From: Chao Gao <chao.gao@intel.com>
To: Xin Li <xin@zytor.com>
Cc: <kvm@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<bp@alien8.de>, <dave.hansen@linux.intel.com>, <hpa@zytor.com>,
<john.allen@amd.com>, <mingo@redhat.com>,
<minipli@grsecurity.net>, <mlevitsk@redhat.com>,
<pbonzini@redhat.com>, <rick.p.edgecombe@intel.com>,
<seanjc@google.com>, <tglx@linutronix.de>,
<weijiang.yang@intel.com>, <x86@kernel.org>
Subject: Re: [PATCH v13 05/21] KVM: x86: Load guest FPU state when access XSAVE-managed MSRs
Date: Tue, 9 Sep 2025 16:18:49 +0800 [thread overview]
Message-ID: <aL/i6cA6EjjZ1H6f@intel.com> (raw)
In-Reply-To: <aKvP2AHKYeQCPm0x@intel.com>
On Mon, Aug 25, 2025 at 10:55:20AM +0800, Chao Gao wrote:
>On Sun, Aug 24, 2025 at 06:52:55PM -0700, Xin Li wrote:
>>> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
>>> index 6b01c6e9330e..799ac76679c9 100644
>>> --- a/arch/x86/kvm/x86.c
>>> +++ b/arch/x86/kvm/x86.c
>>> @@ -4566,6 +4569,21 @@ int kvm_get_msr_common(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
>>> }
>>> EXPORT_SYMBOL_GPL(kvm_get_msr_common);
>>> +/*
>>> + * Returns true if the MSR in question is managed via XSTATE, i.e. is context
>>> + * switched with the rest of guest FPU state.
>>> + */
>>> +static bool is_xstate_managed_msr(u32 index)
>>> +{
>>> + switch (index) {
>>> + case MSR_IA32_U_CET:
>>
>>
>>Why MSR_IA32_S_CET is not included here?
>
>Emm. I didn't think about this.
>
>MSR_IA32_S_CET is read from or written to a dedicated VMCS/B field, so KVM
>doesn't need to load the guest FPU to access MSR_IA32_S_CET. This pairs with
>the kvm_{get,set}_xstate_msr() in kvm_{get,set}_msr_common().
>
>That said, userspace writes can indeed cause an inconsistency between the guest
>FPU and VMCS fields regarding MSR_IA32_S_CET. If migration occurs right after a
>userspace write (without a VM-entry, which would bring them in sync) and
>userspace just restores MSR_IA32_S_CET from the guest FPU, the write before
>migration could be lost.
>
>If that migration issue is a practical problem, I think MSR_IA32_S_CET should
>be included here, and we need to perform a kvm_set_xstate_msr() after writing
>to the VMCS/B.
I prefer to make guest FPU and VMCS always consistent regarding MSR_IA32_S_CET.
The cost is to load guest FPU before userspace accesses the MSR and save guest
FPU after that. It isn't a problem as MSR_IA32_S_CET accesses from userspace
shouldn't be on any hot-path. So, I will add:
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 989008f5307e..92daf63c9487 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -2435,6 +2435,7 @@ int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
break;
case MSR_IA32_S_CET:
vmcs_writel(GUEST_S_CET, data);
+ kvm_set_xstate_msr(vcpu, msr_info);
break;
case MSR_KVM_INTERNAL_GUEST_SSP:
vmcs_writel(GUEST_SSP, data);
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index a3770e3d5154..6f64a3355274 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -4647,6 +4647,7 @@ EXPORT_SYMBOL_GPL(kvm_get_msr_common);
static bool is_xstate_managed_msr(u32 index)
{
switch (index) {
+ case MSR_IA32_S_CET:
case MSR_IA32_U_CET:
case MSR_IA32_PL0_SSP ... MSR_IA32_PL3_SSP:
return true;
next prev parent reply other threads:[~2025-09-09 8:19 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-21 13:30 [PATCH v13 00/21] Enable CET Virtualization Chao Gao
2025-08-21 13:30 ` [PATCH v13 01/21] KVM: x86: Introduce KVM_{G,S}ET_ONE_REG uAPIs support Chao Gao
2025-08-28 12:58 ` Xiaoyao Li
2025-08-29 0:43 ` Chao Gao
2025-08-29 22:01 ` Sean Christopherson
2025-08-21 13:30 ` [PATCH v13 02/21] KVM: x86: Report XSS as to-be-saved if there are supported features Chao Gao
2025-08-29 6:37 ` Xiaoyao Li
2025-08-21 13:30 ` [PATCH v13 03/21] KVM: x86: Refresh CPUID on write to guest MSR_IA32_XSS Chao Gao
2025-08-29 6:47 ` Xiaoyao Li
2025-08-29 10:40 ` Chao Gao
2025-08-21 13:30 ` [PATCH v13 04/21] KVM: x86: Initialize kvm_caps.supported_xss Chao Gao
2025-08-29 7:05 ` Xiaoyao Li
2025-08-29 10:29 ` Chao Gao
2025-08-21 13:30 ` [PATCH v13 05/21] KVM: x86: Load guest FPU state when access XSAVE-managed MSRs Chao Gao
2025-08-25 1:52 ` Xin Li
2025-08-25 2:55 ` Chao Gao
2025-08-26 6:54 ` Xin Li
2025-09-09 8:18 ` Chao Gao [this message]
2025-09-09 20:03 ` Sean Christopherson
2025-09-10 2:55 ` Chao Gao
2025-08-27 4:56 ` Xin Li
2025-08-27 15:09 ` Sean Christopherson
2025-08-21 13:30 ` [PATCH v13 06/21] KVM: x86: Add fault checks for guest CR4.CET setting Chao Gao
2025-08-21 13:30 ` [PATCH v13 07/21] KVM: x86: Report KVM supported CET MSRs as to-be-saved Chao Gao
2025-08-21 13:30 ` [PATCH v13 08/21] KVM: VMX: Introduce CET VMCS fields and control bits Chao Gao
2025-08-21 13:30 ` [PATCH v13 09/21] KVM: x86: Enable guest SSP read/write interface with new uAPIs Chao Gao
2025-08-21 13:30 ` [PATCH v13 10/21] KVM: VMX: Emulate read and write to CET MSRs Chao Gao
2025-08-21 13:30 ` [PATCH v13 11/21] KVM: x86: Save and reload SSP to/from SMRAM Chao Gao
2025-08-21 13:30 ` [PATCH v13 12/21] KVM: VMX: Set up interception for CET MSRs Chao Gao
2025-08-21 13:30 ` [PATCH v13 13/21] KVM: VMX: Set host constant supervisor states to VMCS fields Chao Gao
2025-08-21 13:30 ` [PATCH v13 14/21] KVM: x86: Don't emulate instructions guarded by CET Chao Gao
2025-08-21 13:30 ` [PATCH v13 15/21] KVM: x86: Enable CET virtualization for VMX and advertise to userspace Chao Gao
2025-08-21 13:30 ` [PATCH v13 16/21] KVM: nVMX: Virtualize NO_HW_ERROR_CODE_CC for L1 event injection to L2 Chao Gao
2025-08-21 13:30 ` [PATCH v13 17/21] KVM: nVMX: Prepare for enabling CET support for nested guest Chao Gao
2025-08-21 13:30 ` [PATCH v13 18/21] KVM: nVMX: Add consistency checks for CR0.WP and CR4.CET Chao Gao
2025-08-21 13:30 ` [PATCH v13 19/21] KVM: nVMX: Add consistency checks for CET states Chao Gao
2025-08-21 13:30 ` [PATCH v13 20/21] KVM: nVMX: Advertise new VM-Entry/Exit control bits for CET state Chao Gao
2025-08-21 13:30 ` [PATCH v13 21/21] KVM: selftest: Add tests for KVM_{GET,SET}_ONE_REG Chao Gao
2025-08-21 13:35 ` [PATCH v13 00/21] Enable CET Virtualization Chao Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aL/i6cA6EjjZ1H6f@intel.com \
--to=chao.gao@intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=minipli@grsecurity.net \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
--cc=xin@zytor.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.