From: Sean Christopherson <seanjc@google.com>
To: Aaron Lewis <aaronlewis@google.com>
Cc: kvm@vger.kernel.org, pbonzini@redhat.com, jmattson@google.com
Subject: Re: [PATCH v2 1/6] KVM: x86: Clear all supported MPX xfeatures if they are not all set
Date: Tue, 3 Jan 2023 18:46:03 +0000 [thread overview]
Message-ID: <Y7R36wsXn3JqwfEv@google.com> (raw)
In-Reply-To: <20221230162442.3781098-2-aaronlewis@google.com>
On Fri, Dec 30, 2022, Aaron Lewis wrote:
> Be a good citizen and don't allow any of the supported MPX xfeatures[1]
> to be set if they can't all be set. That way userspace or a guest
> doesn't fail if it attempts to set them in XCR0.
>
> [1] CPUID.(EAX=0DH,ECX=0):EAX.BNDREGS[bit-3]
> CPUID.(EAX=0DH,ECX=0):EAX.BNDCSR[bit-4]
>
> Suggested-by: Jim Mattson <jmattson@google.com>
> Signed-off-by: Aaron Lewis <aaronlewis@google.com>
> ---
> arch/x86/kvm/cpuid.c | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index c4e8257629165..2431c46d456b4 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -855,6 +855,16 @@ static int __do_cpuid_func_emulated(struct kvm_cpuid_array *array, u32 func)
> return 0;
> }
>
> +static u64 sanitize_xcr0(u64 xcr0)
> +{
> + u64 mask;
> +
> + mask = XFEATURE_MASK_BNDREGS | XFEATURE_MASK_BNDCSR;
> + if ((xcr0 & mask) != mask)
> + xcr0 &= ~mask;
> +
> + return xcr0;
> +}
> +
> static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
> {
> struct kvm_cpuid_entry2 *entry;
> @@ -982,6 +992,8 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function)
> u64 permitted_xcr0 = kvm_caps.supported_xcr0 & xstate_get_guest_group_perm();
> u64 permitted_xss = kvm_caps.supported_xss;
>
> + permitted_xcr0 = sanitize_xcr0(permitted_xcr0);
This isn't 100% correct, all usage needs to be sanitized so that KVM provides a
consistent view. E.g. KVM_CAP_XSAVE2 would report the wrong size.
case KVM_CAP_XSAVE2: {
u64 guest_perm = xstate_get_guest_group_perm();
r = xstate_required_size(kvm_caps.supported_xcr0 & guest_perm, false);
if (r < sizeof(struct kvm_xsave))
r = sizeof(struct kvm_xsave);
break;
}
Barring a kernel bug, xstate_get_guest_group_perm() will never report partial
support, so I think the easy solution is to sanitize kvm_caps.suport_xcr0.
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 2480b8027a45..7ea06c58eaf6 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -9344,6 +9344,10 @@ int kvm_arch_init(void *opaque)
if (boot_cpu_has(X86_FEATURE_XSAVE)) {
host_xcr0 = xgetbv(XCR_XFEATURE_ENABLED_MASK);
kvm_caps.supported_xcr0 = host_xcr0 & KVM_SUPPORTED_XCR0;
+ if (!(kvm_caps.supported_xcr0 & XFEATURE_MASK_BNDREGS) ||
+ !(kvm_caps.supported_xcr0 & XFEATURE_MASK_BNDCSR))
+ kvm_caps.supported_xcr0 &= ~(XFEATURE_MASK_BNDREGS |
+ XFEATURE_MASK_BNDCSR);
}
if (pi_inject_timer == -1)
> +
> entry->eax &= permitted_xcr0;
> entry->ebx = xstate_required_size(permitted_xcr0, false);
> entry->ecx = entry->ebx;
> --
> 2.39.0.314.g84b9a713c41-goog
>
next prev parent reply other threads:[~2023-01-03 18:48 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-30 16:24 [PATCH v2 0/6] Clean up the supported xfeatures Aaron Lewis
2022-12-30 16:24 ` [PATCH v2 1/6] KVM: x86: Clear all supported MPX xfeatures if they are not all set Aaron Lewis
2023-01-02 15:03 ` Xiaoyao Li
2023-01-03 18:47 ` Sean Christopherson
2023-01-03 18:46 ` Sean Christopherson [this message]
2023-01-10 14:49 ` Aaron Lewis
2023-01-10 18:32 ` Chang S. Bae
2023-01-12 18:21 ` Mingwei Zhang
2023-01-12 18:44 ` Chang S. Bae
2023-01-12 19:17 ` Mingwei Zhang
2023-01-12 20:31 ` Chang S. Bae
2023-01-12 21:21 ` Mingwei Zhang
2023-01-12 21:33 ` Chang S. Bae
2023-01-13 0:25 ` Mingwei Zhang
2023-01-13 14:43 ` Aaron Lewis
2023-01-17 20:32 ` Chang S. Bae
2023-01-17 22:39 ` Mingwei Zhang
2023-01-18 0:34 ` Chang S. Bae
2022-12-30 16:24 ` [PATCH v2 2/6] KVM: x86: Clear all supported AVX-512 " Aaron Lewis
2023-01-04 16:33 ` Sean Christopherson
2023-01-04 16:39 ` Sean Christopherson
2022-12-30 16:24 ` [PATCH v2 3/6] KVM: x86: Clear all supported AMX " Aaron Lewis
2022-12-30 16:24 ` [PATCH v2 4/6] KVM: selftests: Hoist XGETBV and XSETBV to make them more accessible Aaron Lewis
2022-12-30 16:24 ` [PATCH v2 5/6] KVM: selftests: Add XFEATURE masks to common code Aaron Lewis
2023-01-04 16:43 ` Sean Christopherson
2022-12-30 16:24 ` [PATCH v2 6/6] KVM: selftests: Add XCR0 Test Aaron Lewis
2023-01-04 17:13 ` Sean Christopherson
2023-01-05 22:46 ` Aaron Lewis
2023-01-05 23:10 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y7R36wsXn3JqwfEv@google.com \
--to=seanjc@google.com \
--cc=aaronlewis@google.com \
--cc=jmattson@google.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).