Xen project Mailing List

Re: [PATCH v9 04/10] x86/cpu-policy: re-arrange no-VMX logic

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Wed, 8 Apr 2026 08:09:02 +0200

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=google header.d=suse.com header.i="@suse.com" header.h="Content-Transfer-Encoding:In-Reply-To:Autocrypt:From:Content-Language:References:Cc:To:Subject:User-Agent:MIME-Version:Date:Message-ID"

Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 08 Apr 2026 06:09:32 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 07.04.2026 23:58, Andrew Cooper wrote: > On 24/11/2025 2:59 pm, Jan Beulich wrote: >> --- a/xen/arch/x86/cpu-policy.c >> +++ b/xen/arch/x86/cpu-policy.c >> @@ -812,19 +812,20 @@ static void __init calculate_hvm_max_pol >> if ( !cpu_has_vmx_xsaves ) >> __clear_bit(X86_FEATURE_XSAVES, fs); >> } >> + else >> + { >> + /* >> + * Xen doesn't use PKS, so the guest support for it has opted to >> not use >> + * the VMCS load/save controls for efficiency reasons. This >> depends on >> + * the exact vmentry/exit behaviour, so don't expose PKS in other >> + * situations until someone has cross-checked the behaviour for >> safety. >> + */ >> + __clear_bit(X86_FEATURE_PKS, fs); >> + } >> >> if ( !cpu_has_vmx_msrlist ) >> __clear_bit(X86_FEATURE_MSRLIST, fs); >> >> - /* >> - * Xen doesn't use PKS, so the guest support for it has opted to not use >> - * the VMCS load/save controls for efficiency reasons. This depends on >> - * the exact vmentry/exit behaviour, so don't expose PKS in other >> - * situations until someone has cross-checked the behaviour for safety. >> - */ >> - if ( !cpu_has_vmx ) >> - __clear_bit(X86_FEATURE_PKS, fs); >> - >> /* >> * Make adjustments to possible (nested) virtualization features exposed >> * to the guest >> > > These clauses aren't logically doing the same thing. So while the > compiler can merge them, I don't think it's a good idea to do so at a > source level. > > The "if ( vmx ) " block we can just see the end of is for features which > need to cross-check extra VMX capabilities. Each of RDTSCP, INVPCID and > XSAVES are #UD unless explicitly enabled. MPX is the odd-one out, > checking the load/save capabilities. > > I suspect this list is incomplete. These cross-checks shouldn't fail on > real hardware, where the VMX capabilities should match the native > features, but nested virt is rife with enumeration bugs here. > > The second "if ( !vmx )" clause is different. This is really "I wired > up PKS based on how Intel works, and if AMD ever gains it it will > definitely need context switching changes to work". This is in lieu of > having dedicated Intel/AMD annotations for features. Right, and this is what I'm using the new "else" body for later in the series. > The MSRLIST addition from the prior patch is arguably misplaced, except > it's trying to cover both of the aspects. Why is it misplaced? Where else would you want it to go? The VMX aspect, as you say, is included in cpu_has_vmx_msrlist, so it doesn't need separate checking for VMX. > AMD are making no obvious moves to add PKS, and I expect MSRLIST is even > lower down their priority list. > > Overall, we need checks here for every guest-visible feature which: > * has VMCS/VMCB controls which are enumerated separately > * needs new context switching considerations Which in this series are USER-MSR and MSR-IMM. Hence this prereq change, to simplify the additions there. > Maybe the "if ( !vmx )" shouldn't really be written this way. I'm open > to suggestions, but making it an else block isn't a solution. Well in this situation I guess it's you to make suggestions. I have made mine by way of this submission. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.