[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v1 7/7] x86/vmx: switch IPT MSRs on vmentry/vmexit

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
From: Michał Leszczyński <michal.leszczynski@xxxxxxx>
Date: Tue, 16 Jun 2020 19:47:07 +0200 (CEST)
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 16 Jun 2020 17:47:52 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Thread-index: IsFlRe2+pVIoLpVn5usOa8NJmss1gw==
Thread-topic: x86/vmx: switch IPT MSRs on vmentry/vmexit

----- 16 cze 2020 o 19:38, Roger Pau Monné roger.pau@xxxxxxxxxx napisał(a):

> On Tue, Jun 16, 2020 at 05:24:11PM +0200, Michał Leszczyński wrote:
>> Enable IPT when entering the VM and disable it on vmexit.
>> Register state is persisted using vCPU ipt_state structure.
> 
> Shouldn't this be better done using Intel MSR load lists?
> 
> That seems to be what the SDM recommends for tracing VM events.
> 
> Thanks, Roger.

This is intentional, additionally described by the comment:

// MSR_IA32_RTIT_CTL is context-switched manually instead of being
// stored inside VMCS, as of Q2'20 only the most recent processors
// support such field in VMCS

There is a special feature flag which indicates whether MSR_IA32_RTIT_CTL can 
be loaded using MR load lists. During my experiments, I haven't found any 
single CPU available to me that would declare such a feature flag. I was mostly 
testing CPUs that were launched in 2018, so I suppose that this feature is 
present only on very recent hardware. Unfortunately it's not possible to check 
on Intel ARK as this information is not listed there at all.

Best regards,
Michał Leszczyński
CERT Polska

Follow-Ups:
- Re: [PATCH v1 7/7] x86/vmx: switch IPT MSRs on vmentry/vmexit
  - From: Roger Pau Monné

References:
- [PATCH v1 0/7] Implement support for external IPT monitoring
  - From: Michał Leszczyński
- [PATCH v1 7/7] x86/vmx: switch IPT MSRs on vmentry/vmexit
  - From: Michał Leszczyński
- Re: [PATCH v1 7/7] x86/vmx: switch IPT MSRs on vmentry/vmexit
  - From: Roger Pau Monné

Prev by Date: Re: [PATCH v1 7/7] x86/vmx: switch IPT MSRs on vmentry/vmexit
Next by Date: [PATCH 0/2] xen/arm: Mitigate straight-line speculation
Previous by thread: Re: [PATCH v1 7/7] x86/vmx: switch IPT MSRs on vmentry/vmexit
Next by thread: Re: [PATCH v1 7/7] x86/vmx: switch IPT MSRs on vmentry/vmexit
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.