[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 6/8] x86/hvm: Enable guest access to MSR_PKRS

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Thu, 12 Jan 2023 14:16:11 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=M4MLRHfiI+tlOzl0M5z8zfqWd7k4vE8XvdoGTLWQuxY=; b=R4fimVzK47dFPO66/AisLIyJ+o34J7/6RRVnfOZ8I1S349TM1/RXdRjwRI+uen6YH9CXCpe+UQCC0iUQnmGe5vpb33GgJWfgmLWkfFllJ2ZwO4P/oYKhGLR7cRqpMuHI0FE0Mq9mstZKUnf3LPJqFIIvvCa8jwtmvKfYFxN2ue7T9UWGZy3pDCuVdWZwUhr4yoqNTp3RgplMTMZdSzUBk9q+U+MxJ/I6s0ewH3zxPJtgRSySXAuPtS06hTXSBr2dDz9/tKixrpTL3liIkDRQ9xnfNNQ6MBmZIMbejyj5bZsYQKPlMthNJaZYGVqK2qSI12LNuLGZ+xRGrmZ6NSGQ8g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LkhyhHD8hMsvNpm4fqwp/gtEELQX0TyDa9GI4sGChI3BLfKuzj09EbHLXEuLvdpTp1mgXtccmewjvNzBNOsPvxFtzQcf4UMVu1fYy+BlDN4JGfn+ubhj5Ujcm37Cmv4iwEGVFsfP200EmRyy365ZBx3VN6BtUtt5oFqFCDZHKkVBANBDXXGtPt6zy4TvzKYuy+K9gxsoTa9QLGMpFWheYXkoz/sa+wlbsynpQci7vjWahYQaSMR4W/Ae9Zy1aJHUOCiHg8QFZdo26BI/wJpR3syZghmb9SlPjxBVIKDOCQAjXF7Z+Hn8FPj5LubRXSO+lYyl++Q3tyvB6ndlDZLddA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 12 Jan 2023 14:16:23 +0000
  • Ironport-data: A9a23:aA0EwaMaYTT0sazvrR2clsFynXyQoLVcMsEvi/4bfWQNrUp21GdVz DFNC2jUOPiJZjSjfd1xady2oxwD75LdmNMxTwto+SlhQUwRpJueD7x1DKtS0wC6dZSfER09v 63yTvGacajYm1eF/k/F3oDJ9CU6jufQA+KmU4YoAwgpLSd8UiAtlBl/rOAwh49skLCRDhiE/ Nj/uKUzAnf8s9JPGj9Suv3rRC9H5qyo42tB5wZmP5ingXeF/5UrJMNHTU2OByOQrrl8RoaSW +vFxbelyWLVlz9F5gSNy+uTnuUiG9Y+DCDW4pZkc/HKbitq/0Te5p0TJvsEAXq7vh3S9zxHJ HehgrTrIeshFvWkdO3wyHC0GQkmVUFN0OevzXRSLaV/ZqAJGpfh66wGMa04AWEX0rlQXmZop N0RETtXTyqvv/yn3Y6wEtA506zPLOGzVG8ekldJ6GiDSNMZG9XESaiM4sJE1jAtgMwIBezZe 8cSdTtoalLHfgFLPVAUTpk5mY9EhFGmK2Ee9A3T+/RxvzO7IA9ZidABNPL8fNCQSNoTtUGfv m/cpEzyAw0ANczZwj2Amp6prr6Vxn6mANNOfFG+3tNQmwO/1DE6NDtIWRid8cCopHCeZvsKf iT4/QJr98De7neDTNPwQhm5q36spQMHVpxbFOhSwB6J4rrZ5UCeHGdsZj1Mdt0g8tM3TDoC1 1mVktevDjtq2JWFRHTY+rqKoDeaPSkOMXREdSICVREC4dTovMc0lB2nczp4OKu8j9mwHC6qx TmP9XI6n+9L0ZVN0Lin91fahT7qvoLOUgM++gTQWCSi8x99Y4mmIYev7DA38Mp9EWpQdXHZ1 FBspiRUxLpm4U2l/MBVfNgwIQ==
  • Ironport-hdrordr: A9a23:e0/ES6Ffdxl9Ue9kpLqE2ceALOsnbusQ8zAXPhZKOHlom62j5r uTdZEgv3LJYVkqKRYdcLy7SdC9qBDnlKKdg7NhWYtKNTOO0ACVxedZnOjfKhLbak/DH4VmpM FdmsZFeaXN5JtB4voSIjPVLz/t+re6GWmT5dvj8w==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHZJReeV/6Z/BfYW0W8YgpP3+cAB66ayMYAgAAN4oA=
  • Thread-topic: [PATCH v2 6/8] x86/hvm: Enable guest access to MSR_PKRS
On 12/01/2023 1:26 pm, Jan Beulich wrote:
> On 10.01.2023 18:18, Andrew Cooper wrote:
>> @@ -2471,6 +2477,9 @@ static uint64_t cf_check vmx_get_reg(struct vcpu *v, 
>> unsigned int reg)
>>          }
>>          return val;
>>  
>> +    case MSR_PKRS:
>> +        return (v == curr) ? rdpkrs() : msrs->pkrs;
> Nothing here or ...
>
>> @@ -2514,6 +2525,12 @@ static void cf_check vmx_set_reg(struct vcpu *v, 
>> unsigned int reg, uint64_t val)
>>              domain_crash(d);
>>          }
>>          return;
>> +
>> +    case MSR_PKRS:
>> +        msrs->pkrs = val;
>> +        if ( v == curr )
>> +            wrpkrs(val);
>> +        return;
> ... here is VMX or (if we were to support it, just as a abstract
> consideration) HVM specific. Which makes me wonder why this needs
> handling in [gs]et_reg() in the first place. I guess I'm still not
> fully in sync with your longer term plans here ...

If (when) AMD implement it, the AMD form needs will be vmcb->pkrs and
not msrs->pkrs, because like all other paging controls, they'll be
swapped automatically by VMRUN.

(I don't know this for certain, but I'm happy to bet on it, given a
decade of consistency in this regard.)

> The other thing I'd like to understand (and having an answer to this
> would have been better before re-applying my R-b to this re-based
> logic) is towards the lack of feature checks here. hvm_get_reg()
> can be called from other than guest_rdmsr(), for an example see
> arch_get_info_guest().

The point is to separate auditing logic (wants to be implemented only
once) from data shuffling logic (is the value in a register, or the MSR
lists, or VMCB/VMCS or struct vcpu, etc).  It is always the caller's
responsibility to confirm that REG exists, and that VAL is suitable for REG.

arch_get_info_guest() passes MSR_SHADOW_GS_BASE which exists
unilaterally (because we don't technically do !LM correctly.)


But this is all discussed in the comment by the function prototypes. 
I'm not sure how to make that any clearer than it already is.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.