]> www.infradead.org Git - users/jedix/linux-maple.git/commitdiff
projects / users / jedix / linux-maple.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eaaa119)
KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL
authorKarimAllah Ahmed <karahmed@amazon.de>
Sat, 3 Feb 2018 14:56:23 +0000 (15:56 +0100)
committerBrian Maly <brian.maly@oracle.com>
Tue, 8 Jan 2019 16:12:44 +0000 (11:12 -0500)
[ Based on a patch from Paolo Bonzini <pbonzini@redhat.com> ]

... basically doing exactly what we do for VMX:

- Passthrough SPEC_CTRL to guests (if enabled in guest CPUID)
- Save and restore SPEC_CTRL around VMExit and VMEntry only if the guest
  actually used it.

Signed-off-by: KarimAllah Ahmed <karahmed@amazon.de>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Jun Nakajima <jun.nakajima@intel.com>
Cc: kvm@vger.kernel.org
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Asit Mallick <asit.k.mallick@intel.com>
Cc: Arjan Van De Ven <arjan.van.de.ven@intel.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Ashok Raj <ashok.raj@intel.com>
Link: https://lkml.kernel.org/r/1517669783-20732-1-git-send-email-karahmed@amazon.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit b2ac58f90540e39324e7a29a7ad471407ae0bf48)

Orabug: 28069548

Signed-off-by: Mihai Carabas <mihai.carabas@oracle.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>
Conflicts:
arch/x86/kvm/svm.c
Contextual and also we dropped msr_write_intercepted because we do not use it
(we have other logic for IBRS usage). No changes to svm_vcpu_run() because we
support IBRS and we have other code in place.

Signed-off-by: Brian Maly <brian.maly@oracle.com>
arch/x86/kvm/svm.c patch | blob | history

diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 09f118462999842e580b5f8d490ebf10d8ba52bd..b6bf48bd74c9134fb69f6abd564ade1c4a8aad22 100644 (file)
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -193,7 +193,7 @@ static const struct svm_direct_access_msrs {
        { .index = MSR_IA32_LASTBRANCHTOIP,             .always = false },
        { .index = MSR_IA32_LASTINTFROMIP,              .always = false },
        { .index = MSR_IA32_LASTINTTOIP,                .always = false },
-       { .index = MSR_IA32_SPEC_CTRL,                  .always = true },
+       { .index = MSR_IA32_SPEC_CTRL,                  .always = false },
        { .index = MSR_IA32_PRED_CMD,                   .always = false },
        { .index = MSR_INVALID,                         .always = false },
 };
@@ -3176,6 +3176,11 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
                msr_info->data = svm->nested.vm_cr_msr;
                break;
        case MSR_IA32_SPEC_CTRL:
+               if (!msr_info->host_initiated &&
+                   !guest_cpuid_has_ibrs(vcpu) &&
+                   !guest_cpuid_has_ssbd(vcpu))
+                       return 1;
+
                msr_info->data = svm->spec_ctrl;
                break;
        case MSR_AMD64_VIRT_SPEC_CTRL:
@@ -3301,7 +3306,32 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
                vcpu_unimpl(vcpu, "unimplemented wrmsr: 0x%x data 0x%llx\n", ecx, data);
                break;
        case MSR_IA32_SPEC_CTRL:
+               if (!msr->host_initiated &&
+                   !guest_cpuid_has_ibrs(vcpu) &&
+                   !guest_cpuid_has_ssbd(vcpu))
+                       return 1;
+
+               /* The STIBP bit doesn't fault even if it's not advertised */
+               if (data & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP))
+                       return 1;
+
                svm->spec_ctrl = data;
+
+               if (!data)
+                       break;
+
+               /*
+                * For non-nested:
+                * When it's written (to non-zero) for the first time, pass
+                * it through.
+                *
+                * For nested:
+                * The handling of the MSR bitmap for L2 guests is done in
+                * nested_svm_vmrun_msrpm.
+                * We update the L1 MSR bit as well since it will end up
+                * touching the MSR anyway now.
+                */
+               set_msr_interception(svm->msrpm, MSR_IA32_SPEC_CTRL, 1, 1);
                break;
        case MSR_IA32_PRED_CMD:
                if (!msr->host_initiated &&
Unnamed repository; edit this file 'description' to name the repository.