From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Yang Weijiang <weijiang.yang@intel.com>
Cc: pbonzini@redhat.com, rkrcmar@redhat.com,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
mst@redhat.com, yu-cheng.yu@intel.com, yi.z.zhang@intel.com,
hjl.tools@gmail.com, Zhang Yi Z <yi.z.zhang@linux.intel.com>
Subject: Re: [PATCH v1 4/8] kvm:vmx Pass through host CET related MSRs to Guest.
Date: Wed, 2 Jan 2019 10:18:43 -0800 [thread overview]
Message-ID: <20190102181843.GB7460@linux.intel.com> (raw)
In-Reply-To: <20181226081532.30698-5-weijiang.yang@intel.com>
On Wed, Dec 26, 2018 at 04:15:28PM +0800, Yang Weijiang wrote:
> During Guest OS execution, it accesses these MSRs to
> configure CET runtime settings.
The changelog needs to explain why it's ok to expose these MSRS to the
guest, e.g. call out which are saved/loaded through the VMCS and which
are saved/loaded via XSAVES/XRSTORS. And maybe expand "runtime settings"
to elaborate on when most guest kernels will access the MSRs, i.e. to
justify exposing them to the guest.
It should also clarify why IA32_PL1_SSP and IA32_PL2_SSP are NOT exposed
to the guest.
>
> Signed-off-by: Zhang Yi Z <yi.z.zhang@linux.intel.com>
> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
> ---
> arch/x86/kvm/vmx.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 25fa6bd2fb95..fa2db6248404 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -11550,6 +11550,13 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
> vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_SYSENTER_CS, MSR_TYPE_RW);
> vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_SYSENTER_ESP, MSR_TYPE_RW);
> vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_SYSENTER_EIP, MSR_TYPE_RW);
> +
> + vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_U_CET, MSR_TYPE_RW);
> + vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_S_CET, MSR_TYPE_RW);
> + vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_INT_SSP_TAB, MSR_TYPE_RW);
> + vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_PL0_SSP, MSR_TYPE_RW);
> + vmx_disable_intercept_for_msr(msr_bitmap, MSR_IA32_PL3_SSP, MSR_TYPE_RW);
> +
> vmx->msr_bitmap_mode = 0;
>
> vmx->loaded_vmcs = &vmx->vmcs01;
> --
> 2.17.1
>
next prev parent reply other threads:[~2019-01-02 18:18 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-26 8:15 [PATCH v1 0/8] This patch-set is to enable kvm Guest OS CET support Yang Weijiang
2018-12-26 8:15 ` [PATCH v1 1/8] kvm:vmx Introduce CET related VMCS field definitions Yang Weijiang
2019-01-02 18:09 ` Sean Christopherson
2018-12-26 8:15 ` [PATCH v1 2/8] kvm: Define CR4.CET[bit 23] (master enable bit) for guest OS Yang Weijiang
2018-12-26 8:15 ` [PATCH v1 3/8] kvm:vmx Enable loading CET state bit while guest CR4.CET is being set Yang Weijiang
2018-12-26 8:52 ` Liran Alon
2018-12-27 6:07 ` Yang,Weijiang
2018-12-26 8:15 ` [PATCH v1 4/8] kvm:vmx Pass through host CET related MSRs to Guest Yang Weijiang
2019-01-02 18:18 ` Sean Christopherson [this message]
2019-01-02 19:12 ` Jim Mattson
2018-12-26 8:15 ` [PATCH v1 5/8] kvm:x86 Enable MSR_IA32_XSS bit 11 and 12 for CET xsaves/xrstors Yang Weijiang
2019-01-02 18:24 ` Sean Christopherson
2019-01-02 19:19 ` Jim Mattson
2019-01-06 21:17 ` Yang Weijiang
2018-12-26 8:15 ` [PATCH v1 6/8] kvm:cpuid Add CPUID support for CET xsaves component query Yang Weijiang
2019-01-02 18:49 ` Sean Christopherson
2018-12-26 8:15 ` [PATCH v1 7/8] kvm:cpuid Fix xsaves area size calculation for CPUID.(EAX=0xD,ECX=1) Yang Weijiang
2019-01-02 18:54 ` Sean Christopherson
2018-12-26 8:15 ` [PATCH v1 8/8] kvm:cpuid Report CET SHSTK and IBT support in CPUID.(EAX=0x7,ECX=0) Yang Weijiang
2019-01-02 19:00 ` Sean Christopherson
2019-01-07 16:03 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190102181843.GB7460@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=hjl.tools@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=weijiang.yang@intel.com \
--cc=yi.z.zhang@intel.com \
--cc=yi.z.zhang@linux.intel.com \
--cc=yu-cheng.yu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.