From: Chao Gao <chao.gao@intel.com>
To: x86@kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, tglx@linutronix.de, dave.hansen@intel.com,
seanjc@google.com, pbonzini@redhat.com
Cc: peterz@infradead.org, rick.p.edgecombe@intel.com,
weijiang.yang@intel.com, john.allen@amd.com, bp@alien8.de,
chang.seok.bae@intel.com, xin3.li@intel.com,
Chao Gao <chao.gao@intel.com>, Ingo Molnar <mingo@redhat.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Samuel Holland <samuel.holland@sifive.com>,
Mitchell Levy <levymitchell0@gmail.com>,
Vignesh Balasubramanian <vigbalas@amd.com>,
Aruna Ramakrishna <aruna.ramakrishna@oracle.com>,
Uros Bizjak <ubizjak@gmail.com>
Subject: [PATCH v6 6/7] x86/fpu/xstate: Introduce "guest-only" supervisor xfeature set
Date: Tue, 6 May 2025 17:36:11 +0800 [thread overview]
Message-ID: <20250506093740.2864458-7-chao.gao@intel.com> (raw)
In-Reply-To: <20250506093740.2864458-1-chao.gao@intel.com>
From: Yang Weijiang <weijiang.yang@intel.com>
In preparation for upcoming CET virtualization support, the CET supervisor
state will be added as a "guest-only" feature, since it is required only by
KVM (i.e., guest FPUs). Establish the infrastructure for "guest-only"
features.
Define a new XFEATURE_MASK_GUEST_SUPERVISOR mask to specify features that
are enabled by default in guest FPUs but not in host FPUs. Specifically,
for any bit in this set, permission is granted and XSAVE space is allocated
during vCPU creation. Non-guest FPUs cannot enable guest-only features,
even dynamically, and no XSAVE space will be allocated for them.
The mask is currently empty, but this will be changed by a subsequent
patch.
Co-developed-by: Chao Gao <chao.gao@intel.com>
Signed-off-by: Chao Gao <chao.gao@intel.com>
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
Reviewed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
---
v6: Collect reviews
v5: Explain in detail the reasoning behind the mask name choice below the
"---" separator line.
In previous versions, the mask was named "XFEATURE_MASK_SUPERVISOR_DYNAMIC"
Dave suggested this name [1], but he also noted, "I don't feel strongly about
it and I've said my piece. I won't NAK it one way or the other."
The term "dynamic" was initially preferred because it reflects the impact
on XSAVE buffers—some buffers accommodate dynamic features while others do
not. This naming allows for the introduction of dynamic features that are
not strictly "guest-only", offering flexibility beyond KVM.
However, using "dynamic" has led to confusion [2]. Chang pointed out that
permission granting and buffer allocation are actually static at VCPU
allocation, diverging from the model for user dynamic features. He also
questioned the rationale for introducing a kernel dynamic feature mask
while using it as a guest-only feature mask [3]. Moreover, Thomas remarked
that "the dynamic naming is really bad" [4]. Although his specific concerns
are unclear, we should be cautious about reinstating the "kernel dynamic
feature" naming.
Therefore, in v4, I renamed the mask to "XFEATURE_MASK_SUPERVISOR_GUEST"
and further refined it to "XFEATURE_MASK_GUEST_SUPERVISOR" in this v5.
[1]: https://lore.kernel.org/all/893ac578-baaf-4f4f-96ee-e012dfc073a8@intel.com/#t
[2]: https://lore.kernel.org/kvm/e15d1074-d5ec-431d-86e5-a58bc6297df8@intel.com/
[3]: https://lore.kernel.org/kvm/7bee70fd-b2b9-4466-a694-4bf3486b19c7@intel.com/
[4]: https://lore.kernel.org/all/87sg1owmth.ffs@nanos.tec.linutronix.de/
---
arch/x86/include/asm/fpu/types.h | 9 +++++----
arch/x86/include/asm/fpu/xstate.h | 6 +++++-
arch/x86/kernel/fpu/xstate.c | 14 +++++++++++---
arch/x86/kernel/fpu/xstate.h | 5 +++++
4 files changed, 26 insertions(+), 8 deletions(-)
diff --git a/arch/x86/include/asm/fpu/types.h b/arch/x86/include/asm/fpu/types.h
index abd193a1a52e..54ba567258d6 100644
--- a/arch/x86/include/asm/fpu/types.h
+++ b/arch/x86/include/asm/fpu/types.h
@@ -592,8 +592,9 @@ struct fpu_state_config {
* @default_size:
*
* The default size of the register state buffer. Includes all
- * supported features except independent managed features and
- * features which have to be requested by user space before usage.
+ * supported features except independent managed features,
+ * guest-only features and features which have to be requested by
+ * user space before usage.
*/
unsigned int default_size;
@@ -609,8 +610,8 @@ struct fpu_state_config {
* @default_features:
*
* The default supported features bitmap. Does not include
- * independent managed features and features which have to
- * be requested by user space before usage.
+ * independent managed features, guest-only features and features
+ * which have to be requested by user space before usage.
