From: Chao Gao <chao.gao@intel.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: <kvm@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<bp@alien8.de>, <dave.hansen@linux.intel.com>, <hpa@zytor.com>,
<john.allen@amd.com>, <mingo@redhat.com>,
<minipli@grsecurity.net>, <mlevitsk@redhat.com>,
<pbonzini@redhat.com>, <rick.p.edgecombe@intel.com>,
<seanjc@google.com>, <tglx@linutronix.de>,
<weijiang.yang@intel.com>, <x86@kernel.org>, <xin@zytor.com>
Subject: Re: [PATCH v13 04/21] KVM: x86: Initialize kvm_caps.supported_xss
Date: Fri, 29 Aug 2025 18:29:40 +0800 [thread overview]
Message-ID: <aLGBFBHNredIWKLH@intel.com> (raw)
In-Reply-To: <3eedb2f8-4356-45e9-87d6-579ca30aaa35@intel.com>
On Fri, Aug 29, 2025 at 03:05:01PM +0800, Xiaoyao Li wrote:
>On 8/21/2025 9:30 PM, Chao Gao wrote:
>> From: Yang Weijiang <weijiang.yang@intel.com>
>>
>> Set original kvm_caps.supported_xss to (host_xss & KVM_SUPPORTED_XSS) if
>> XSAVES is supported. host_xss contains the host supported xstate feature
>> bits for thread FPU context switch, KVM_SUPPORTED_XSS includes all KVM
>> enabled XSS feature bits, the resulting value represents the supervisor
>> xstates that are available to guest and are backed by host FPU framework
>> for swapping {guest,host} XSAVE-managed registers/MSRs.
>>
>> Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
>> Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
>> Reviewed-by: Chao Gao <chao.gao@intel.com>
>> Tested-by: Mathias Krause <minipli@grsecurity.net>
>> Tested-by: John Allen <john.allen@amd.com>
>> Tested-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
>> Signed-off-by: Chao Gao <chao.gao@intel.com>
>> ---
>> arch/x86/kvm/x86.c | 11 ++++++++---
>> 1 file changed, 8 insertions(+), 3 deletions(-)
>>
>> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
>> index 75b7a29721bb..6b01c6e9330e 100644
>> --- a/arch/x86/kvm/x86.c
>> +++ b/arch/x86/kvm/x86.c
>> @@ -220,6 +220,8 @@ static struct kvm_user_return_msrs __percpu *user_return_msrs;
>> | XFEATURE_MASK_BNDCSR | XFEATURE_MASK_AVX512 \
>> | XFEATURE_MASK_PKRU | XFEATURE_MASK_XTILE)
>> +#define KVM_SUPPORTED_XSS 0
>> +
>> bool __read_mostly allow_smaller_maxphyaddr = 0;
>> EXPORT_SYMBOL_GPL(allow_smaller_maxphyaddr);
>> @@ -9793,14 +9795,17 @@ int kvm_x86_vendor_init(struct kvm_x86_init_ops *ops)
>> kvm_host.xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK);
>> kvm_caps.supported_xcr0 = kvm_host.xcr0 & KVM_SUPPORTED_XCR0;
>> }
>> +
>> + if (boot_cpu_has(X86_FEATURE_XSAVES)) {
>> + rdmsrq(MSR_IA32_XSS, kvm_host.xss);
>> + kvm_caps.supported_xss = kvm_host.xss & KVM_SUPPORTED_XSS;
>> + }
>
>Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
>
>Btw, since we now have KVM_SUPPORTED_XSS to cap the supported bits, it seems
>we can remove the
>
> kvm_caps.supported_xss = 0;
>
>in both vmx_set_cpu_caps() and svm_set_cpu_caps().
This will enable SHSTK for SVM before SVM's CET series is merged.
>
>> kvm_caps.supported_quirks = KVM_X86_VALID_QUIRKS;
>> kvm_caps.inapplicable_quirks = KVM_X86_CONDITIONAL_QUIRKS;
>> rdmsrq_safe(MSR_EFER, &kvm_host.efer);
>> - if (boot_cpu_has(X86_FEATURE_XSAVES))
>> - rdmsrq(MSR_IA32_XSS, kvm_host.xss);
>> -
>> kvm_init_pmu_capability(ops->pmu_ops);
>> if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES))
>
next prev parent reply other threads:[~2025-08-29 10:30 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-21 13:30 [PATCH v13 00/21] Enable CET Virtualization Chao Gao
2025-08-21 13:30 ` [PATCH v13 01/21] KVM: x86: Introduce KVM_{G,S}ET_ONE_REG uAPIs support Chao Gao
2025-08-28 12:58 ` Xiaoyao Li
2025-08-29 0:43 ` Chao Gao
2025-08-29 22:01 ` Sean Christopherson
2025-08-21 13:30 ` [PATCH v13 02/21] KVM: x86: Report XSS as to-be-saved if there are supported features Chao Gao
2025-08-29 6:37 ` Xiaoyao Li
2025-08-21 13:30 ` [PATCH v13 03/21] KVM: x86: Refresh CPUID on write to guest MSR_IA32_XSS Chao Gao
2025-08-29 6:47 ` Xiaoyao Li
2025-08-29 10:40 ` Chao Gao
2025-08-21 13:30 ` [PATCH v13 04/21] KVM: x86: Initialize kvm_caps.supported_xss Chao Gao
2025-08-29 7:05 ` Xiaoyao Li
2025-08-29 10:29 ` Chao Gao [this message]
2025-08-21 13:30 ` [PATCH v13 05/21] KVM: x86: Load guest FPU state when access XSAVE-managed MSRs Chao Gao
2025-08-25 1:52 ` Xin Li
2025-08-25 2:55 ` Chao Gao
2025-08-26 6:54 ` Xin Li
2025-09-09 8:18 ` Chao Gao
2025-09-09 20:03 ` Sean Christopherson
2025-09-10 2:55 ` Chao Gao
2025-08-27 4:56 ` Xin Li
2025-08-27 15:09 ` Sean Christopherson
2025-08-21 13:30 ` [PATCH v13 06/21] KVM: x86: Add fault checks for guest CR4.CET setting Chao Gao
2025-08-21 13:30 ` [PATCH v13 07/21] KVM: x86: Report KVM supported CET MSRs as to-be-saved Chao Gao
2025-08-21 13:30 ` [PATCH v13 08/21] KVM: VMX: Introduce CET VMCS fields and control bits Chao Gao
2025-08-21 13:30 ` [PATCH v13 09/21] KVM: x86: Enable guest SSP read/write interface with new uAPIs Chao Gao
2025-08-21 13:30 ` [PATCH v13 10/21] KVM: VMX: Emulate read and write to CET MSRs Chao Gao
2025-08-21 13:30 ` [PATCH v13 11/21] KVM: x86: Save and reload SSP to/from SMRAM Chao Gao
2025-08-21 13:30 ` [PATCH v13 12/21] KVM: VMX: Set up interception for CET MSRs Chao Gao
2025-08-21 13:30 ` [PATCH v13 13/21] KVM: VMX: Set host constant supervisor states to VMCS fields Chao Gao
2025-08-21 13:30 ` [PATCH v13 14/21] KVM: x86: Don't emulate instructions guarded by CET Chao Gao
2025-08-21 13:30 ` [PATCH v13 15/21] KVM: x86: Enable CET virtualization for VMX and advertise to userspace Chao Gao
2025-08-21 13:30 ` [PATCH v13 16/21] KVM: nVMX: Virtualize NO_HW_ERROR_CODE_CC for L1 event injection to L2 Chao Gao
2025-08-21 13:30 ` [PATCH v13 17/21] KVM: nVMX: Prepare for enabling CET support for nested guest Chao Gao
2025-08-21 13:30 ` [PATCH v13 18/21] KVM: nVMX: Add consistency checks for CR0.WP and CR4.CET Chao Gao
2025-08-21 13:30 ` [PATCH v13 19/21] KVM: nVMX: Add consistency checks for CET states Chao Gao
2025-08-21 13:30 ` [PATCH v13 20/21] KVM: nVMX: Advertise new VM-Entry/Exit control bits for CET state Chao Gao
2025-08-21 13:30 ` [PATCH v13 21/21] KVM: selftest: Add tests for KVM_{GET,SET}_ONE_REG Chao Gao
2025-08-21 13:35 ` [PATCH v13 00/21] Enable CET Virtualization Chao Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aLGBFBHNredIWKLH@intel.com \
--to=chao.gao@intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=minipli@grsecurity.net \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
--cc=xin@zytor.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.