32_VMX_TRUE_ENTRY_CTLS, + MSR_IA32_VMX_MISC, + MSR_IA32_VMX_CR0_FIXED0, + MSR_IA32_VMX_CR4_FIXED0, + MSR_IA32_VMX_VMCS_ENUM, + MSR_IA32_VMX_PROCBASED_CTLS2, + MSR_IA32_VMX_EPT_VPID_CAP, + MSR_IA32_VMX_VMFUNC, + + MSR_K7_HWCR, + MSR_KVM_POLL_CONTROL, +}; + +static u32 emulated_msrs[ARRAY_SIZE(emulated_msrs_all)]; +static unsigned num_emulated_msrs; + +/* + * List of MSRs that control the existence of MSR-based features, i.e. MSRs + * that are effectively CPUID leafs. VMX MSRs are also included in the se= t of + * feature MSRs, but are handled separately to allow expedited lookups. + */ +static const u32 msr_based_features_all_except_vmx[] =3D { + MSR_AMD64_DE_CFG, + MSR_IA32_UCODE_REV, + MSR_IA32_ARCH_CAPABILITIES, + MSR_IA32_PERF_CAPABILITIES, +}; + +static u32 msr_based_features[ARRAY_SIZE(msr_based_features_all_except_vmx= ) + + (KVM_LAST_EMULATED_VMX_MSR - KVM_FIRST_EMULATED_VMX_MSR + 1)]; +static unsigned int num_msr_based_features; + +/* + * All feature MSRs except uCode revID, which tracks the currently loaded = uCode + * patch, are immutable once the vCPU model is defined. + */ +static bool kvm_is_immutable_feature_msr(u32 msr) +{ + int i; + + if (msr >=3D KVM_FIRST_EMULATED_VMX_MSR && msr <=3D KVM_LAST_EMULATED_VMX= _MSR) + return true; + + for (i =3D 0; i < ARRAY_SIZE(msr_based_features_all_except_vmx); i++) { + if (msr =3D=3D msr_based_features_all_except_vmx[i]) + return msr !=3D MSR_IA32_UCODE_REV; + } + + return false; +} + +static bool kvm_is_msr_to_save(u32 msr_index) +{ + unsigned int i; + + for (i =3D 0; i < num_msrs_to_save; i++) { + if (msrs_to_save[i] =3D=3D msr_index) + return true; + } + + return false; +} + typedef int (*msr_access_t)(struct kvm_vcpu *vcpu, u32 index, u64 *data, bool host_initiated); =20 @@ -1428,178 +1612,6 @@ int kvm_emulate_rdpmc(struct kvm_vcpu *vcpu) } EXPORT_SYMBOL_GPL(kvm_emulate_rdpmc); =20 -/* - * The three MSR lists(msrs_to_save, emulated_msrs, msr_based_features) tr= ack - * the set of MSRs that KVM exposes to userspace through KVM_GET_MSRS, - * KVM_SET_MSRS, and KVM_GET_MSR_INDEX_LIST. msrs_to_save holds MSRs that - * require host support, i.e. should be probed via RDMSR. emulated_msrs h= olds - * MSRs that KVM emulates without strictly requiring host support. - * msr_based_features holds MSRs that enumerate features, i.e. are effecti= vely - * CPUID leafs. Note, msr_based_features isn't mutually exclusive with - * msrs_to_save and emulated_msrs. - */ - -static const u32 msrs_to_save_base[] =3D { - MSR_IA32_SYSENTER_CS, MSR_IA32_SYSENTER_ESP, MSR_IA32_SYSENTER_EIP, - MSR_STAR, -#ifdef CONFIG_X86_64 - MSR_CSTAR, MSR_KERNEL_GS_BASE, MSR_SYSCALL_MASK, MSR_LSTAR, -#endif - MSR_IA32_TSC, MSR_IA32_CR_PAT, MSR_VM_HSAVE_PA, - MSR_IA32_FEAT_CTL, MSR_IA32_BNDCFGS, MSR_TSC_AUX, - MSR_IA32_SPEC_CTRL, MSR_IA32_TSX_CTRL, - MSR_IA32_RTIT_CTL, MSR_IA32_RTIT_STATUS, MSR_IA32_RTIT_CR3_MATCH, - MSR_IA32_RTIT_OUTPUT_BASE, MSR_IA32_RTIT_OUTPUT_MASK, - MSR_IA32_RTIT_ADDR0_A, MSR_IA32_RTIT_ADDR0_B, - MSR_IA32_RTIT_ADDR1_A, MSR_IA32_RTIT_ADDR1_B, - MSR_IA32_RTIT_ADDR2_A, MSR_IA32_RTIT_ADDR2_B, - MSR_IA32_RTIT_ADDR3_A, MSR_IA32_RTIT_ADDR3_B, - MSR_IA32_UMWAIT_CONTROL, - - MSR_IA32_XFD, MSR_IA32_XFD_ERR, -}; - -static const u32 msrs_to_save_pmu[] =3D { - MSR_ARCH_PERFMON_FIXED_CTR0, MSR_ARCH_PERFMON_FIXED_CTR1, - MSR_ARCH_PERFMON_FIXED_CTR0 + 2, - MSR_CORE_PERF_FIXED_CTR_CTRL, MSR_CORE_PERF_GLOBAL_STATUS, - MSR_CORE_PERF_GLOBAL_CTRL, - MSR_IA32_PEBS_ENABLE, MSR_IA32_DS_AREA, MSR_PEBS_DATA_CFG, - - /* This part of MSRs should match KVM_MAX_NR_INTEL_GP_COUNTERS. */ - MSR_ARCH_PERFMON_PERFCTR0, MSR_ARCH_PERFMON_PERFCTR1, - MSR_ARCH_PERFMON_PERFCTR0 + 2, MSR_ARCH_PERFMON_PERFCTR0 + 3, - MSR_ARCH_PERFMON_PERFCTR0 + 4, MSR_ARCH_PERFMON_PERFCTR0 + 5, - MSR_ARCH_PERFMON_PERFCTR0 + 6, MSR_ARCH_PERFMON_PERFCTR0 + 7, - MSR_ARCH_PERFMON_EVENTSEL0, MSR_ARCH_PERFMON_EVENTSEL1, - MSR_ARCH_PERFMON_EVENTSEL0 + 2, MSR_ARCH_PERFMON_EVENTSEL0 + 3, - MSR_ARCH_PERFMON_EVENTSEL0 + 4, MSR_ARCH_PERFMON_EVENTSEL0 + 5, - MSR_ARCH_PERFMON_EVENTSEL0 + 6, MSR_ARCH_PERFMON_EVENTSEL0 + 7, - - MSR_K7_EVNTSEL0, MSR_K7_EVNTSEL1, MSR_K7_EVNTSEL2, MSR_K7_EVNTSEL3, - MSR_K7_PERFCTR0, MSR_K7_PERFCTR1, MSR_K7_PERFCTR2, MSR_K7_PERFCTR3, - - /* This part of MSRs should match KVM_MAX_NR_AMD_GP_COUNTERS. */ - MSR_F15H_PERF_CTL0, MSR_F15H_PERF_CTL1, MSR_F15H_PERF_CTL2, - MSR_F15H_PERF_CTL3, MSR_F15H_PERF_CTL4, MSR_F15H_PERF_CTL5, - MSR_F15H_PERF_CTR0, MSR_F15H_PERF_CTR1, MSR_F15H_PERF_CTR2, - MSR_F15H_PERF_CTR3, MSR_F15H_PERF_CTR4, MSR_F15H_PERF_CTR5, - - MSR_AMD64_PERF_CNTR_GLOBAL_CTL, - MSR_AMD64_PERF_CNTR_GLOBAL_STATUS, - MSR_AMD64_PERF_CNTR_GLOBAL_STATUS_CLR, -}; - -static u32 msrs_to_save[ARRAY_SIZE(msrs_to_save_base) + - ARRAY_SIZE(msrs_to_save_pmu)]; -static unsigned num_msrs_to_save; - -static const u32 emulated_msrs_all[] =3D { - MSR_KVM_SYSTEM_TIME, MSR_KVM_WALL_CLOCK, - MSR_KVM_SYSTEM_TIME_NEW, MSR_KVM_WALL_CLOCK_NEW, - -#ifdef CONFIG_KVM_HYPERV - HV_X64_MSR_GUEST_OS_ID, HV_X64_MSR_HYPERCALL, - HV_X64_MSR_TIME_REF_COUNT, HV_X64_MSR_REFERENCE_TSC, - HV_X64_MSR_TSC_FREQUENCY, HV_X64_MSR_APIC_FREQUENCY, - HV_X64_MSR_CRASH_P0, HV_X64_MSR_CRASH_P1, HV_X64_MSR_CRASH_P2, - HV_X64_MSR_CRASH_P3, HV_X64_MSR_CRASH_P4, HV_X64_MSR_CRASH_CTL, - HV_X64_MSR_RESET, - HV_X64_MSR_VP_INDEX, - HV_X64_MSR_VP_RUNTIME, - HV_X64_MSR_SCONTROL, - HV_X64_MSR_STIMER0_CONFIG, - HV_X64_MSR_VP_ASSIST_PAGE, - HV_X64_MSR_REENLIGHTENMENT_CONTROL, HV_X64_MSR_TSC_EMULATION_CONTROL, - HV_X64_MSR_TSC_EMULATION_STATUS, HV_X64_MSR_TSC_INVARIANT_CONTROL, - HV_X64_MSR_SYNDBG_OPTIONS, - HV_X64_MSR_SYNDBG_CONTROL, HV_X64_MSR_SYNDBG_STATUS, - HV_X64_MSR_SYNDBG_SEND_BUFFER, HV_X64_MSR_SYNDBG_RECV_BUFFER, - HV_X64_MSR_SYNDBG_PENDING_BUFFER, -#endif - - MSR_KVM_ASYNC_PF_EN, MSR_KVM_STEAL_TIME, - MSR_KVM_PV_EOI_EN, MSR_KVM_ASYNC_PF_INT, MSR_KVM_ASYNC_PF_ACK, - - MSR_IA32_TSC_ADJUST, - MSR_IA32_TSC_DEADLINE, - MSR_IA32_ARCH_CAPABILITIES, - MSR_IA32_PERF_CAPABILITIES, - MSR_IA32_MISC_ENABLE, - MSR_IA32_MCG_STATUS, - MSR_IA32_MCG_CTL, - MSR_IA32_MCG_EXT_CTL, - MSR_IA32_SMBASE, - MSR_SMI_COUNT, - MSR_PLATFORM_INFO, - MSR_MISC_FEATURES_ENABLES, - MSR_AMD64_VIRT_SPEC_CTRL, - MSR_AMD64_TSC_RATIO, - MSR_IA32_POWER_CTL, - MSR_IA32_UCODE_REV, - - /* - * KVM always supports the "true" VMX control MSRs, even if the host - * does not. The VMX MSRs as a whole are considered "emulated" as KVM - * doesn't strictly require them to exist in the host (ignoring that - * KVM would refuse to load in the first place if the core set of MSRs - * aren't supported). - */ - MSR_IA32_VMX_BASIC, - MSR_IA32_VMX_TRUE_PINBASED_CTLS, - MSR_IA32_VMX_TRUE_PROCBASED_CTLS, - MSR_IA32_VMX_TRUE_EXIT_CTLS, - MSR_IA32_VMX_TRUE_ENTRY_CTLS, - MSR_IA32_VMX_MISC, - MSR_IA32_VMX_CR0_FIXED0, - MSR_IA32_VMX_CR4_FIXED0, - MSR_IA32_VMX_VMCS_ENUM, - MSR_IA32_VMX_PROCBASED_CTLS2, - MSR_IA32_VMX_EPT_VPID_CAP, - MSR_IA32_VMX_VMFUNC, - - MSR_K7_HWCR, - MSR_KVM_POLL_CONTROL, -}; - -static u32 emulated_msrs[ARRAY_SIZE(emulated_msrs_all)]; -static unsigned num_emulated_msrs; - -/* - * List of MSRs that control the existence of MSR-based features, i.e. MSRs - * that are effectively CPUID leafs. VMX MSRs are also included in the se= t of - * feature MSRs, but are handled separately to allow expedited lookups. - */ -static const u32 msr_based_features_all_except_vmx[] =3D { - MSR_AMD64_DE_CFG, - MSR_IA32_UCODE_REV, - MSR_IA32_ARCH_CAPABILITIES, - MSR_IA32_PERF_CAPABILITIES, -}; - -static u32 msr_based_features[ARRAY_SIZE(msr_based_features_all_except_vmx= ) + - (KVM_LAST_EMULATED_VMX_MSR - KVM_FIRST_EMULATED_VMX_MSR + 1)]; -static unsigned int num_msr_based_features; - -/* - * All feature MSRs except uCode revID, which tracks the currently loaded = uCode - * patch, are immutable once the vCPU model is defined. - */ -static bool kvm_is_immutable_feature_msr(u32 msr) -{ - int i; - - if (msr >=3D KVM_FIRST_EMULATED_VMX_MSR && msr <=3D KVM_LAST_EMULATED_VMX= _MSR) - return true; - - for (i =3D 0; i < ARRAY_SIZE(msr_based_features_all_except_vmx); i++) { - if (msr =3D=3D msr_based_features_all_except_vmx[i]) - return msr !=3D MSR_IA32_UCODE_REV; - } - - return false; -} - /* * Some IA32_ARCH_CAPABILITIES bits have dependencies on MSRs that KVM * does not yet virtualize. These include: @@ -3747,18 +3759,6 @@ static void record_steal_time(struct kvm_vcpu *vcpu) mark_page_dirty_in_slot(vcpu->kvm, ghc->memslot, gpa_to_gfn(ghc->gpa)); } =20 -static bool kvm_is_msr_to_save(u32 msr_index) -{ - unsigned int i; - - for (i =3D 0; i < num_msrs_to_save; i++) { - if (msrs_to_save[i] =3D=3D msr_index) - return true; - } - - return false; -} - int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info) { u32 msr =3D msr_info->index; --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 896D11A83D6 for ; Fri, 2 Aug 2024 18:19:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622797; cv=none; b=BIPpo6f3Rfcp9q5RA+AIve4/nBEa25DT4Z5jrq1TUdIMd9MAd5WDZD0JtI6KX5rx1C5YEY53p3ow7br7/DCZbJSf+ZABL94vDOucv8LHOwjVYOq6TY8B6W7wtK4uzoMhzzjnPRu7tEV7kZ8pHDH34GLd9UiV6lUz8pRDVC+6TcA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622797; c=relaxed/simple; bh=KPLJgEJ/YLE4ImH6B/0BvTHADqCesy6cg2Mgr42CQOE=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=YumDgRSo7vrjRIageCY2BEewpvpD9Ts0p2nWZfwSl4lElaUHJjOOmlZbx9tlVK8WvJnYuMNmydTeDiCZKuAPnR4SHa+vrMPBAWTw0AyrLiYsJfk2mYVjg2+nBlAFbToiun9ckbMfEge+HBmcb3DHkDQE0R1cSylipB39c9UqM10= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=lsOSvbMo; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="lsOSvbMo" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-2cb639aa911so8765327a91.3 for ; Fri, 02 Aug 2024 11:19:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622795; x=1723227595; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=VW65TnSe3VDX+Z2p8XcPpkoNA7LEX/iy6oraj4XmO9c=; b=lsOSvbMouzEaHvN2FswNed2RB8U0Oavh+AFQ4XGE7QVmibpUELRvusuH4qbeK0fcB1 twexQGL6WZlx0t64vxE26YA0+A6kL5TsHEsiJ61S2CiTHc4bXSYOZqL62et/c23Rwf3L QV3bjq2GOUlfVGBH6XhTSkbbdp5Lf9Zk8St6yHZR5t5bqYPpUzeOE0J9jM9yrR4wQUQZ xQDgE+6/wHJQiLi6cOj8fgHHb/bNTZ6csjb6+I+JBq2Mi9lnFwhzg0vOyhVTy0zQZ4va guRq4eBy+WcM7cX88xd0rwbfSZW27N48eulNYe287bseCba3BDnz7k6Z+hgQQloQxfUu bWTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622795; x=1723227595; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=VW65TnSe3VDX+Z2p8XcPpkoNA7LEX/iy6oraj4XmO9c=; b=LRiHdUWfVjb9xQvEeViM7/tZkvUBj1KVyZE56+oiwJtDu/eoM1vpHZvun4W4mt83GV lpAXz2cxkZiGgV6n6CXnLHokE/zlZ+eXjmlyN59ieufWlojgbW8kcG0XJ3owUYzkwKl0 G6t7noW/x6Djh/PZ8Q5FmqR8oPDxZ5v+mi9vU2Kb58pXMbAtMdsnLEgMzsdR5YZGXiX7 xHtZ1r96iGrtAovK/DTuSgUWaWWEe1nvWbN3RKDZGiy1PDP9VonrMLx2slUUqg6y0pZr 2iWpwjt/H+2VGDWUw1/lWF0yLoxH6Zc44mZYc19g0p/RE2GtNw9F1NedP9csaDrM9WaZ 5L7g== X-Forwarded-Encrypted: i=1; AJvYcCVXxLdZQyksYq8rgZT3XB0/v5o1Hp3jVhRU1EN8YmTyUt5do1yl6ZjmpSJUEeJR6P5CnIyp+ypp7VVY118aGiQFn4e/1C0oB7vWpzZb