Xen project Mailing List

[PATCH 3/3] x86: Expose Automatic IBRS to guests

To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>

Date: Fri, 26 May 2023 16:00:44 +0100

Cc: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Fri, 26 May 2023 15:01:01 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Expose AutoIBRS to HVM guests, because they can just use it. Make sure writes to EFER:AIBRSE are gated on the feature being exposed. Also hide EFER:AIBRSE from PV guests as they have no say in the matter. Signed-off-by: Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx> --- xen/arch/x86/hvm/hvm.c | 3 +++ xen/arch/x86/include/asm/msr-index.h | 3 ++- xen/arch/x86/pv/emul-priv-op.c | 4 ++-- xen/include/public/arch-x86/cpufeatureset.h | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index d7d31b5393..07f39d5e61 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -936,6 +936,9 @@ const char *hvm_efer_valid(const struct vcpu *v, uint64_t value, if ( (value & EFER_FFXSE) && !p->extd.ffxsr ) return "FFXSE without feature"; + if ( (value & EFER_AIBRSE) && !p->extd.automatic_ibrs ) + return "AutoIBRS without feature"; + return NULL; } diff --git a/xen/arch/x86/include/asm/msr-index.h b/xen/arch/x86/include/asm/msr-index.h index 73d0af2615..49cb334c61 100644 --- a/xen/arch/x86/include/asm/msr-index.h +++ b/xen/arch/x86/include/asm/msr-index.h @@ -178,7 +178,8 @@ #define EFER_AIBRSE (_AC(1, ULL) << 21) /* Automatic IBRS Enable */ #define EFER_KNOWN_MASK \ - (EFER_SCE | EFER_LME | EFER_LMA | EFER_NXE | EFER_SVME | EFER_FFXSE) + (EFER_SCE | EFER_LME | EFER_LMA | EFER_NXE | EFER_SVME | EFER_FFXSE | \ + EFER_AIBRSE) #define MSR_STAR 0xc0000081 /* legacy mode SYSCALL target */ #define MSR_LSTAR 0xc0000082 /* long mode SYSCALL target */ diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index 8a4ef9c35e..142bc4818c 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -853,8 +853,8 @@ static uint64_t guest_efer(const struct domain *d) { uint64_t val; - /* Hide unknown bits, and unconditionally hide SVME from guests. */ - val = read_efer() & EFER_KNOWN_MASK & ~EFER_SVME; + /* Hide unknown bits, and unconditionally hide SVME and AIBRSE from guests. */ + val = read_efer() & EFER_KNOWN_MASK & ~(EFER_SVME | EFER_AIBRSE); /* * Hide the 64-bit features from 32-bit guests. SCE has * vendor-dependent behaviour. diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h index e3952f62bc..42401e9452 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -287,7 +287,7 @@ XEN_CPUFEATURE(AVX_IFMA, 10*32+23) /*A AVX-IFMA Instructions */ /* AMD-defined CPU features, CPUID level 0x80000021.eax, word 11 */ XEN_CPUFEATURE(LFENCE_DISPATCH, 11*32+ 2) /*A LFENCE always serializing */ XEN_CPUFEATURE(NSCB, 11*32+ 6) /*A Null Selector Clears Base (and limit too) */ -XEN_CPUFEATURE(AUTOMATIC_IBRS, 11*32+ 8) /* HW can handle IBRS on its own */ +XEN_CPUFEATURE(AUTOMATIC_IBRS, 11*32+ 8) /*S HW can handle IBRS on its own */ XEN_CPUFEATURE(CPUID_USER_DIS, 11*32+17) /* CPUID disable for CPL > 0 software */ /* Intel-defined CPU features, CPUID level 0x00000007:1.ebx, word 12 */ -- 2.34.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.