Re: [PATCH v7 0/6] Introduce CET supervisor state support

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Chao Gao <chao.gao@intel.com>
To: Uros Bizjak <ubizjak@gmail.com>
Cc: <x86@kernel.org>, <linux-kernel@vger.kernel.org>,
	<kvm@vger.kernel.org>, <tglx@linutronix.de>,
	<dave.hansen@intel.com>, <seanjc@google.com>,
	<pbonzini@redhat.com>, <peterz@infradead.org>,
	<rick.p.edgecombe@intel.com>, <weijiang.yang@intel.com>,
	<john.allen@amd.com>, <bp@alien8.de>, <chang.seok.bae@intel.com>,
	<xin3.li@intel.com>,
	Aruna Ramakrishna <aruna.ramakrishna@oracle.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Eric Biggers <ebiggers@google.com>,
	"H. Peter Anvin" <hpa@zytor.com>,
	"Ingo Molnar" <mingo@redhat.com>, Kees Cook <kees@kernel.org>,
	Maxim Levitsky <mlevitsk@redhat.com>,
	Mitchell Levy <levymitchell0@gmail.com>,
	"Nikolay Borisov" <nik.borisov@suse.com>,
	Oleg Nesterov <oleg@redhat.com>,
	"Samuel Holland" <samuel.holland@sifive.com>,
	Sohil Mehta <sohil.mehta@intel.com>,
	Stanislav Spassov <stanspas@amazon.de>,
	Vignesh Balasubramanian <vigbalas@amd.com>,
	Zhao Liu <zhao1.liu@intel.com>
Subject: Re: [PATCH v7 0/6] Introduce CET supervisor state support
Date: Fri, 16 May 2025 17:02:37 +0800	[thread overview]
Message-ID: <aCb/LduH6akVppRU@intel.com> (raw)
In-Reply-To: <CAFULd4Y3VvqNS8VEvw0ObnqnVDtsC-q3kDEnyc070=gZ9oehgg@mail.gmail.com>

On Fri, May 16, 2025 at 09:51:50AM +0200, Uros Bizjak wrote:
>On Mon, May 12, 2025 at 10:57 AM Chao Gao <chao.gao@intel.com> wrote:
>>
>> Dear maintainers and reviewers,
>>
>> I kindly request your consideration for merging this series. Most of
>> patches have received Reviewed-by/Acked-by tags.
>>
>> Thanks Chang, Rick, Xin, Sean and Dave for their help with this series.
>>
>> == Changelog ==
>> v6->v7:
>>  - Collect reviews from Rick
>>  - Tweak __fpstate_reset() to handle guest fpstate rather than adding a
>>    guest-specific reset function (Sean & Dave)
>>  - Fold xfd initialization into __fpstate_reset() (Sean)
>>  - v6: https://lore.kernel.org/all/20250506093740.2864458-1-chao.gao@intel.com/
>>
>> == Background ==
>>
>> CET defines two register states: CET user, which includes user-mode control
>> registers, and CET supervisor, which consists of shadow-stack pointers for
>> privilege levels 0-2.
>>
>> Current kernel disables shadow stacks in kernel mode, making the CET
>> supervisor state unused and eliminating the need for context switching.
>>
>> == Problem ==
>>
>> To virtualize CET for guests, KVM must accurately emulate hardware
>> behavior. A key challenge arises because there is no CPUID flag to indicate
>> that shadow stack is supported only in user mode. Therefore, KVM cannot
>> assume guests will not enable shadow stacks in kernel mode and must
>> preserve the CET supervisor state of vCPUs.
>>
>> == Solution ==
>>
>> An initial proposal to manually save and restore CET supervisor states
>> using raw RDMSR/WRMSR in KVM was rejected due to performance concerns and
>> its impact on KVM's ABI. Instead, leveraging the kernel's FPU
>> infrastructure for context switching was favored [1].
>
>Dear Chao,
>
>I wonder if the same approach can be used to optimize switching of
>Intel PT configuration context. There was a patch series [1] posted
>some time ago that showed substantial reduction of overhead when
>switching Intel PT configuration context on VM-Entry/Exit using
>XSAVES/XRSTORS instructions:

No, the guest-only infrastructure utilizes the FPU core to switch states
during context switches, whereas Intel PT state is switched at different
points, i.e., on VM entry/exit.

Switching Intel PT state on VM entry/exit is necessary only for the
"host-guest" mode, which is currently marked as BROKEN. Unless functional
issues are addressed first, there's no point in optimizing its state
switching.

If we ever reinstate support for the "host-guest" mode, I think Intel PT
state probably could be implemented as an independent feature, similar to
LBR state.

next prev parent reply	other threads:[~2025-05-16  9:03 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-05-12  8:57 [PATCH v7 0/6] Introduce CET supervisor state support Chao Gao
2025-05-12  8:57 ` [PATCH v7 1/6] x86/fpu/xstate: Differentiate default features for host and guest FPUs Chao Gao
2025-05-21 16:49   ` Sean Christopherson
2025-05-22 14:44     ` Chao Gao
2025-05-12  8:57 ` [PATCH v7 2/6] x86/fpu: Initialize guest FPU permissions from guest defaults Chao Gao
2025-05-12  8:57 ` [PATCH v7 3/6] x86/fpu: Initialize guest fpstate and FPU pseudo container " Chao Gao
2025-05-12 14:13   ` Sean Christopherson
2025-05-12 15:21     ` Chao Gao
2025-05-12  8:57 ` [PATCH v7 4/6] x86/fpu: Remove xfd argument from __fpstate_reset() Chao Gao
2025-05-12  8:57 ` [PATCH v7 5/6] x86/fpu/xstate: Introduce "guest-only" supervisor xfeature set Chao Gao
2025-05-12  8:57 ` [PATCH v7 6/6] x86/fpu/xstate: Add CET supervisor xfeature support as a guest-only feature Chao Gao
2025-05-15 15:41 ` [PATCH v7 0/6] Introduce CET supervisor state support Ingo Molnar
2025-05-16 15:19   ` Dave Hansen
2025-05-16 15:20   ` Dave Hansen
2025-05-21  0:22     ` Chao Gao
2025-05-21 16:59       ` Sean Christopherson
2025-05-22  7:51     ` Peter Zijlstra
2025-05-16  7:51 ` Uros Bizjak
2025-05-16  9:02   ` Chao Gao [this message]
2025-05-16 15:15   ` Dave Hansen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aCb/LduH6akVppRU@intel.com \
    --to=chao.gao@intel.com \
    --cc=aruna.ramakrishna@oracle.com \
    --cc=bp@alien8.de \
    --cc=chang.seok.bae@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=ebiggers@google.com \
    --cc=hpa@zytor.com \
    --cc=john.allen@amd.com \
    --cc=kees@kernel.org \
    --cc=kvm@vger.kernel.org \
    --cc=levymitchell0@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=mlevitsk@redhat.com \
    --cc=nik.borisov@suse.com \
    --cc=oleg@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peterz@infradead.org \
    --cc=rick.p.edgecombe@intel.com \
    --cc=samuel.holland@sifive.com \
    --cc=seanjc@google.com \
    --cc=sohil.mehta@intel.com \
    --cc=stanspas@amazon.de \
    --cc=tglx@linutronix.de \
    --cc=ubizjak@gmail.com \
    --cc=vigbalas@amd.com \
    --cc=weijiang.yang@intel.com \
    --cc=x86@kernel.org \
    --cc=xin3.li@intel.com \
    --cc=zhao1.liu@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.