From: Sean Christopherson <sean.j.christopherson@intel.com>
To: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
x86@kernel.org
Cc: "H. Peter Anvin" <hpa@zytor.com>,
linux-kernel@vger.kernel.org, "Borislav Petkov" <bp@suse.de>,
"Jarkko Sakkinen" <jarkko.sakkinen@linux.intel.com>,
"Tony Luck" <tony.luck@intel.com>,
"Vitaly Kuznetsov" <vkuznets@redhat.com>,
"Wanpeng Li" <wanpengli@tencent.com>,
"Jim Mattson" <jmattson@google.com>,
kvm@vger.kernel.org, "Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>
Subject: Re: [PATCH v2 01/16] x86/intel: Initialize IA32_FEATURE_CONTROL MSR at boot
Date: Mon, 21 Oct 2019 17:15:44 -0700 [thread overview]
Message-ID: <20191022001544.GA32518@linux.intel.com> (raw)
In-Reply-To: <20191021235423.32733-1-sean.j.christopherson@intel.com>
+Cc Paolo and Radim, who occasionally work on KVM...
On Mon, Oct 21, 2019 at 04:54:23PM -0700, Sean Christopherson wrote:
> Opportunistically initialize IA32_FEATURE_CONTROL MSR to enable VMX when
> the MSR is left unlocked by BIOS. Configuring IA32_FEATURE_CONTROL at
> boot time paves the way for similar enabling of other features, e.g.
> Software Guard Extensions (SGX).
>
> Temporarily leave equivalent KVM code in place in order to avoid
> introducing a regression on Centaur and Zhaoxin CPUs, e.g. removing
> KVM's code would leave the MSR unlocked on those CPUs and would break
> existing functionality if people are loading kvm_intel on Centaur and/or
> Zhaoxin. Defer enablement of the boot-time configuration on Centaur and
> Zhaoxin to future patches to aid bisection.
>
> Note, Local Machine Check Exceptions (LMCE) are also supported by the
> kernel and enabled via IA32_FEATURE_CONTROL, but the kernel currently
> uses LMCE if and and only if the feature is explicitly enable by BIOS.
> Keep the current behavior to avoid introducing bugs, future patches can
> opt in to opportunistic enabling if it's deemed desirable to do so.
>
> Always lock IA32_FEATURE_CONTROL if it exists, even if the CPU doesn't
> support VMX, so that other existing and future kernel code that queries
> IA32_FEATURE_CONTROL can assume it's locked.
>
> Start from a clean slate when constructing the value to write to
> IA32_FEATURE_CONTROL, i.e. ignore whatever value BIOS left in the MSR so
> as not to enable random features or fault on the WRMSR.
>
> Suggested-by: Borislav Petkov <bp@suse.de>
> Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Cc: Tony Luck <tony.luck@intel.com>
> Cc: Vitaly Kuznetsov <vkuznets@redhat.com>,
Fat fingered a comma when manually editing the patch files :-/
> Cc: Wanpeng Li <wanpengli@tencent.com>
> Cc: Jim Mattson <jmattson@google.com>
> Cc: kvm@vger.kernel.org
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> ---
> arch/x86/Kconfig.cpu | 4 ++++
> arch/x86/kernel/cpu/Makefile | 1 +
> arch/x86/kernel/cpu/cpu.h | 4 ++++
> arch/x86/kernel/cpu/feature_control.c | 30 +++++++++++++++++++++++++++
> arch/x86/kernel/cpu/intel.c | 2 ++
> 5 files changed, 41 insertions(+)
> create mode 100644 arch/x86/kernel/cpu/feature_control.c
>
> diff --git a/arch/x86/Kconfig.cpu b/arch/x86/Kconfig.cpu
> index af9c967782f6..aafc14a0abf7 100644
> --- a/arch/x86/Kconfig.cpu
> +++ b/arch/x86/Kconfig.cpu
> @@ -387,6 +387,10 @@ config X86_DEBUGCTLMSR
> def_bool y
> depends on !(MK6 || MWINCHIPC6 || MWINCHIP3D || MCYRIXIII || M586MMX || M586TSC || M586 || M486SX || M486) && !UML
>
> +config X86_FEATURE_CONTROL_MSR
> + def_bool y
> + depends on CPU_SUP_INTEL
> +
> menuconfig PROCESSOR_SELECT
> bool "Supported processor vendors" if EXPERT
> ---help---
> diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile
> index d7a1e5a9331c..df5ad0cfe3e9 100644
> --- a/arch/x86/kernel/cpu/Makefile
> +++ b/arch/x86/kernel/cpu/Makefile
> @@ -29,6 +29,7 @@ obj-y += umwait.o
> obj-$(CONFIG_PROC_FS) += proc.o
> obj-$(CONFIG_X86_FEATURE_NAMES) += capflags.o powerflags.o
>
> +obj-$(CONFIG_X86_FEATURE_CONTROL_MSR) += feature_control.o
> ifdef CONFIG_CPU_SUP_INTEL
> obj-y += intel.o intel_pconfig.o
> obj-$(CONFIG_PM) += intel_epb.o
> diff --git a/arch/x86/kernel/cpu/cpu.h b/arch/x86/kernel/cpu/cpu.h
> index c0e2407abdd6..d2750f53a0cb 100644
> --- a/arch/x86/kernel/cpu/cpu.h
> +++ b/arch/x86/kernel/cpu/cpu.h
> @@ -62,4 +62,8 @@ unsigned int aperfmperf_get_khz(int cpu);
>
> extern void x86_spec_ctrl_setup_ap(void);
>
> +#ifdef CONFIG_X86_FEATURE_CONTROL_MSR
> +void init_feature_control_msr(struct cpuinfo_x86 *c);
> +#endif
> +
> #endif /* ARCH_X86_CPU_H */
> diff --git a/arch/x86/kernel/cpu/feature_control.c b/arch/x86/kernel/cpu/feature_control.c
> new file mode 100644
> index 000000000000..57b928e64cf5
> --- /dev/null
> +++ b/arch/x86/kernel/cpu/feature_control.c
> @@ -0,0 +1,30 @@
> +// SPDX-License-Identifier: GPL-2.0
> +#include <linux/tboot.h>
> +
> +#include <asm/cpufeature.h>
> +#include <asm/msr-index.h>
> +#include <asm/processor.h>
> +
> +void init_feature_control_msr(struct cpuinfo_x86 *c)
> +{
> + u64 msr;
> +
> + if (rdmsrl_safe(MSR_IA32_FEATURE_CONTROL, &msr))
> + return;
> +
> + if (msr & FEATURE_CONTROL_LOCKED)
> + return;
> +
> + /*
> + * Ignore whatever value BIOS left in the MSR to avoid enabling random
> + * features or faulting on the WRMSR.
> + */
> + msr = FEATURE_CONTROL_LOCKED;
> +
> + if (cpu_has(c, X86_FEATURE_VMX)) {
> + msr |= FEATURE_CONTROL_VMXON_ENABLED_OUTSIDE_SMX;
> + if (tboot_enabled())
> + msr |= FEATURE_CONTROL_VMXON_ENABLED_INSIDE_SMX;
> + }
> + wrmsrl(MSR_IA32_FEATURE_CONTROL, msr);
> +}
> diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
> index c2fdc00df163..15d59224e2f8 100644
> --- a/arch/x86/kernel/cpu/intel.c
> +++ b/arch/x86/kernel/cpu/intel.c
> @@ -755,6 +755,8 @@ static void init_intel(struct cpuinfo_x86 *c)
> /* Work around errata */
> srat_detect_node(c);
>
> + init_feature_control_msr(c);
> +
> if (cpu_has(c, X86_FEATURE_VMX))
> detect_vmx_virtcap(c);
>
> --
> 2.22.0
>
next prev parent reply other threads:[~2019-10-22 0:15 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-21 23:46 [PATCH v2 00/16] x86/cpu: Clean up handling of VMX features Sean Christopherson
2019-10-21 23:54 ` [PATCH v2 01/16] x86/intel: Initialize IA32_FEATURE_CONTROL MSR at boot Sean Christopherson
2019-10-22 0:15 ` Sean Christopherson [this message]
2019-10-25 14:09 ` Borislav Petkov
2019-10-25 15:11 ` Sean Christopherson
2019-10-21 23:56 ` [PATCH v2 02/16] x86/mce: WARN once if IA32_FEATURE_CONTROL MSR is left unlocked Sean Christopherson
2019-10-25 14:22 ` Borislav Petkov
2019-10-22 0:08 ` [PATCH v2 03/16] x86/centaur: Use common IA32_FEATURE_CONTROL MSR initialization Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 04/16] x86/zhaoxin: " Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 05/16] KVM: VMX: Drop initialization of IA32_FEATURE_CONTROL MSR Sean Christopherson
2019-10-22 10:51 ` Paolo Bonzini
2019-10-22 15:16 ` Sean Christopherson
2019-11-14 18:34 ` Sean Christopherson
2019-11-15 10:10 ` Paolo Bonzini
2019-10-25 16:26 ` Borislav Petkov
2019-10-25 16:39 ` Borislav Petkov
2019-10-22 0:08 ` [PATCH v2 06/16] x86/cpu: Clear VMX feature flag if VMX is not fully enabled Sean Christopherson
2019-10-25 16:38 ` Borislav Petkov
2019-11-14 18:32 ` Sean Christopherson
2019-11-15 10:05 ` Paolo Bonzini
2019-11-15 10:34 ` Borislav Petkov
2019-11-15 15:34 ` Sean Christopherson
2019-11-15 15:39 ` Borislav Petkov
2019-10-22 0:08 ` [PATCH v2 07/16] KVM: VMX: Use VMX feature flag to query BIOS enabling Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 08/16] KVM: VMX: Check for full VMX support when verifying CPU compatibility Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 09/16] x86/vmx: Introduce VMX_FEATURES_* Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 10/16] x86/cpu: Detect VMX features on Intel, Centaur and Zhaoxin CPUs Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 11/16] x86/cpu: Print VMX flags in /proc/cpuinfo using VMX_FEATURES_* Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 12/16] x86/cpufeatures: Drop synthetic VMX feature flags Sean Christopherson
2019-10-22 0:08 ` [PATCH v2 13/16] KVM: VMX: Use VMX_FEATURE_* flags to define VMCS control bits Sean Christopherson
2019-10-22 0:09 ` [PATCH v2 14/16] x86/cpufeatures: Clean up synthetic virtualization flags Sean Christopherson
2019-10-22 0:12 ` [PATCH v2 15/16] perf/x86: Provide stubs of KVM helpers for non-Intel CPUs Sean Christopherson
2019-10-22 0:12 ` [PATCH v2 16/16] KVM: VMX: Allow KVM_INTEL when building for Centaur and/or Zhaoxin CPUs Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191022001544.GA32518@linux.intel.com \
--to=sean.j.christopherson@intel.com \
--cc=bp@alien8.de \
--cc=bp@suse.de \
--cc=hpa@zytor.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.