X-Gm-Message-State: AOJu0YykOYDbexkeY5Z0hlSxsluMHxBTq9Z5d7hMTUBrmfm4VCEV+TLS eFOzNYPgCuPd5ALXRJPinCAgiCWeWS5d2whfPTxNkYuDrKXzP6axZ46OcUpF+9iyAmM+g8JsGab xYQ== X-Google-Smtp-Source: AGHT+IHC2KYxnPAs2UD3E/vc510cwpqXgXyw7rAYKuvHYwr4mXpoWWx2tKTMlZBvYrh1ocwK8+X9gwZAAUI= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:dc0c:b0:2c9:8b25:d72d with SMTP id 98e67ed59e1d1-2cff93c1210mr58862a91.2.1722622794752; Fri, 02 Aug 2024 11:19:54 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:34 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-10-seanjc@google.com> Subject: [PATCH v2 09/10] KVM: x86: Suppress failures on userspace access to advertised, unsupported MSRs From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Extend KVM's suppression of failures due to a userspace access to an unsupported, but advertised as a "to save" MSR to all MSRs, not just those that happen to reach the default case statements in kvm_get_msr_common() and kvm_set_msr_common(). KVM's soon-to-be-established ABI is that if an MSR is advertised to userspace, then userspace is allowed to read the MSR, and write back the value that was read, i.e. why an MSR is unsupported doesn't change KVM's ABI. Practically speaking, this is very nearly a nop, as the only other paths that return KVM_MSR_RET_UNSUPPORTED are {svm,vmx}_get_feature_msr(), and it's unlikely, though not impossible, that userspace is using KVM_GET_MSRS on unsupported MSRs. The primary goal of moving the suppression to common code is to allow returning KVM_MSR_RET_UNSUPPORTED as appropriate throughout KVM, without having to manually handle the "is userspace accessing an advertised" waiver. I.e. this will allow formalizing KVM's ABI without incurring a high maintenance cost. Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index d0ea6340fba1..ad28f0acc4fa 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -512,6 +512,15 @@ static __always_inline int kvm_do_msr_access(struct kv= m_vcpu *vcpu, u32 msr, if (ret !=3D KVM_MSR_RET_UNSUPPORTED) return ret; =20 + /* + * Userspace is allowed to read MSRs, and write '0' to MSRs, that KVM + * reports as to-be-saved, even if an MSR isn't fully supported. + * Simply check that @data is '0', which covers both the write '0' case + * and all reads (in which case @data is zeroed on failure; see above). + */ + if (host_initiated && !