[PATCH] KVM: x86: filter guest NX capability for cpuid2

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] KVM: x86: filter guest NX capability for cpuid2
@ 2020-10-05 14:59 Tianjia Zhang
  2020-10-05 15:29 ` Vitaly Kuznetsov
  0 siblings, 1 reply; 4+ messages in thread
From: Tianjia Zhang @ 2020-10-05 14:59 UTC (permalink / raw)
  To: Paolo Bonzini, Sean Christopherson, Vitaly Kuznetsov, Wanpeng Li,
	Jim Mattson, Joerg Roedel, Thomas Gleixner, Ingo Molnar,
	Borislav Petkov, H. Peter Anvin, x86, kvm, linux-kernel
  Cc: Tianjia Zhang

Original KVM_SET_CPUID has removed NX on non-NX hosts as it did
before. but KVM_SET_CPUID2 does not. The two should be consistent.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
 arch/x86/kvm/cpuid.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 3fd6eec202d7..3e7ba2b11acb 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -257,6 +257,7 @@ int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
 		goto out;
 	}
 
+	cpuid_fix_nx_cap(vcpu);
 	kvm_update_cpuid_runtime(vcpu);
 	kvm_vcpu_after_set_cpuid(vcpu);
 out:
-- 
2.24.3 (Apple Git-128)


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] KVM: x86: filter guest NX capability for cpuid2
  2020-10-05 14:59 [PATCH] KVM: x86: filter guest NX capability for cpuid2 Tianjia Zhang
@ 2020-10-05 15:29 ` Vitaly Kuznetsov
  2020-10-05 16:37   ` Sean Christopherson
  0 siblings, 1 reply; 4+ messages in thread
From: Vitaly Kuznetsov @ 2020-10-05 15:29 UTC (permalink / raw)
  To: Tianjia Zhang
  Cc: Paolo Bonzini, Sean Christopherson, Wanpeng Li, Jim Mattson,
	Joerg Roedel, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
	H. Peter Anvin, x86, kvm, linux-kernel

Tianjia Zhang <tianjia.zhang@linux.alibaba.com> writes:

> Original KVM_SET_CPUID has removed NX on non-NX hosts as it did
> before. but KVM_SET_CPUID2 does not. The two should be consistent.
>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> ---
>  arch/x86/kvm/cpuid.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 3fd6eec202d7..3e7ba2b11acb 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -257,6 +257,7 @@ int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
>  		goto out;
>  	}
>  
> +	cpuid_fix_nx_cap(vcpu);
>  	kvm_update_cpuid_runtime(vcpu);
>  	kvm_vcpu_after_set_cpuid(vcpu);
>  out:

I stumbled upon this too and came to the conclusion this is
intentional, e.g. see this:

commit 0771671749b59a507b6da4efb931c44d9691e248
Author: Dan Kenigsberg <danken@qumranet.com>
Date:   Wed Nov 21 17:10:04 2007 +0200

    KVM: Enhance guest cpuid management

...

    [avi: fix original KVM_SET_CPUID not removing nx on non-nx hosts as it did
          before]

but this is a very, very old story.

-- 
Vitaly


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] KVM: x86: filter guest NX capability for cpuid2
  2020-10-05 15:29 ` Vitaly Kuznetsov
@ 2020-10-05 16:37   ` Sean Christopherson
  2020-10-06  7:54     ` Vitaly Kuznetsov
  0 siblings, 1 reply; 4+ messages in thread
From: Sean Christopherson @ 2020-10-05 16:37 UTC (permalink / raw)
  To: Vitaly Kuznetsov
  Cc: Tianjia Zhang, Paolo Bonzini, Wanpeng Li, Jim Mattson,
	Joerg Roedel, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
	H. Peter Anvin, x86, kvm, linux-kernel