*/
u64 default_features;
/*
diff --git a/arch/x86/include/asm/fpu/xstate.h b/arch/x86/include/asm/fpu/xstate.h
index b308a76afbb7..a3cd25453f94 100644
--- a/arch/x86/include/asm/fpu/xstate.h
+++ b/arch/x86/include/asm/fpu/xstate.h
@@ -46,9 +46,13 @@
/* Features which are dynamically enabled for a process on request */
#define XFEATURE_MASK_USER_DYNAMIC XFEATURE_MASK_XTILE_DATA
+/* Supervisor features which are enabled only in guest FPUs */
+#define XFEATURE_MASK_GUEST_SUPERVISOR 0
+
/* All currently supported supervisor features */
#define XFEATURE_MASK_SUPERVISOR_SUPPORTED (XFEATURE_MASK_PASID | \
- XFEATURE_MASK_CET_USER)
+ XFEATURE_MASK_CET_USER | \
+ XFEATURE_MASK_GUEST_SUPERVISOR)
/*
* A supervisor state component may not always contain valuable information,
diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c
index f32047e12500..e77cbfd18094 100644
--- a/arch/x86/kernel/fpu/xstate.c
+++ b/arch/x86/kernel/fpu/xstate.c
@@ -781,14 +781,22 @@ static void __init init_default_features(u64 kernel_max_features, u64 user_max_f
u64 kfeatures = kernel_max_features;
u64 ufeatures = user_max_features;
- /* Default feature sets should not include dynamic xfeatures. */
- kfeatures &= ~XFEATURE_MASK_USER_DYNAMIC;
+ /*
+ * Default feature sets should not include dynamic and guest-only
+ * xfeatures at all.
+ */
+ kfeatures &= ~(XFEATURE_MASK_USER_DYNAMIC | XFEATURE_MASK_GUEST_SUPERVISOR);
ufeatures &= ~XFEATURE_MASK_USER_DYNAMIC;
fpu_kernel_cfg.default_features = kfeatures;
fpu_user_cfg.default_features = ufeatures;
- guest_default_cfg.features = kfeatures;
+ /*
+ * Ensure VCPU FPU container only reserves a space for guest-only
+ * xfeatures. This distinction can save kernel memory by
+ * maintaining a necessary amount of XSAVE buffer.
+ */
+ guest_default_cfg.features = kfeatures | xfeatures_mask_guest_supervisor();
}
/*
diff --git a/arch/x86/kernel/fpu/xstate.h b/arch/x86/kernel/fpu/xstate.h
index a0256ef34ecb..5ced1a92e666 100644
--- a/arch/x86/kernel/fpu/xstate.h
+++ b/arch/x86/kernel/fpu/xstate.h
@@ -61,6 +61,11 @@ static inline u64 xfeatures_mask_supervisor(void)
return fpu_kernel_cfg.max_features & XFEATURE_MASK_SUPERVISOR_SUPPORTED;
}
+static inline u64 xfeatures_mask_guest_supervisor(void)
+{
+ return fpu_kernel_cfg.max_features & XFEATURE_MASK_GUEST_SUPERVISOR;
+}
+
static inline u64 xfeatures_mask_independent(void)
{
if (!cpu_feature_enabled(X86_FEATURE_ARCH_LBR))
--
2.47.1
next prev parent reply other threads:[~2025-05-06 9:33 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-06 9:36 [PATCH v6 0/7] Introduce CET supervisor state support Chao Gao
2025-05-06 9:36 ` [PATCH v6 1/7] x86/fpu/xstate: Always preserve non-user xfeatures/flags in __state_perm Chao Gao
2025-05-06 9:51 ` [tip: x86/fpu] " tip-bot2 for Sean Christopherson
2025-05-06 9:36 ` [PATCH v6 2/7] x86/fpu: Drop @perm from guest pseudo FPU container Chao Gao
2025-05-06 9:36 ` [PATCH v6 3/7] x86/fpu/xstate: Differentiate default features for host and guest FPUs Chao Gao
2025-05-08 20:02 ` Edgecombe, Rick P
2025-05-06 9:36 ` [PATCH v6 4/7] x86/fpu: Initialize guest FPU permissions from guest defaults Chao Gao
2025-05-06 9:36 ` [PATCH v6 5/7] x86/fpu: Initialize guest fpstate and FPU pseudo container " Chao Gao
2025-05-06 17:24 ` Sean Christopherson
2025-05-07 7:37 ` Chao Gao
2025-05-07 18:01 ` Sean Christopherson
2025-05-07 18:04 ` Dave Hansen
2025-05-09 8:14 ` [PATCH v6a 5/8] " Chao Gao
2025-05-09 8:16 ` [PATCH v6a 6/8] x86/fpu: Remove xfd argument from __fpstate_reset() Chao Gao
2025-05-09 18:29 ` Sean Christopherson
2025-05-06 9:36 ` Chao Gao [this message]
2025-05-06 9:36 ` [PATCH v6 7/7] x86/fpu/xstate: Add CET supervisor xfeature support as a guest-only feature Chao Gao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250506093740.2864458-7-chao.gao@intel.com \
--to=chao.gao@intel.com \
--cc=aruna.ramakrishna@oracle.com \
--cc=bp@alien8.de \
--cc=chang.seok.bae@intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=levymitchell0@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=samuel.holland@sifive.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=ubizjak@gmail.com \
--cc=vigbalas@amd.com \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
--cc=xin3.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox