From: Binbin Wu <binbin.wu@linux.intel.com>
To: "Xin Li (Intel)" <xin@zytor.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
linux-doc@vger.kernel.org, pbonzini@redhat.com,
seanjc@google.com, corbet@lwn.net, tglx@linutronix.de,
mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com,
x86@kernel.org, hpa@zytor.com, luto@kernel.org,
peterz@infradead.org, andrew.cooper3@citrix.com,
chao.gao@intel.com, hch@infradead.org, sohil.mehta@intel.com
Subject: Re: [PATCH v9 07/22] KVM: VMX: Initialize VMCS FRED fields
Date: Wed, 21 Jan 2026 14:44:58 +0800 [thread overview]
Message-ID: <8731e234-22b8-4ccf-89ef-63feed09e9c5@linux.intel.com> (raw)
In-Reply-To: <20251026201911.505204-8-xin@zytor.com>
On 10/27/2025 4:18 AM, Xin Li (Intel) wrote:
> From: Xin Li <xin3.li@intel.com>
>
> Initialize host VMCS FRED fields with host FRED MSRs' value and
> guest VMCS FRED fields to 0.
>
> FRED CPU state is managed in 9 new FRED MSRs:
> IA32_FRED_CONFIG,
> IA32_FRED_STKLVLS,
> IA32_FRED_RSP0,
> IA32_FRED_RSP1,
> IA32_FRED_RSP2,
> IA32_FRED_RSP3,
> IA32_FRED_SSP1,
> IA32_FRED_SSP2,
> IA32_FRED_SSP3,
> as well as a few existing CPU registers and MSRs:
> CR4.FRED,
> IA32_STAR,
> IA32_KERNEL_GS_BASE,
> IA32_PL0_SSP (also known as IA32_FRED_SSP0).
>
> CR4, IA32_KERNEL_GS_BASE and IA32_STAR are already well managed.
> Except IA32_FRED_RSP0 and IA32_FRED_SSP0, all other FRED CPU state
> MSRs have corresponding VMCS fields in both the host-state and
> guest-state areas. So KVM just needs to initialize them, and with
> proper VM entry/exit FRED controls, a FRED CPU will keep tracking
> host and guest FRED CPU state in VMCS automatically.
>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
One nit below.
[...]
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index fcfa99160018..c8b5359123bf 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -1459,6 +1459,15 @@ void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int cpu)
> (unsigned long)(cpu_entry_stack(cpu) + 1));
> }
>
> + /* Per-CPU FRED MSRs */
> + if (kvm_cpu_cap_has(X86_FEATURE_FRED)) {
> +#ifdef CONFIG_X86_64
Nit:
Is this needed?
FRED is initialized by X86_64_F(), if CONFIG_X86_64 is not enabled, this
path is not reachable.
There should be no compilation issue without #ifdef CONFIG_X86_64 / #endif.
There are several similar patterns in this patch, using #ifdef CONFIG_X86_64 /
#endif or not seems not consistent. E.g. __vmx_vcpu_reset() and init_vmcs()
doesn't check the config, but here does.