On Mon, Oct 05, 2020 at 05:29:47PM +0200, Vitaly Kuznetsov wrote:
> Tianjia Zhang <tianjia.zhang@linux.alibaba.com> writes:
> 
> > Original KVM_SET_CPUID has removed NX on non-NX hosts as it did
> > before. but KVM_SET_CPUID2 does not. The two should be consistent.
> >
> > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
> > ---
> >  arch/x86/kvm/cpuid.c | 1 +
> >  1 file changed, 1 insertion(+)
> >
> > diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> > index 3fd6eec202d7..3e7ba2b11acb 100644
> > --- a/arch/x86/kvm/cpuid.c
> > +++ b/arch/x86/kvm/cpuid.c
> > @@ -257,6 +257,7 @@ int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
> >  		goto out;
> >  	}
> >  
> > +	cpuid_fix_nx_cap(vcpu);
> >  	kvm_update_cpuid_runtime(vcpu);
> >  	kvm_vcpu_after_set_cpuid(vcpu);
> >  out:
> 
> I stumbled upon this too and came to the conclusion this is
> intentional, e.g. see this:
> 
> commit 0771671749b59a507b6da4efb931c44d9691e248
> Author: Dan Kenigsberg <danken@qumranet.com>
> Date:   Wed Nov 21 17:10:04 2007 +0200
> 
>     KVM: Enhance guest cpuid management
> 
> ...
> 
>     [avi: fix original KVM_SET_CPUID not removing nx on non-nx hosts as it did
>           before]
> 
> but this is a very, very old story.

Doesn't mean it's bogus though :-)  _If_ we want to extend this behavior to
KVM_SET_CPUID2, there should be a justified need.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] KVM: x86: filter guest NX capability for cpuid2
  2020-10-05 16:37   ` Sean Christopherson
@ 2020-10-06  7:54     ` Vitaly Kuznetsov
  0 siblings, 0 replies; 4+ messages in thread
From: Vitaly Kuznetsov @ 2020-10-06  7:54 UTC (permalink / raw)
  To: Sean Christopherson
  Cc: Tianjia Zhang, Paolo Bonzini, Wanpeng Li, Jim Mattson,
	Joerg Roedel, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
	H. Peter Anvin, x86, kvm, linux-kernel

Sean Christopherson <sean.j.christopherson@intel.com> writes:

> On Mon, Oct 05, 2020 at 05:29:47PM +0200, Vitaly Kuznetsov wrote:
>> Tianjia Zhang <tianjia.zhang@linux.alibaba.com> writes:
>> 
>> > Original KVM_SET_CPUID has removed NX on non-NX hosts as it did
>> > before. but KVM_SET_CPUID2 does not. The two should be consistent.
>> >
>> > Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
>> > ---
>> >  arch/x86/kvm/cpuid.c | 1 +
>> >  1 file changed, 1 insertion(+)
>> >
>> > diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
>> > index 3fd6eec202d7..3e7ba2b11acb 100644
>> > --- a/arch/x86/kvm/cpuid.c
>> > +++ b/arch/x86/kvm/cpuid.c
>> > @@ -257,6 +257,7 @@ int kvm_vcpu_ioctl_set_cpuid2(struct kvm_vcpu *vcpu,
>> >  		goto out;
>> >  	}
>> >  
>> > +	cpuid_fix_nx_cap(vcpu);
>> >  	kvm_update_cpuid_runtime(vcpu);
>> >  	kvm_vcpu_after_set_cpuid(vcpu);
>> >  out:
>> 
>> I stumbled upon this too and came to the conclusion this is
>> intentional, e.g. see this:
>> 
>> commit 0771671749b59a507b6da4efb931c44d9691e248
>> Author: Dan Kenigsberg <danken@qumranet.com>
>> Date:   Wed Nov 21 17:10:04 2007 +0200
>> 
>>     KVM: Enhance guest cpuid management
>> 
>> ...
>> 
>>     [avi: fix original KVM_SET_CPUID not removing nx on non-nx hosts as it did
>>           before]
>> 
>> but this is a very, very old story.
>
> Doesn't mean it's bogus though :-)  _If_ we want to extend this behavior to
> KVM_SET_CPUID2, there should be a justified need.

Yes, exactly. I meand to say that founding fathers of KVM left the
adjustment for KVM_SET_CPUID exclusively on purpose and not by mistake
:-)

-- 
Vitaly


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-10-06  7:54 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-10-05 14:59 [PATCH] KVM: x86: filter guest NX capability for cpuid2 Tianjia Zhang
2020-10-05 15:29 ` Vitaly Kuznetsov
2020-10-05 16:37   ` Sean Christopherson
2020-10-06  7:54     ` Vitaly Kuznetsov

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).