From: Sean Christopherson <seanjc@google.com>
To: "Xin Li (Intel)" <xin@zytor.com>
Cc: pbonzini@redhat.com, kvm@vger.kernel.org,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
corbet@lwn.net, tglx@linutronix.de, mingo@redhat.com,
bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org,
hpa@zytor.com, andrew.cooper3@citrix.com, luto@kernel.org,
peterz@infradead.org, chao.gao@intel.com, xin3.li@intel.com
Subject: Re: [PATCH v4 06/19] KVM: VMX: Set FRED MSR interception
Date: Tue, 24 Jun 2025 08:27:52 -0700 [thread overview]
Message-ID: <aFrD-Pn9cmHcVxWs@google.com> (raw)
In-Reply-To: <20250328171205.2029296-7-xin@zytor.com>
On Fri, Mar 28, 2025, Xin Li (Intel) wrote:
> @@ -7935,6 +7945,34 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu)
> vmx->pt_desc.ctl_bitmask &= ~(0xfULL << (32 + i * 4));
> }
>
> +static void vmx_set_intercept_for_fred_msr(struct kvm_vcpu *vcpu)
> +{
This function should short-circult on
if (!kvm_cpu_cap_has(X86_FEATURE_FRED))
return;
Functionally, it shouldn't matter. It's mostly for documentation purposes, and
to avoid doing unnecessary work.
> + bool flag = !guest_cpu_cap_has(vcpu, X86_FEATURE_FRED);
"flag" is unnecessarily ambiguous (eww, I see that the exiting PT code does that).
I like "set", as it has (hopefully) obvious polarity, and aligns with the function
being called.
> +
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP1, MSR_TYPE_RW, flag);
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP2, MSR_TYPE_RW, flag);
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP3, MSR_TYPE_RW, flag);
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_STKLVLS, MSR_TYPE_RW, flag);
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_SSP1, MSR_TYPE_RW, flag);
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_SSP2, MSR_TYPE_RW, flag);
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_SSP3, MSR_TYPE_RW, flag);
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_CONFIG, MSR_TYPE_RW, flag);
> +
> + /*
> + * IA32_FRED_RSP0 and IA32_PL0_SSP (a.k.a. IA32_FRED_SSP0) are only used
> + * for delivering events when running userspace, while KVM always runs in
> + * kernel mode (the CPL is always 0 after any VM exit), thus KVM can run
> + * safely with guest IA32_FRED_RSP0 and IA32_PL0_SSP.
> + *
> + * As a result, no need to intercept IA32_FRED_RSP0 and IA32_PL0_SSP.
> + *
> + * Note, save and restore of IA32_PL0_SSP belong to CET supervisor context
> + * management no matter whether FRED is enabled or not. So leave its
> + * state management to CET code.
> + */
> + vmx_set_intercept_for_msr(vcpu, MSR_IA32_FRED_RSP0, MSR_TYPE_RW, flag);
> +}
next prev parent reply other threads:[~2025-06-24 15:27 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-28 17:11 [PATCH v4 00/19] Enable FRED with KVM VMX Xin Li (Intel)
2025-03-28 17:11 ` [PATCH v4 01/19] KVM: VMX: Add support for the secondary VM exit controls Xin Li (Intel)
2025-03-28 17:11 ` [PATCH v4 02/19] KVM: VMX: Initialize VM entry/exit FRED controls in vmcs_config Xin Li (Intel)
2025-04-14 7:41 ` Chao Gao
2025-04-14 16:53 ` Xin Li
2025-03-28 17:11 ` [PATCH v4 03/19] KVM: VMX: Disable FRED if FRED consistency checks fail Xin Li (Intel)
2025-06-24 15:20 ` Sean Christopherson
2025-03-28 17:11 ` [PATCH v4 04/19] x86/cea: Export per CPU array 'cea_exception_stacks' for KVM to use Xin Li (Intel)
2025-04-10 8:53 ` Christoph Hellwig
2025-04-10 14:18 ` Dave Hansen
2025-04-11 16:16 ` Xin Li
2025-03-28 17:11 ` [PATCH v4 05/19] KVM: VMX: Initialize VMCS FRED fields Xin Li (Intel)
2025-03-28 17:11 ` [PATCH v4 06/19] KVM: VMX: Set FRED MSR interception Xin Li (Intel)
2025-06-24 15:27 ` Sean Christopherson [this message]
2025-03-28 17:11 ` [PATCH v4 07/19] KVM: VMX: Save/restore guest FRED RSP0 Xin Li (Intel)
2025-06-24 15:44 ` Sean Christopherson
2025-03-28 17:11 ` [PATCH v4 08/19] KVM: VMX: Add support for FRED context save/restore Xin Li (Intel)
2025-06-24 16:27 ` Sean Christopherson
2025-06-25 17:18 ` Xin Li
2025-06-26 17:22 ` Xin Li
2025-06-26 20:50 ` Sean Christopherson
2025-03-28 17:11 ` [PATCH v4 09/19] KVM: x86: Add a helper to detect if FRED is enabled for a vCPU Xin Li (Intel)
2025-03-28 17:11 ` [PATCH v4 10/19] KVM: VMX: Virtualize FRED event_data Xin Li (Intel)
2025-03-28 17:11 ` [PATCH v4 11/19] KVM: VMX: Virtualize FRED nested exception tracking Xin Li (Intel)
2025-03-28 17:11 ` [PATCH v4 12/19] KVM: x86: Save/restore the nested flag of an exception Xin Li (Intel)
2025-03-28 17:11 ` [PATCH v4 13/19] KVM: x86: Mark CR4.FRED as not reserved Xin Li (Intel)
2025-03-28 17:12 ` [PATCH v4 14/19] KVM: VMX: Dump FRED context in dump_vmcs() Xin Li (Intel)
2025-06-24 16:32 ` Sean Christopherson
2025-06-25 17:38 ` Xin Li
2025-03-28 17:12 ` [PATCH v4 15/19] KVM: x86: Allow FRED/LKGS to be advertised to guests Xin Li (Intel)
2025-06-24 16:38 ` Sean Christopherson
2025-06-25 18:05 ` Xin Li
2025-06-25 18:29 ` Sean Christopherson
2025-03-28 17:12 ` [PATCH v4 16/19] KVM: nVMX: Add support for the secondary VM exit controls Xin Li (Intel)
2025-06-24 16:54 ` Sean Christopherson
2025-03-28 17:12 ` [PATCH v4 17/19] KVM: nVMX: Add FRED VMCS fields to nested VMX context management Xin Li (Intel)
2025-03-28 17:12 ` [PATCH v4 18/19] KVM: nVMX: Add VMCS FRED states checking Xin Li (Intel)
2025-03-28 17:12 ` [PATCH v4 19/19] KVM: nVMX: Allow VMX FRED controls Xin Li (Intel)
2025-03-28 17:25 ` [PATCH v4 00/19] Enable FRED with KVM VMX Xin Li
2025-06-24 17:06 ` Sean Christopherson
2025-06-24 17:43 ` Xin Li
2025-06-24 17:47 ` H. Peter Anvin
2025-06-24 18:02 ` Xin Li
2025-06-24 18:40 ` H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aFrD-Pn9cmHcVxWs@google.com \
--to=seanjc@google.com \
--cc=andrew.cooper3@citrix.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=xin3.li@intel.com \
--cc=xin@zytor.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.