> + vmcs_write64(HOST_IA32_FRED_RSP1, __this_cpu_ist_top_va(ESTACK_DB));
> + vmcs_write64(HOST_IA32_FRED_RSP2, __this_cpu_ist_top_va(ESTACK_NMI));
> + vmcs_write64(HOST_IA32_FRED_RSP3, __this_cpu_ist_top_va(ESTACK_DF));
> +#endif
> + }
> +
> vmx->loaded_vmcs->cpu = cpu;
> }
> }
> @@ -4330,6 +4339,17 @@ void vmx_set_constant_host_state(struct vcpu_vmx *vmx)
> */
> vmcs_write16(HOST_DS_SELECTOR, 0);
> vmcs_write16(HOST_ES_SELECTOR, 0);
> +
> + if (kvm_cpu_cap_has(X86_FEATURE_FRED)) {
> + /* FRED CONFIG and STKLVLS are the same on all CPUs */
> + vmcs_write64(HOST_IA32_FRED_CONFIG, kvm_host.fred_config);
> + vmcs_write64(HOST_IA32_FRED_STKLVLS, kvm_host.fred_stklvls);
> +
> + /* Linux doesn't support kernel shadow stacks, thus SSPs are 0s */
> + vmcs_write64(HOST_IA32_FRED_SSP1, 0);
> + vmcs_write64(HOST_IA32_FRED_SSP2, 0);
> + vmcs_write64(HOST_IA32_FRED_SSP3, 0);
> + }
> #else
> vmcs_write16(HOST_DS_SELECTOR, __KERNEL_DS); /* 22.2.4 */
> vmcs_write16(HOST_ES_SELECTOR, __KERNEL_DS); /* 22.2.4 */
> @@ -4841,6 +4861,17 @@ static void init_vmcs(struct vcpu_vmx *vmx)
> }
>
> vmx_setup_uret_msrs(vmx);
> +
> + if (kvm_cpu_cap_has(X86_FEATURE_FRED)) {
> + vmcs_write64(GUEST_IA32_FRED_CONFIG, 0);
> + vmcs_write64(GUEST_IA32_FRED_RSP1, 0);
> + vmcs_write64(GUEST_IA32_FRED_RSP2, 0);
> + vmcs_write64(GUEST_IA32_FRED_RSP3, 0);
> + vmcs_write64(GUEST_IA32_FRED_STKLVLS, 0);
> + vmcs_write64(GUEST_IA32_FRED_SSP1, 0);
> + vmcs_write64(GUEST_IA32_FRED_SSP2, 0);
> + vmcs_write64(GUEST_IA32_FRED_SSP3, 0);
> + }
> }
>
> static void __vmx_vcpu_reset(struct kvm_vcpu *vcpu)
> @@ -8717,6 +8748,11 @@ __init int vmx_hardware_setup(void)
>
> kvm_caps.inapplicable_quirks &= ~KVM_X86_QUIRK_IGNORE_GUEST_PAT;
>
> + if (kvm_cpu_cap_has(X86_FEATURE_FRED)) {
> + rdmsrl(MSR_IA32_FRED_CONFIG, kvm_host.fred_config);
> + rdmsrl(MSR_IA32_FRED_STKLVLS, kvm_host.fred_stklvls);
> + }
> +
> return r;
> }
>
> diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
> index f3dc77f006f9..0c1fbf75442b 100644
> --- a/arch/x86/kvm/x86.h
> +++ b/arch/x86/kvm/x86.h
> @@ -52,6 +52,9 @@ struct kvm_host_values {
> u64 xss;
> u64 s_cet;
> u64 arch_capabilities;
> +
> + u64 fred_config;
> + u64 fred_stklvls;
> };
>
> void kvm_spurious_fault(void);
next prev parent reply other threads:[~2026-01-21 6:45 UTC|newest]
Thread overview: 123+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-26 20:18 [PATCH v9 00/22] Enable FRED with KVM VMX Xin Li (Intel)
2025-10-26 20:18 ` [PATCH v9 01/22] KVM: VMX: Enable support for secondary VM exit controls Xin Li (Intel)
2025-10-26 20:18 ` [PATCH v9 02/22] KVM: VMX: Initialize VM entry/exit FRED controls in vmcs_config Xin Li (Intel)
2026-01-20 9:24 ` Binbin Wu
2026-01-22 17:57 ` Xin Li