*data && kvm_is_msr_to_save(msr)) + return 0; + if (!ignore_msrs) { kvm_debug_ratelimited("unhandled %s: 0x%x data 0x%llx\n", op, msr, *data); @@ -4140,14 +4149,6 @@ int kvm_set_msr_common(struct kvm_vcpu *vcpu, struct= msr_data *msr_info) if (kvm_pmu_is_valid_msr(vcpu, msr)) return kvm_pmu_set_msr(vcpu, msr_info); =20 - /* - * Userspace is allowed to write '0' to MSRs that KVM reports - * as to-be-saved, even if an MSRs isn't fully supported. - */ - if (msr_info->host_initiated && !data && - kvm_is_msr_to_save(msr)) - break; - return KVM_MSR_RET_UNSUPPORTED; } return 0; @@ -4499,16 +4500,6 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct= msr_data *msr_info) if (kvm_pmu_is_valid_msr(vcpu, msr_info->index)) return kvm_pmu_get_msr(vcpu, msr_info); =20 - /* - * Userspace is allowed to read MSRs that KVM reports as - * to-be-saved, even if an MSR isn't fully supported. - */ - if (msr_info->host_initiated && - kvm_is_msr_to_save(msr_info->index)) { - msr_info->data =3D 0; - break; - } - return KVM_MSR_RET_UNSUPPORTED; } return 0; --=20 2.46.0.rc2.264.g509ed76dc8-goog From nobody Fri Dec 19 15:32:04 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 576EF1E2890 for ; Fri, 2 Aug 2024 18:19:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622798; cv=none; b=oyxMBbeSsMxKInNbACalYznmMyDi4cN9tzBhLPCdUPjAyDgEowgNiP9ZygHLsrtK9xAa4Lx6Ov4uEa9LTSyXN6Fzacqnb3Wat+fbGP2sy1oH+r+/hrokj3R3My2FyURTs1Og0SgJge4ySmyLetHQs0ApSSKI2xK9XOAJfeFltqY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722622798; c=relaxed/simple; bh=rYuZCOjGMFPneIQjfxXqOf7YCDCQKu6SjCyEN3k5vXA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Aj07MjgOXfGSqee7F4+/EJJXeueyFrr2m25lSszoj2zYyjxjRgzZoG40Fdy1gZjqPD7QhSHrfjaJKLU18mya6KD+T9UuIcRYFs+jVRXo9WGYhDtx93/2uMZurc9KAd8dFqEkm5A334Nttrh7vDO5Z7+mgTl5QeGIvMlTcgCaAaQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=aiktiySH; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="aiktiySH" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-7a28217cfecso8640361a12.2 for ; Fri, 02 Aug 2024 11:19:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1722622797; x=1723227597; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=CzKIWMXNED7YqdWmugHRSOYLOXqjST8NDDRIyv28VSU=; b=aiktiySHFoEDzPOg27MtovAQ4X8AahXudvKAUmjTVyv87q50fBLr7R2xofGI9o4Eg5 ISJss3h6N506Nr9IHZ4/3btTUeXOb5YWgUXsmwPtdlORaP6gEEJagRz1ZvZ/G7hPc2jE 7EDZSLHjQ2paPW4GqHFLbO+Tgo+/g3Wi+4CrV7O1uCR7SL3K0N0DwadRIcYTlukq3fdM YsBEYFFyKi80dUehxns1kgNwu0JVSFWyCeLUMmnOylwp4irzEj3yhSSl3iSB9tDep/dS mp+CoJK8HttpiKDhEchEQKjGnHqH4l8nAtXw6EglxmSj7azaFTwxjnE9SMAU2mifC75P Ui4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722622797; x=1723227597; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=CzKIWMXNED7YqdWmugHRSOYLOXqjST8NDDRIyv28VSU=; b=fuigFs0wLFrHhTrZnclkybpKEuXxWw7/9v+3O2cFbl2ZryNubFy+cYdzUstJ7mCGHJ k6JS4ZSynqY6moptvvQQ8Y/E05/ZYelOX26eMf5iZcIrI/uORfaAbhvJYBt9XzZgqYi5 /hVUCkXL+6/Pg9spf1tdvXc7gtstkukKyxzcYMmrolRrAHv+UAhVHkZ89RTKGdPn2fED DR2ABQQrOUmt5+agG+RByWxb977BSanwIPwi6ix2OWX7NqMJqDFIk4EgY+HGT2XIkS3I FZp7twa4vxnT1Md3TWQWw6/kkTzQbziPcQNiMGxtN1QCU7yquM/5iN0v9jO0fKsijoyf IWwA== X-Forwarded-Encrypted: i=1; AJvYcCXt4PYnN9byjfuExKQnLXVUgmmFccVrG5Vv7QkxVxwwsnRtgNUiXQCnhn1gsNW7qbsDc9wdEHJT5u2DN/yl9AM44kiRLIyoMAsNpqtJ X-Gm-Message-State: AOJu0YyLHY8fTHdA/mnK4xhasiLo8j50t6zDJdKRHS8zr0DetbkaeOAS Yh38E1MiKFJfy/l5ywag7OYxX+guDJ2a1+Y1NruhdEBRiljnGT9FWHYUpWva9QG9tBXlSudsEuc HHg== X-Google-Smtp-Source: AGHT+IHaTH0VV/o7nv6hvNhv1G6g/M7xIvJ9fXVkDGcK7UJIWkjBFbkhLXSsPvm4plxllUnnKT/PyhujMGc= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a02:619:b0:694:4311:6eb4 with SMTP id 41be03b00d2f7-7b748c46a32mr8850a12.8.1722622796501; Fri, 02 Aug 2024 11:19:56 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 2 Aug 2024 11:19:35 -0700 In-Reply-To: <20240802181935.292540-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240802181935.292540-1-seanjc@google.com> X-Mailer: git-send-email 2.46.0.rc2.264.g509ed76dc8-goog Message-ID: <20240802181935.292540-11-seanjc@google.com> Subject: [PATCH v2 10/10] KVM: x86: Suppress userspace access failures on unsupported, "emulated" MSRs From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Weijiang Yang Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Extend KVM's suppression of userspace MSR access failures to MSRs that KVM reports as emulated, but are ultimately unsupported, e.g. if the VMX MSRs are emulated by KVM, but are unsupported given the vCPU model. Suggested-by: Weijiang Yang Reviewed-by: Weijiang Yang Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index ad28f0acc4fa..08c3480f1606 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -476,7 +476,7 @@ static bool kvm_is_immutable_feature_msr(u32 msr) return false; } =20 -static bool kvm_is_msr_to_save(u32 msr_index) +static bool kvm_is_advertised_msr(u32 msr_index) { unsigned int i; =20 @@ -485,6 +485,11 @@ static bool kvm_is_msr_to_save(u32 msr_index) return true; } =20 + for (i =3D 0; i < num_emulated_msrs; i++) { + if (emulated_msrs[i] =3D=3D msr_index) + return true; + } + return false; } =20 @@ -514,11 +519,11 @@ static __always_inline int kvm_do_msr_access(struct k= vm_vcpu *vcpu, u32 msr, =20 /* * Userspace is allowed to read MSRs, and write '0' to MSRs, that KVM - * reports as to-be-saved, even if an MSR isn't fully supported. + * advertises to userspace, even if an MSR isn't fully supported. * Simply check that @data is '0', which covers both the write '0' case * and all reads (in which case @data is zeroed on failure; see above). */ - if (host_initiated && !*data && kvm_is_msr_to_save(msr)) + if (host_initiated && !*data && kvm_is_advertised_msr(msr)) return 0; =20 if (!ignore_msrs) { --=20 2.46.0.rc2.264.g509ed76dc8-goog