From: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
To: "Hunter, Adrian" <adrian.hunter@intel.com>,
"seanjc@google.com" <seanjc@google.com>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"Li, Xiaoyao" <xiaoyao.li@intel.com>,
"Huang, Kai" <kai.huang@intel.com>,
"Zhao, Yan Y" <yan.y.zhao@intel.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"dmatlack@google.com" <dmatlack@google.com>,
"Yang, Weijiang" <weijiang.yang@intel.com>,
"Chatre, Reinette" <reinette.chatre@intel.com>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"binbin.wu@linux.intel.com" <binbin.wu@linux.intel.com>,
"Yamahata, Isaku" <isaku.yamahata@intel.com>,
"nik.borisov@suse.com" <nik.borisov@suse.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Gao, Chao" <chao.gao@intel.com>,
"tony.lindgren@linux.intel.com" <tony.lindgren@linux.intel.com>,
"x86@kernel.org" <x86@kernel.org>
Subject: Re: [PATCH 7/7] KVM: TDX: Add TSX_CTRL msr into uret_msrs list
Date: Mon, 2 Dec 2024 19:24:16 +0000 [thread overview]
Message-ID: <c98556099074f52af1c81ec1e82f89bec92cb7cd.camel@intel.com> (raw)
In-Reply-To: <Z04Ffd7Lqxr4Wwua@google.com>
On Mon, 2024-12-02 at 11:07 -0800, Sean Christopherson wrote:
> > guest_can_use() is per-vcpu whereas we are currently using the
> > CPUID from TD_PARAMS (as per spec) before there are any VCPU's.
> > It is a bit of a disconnect so let's keep tsx_supported for now.
>
> No, as was agreed upon[*], KVM needs to ensure consistency between what KVM
> sees
> as guest CPUID and what is actually enabled/exposed to the guest. If there
> are
> no vCPUs, then there's zero reason to snapshot the value in kvm_tdx. And if
> there
> are vCPUs, then their CPUID info needs to be consistent with respect to
> TDPARAMS.
Small point - the last conversation[0] we had on this was to let *userspace*
ensure consistency between KVM's CPUID (i.e. KVM_SET_CPUID2) and the TDX
Module's view. So the configuration goes:
1. Userspace configures per-VM CPU features
2. Userspace gets TDX Module's final per-vCPU version of CPUID configuration via
KVM API
3. Userspace calls KVM_SET_CPUID2 with the merge of TDX Module's version, and
userspace's desired values for KVM "owned" CPUID leads (pv features, etc)
But KVM's knowledge of CPUID bits still remains per-vcpu for TDX in any case.
>
> - Don't hardcode fixed/required CPUID values in KVM, use available metadata
> from TDX Module to reject "bad" guest CPUID (or let the TDX module
> reject?).
> I.e. don't let a guest silently run with a CPUID that diverges from what
> userspace provided.
The latest QEMU patches have this fixed bit data hardcoded in QEMU. Then the
long term solution is to make the TDX module return this data. Xiaoyao will post
a proposal on how the TDX module should expose this soon.
>
> [*] https://lore.kernel.org/all/20240405165844.1018872-1-seanjc@google.com
[0]https://lore.kernel.org/kvm/CABgObfaobJ=G18JO9Jx6-K2mhZ2saVyLY-tHOgab1cJupOe-0Q@mail.gmail.com/
next prev parent reply other threads:[~2024-12-02 19:24 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-21 20:14 [PATCH 0/7] KVM: TDX: TD vcpu enter/exit Adrian Hunter
2024-11-21 20:14 ` [PATCH RFC 1/7] x86/virt/tdx: Add SEAMCALL wrapper to enter/exit TDX guest Adrian Hunter
2024-11-22 11:10 ` Adrian Hunter
2024-11-22 16:33 ` Dave Hansen
2024-11-25 13:40 ` Adrian Hunter
2024-11-28 11:13 ` Adrian Hunter
2024-12-04 15:58 ` Adrian Hunter
2024-12-11 18:43 ` Adrian Hunter
2024-12-13 15:45 ` Adrian Hunter
2024-12-13 16:16 ` Dave Hansen
2024-12-13 16:30 ` Adrian Hunter
2024-12-13 16:44 ` Dave Hansen