2025-10-26 20:18 ` [PATCH v9 03/22] KVM: VMX: Disable FRED if FRED consistency checks fail Xin Li (Intel)
2026-03-05 0:25 ` Sean Christopherson
2025-10-26 20:18 ` [PATCH v9 04/22] x86/cea: Prefix event stack names with ESTACK_ Xin Li (Intel)
2025-10-26 20:18 ` [PATCH v9 05/22] x86/cea: Use array indexing to simplify exception stack access Xin Li (Intel)
2025-10-27 15:49 ` Dave Hansen
2025-10-28 2:31 ` Xin Li
2026-01-30 13:42 ` Borislav Petkov
2025-10-26 20:18 ` [PATCH v9 06/22] x86/cea: Export __this_cpu_ist_top_va() to KVM Xin Li (Intel)
2025-10-27 15:50 ` Dave Hansen
2026-01-30 13:46 ` Borislav Petkov
2026-01-30 16:35 ` Xin Li
2026-01-30 17:56 ` Borislav Petkov
2026-03-07 7:38 ` Xin Li
2026-03-09 15:24 ` Sean Christopherson
2026-03-09 22:57 ` Xin Li
2025-10-26 20:18 ` [PATCH v9 07/22] KVM: VMX: Initialize VMCS FRED fields Xin Li (Intel)
2025-11-19 2:44 ` Chao Gao
2026-01-21 6:44 ` Binbin Wu [this message]
2026-01-21 18:14 ` Xin Li
2026-01-22 0:45 ` Xin Li
2026-01-22 1:56 ` Binbin Wu
2026-01-22 17:22 ` Xin Li
2026-03-04 16:23 ` Sean Christopherson
2026-03-05 5:27 ` Xin Li
2026-03-05 15:21 ` Sean Christopherson
2026-03-05 17:25 ` Xin Li
2025-10-26 20:18 ` [PATCH v9 08/22] KVM: VMX: Set FRED MSR intercepts Xin Li (Intel)
2025-11-12 5:49 ` Chao Gao
2026-03-05 0:48 ` Sean Christopherson
2026-03-05 5:56 ` Xin Li
2026-03-06 2:30 ` Chao Gao
2026-03-06 15:54 ` Sean Christopherson
2026-01-16 19:49 ` Dave Hansen
2026-01-17 0:43 ` H. Peter Anvin
2025-10-26 20:18 ` [PATCH v9 09/22] KVM: VMX: Save/restore guest FRED RSP0 Xin Li (Intel)
2025-11-12 5:59 ` Chao Gao
2026-01-21 7:23 ` Binbin Wu
2025-10-26 20:18 ` [PATCH v9 10/22] KVM: VMX: Add support for saving and restoring FRED MSRs Xin Li (Intel)
2025-11-12 6:16 ` Chao Gao
2025-12-01 6:20 ` Xin Li
2025-10-26 20:18 ` [PATCH v9 11/22] KVM: x86: Add a helper to detect if FRED is enabled for a vCPU Xin Li (Intel)
2025-11-12 6:19 ` Chao Gao
2026-01-21 8:05 ` Binbin Wu
2026-01-21 16:46 ` Xin Li
2026-01-21 20:24 ` Sean Christopherson
2026-01-21 22:38 ` Xin Li
2025-10-26 20:19 ` [PATCH v9 12/22] KVM: VMX: Virtualize FRED event_data Xin Li (Intel)
2025-11-19 3:24 ` Chao Gao
2026-01-29 17:12 ` Xin Li
2026-01-29 17:21 ` H. Peter Anvin
2026-01-29 22:50 ` Xin Li
2026-03-04 16:42 ` Sean Christopherson
2025-10-26 20:19 ` [PATCH v9 13/22] KVM: VMX: Virtualize FRED nested exception tracking Xin Li (Intel)
2025-11-19 6:54 ` Chao Gao
2026-03-07 2:07 ` Sean Christopherson
2026-03-07 3:05 ` Xin Li
2025-10-26 20:19 ` [PATCH v9 14/22] KVM: x86: Save/restore the nested flag of an exception Xin Li (Intel)
2025-11-19 6:13 ` Chao Gao
2025-10-26 20:19 ` [PATCH v9 15/22] KVM: x86: Mark CR4.FRED as not reserved Xin Li (Intel)
2025-11-19 7:26 ` Chao Gao
