From: Sean Christopherson <seanjc@google.com>
To: Weijiang Yang <weijiang.yang@intel.com>
Cc: Dave Hansen <dave.hansen@intel.com>,
pbonzini@redhat.com, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org, peterz@infradead.org,
chao.gao@intel.com, rick.p.edgecombe@intel.com,
john.allen@amd.com
Subject: Re: [PATCH v6 06/25] x86/fpu/xstate: Opt-in kernel dynamic bits when calculate guest xstate size
Date: Tue, 24 Oct 2023 10:07:12 -0700 [thread overview]
Message-ID: <ZTf5wPKXuHBQk0AN@google.com> (raw)
In-Reply-To: <1347cf03-4598-f923-74e4-a3d193d9d2e9@intel.com>
On Fri, Sep 15, 2023, Weijiang Yang wrote:
> On 9/15/2023 1:40 AM, Dave Hansen wrote:
> > On 9/13/23 23:33, Yang Weijiang wrote:
> > > --- a/arch/x86/kernel/fpu/xstate.c
> > > +++ b/arch/x86/kernel/fpu/xstate.c
> > > @@ -1636,9 +1636,17 @@ static int __xstate_request_perm(u64 permitted, u64 requested, bool guest)
> > > /* Calculate the resulting kernel state size */
> > > mask = permitted | requested;
> > > - /* Take supervisor states into account on the host */
> > > + /*
> > > + * Take supervisor states into account on the host. And add
> > > + * kernel dynamic xfeatures to guest since guest kernel may
> > > + * enable corresponding CPU feaures and the xstate registers
> > > + * need to be saved/restored properly.
> > > + */
> > > if (!guest)
> > > mask |= xfeatures_mask_supervisor();
> > > + else
> > > + mask |= fpu_kernel_dynamic_xfeatures;
This looks wrong. Per commit 781c64bfcb73 ("x86/fpu/xstate: Handle supervisor
states in XSTATE permissions"), mask at this point only contains user features,
which somewhat unintuitively doesn't include CET_USER (I get that they're MSRs
and thus supervisor state, it's just the name that's odd).
IIUC, the "dynamic" features contains CET_KERNEL, whereas xfeatures_mask_supervisor()
conatins PASID, CET_USER, and CET_KERNEL. PASID isn't virtualized by KVM, but
doesn't that mean CET_USER will get dropped/lost if userspace requests AMX/XTILE
enabling?
The existing code also seems odd, but I might be missing something. Won't the
kernel drop PASID if the guest request AMX/XTILE? I'm not at all familiar with
what PASID state is managed via XSAVE, so I've no idea if that's an actual problem
or just an oddity.
> > > ksize = xstate_calculate_size(mask, compacted);
> > Heh, you changed the "guest" naming in "fpu_kernel_dynamic_xfeatures"
> > but didn't change the logic.
> >
> > As it's coded at the moment *ALL* "fpu_kernel_dynamic_xfeatures" are
> > guest xfeatures. So, they're different in name only.
...
> > Would there ever be any reason for KVM to be on a system which supports a
> > dynamic kernel feature but where it doesn't get enabled for guest use, or
> > at least shouldn't have the FPU space allocated?
>
> I haven't heard of that kind of usage for other features so far, CET
> supervisor xstate is the only dynamic kernel feature now, not sure whether
> other CPU features having supervisor xstate would share the handling logic
> like CET does one day.
There are definitely scenarios where CET will not be exposed to KVM guests, but
I don't see any reason to make the guest FPU space dynamically sized for CET.
It's what, 40 bytes?
I would much prefer to avoid the whole "dynamic" thing and instead make CET
explicitly guest-only. E.g. fpu_kernel_guest_only_xfeatures? Or even better
if it doesn't cause weirdness elsewhere, a dedicated fpu_guest_cfg. For me at
least, a fpu_guest_cfg would make it easier to understand what all is going on.
next prev parent reply other threads:[~2023-10-24 17:07 UTC|newest]
Thread overview: 119+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-14 6:33 [PATCH v6 00/25] Enable CET Virtualization Yang Weijiang
2023-09-14 6:33 ` [PATCH v6 01/25] x86/fpu/xstate: Manually check and add XFEATURE_CET_USER xstate bit Yang Weijiang
2023-09-14 22:39 ` Edgecombe, Rick P
2023-09-15 2:32 ` Yang, Weijiang
2023-09-15 16:35 ` Edgecombe, Rick P
2023-09-18 7:16 ` Yang, Weijiang
2023-10-31 17:43 ` Maxim Levitsky
2023-11-01 9:19 ` Yang, Weijiang
2023-09-14 6:33 ` [PATCH v6 02/25] x86/fpu/xstate: Fix guest fpstate allocation size calculation Yang Weijiang
2023-09-14 22:45 ` Edgecombe, Rick P
2023-09-15 2:45 ` Yang, Weijiang
2023-09-15 16:35 ` Edgecombe, Rick P
2023-10-21 0:39 ` Sean Christopherson
2023-10-24 8:50 ` Yang, Weijiang
2023-10-24 16:32 ` Sean Christopherson
2023-10-25 13:49 ` Yang, Weijiang
2023-10-31 17:43 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 03/25] x86/fpu/xstate: Add CET supervisor mode state support Yang Weijiang
2023-09-15 0:06 ` Edgecombe, Rick P
2023-09-15 6:30 ` Yang, Weijiang
2023-10-31 17:44 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 04/25] x86/fpu/xstate: Introduce kernel dynamic xfeature set Yang Weijiang
2023-09-15 0:24 ` Edgecombe, Rick P
2023-09-15 6:42 ` Yang, Weijiang
2023-10-31 17:44 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 05/25] x86/fpu/xstate: Remove kernel dynamic xfeatures from kernel default_features Yang Weijiang
2023-09-14 16:22 ` Dave Hansen
2023-09-15 1:52 ` Yang, Weijiang
2023-10-31 17:44 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 06/25] x86/fpu/xstate: Opt-in kernel dynamic bits when calculate guest xstate size Yang Weijiang
2023-09-14 17:40 ` Dave Hansen
2023-09-15 2:22 ` Yang, Weijiang
2023-10-24 17:07 ` Sean Christopherson [this message]
2023-10-25 14:49 ` Yang, Weijiang
2023-10-26 17:24 ` Sean Christopherson
2023-10-26 22:06 ` Edgecombe, Rick P
2023-10-31 17:45 ` Maxim Levitsky
2023-11-01 14:16 ` Sean Christopherson
2023-11-02 18:20 ` Maxim Levitsky
2023-11-03 14:33 ` Sean Christopherson
2023-11-07 18:04 ` Maxim Levitsky
2023-11-14 9:13 ` Yang, Weijiang
2023-09-14 6:33 ` [PATCH v6 07/25] x86/fpu/xstate: Tweak guest fpstate to support kernel dynamic xfeatures Yang Weijiang
2023-10-31 17:45 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 08/25] x86/fpu/xstate: WARN if normal fpstate contains " Yang Weijiang
2023-10-31 17:45 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 09/25] KVM: x86: Rework cpuid_get_supported_xcr0() to operate on vCPU data Yang Weijiang
2023-10-31 17:46 ` Maxim Levitsky
2023-11-01 14:41 ` Sean Christopherson
2023-11-02 18:25 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 10/25] KVM: x86: Add kvm_msr_{read,write}() helpers Yang Weijiang
2023-10-31 17:47 ` Maxim Levitsky
2023-11-01 19:32 ` Sean Christopherson
2023-11-02 18:26 ` Maxim Levitsky
2023-11-15 9:00 ` Yang, Weijiang
2023-09-14 6:33 ` [PATCH v6 11/25] KVM: x86: Report XSS as to-be-saved if there are supported features Yang Weijiang
2023-10-31 17:47 ` Maxim Levitsky
2023-11-01 19:18 ` Sean Christopherson
2023-11-02 18:31 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 12/25] KVM: x86: Refresh CPUID on write to guest MSR_IA32_XSS Yang Weijiang
2023-10-08 5:54 ` Chao Gao
2023-10-10 0:49 ` Yang, Weijiang
2023-10-31 17:51 ` Maxim Levitsky
2023-11-01 17:20 ` Sean Christopherson
2023-11-15 7:18 ` Binbin Wu
2023-09-14 6:33 ` [PATCH v6 13/25] KVM: x86: Initialize kvm_caps.supported_xss Yang Weijiang
2023-10-31 17:51 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 14/25] KVM: x86: Load guest FPU state when access XSAVE-managed MSRs Yang Weijiang
2023-10-31 17:51 ` Maxim Levitsky
2023-11-01 18:05 ` Sean Christopherson
2023-11-02 18:31 ` Maxim Levitsky
2023-11-03 8:46 ` Yang, Weijiang
2023-11-03 14:02 ` Sean Christopherson
2023-09-14 6:33 ` [PATCH v6 15/25] KVM: x86: Add fault checks for guest CR4.CET setting Yang Weijiang
2023-10-31 17:51 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 16/25] KVM: x86: Report KVM supported CET MSRs as to-be-saved Yang Weijiang
2023-10-08 6:19 ` Chao Gao
2023-10-10 0:54 ` Yang, Weijiang
2023-10-31 17:52 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 17/25] KVM: VMX: Introduce CET VMCS fields and control bits Yang Weijiang
2023-10-31 17:52 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 18/25] KVM: x86: Use KVM-governed feature framework to track "SHSTK/IBT enabled" Yang Weijiang
2023-10-31 17:54 ` Maxim Levitsky
2023-11-01 15:46 ` Sean Christopherson
2023-11-02 18:35 ` Maxim Levitsky
2023-11-04 0:07 ` Sean Christopherson
2023-11-07 18:05 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 19/25] KVM: VMX: Emulate read and write to CET MSRs Yang Weijiang
2023-10-31 17:55 ` Maxim Levitsky
2023-11-01 16:31 ` Sean Christopherson
2023-11-02 18:38 ` Maxim Levitsky
2023-11-02 23:58 ` Sean Christopherson
2023-11-07 18:12 ` Maxim Levitsky
2023-11-07 18:39 ` Sean Christopherson
2023-11-03 8:18 ` Yang, Weijiang
2023-11-03 22:26 ` Sean Christopherson
2023-09-14 6:33 ` [PATCH v6 20/25] KVM: x86: Save and reload SSP to/from SMRAM Yang Weijiang
2023-10-31 17:55 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 21/25] KVM: VMX: Set up interception for CET MSRs Yang Weijiang
2023-10-31 17:56 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 22/25] KVM: VMX: Set host constant supervisor states to VMCS fields Yang Weijiang
2023-10-31 17:56 ` Maxim Levitsky
2023-09-14 6:33 ` [PATCH v6 23/25] KVM: x86: Enable CET virtualization for VMX and advertise to userspace Yang Weijiang
2023-09-24 13:38 ` kernel test robot
2023-09-25 0:26 ` Yang, Weijiang
2023-10-31 17:56 ` Maxim Levitsky
2023-11-01 22:14 ` Sean Christopherson
2023-09-14 6:33 ` [PATCH v6 24/25] KVM: nVMX: Introduce new VMX_BASIC bit for event error_code delivery to L1 Yang Weijiang
2023-10-31 17:57 ` Maxim Levitsky
2023-11-01 4:21 ` Chao Gao
2023-11-15 8:31 ` Yang, Weijiang
2023-09-14 6:33 ` [PATCH v6 25/25] KVM: nVMX: Enable CET support for nested guest Yang Weijiang
2023-10-31 17:57 ` Maxim Levitsky
2023-11-01 2:09 ` Chao Gao
2023-11-01 9:22 ` Yang, Weijiang
2023-11-01 9:54 ` Maxim Levitsky
2023-11-15 8:56 ` Yang, Weijiang
2023-11-15 8:23 ` Yang, Weijiang
2023-09-25 0:31 ` [PATCH v6 00/25] Enable CET Virtualization Yang, Weijiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZTf5wPKXuHBQk0AN@google.com \
--to=seanjc@google.com \
--cc=chao.gao@intel.com \
--cc=dave.hansen@intel.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=weijiang.yang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).