2024-11-22 16:26 ` Dave Hansen
2024-11-22 17:29 ` Edgecombe, Rick P
2024-11-25 13:43 ` Adrian Hunter
2024-11-21 20:14 ` [PATCH 2/7] KVM: TDX: Implement TDX vcpu enter/exit path Adrian Hunter
2024-11-22 5:23 ` Xiaoyao Li
2024-11-22 5:56 ` Binbin Wu
2024-11-22 14:33 ` Adrian Hunter
2024-11-28 5:56 ` Yan Zhao
2024-11-28 6:26 ` Adrian Hunter
2024-11-21 20:14 ` [PATCH 3/7] KVM: TDX: vcpu_run: save/restore host state(host kernel gs) Adrian Hunter
2024-11-25 14:12 ` Nikolay Borisov
2024-11-26 16:15 ` Adrian Hunter
2024-11-21 20:14 ` [PATCH 4/7] KVM: TDX: restore host xsave state when exit from the guest TD Adrian Hunter
2024-11-22 5:49 ` Chao Gao
2024-11-25 11:10 ` Adrian Hunter
2024-11-26 2:20 ` Chao Gao
2024-11-28 6:50 ` Adrian Hunter
2024-12-02 2:52 ` Chao Gao
2024-12-02 6:36 ` Adrian Hunter
2024-12-17 16:09 ` Sean Christopherson
2024-12-20 15:22 ` Adrian Hunter
2024-12-20 16:22 ` Sean Christopherson
2024-12-20 21:24 ` PKEY syscall number for selftest? (was: [PATCH 4/7] KVM: TDX: restore host xsave state when exit from the guest TD) Sean Christopherson
2025-01-27 17:09 ` Sean Christopherson
2025-01-03 18:16 ` [PATCH 4/7] KVM: TDX: restore host xsave state when exit from the guest TD Adrian Hunter
2025-01-09 19:11 ` Sean Christopherson
2025-01-10 14:50 ` Adrian Hunter
2025-01-10 17:30 ` Sean Christopherson
2025-01-14 20:04 ` Adrian Hunter
2025-01-15 2:28 ` Sean Christopherson
2025-01-13 19:28 ` Adrian Hunter
2025-01-13 23:47 ` Sean Christopherson
2024-11-25 11:34 ` Adrian Hunter
2024-11-21 20:14 ` [PATCH 5/7] KVM: x86: Allow to update cached values in kvm_user_return_msrs w/o wrmsr Adrian Hunter
2024-11-21 20:14 ` [PATCH 6/7] KVM: TDX: restore user ret MSRs Adrian Hunter
2024-11-21 20:14 ` [PATCH 7/7] KVM: TDX: Add TSX_CTRL msr into uret_msrs list Adrian Hunter
2024-11-22 3:27 ` Chao Gao
2024-11-27 14:00 ` Sean Christopherson
2024-11-29 11:39 ` Adrian Hunter
2024-12-02 19:07 ` Sean Christopherson
2024-12-02 19:24 ` Edgecombe, Rick P [this message]
2024-12-03 0:34 ` Sean Christopherson
2024-12-03 17:34 ` Edgecombe, Rick P
2024-12-03 19:17 ` Adrian Hunter
2024-12-04 1:25 ` Chao Gao
2024-12-04 6:18 ` Adrian Hunter
2024-12-04 6:37 ` Chao Gao
2024-12-04 6:57 ` Adrian Hunter
2024-12-04 11:13 ` Chao Gao
2024-12-04 11:55 ` Adrian Hunter
2024-12-04 15:33 ` Xiaoyao Li
2024-12-04 23:51 ` Edgecombe, Rick P
2024-12-05 17:31 ` Adrian Hunter
2024-12-06 3:37 ` Xiaoyao Li
2024-12-06 14:40 ` Adrian Hunter
2024-12-09 2:46 ` Xiaoyao Li
2024-12-09 7:08 ` Adrian Hunter
2024-12-10 2:45 ` Xiaoyao Li
2024-12-04 23:40 ` Edgecombe, Rick P
2024-11-25 1:25 ` [PATCH 0/7] KVM: TDX: TD vcpu enter/exit Binbin Wu
2024-11-25 15:19 ` Sean Christopherson
2024-11-25 19:50 ` Huang, Kai
2024-11-25 22:51 ` Sean Christopherson
2024-11-26 1:43 ` Huang, Kai
2024-11-26 1:44 ` Binbin Wu
2024-11-26 3:52 ` Huang, Kai
2024-11-26 5:29 ` Binbin Wu
2024-11-26 5:37 ` Huang, Kai
2024-11-26 21:41 ` Sean Christopherson
2024-12-10 18:23 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c98556099074f52af1c81ec1e82f89bec92cb7cd.camel@intel.com \
--to=rick.p.edgecombe@intel.com \
--cc=adrian.hunter@intel.com \
--cc=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dmatlack@google.com \
--cc=isaku.yamahata@intel.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nik.borisov@suse.com \
--cc=pbonzini@redhat.com \
--cc=reinette.chatre@intel.com \
--cc=seanjc@google.com \
--cc=tony.lindgren@linux.intel.com \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
--cc=yan.y.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox