From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <prvs=56008dfb3=karahmed@amazon.com>
X-Google-Smtp-Source: AH8x224zB67TtUNkaqrSzMHIGr3Ae8CtE5YBW9uak9vqocofD+kL9QrQLtt/8UsRP6Svzc4IeoUX
ARC-Seal: i=1; a=rsa-sha256; t=1517187640; cv=none;
        d=google.com; s=arc-20160816;
        b=mQ8pUqaSXSSaWRBoQn2Ml7oZYXS5iuOuhArhmVf1W0B6qESYHde0Ux1auDaAkMmmjf
         15AoS8bsiG6upGUB0D7H+K2OsXsC2DZEVCLSL5GRh7ys3vWYuetRAsPfFXQLMSpj3gqO
         XAvhmWyE6kHnqMNaTNl/2ww8e+q9K40Dq9c1LU9W1ffRm7v3fQlaDNz95G91YO/Ihees
         uehrQ0k4ETlXGBdirKs1NKzG0lirbdvQVSS3+kEGNffiCcm776qMD40QdvRW+Z2cl9oK
         4a+CNCZudgqOjBRLOxIIWr+Ot364fZ3FjzYGFWC8tFrJ7KGtzJ3cMfdKE7qyLFx3f1aZ
         x9nQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:dkim-signature:arc-authentication-results;
        bh=A+Oz+KcXHydlKNahSvCvbr92Yyi2+Tfi6/enC9KI488=;
        b=PImzFhmtudYQJJLidU9SCbmlpfcrEYF/CHeKgWKy9ZI1QUXGFDVp3n+T568k6y1t0m
         UkvinXw3/f2EdNGzZianQKxyfbpm2bOW5/ID0QDsbKGPMh4R8MIVFKzwAJAef6f4jR+c
         mPFlRLNSnW8KWhLCxnAuWWS0R4A9eyZ0S3rVJfBV2mkeyo21DWIY+U7l8gxfRotSXfm2
         tZYD/oFYU+fBu3FEmnOfC0EBHm8gjSUEsQZijs2KjUwIUndOLUyNM7OJp5VEeBaRweO2
         wGwiqlVR9+cUdTMe2i8FO7qj6+A2dKtiX9Mye+GH65p+VBo2ZQQ5GFeP2MoO5TeswAyn
         hE/w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=hU+c3Hlw;
       spf=pass (google.com: domain of prvs=56008dfb3=karahmed@amazon.com designates 207.171.190.10 as permitted sender) smtp.mailfrom=prvs=56008dfb3=karahmed@amazon.com;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=hU+c3Hlw;
       spf=pass (google.com: domain of prvs=56008dfb3=karahmed@amazon.com designates 207.171.190.10 as permitted sender) smtp.mailfrom=prvs=56008dfb3=karahmed@amazon.com;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
X-IronPort-AV: E=Sophos;i="5.46,428,1511827200";
   d="scan'208";a="717361300"
From: KarimAllah Ahmed <karahmed@amazon.de>
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org
Cc: KarimAllah Ahmed <karahmed@amazon.de>, Andi Kleen <ak@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andy Lutomirski <luto@kernel.org>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Ashok Raj <ashok.raj@intel.com>,
        Asit Mallick <asit.k.mallick@intel.com>, Borislav Petkov <bp@suse.de>,
        Dan Williams <dan.j.williams@intel.com>,
        Dave Hansen <dave.hansen@intel.com>,
        David Woodhouse <dwmw@amazon.co.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        "H . Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
        Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>,
        Joerg Roedel <joro@8bytes.org>, Jun Nakajima <jun.nakajima@intel.com>,
        Laura Abbott <labbott@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Masami Hiramatsu <mhiramat@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tim Chen <tim.c.chen@linux.intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH v2 0/4] KVM: Expose speculation control feature to guests
Date: Mon, 29 Jan 2018 01:58:48 +0100
Message-Id: <1517187532-32286-1-git-send-email-karahmed@amazon.de>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1590886546946822960?=
X-GMAIL-MSGID: =?utf-8?q?1590886546946822960?=
X-Mailing-List: linux-kernel@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>

Add direct access to speculation control MSRs for KVM guests. This allows the
guest to protect itself against Spectre V2 using IBRS+IBPB instead of a
retpoline+IBPB based approach.

It also exposes the ARCH_CAPABILITIES MSR which is going to be used by future
Intel processors to indicate RDCL_NO and IBRS_ALL.

Ashok Raj (1):
  x86/kvm: Add IBPB support

KarimAllah Ahmed (3):
  x86: kvm: Update the reverse_cpuid list to include CPUID_7_EDX
  x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL
  x86: vmx: Allow direct access to MSR_IA32_ARCH_CAPABILITIES

 arch/x86/kvm/cpuid.c |  6 ++++-
 arch/x86/kvm/cpuid.h |  1 +
 arch/x86/kvm/svm.c   | 14 +++++++++++
 arch/x86/kvm/vmx.c   | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 arch/x86/kvm/x86.c   |  1 +
 5 files changed, 92 insertions(+), 1 deletion(-)

Cc: Andi Kleen <ak@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Asit Mallick <asit.k.mallick@intel.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: David Woodhouse <dwmw@amazon.co.uk>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: x86@kernel.org

-- 
2.7.4