From: Sean Christopherson <seanjc@google.com>
To: Josh Poimboeuf <jpoimboe@kernel.org>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
Borislav Petkov <bp@alien8.de>,
Peter Zijlstra <peterz@infradead.org>,
Babu Moger <babu.moger@amd.com>,
Paolo Bonzini <pbonzini@redhat.com>,
David.Kaplan@amd.com, Andrew Cooper <andrew.cooper3@citrix.com>,
Nikolay Borisov <nik.borisov@suse.com>,
gregkh@linuxfoundation.org, Thomas Gleixner <tglx@linutronix.de>
Subject: Re: [PATCH 03/22] KVM: x86: Support IBPB_BRTYPE and SBPB
Date: Mon, 21 Aug 2023 16:49:57 +0000 [thread overview]
Message-ID: <ZOOVtYB5GXJT+Fk6@google.com> (raw)
In-Reply-To: <a4d62162bcb501e50b0bb19b748702aa12260615.1692580085.git.jpoimboe@kernel.org>
On Sun, Aug 20, 2023, Josh Poimboeuf wrote:
> The IBPB_BRTYPE and SBPB CPUID bits aren't set by HW.
>
> From the AMD SRSO whitepaper:
>
> "Hypervisor software should synthesize the value of both the
> IBPB_BRTYPE and SBPB CPUID bits on these platforms for use by guest
> software."
>
> These bits are already set during kernel boot. Manually propagate them
> to the guest.
Setting the bits in kvm_cpu_caps just advertises them to userspace, i.e. it doesn't
propagate them to the guest, that's up to userspace.
> Also, propagate PRED_CMD_SBPB writes.
>
> Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
> ---
> arch/x86/kvm/cpuid.c | 4 ++++
> arch/x86/kvm/x86.c | 9 +++++----
> 2 files changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index d3432687c9e6..cdf703eec42d 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -729,6 +729,10 @@ void kvm_set_cpu_caps(void)
> F(NULL_SEL_CLR_BASE) | F(AUTOIBRS) | 0 /* PrefetchCtlMsr */
> );
>
> + if (cpu_feature_enabled(X86_FEATURE_SBPB))
> + kvm_cpu_cap_set(X86_FEATURE_SBPB);
This can simply be:
kvm_cpu_cap_check_and_set(X86_FEATURE_SBPB);
If there's a strong desire to use cpu_feature_enabled() instead of boot_cpu_has(),
then I would rather make than change in kvm_cpu_cap_check_and_set() for all features.
> + if (cpu_feature_enabled(X86_FEATURE_IBPB_BRTYPE))
> + kvm_cpu_cap_set(X86_FEATURE_IBPB_BRTYPE);
Assuming IBPB_BRTYPE doesn't require any extra support, it's probably best to add
that one in a separate patch, as SBPB support is likely going to be a bit more
involved.
> if (cpu_feature_enabled(X86_FEATURE_SRSO_NO))
> kvm_cpu_cap_set(X86_FEATURE_SRSO_NO);
Ah, this snuck in without going through the normal review channels. This too
can use kvm_cpu_cap_check_and_set().
next prev parent reply other threads:[~2023-08-21 16:50 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-21 1:18 [PATCH 00/22] SRSO fixes/cleanups Josh Poimboeuf
2023-08-21 1:18 ` [PATCH 01/22] x86/srso: Fix srso_show_state() side effect Josh Poimboeuf
2023-08-21 5:42 ` Nikolay Borisov
2023-08-21 6:04 ` Borislav Petkov
2023-08-21 16:17 ` Josh Poimboeuf
2023-08-22 5:23 ` Borislav Petkov
2023-08-21 1:18 ` [PATCH 02/22] x86/srso: Set CPUID feature bits independently of bug or mitigation status Josh Poimboeuf
2023-08-21 5:42 ` Nikolay Borisov
2023-08-21 9:27 ` Andrew Cooper
2023-08-21 14:06 ` Borislav Petkov
2023-08-23 5:20 ` Borislav Petkov
2023-08-23 12:22 ` Andrew Cooper
2023-08-24 4:24 ` Borislav Petkov
2023-08-24 22:04 ` Josh Poimboeuf
2023-08-25 6:42 ` Borislav Petkov
2023-08-21 13:59 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 03/22] KVM: x86: Support IBPB_BRTYPE and SBPB Josh Poimboeuf
2023-08-21 9:34 ` Andrew Cooper
2023-08-21 16:23 ` Josh Poimboeuf
2023-08-21 16:35 ` Sean Christopherson
2023-08-21 16:46 ` Nikolay Borisov
2023-08-21 16:50 ` Sean Christopherson
2023-08-21 17:05 ` Josh Poimboeuf
2023-08-24 16:39 ` Sean Christopherson
2023-08-24 17:07 ` Josh Poimboeuf
2023-08-21 16:49 ` Sean Christopherson [this message]
2023-08-21 1:19 ` [PATCH 04/22] x86/srso: Fix SBPB enablement for spec_rstack_overflow=off Josh Poimboeuf
2023-08-21 14:16 ` Borislav Petkov
2023-08-21 16:36 ` Josh Poimboeuf
2023-08-22 5:54 ` Borislav Petkov
2023-08-22 6:07 ` Borislav Petkov
2023-08-22 21:59 ` Josh Poimboeuf
2023-08-23 1:27 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 05/22] x86/srso: Fix SBPB enablement for mitigations=off Josh Poimboeuf
2023-08-23 5:57 ` Borislav Petkov
2023-08-23 20:55 ` Josh Poimboeuf
2023-08-23 23:02 ` Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 06/22] x86/srso: Print actual mitigation if requested mitigation isn't possible Josh Poimboeuf
2023-08-23 6:06 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 07/22] x86/srso: Remove default case in srso_select_mitigation() Josh Poimboeuf
2023-08-23 6:18 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 08/22] x86/srso: Downgrade retbleed IBPB warning to informational message Josh Poimboeuf
2023-08-24 4:43 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 09/22] x86/srso: Simplify exit paths Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 10/22] x86/srso: Print mitigation for retbleed IBPB case Josh Poimboeuf
2023-08-24 4:48 ` Borislav Petkov
2023-08-24 21:40 ` Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 11/22] x86/srso: Slight simplification Josh Poimboeuf
2023-08-24 4:55 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 12/22] x86/srso: Remove redundant X86_FEATURE_ENTRY_IBPB check Josh Poimboeuf
2023-08-25 7:09 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 13/22] x86/srso: Fix vulnerability reporting for missing microcode Josh Poimboeuf
2023-08-25 7:25 ` Borislav Petkov
2023-08-21 1:19 ` [PATCH 14/22] x86/srso: Fix unret validation dependencies Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 15/22] x86/alternatives: Remove faulty optimization Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 16/22] x86/srso: Unexport untraining functions Josh Poimboeuf
2023-08-21 5:50 ` Nikolay Borisov
2023-08-21 1:19 ` [PATCH 17/22] x86/srso: Disentangle rethunk-dependent options Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 18/22] x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 19/22] x86/srso: Improve i-cache locality for alias mitigation Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 20/22] x86/retpoline: Remove .text..__x86.return_thunk section Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 21/22] x86/nospec: Refactor UNTRAIN_RET[_*] Josh Poimboeuf
2023-08-21 1:19 ` [PATCH 22/22] x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() Josh Poimboeuf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZOOVtYB5GXJT+Fk6@google.com \
--to=seanjc@google.com \
--cc=David.Kaplan@amd.com \
--cc=andrew.cooper3@citrix.com \
--cc=babu.moger@amd.com \
--cc=bp@alien8.de \
--cc=gregkh@linuxfoundation.org \
--cc=jpoimboe@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nik.borisov@suse.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.