From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id D613C1CC8A1
	for <linux-kernel@vger.kernel.org>; Fri,  1 Nov 2024 19:25:19 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1730489121; cv=none; b=IelrHtGf+OtAMo6RUEGq1Bn2QPN2eGoV6ZCqe1HBKbpV4MFfumZIgWLecJVzRkH5TsaT03DyQRunBLWfrOq4VMRMnGMD/DtwmAiY+MFZM3Q93upuxHFokDjj+IaT3pltwmYALrtYjtLZJabAI6HcTcPdFBK3Ruc8xHPl8FBF0Lw=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1730489121; c=relaxed/simple;
	bh=9CFPeGa1vUV3oMQ5Y+5FYL5Vl4au98XgJ2pT8cDYqGc=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type; b=nMg8NLmE50N2WjOj/AOD2nuQvMKXDrpPUHVOqWzQtgFkPEWKf2DahIgoPRaL+Iu3ohvQNLnR72qwkYNBNGBKsIlfJ3URxbzdesLT3dTd8rCFvkaUAdNh0+TG9RCeMCtyzV7y0vCRUX5HB1E87Plr9tsiKqApcKySARJMN9190Ns=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=n0XiUp7W; arc=none smtp.client-ip=209.85.128.201
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="n0XiUp7W"
Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-6e35bdb6a31so44724047b3.1
        for <linux-kernel@vger.kernel.org>; Fri, 01 Nov 2024 12:25:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1730489119; x=1731093919; darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=yBs2yPm5xuCjMgG0MW8KtsBliivZ46s1J0i4m3siP5A=;
        b=n0XiUp7WxaJIO1zbWGSVO5wZB/5w0yhjq8RQZeURUzleSCk6cf5M2HezD4fIxIAFRL
         G5bo8UifJyHnOeIS9y9H7EJ4Dhyp1YYSqKVGlYzBBgfXdhwsi8HxEqcKVKxbIsQzwvsR
         UC5brzhH+Bq4EAqxDKxYo0Nb9pXsXv4SMoxbmqI1MEoNek2p7q0WrkIwBpEbPKxCr3+b
         caJbQgL/0QrfjYc+kLWvKQvYmZwklq+fxg6unoT3qApc6OEYFEyDHlRUshW3coQdD94z
         3ekeYPxug53gaJ43OKs/ZlpKtBLn4Xgnqp+qBrHt+nl4NTejdyTzoARgqTRSzzHSm8zK
         0/5w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1730489119; x=1731093919;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=yBs2yPm5xuCjMgG0MW8KtsBliivZ46s1J0i4m3siP5A=;
        b=YMWFjfl8VTJ1m16x1+coUSqRW8H1a8Zw7dEQsOcgJ8dA9ZUZrFPinAo4F/DP44RH6o
         LIrEhPzj45k8Ry4A//9lcY6SeqrUdu9DW9KyBeHsoUm24pZmxZwNZOZ0u266qM50qVzp
         u7dS4LHeyJFoKkxybEgcNV6Nb5R36AnUaDb0sKNNXlJR+mlK+d2AaKPiuK8a5GmDuZQE
         lU6rrYL/GyFZGTxyFIpMECr3pj+H/aRWYCpdIDWx4nUq7DPvB4qQIRTykfb6TRpqWqlO
         xDJEVBV6x93gieiaqUAw8pK9vseWFzG2pVCd50zu4w5GPlmSmPAQF8KDGwUL0hcyVTVc
         QVcg==
X-Forwarded-Encrypted: i=1; AJvYcCW39AT6iu2kgOgtTaGAYexz5qa+DQyDbE0Fe5mIvnxolKE4ISf7Glp5har0AIrouWY3SWhWyulQdZV7AmY=@vger.kernel.org
X-Gm-Message-State: AOJu0YyxLu6pxFoO0uF/i2IW3d00dQgyrKUOBhE+Nu1P9cL1EMyaDoQe
	8kQxdLg03jzFqQHR2TaWdea3tFhbnzDfPTVRztHD9KS+evLBlP30z0pX/DxUx0W7+FdpwEjlwUb
	6tA==
X-Google-Smtp-Source: AGHT+IGV5cmGDE6cx4EDHk/BqPbUmHUlFxHVw+QXwMJWG4c7kN9q+v1lLQBJI0JElinbAbVUG3dVbLPEsfI=
X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:9d:3983:ac13:c240])
 (user=seanjc job=sendgmr) by 2002:a25:83c3:0:b0:e2b:cd96:67a6 with SMTP id
 3f1490d57ef6-e30e5a904d0mr4456276.5.1730489118808; Fri, 01 Nov 2024 12:25:18
 -0700 (PDT)
Date: Fri, 1 Nov 2024 12:25:17 -0700
In-Reply-To: <173039506428.1508883.15289868954923615228.b4-ty@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240906221824.491834-1-mlevitsk@redhat.com> <173039506428.1508883.15289868954923615228.b4-ty@google.com>
Message-ID: <ZyUrHej3jcZFPXrd@google.com>
Subject: Re: [PATCH v4 0/4] Relax canonical checks on some arch msrs
From: Sean Christopherson <seanjc@google.com>
To: kvm@vger.kernel.org, Maxim Levitsky <mlevitsk@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>, Paolo Bonzini <pbonzini@redhat.com>, 
	Ingo Molnar <mingo@redhat.com>, Vitaly Kuznetsov <vkuznets@redhat.com>, linux-kernel@vger.kernel.org, 
	"H. Peter Anvin" <hpa@zytor.com>, x86@kernel.org, Borislav Petkov <bp@alien8.de>, 
	Dave Hansen <dave.hansen@linux.intel.com>
Content-Type: text/plain; charset="us-ascii"

On Thu, Oct 31, 2024, Sean Christopherson wrote:
> On Fri, 06 Sep 2024 18:18:20 -0400, Maxim Levitsky wrote:
> > Recently we came up upon a failure where likely the guest writes
> > 0xff4547ceb1600000 to MSR_KERNEL_GS_BASE and later on, qemu
> > sets this value via KVM_PUT_MSRS, and is rejected by the
> > kernel, likely due to not being canonical in 4 level paging.
> > 
> > One of the way to trigger this is to make the guest enter SMM,
> > which causes paging to be disabled, which SMM bios re-enables
> > but not the whole 5 level. MSR_KERNEL_GS_BASE on the other
> > hand continues to contain old value.
> > 
> > [...]
> 
> Applied to kvm-x86 misc, with some massaging (see responsed to individual
> patches).  Thanks!
> 
> [1/4] KVM: x86: drop x86.h include from cpuid.h
>       https://github.com/kvm-x86/linux/commit/391bd0c520c1
> [2/4] KVM: x86: implement emul_is_noncanonical_address using is_noncanonical_address
>       https://github.com/kvm-x86/linux/commit/6c45d62536d0
> [3/4] KVM: x86: model canonical checks more precisely
>       https://github.com/kvm-x86/linux/commit/1b1336d1d858
> [4/4] KVM: nVMX: fix canonical check of vmcs12 HOST_RIP
>       https://github.com/kvm-x86/linux/commit/14a95598b6e7

FYI, I rebased misc to v6.12-rc5, as patches in another series had already been
taken through the tip tree.  New hashes:

[1/5] KVM: x86: drop x86.h include from cpuid.h
      https://github.com/kvm-x86/linux/commit/e52ad1ddd0a3
[2/5] KVM: x86: Route non-canonical checks in emulator through emulate_ops
      https://github.com/kvm-x86/linux/commit/16ccadefa295
[3/5] KVM: x86: Add X86EMUL_F_MSR and X86EMUL_F_DT_LOAD to aid canonical checks
      https://github.com/kvm-x86/linux/commit/c534b37b7584
[4/5] KVM: x86: model canonical checks more precisely
      https://github.com/kvm-x86/linux/commit/9245fd6b8531
[5/5] KVM: nVMX: fix canonical check of vmcs12 HOST_RIP
      https://github.com/kvm-x86/linux/commit/90a877216e6b