2026-03-05 0:58 ` Sean Christopherson
2026-03-05 7:20 ` Xin Li
2026-03-05 15:35 ` Sean Christopherson
2026-03-05 17:09 ` Xin Li
2026-03-05 17:46 ` Xin Li
2026-03-06 5:33 ` Chao Gao
2025-10-26 20:19 ` [PATCH v9 16/22] KVM: VMX: Dump FRED context in dump_vmcs() Xin Li (Intel)
2025-11-19 7:40 ` Chao Gao
2025-11-30 18:42 ` Xin Li
2025-10-26 20:19 ` [PATCH v9 17/22] KVM: x86: Advertise support for FRED Xin Li (Intel)
2025-11-12 7:30 ` Chao Gao
2026-01-20 6:56 ` Xin Li
2026-01-20 8:07 ` Chao Gao
2026-01-20 9:09 ` Xin Li
2026-01-20 9:46 ` Binbin Wu
2026-01-20 15:25 ` Sean Christopherson
2026-01-20 18:04 ` Xin Li
2026-01-20 17:58 ` Xin Li
2025-10-26 20:19 ` [PATCH v9 18/22] KVM: nVMX: Enable support for secondary VM exit controls Xin Li (Intel)
2025-11-12 13:42 ` Chao Gao
2025-10-26 20:19 ` [PATCH v9 19/22] KVM: nVMX: Handle FRED VMCS fields in nested VMX context Xin Li (Intel)
2025-12-02 6:32 ` Chao Gao
2026-01-20 6:30 ` Xin Li
2026-01-20 16:07 ` Dave Hansen
2026-01-20 18:10 ` Xin Li
2026-01-21 0:44 ` Chao Gao
2026-01-22 16:52 ` Xin Li
2025-12-08 22:37 ` Sean Christopherson
2025-10-26 20:19 ` [PATCH v9 20/22] KVM: nVMX: Validate FRED-related VMCS fields Xin Li (Intel)
2025-11-13 3:00 ` Chao Gao
2026-01-20 9:19 ` Xin Li
2026-01-21 2:33 ` Chao Gao
2025-10-26 20:19 ` [PATCH v9 21/22] KVM: nVMX: Guard SHADOW_FIELD_R[OW] macros with VMX feature checks Xin Li (Intel)
2025-12-02 6:35 ` Chao Gao
2025-12-08 22:49 ` Sean Christopherson
2025-10-26 20:19 ` [PATCH v9 22/22] KVM: nVMX: Enable VMX FRED controls Xin Li (Intel)
2025-11-13 3:20 ` Chao Gao
2025-11-06 17:35 ` [PATCH v9 00/22] Enable FRED with KVM VMX Xin Li
2025-11-13 22:20 ` Sean Christopherson
2025-12-08 22:51 ` Sean Christopherson
2025-12-09 17:08 ` Xin Li
2026-04-23 14:35 ` David Woodhouse
2026-04-23 22:56 ` Xin Li
2026-05-05 18:04 ` Maciej Wieczor-Retman
2026-05-05 18:30 ` Andrew Cooper
2026-05-05 19:29 ` H. Peter Anvin
2026-05-05 20:20 ` Maciej Wieczor-Retman
2026-05-05 20:27 ` Andrew Cooper
2026-05-06 14:05 ` Maciej Wieczor-Retman
2026-05-07 7:49 ` David Woodhouse
2026-05-07 12:59 ` Maciej Wieczor-Retman
2026-05-07 13:35 ` David Woodhouse
2026-05-07 13:53 ` Maciej Wieczor-Retman
2026-05-07 14:01 ` David Woodhouse
2026-05-07 23:00 ` David Woodhouse
2026-05-08 14:25 ` Maciej Wieczor-Retman
2026-05-08 14:46 ` David Woodhouse
2026-05-08 18:06 ` Maciej Wieczor-Retman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8731e234-22b8-4ccf-89ef-63feed09e9c5@linux.intel.com \
--to=binbin.wu@linux.intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=hch@infradead.org \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=sohil.mehta@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=xin@zytor.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.