Re: [PATCH v2 21/21] KVM:x86: Support CET supervisor shadow stack MSR access

From: Yang, Weijiang
Date: Thu May 04 2023 - 02:51:48 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH v5 1/3] dt-bindings: misc: esm: Add ESM support for TI K3 devices"
Previous message: Geert Uytterhoeven: "Re: [PATCH] Input: tests - fix input_test_match_device_id test"
In reply to: Edgecombe, Rick P: "Re: [PATCH v2 21/21] KVM:x86: Support CET supervisor shadow stack MSR access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/4/2023 12:17 PM, Edgecombe, Rick P wrote:

On Thu, 2023-05-04 at 09:20 +0800, Yang, Weijiang wrote:

On 5/4/2023 1:07 AM, Edgecombe, Rick P wrote:

On Fri, 2023-04-21 at 09:46 -0400, Yang Weijiang wrote:

+
+       incpt = !is_cet_state_supported(vcpu,
XFEATURE_MASK_CET_KERNEL);
+       incpt |= !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK);
+
+       vmx_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB,
MSR_TYPE_RW, incpt);
+       vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP,
MSR_TYPE_RW, incpt);
+       vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP,
MSR_TYPE_RW, incpt);
+       vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP,
MSR_TYPE_RW, incpt);
}

Why is this tied to XFEATURE_MASK_CET_KERNEL? I don't know how the
SVM
side works, but the host kernel doesn't use this xfeature. Just not
clear on what the intention is. Why not use
kvm_cet_kernel_shstk_supported() again?

I don't know how SVM supports supervisor SHSTK either, here just
follows
the spec.

What aspect of the spec is this?

I assumed the supervisor SHSTK states are backed via XSAVES/SRSTORS with

XFEATURE_MASK_CET_KERNEL set in XSS. This is arguable since implementation

is not determined, but XSAVES is an efficient way to manage the states compared with

manually save/restore the MSRs.

to add the dependency check. Maybe you're right, I need to use
kvm_cet_kernel_shstk_supported()

in my patch set and leave the work to SVM enabling patches. I'll
change
it, thanks!

Oh, I see the the SVM patch [0] is adding XFEATURE_MASK_CET_KERNEL to
kvm_caps.supported_xss as long as kvm_cpu_cap_has(X86_FEATURE_SHSTK).
And it does not look to be checking XSS host support like how
kvm_caps.supported_xss is set in your patch. It should depend on host
support, right?

Yes, it should rely on host to back the states as long as the supervisor

SHSTK MSRs are implemented as XSAVES/XRSTORS managed.

Is that the intent of kvm_caps.supported_xss?

Yes, it's used to indicate all host XSS supported guest features.

Separate from all that, the code above is in VMX, so not sure how it
affects SVM in any case.

I was confused a bit. Yes, the pass-through check is specific to VMX, there could

be other implementation in SVM.

I might be confused here. The code just looked suspicious.

[0]
https://lore.kernel.org/kvm/20221012203910.204793-8-john.allen@xxxxxxx/

IMO, above patch is not necessary as kvm_caps.supported_xss is initialized in x86 part and

shared by both SVM and VMX.

Next message: Krzysztof Kozlowski: "Re: [PATCH v5 1/3] dt-bindings: misc: esm: Add ESM support for TI K3 devices"
Previous message: Geert Uytterhoeven: "Re: [PATCH] Input: tests - fix input_test_match_device_id test"
In reply to: Edgecombe, Rick P: "Re: [PATCH v2 21/21] KVM:x86: Support CET supervisor shadow stack MSR access"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]