From: Chao Gao <chao.gao@intel.com>
To: "Chang S. Bae" <chang.seok.bae@intel.com>
Cc: <x86@kernel.org>, <linux-kernel@vger.kernel.org>,
<kvm@vger.kernel.org>, <tglx@linutronix.de>,
<dave.hansen@intel.com>, <seanjc@google.com>,
<pbonzini@redhat.com>, <peterz@infradead.org>,
<rick.p.edgecombe@intel.com>, <weijiang.yang@intel.com>,
<john.allen@amd.com>, <bp@alien8.de>, <xin3.li@intel.com>,
Maxim Levitsky <mlevitsk@redhat.com>,
Ingo Molnar <mingo@redhat.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Samuel Holland <samuel.holland@sifive.com>,
"Mitchell Levy" <levymitchell0@gmail.com>,
Stanislav Spassov <stanspas@amazon.de>,
"Eric Biggers" <ebiggers@google.com>
Subject: Re: [PATCH v5 2/7] x86/fpu: Drop @perm from guest pseudo FPU container
Date: Sat, 19 Apr 2025 09:01:44 +0800 [thread overview]
Message-ID: <aAL1+O1vKZSdbZji@intel.com> (raw)
In-Reply-To: <cd14e94f-dbf8-4a2b-9e92-66dd23a3940b@intel.com>
On Fri, Apr 18, 2025 at 01:51:02PM -0700, Chang S. Bae wrote:
>On 4/10/2025 12:24 AM, Chao Gao wrote:
>> Remove @perm from the guest pseudo FPU container. The field is
>> initialized during allocation and never used later.
>>
>> Rename fpu_init_guest_permissions() to show that its sole purpose is to
>> lock down guest permissions.
>>
>> Suggested-by: Maxim Levitsky <mlevitsk@redhat.com>
>
>This patch appears to be new in V3, as I can see from the diff here:
>
>https://github.com/ChangSeokBae/kernel/compare/xstate-scet-chao-v2...xstate-scet-chao-v3
>
>However, I don’t see any relevant comment from Maxim on your V2 series.
>Unlike patch 1, this one doesn’t include a URL referencing the suggestion
>either -- so I suspect the Suggested-by tag might be incorrect.
v3 was the version where I truly began refining the patches based on my
understanding, the historical discussion, and feedback on v2 [*]. While
reviewing the historical discussion, I found Maxim's suggestion to be
valuable:
https://lore.kernel.org/kvm/af972fe5981b9e7101b64de43c7be0a8cc165323.camel@redhat.com/
So, I implemented it in v3, but I should have included the link.
[*] v2 was simply a resend of v1
https://lore.kernel.org/kvm/20241126101710.62492-1-chao.gao@intel.com/
>> @@ -255,7 +252,7 @@ bool fpu_alloc_guest_fpstate(struct fpu_guest *gfpu)
>> if (WARN_ON_ONCE(fpu_user_cfg.default_size > gfpu->uabi_size))
>> gfpu->uabi_size = fpu_user_cfg.default_size;
>> - fpu_init_guest_permissions(gfpu);
>> + fpu_lock_guest_permissions();
>
>As a future improvement, you might consider updating this to:
>
> if (xstate_get_guest_group_perm() & FPU_GUEST_PERM_LOCKED)
> fpu_lock_guest_permissions();
>
>Or, embed the check inside fpu_lock_guest_permissions():
>
> if (xstate_get_guest_group_perm() & FPU_GUEST_PERM_LOCKED)
> return;
>
>But for this patch itself, the change looks good to me. Please feel free to
>add my tag:
>
> Reviewed-by: Chang S. Bae <chang.seok.bae@intel.com>
Thanks a lot.
next prev parent reply other threads:[~2025-04-19 1:02 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-10 7:24 [PATCH v5 0/7] Introduce CET supervisor state support Chao Gao
2025-04-10 7:24 ` [PATCH v5 1/7] x86/fpu/xstate: Always preserve non-user xfeatures/flags in __state_perm Chao Gao
2025-04-18 20:50 ` Chang S. Bae
2025-04-10 7:24 ` [PATCH v5 2/7] x86/fpu: Drop @perm from guest pseudo FPU container Chao Gao
2025-04-18 20:51 ` Chang S. Bae
2025-04-18 20:54 ` Chang S. Bae
2025-04-19 1:01 ` Chao Gao [this message]
2025-04-10 7:24 ` [PATCH v5 3/7] x86/fpu/xstate: Differentiate default features for host and guest FPUs Chao Gao
2025-04-24 22:52 ` Edgecombe, Rick P
2025-04-25 8:24 ` Chao Gao
2025-04-25 16:09 ` Edgecombe, Rick P
2025-04-25 23:48 ` Sean Christopherson
2025-04-28 3:26 ` Chao Gao
2025-04-28 7:44 ` Xin Li
2025-04-28 14:28 ` Sean Christopherson
2025-04-28 6:31 ` Xin Li
2025-04-28 15:42 ` Edgecombe, Rick P
2025-04-29 1:11 ` Chang S. Bae
2025-04-29 2:50 ` Edgecombe, Rick P
2025-04-29 3:22 ` Chang S. Bae
2025-04-29 3:36 ` Edgecombe, Rick P
2025-04-30 3:27 ` Chao Gao
2025-04-30 15:01 ` Chang S. Bae
2025-04-30 15:33 ` Edgecombe, Rick P
2025-04-30 16:20 ` Sean Christopherson
2025-04-30 18:26 ` Chang S. Bae
2025-04-28 5:51 ` Xin Li
2025-04-28 6:12 ` Xin Li
2025-05-01 14:24 ` Chang S. Bae
2025-05-06 3:29 ` Chao Gao
2025-04-10 7:24 ` [PATCH v5 4/7] x86/fpu: Initialize guest FPU permissions from guest defaults Chao Gao
2025-04-30 15:45 ` Edgecombe, Rick P
2025-04-10 7:24 ` [PATCH v5 5/7] x86/fpu: Initialize guest fpstate and FPU pseudo container " Chao Gao
2025-04-30 18:29 ` Edgecombe, Rick P
2025-05-01 14:24 ` Chang S. Bae
2025-05-06 3:33 ` Chao Gao
2025-04-10 7:24 ` [PATCH v5 6/7] x86/fpu/xstate: Introduce "guest-only" supervisor xfeature set Chao Gao
2025-04-24 22:58 ` Edgecombe, Rick P
2025-04-10 7:24 ` [PATCH v5 7/7] x86/fpu/xstate: Add CET supervisor xfeature support as a guest-only feature Chao Gao
2025-04-24 23:28 ` [PATCH v5 0/7] Introduce CET supervisor state support Edgecombe, Rick P
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aAL1+O1vKZSdbZji@intel.com \
--to=chao.gao@intel.com \
--cc=bp@alien8.de \
--cc=chang.seok.bae@intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=ebiggers@google.com \
--cc=hpa@zytor.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=levymitchell0@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=samuel.holland@sifive.com \
--cc=seanjc@google.com \
--cc=stanspas@amazon.de \
--cc=tglx@linutronix.de \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
--cc=xin3.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox