Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bc226f07 authored by Tom Lendacky's avatar Tom Lendacky Committed by Thomas Gleixner
Browse files

KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD 



Expose the new virtualized architectural mechanism, VIRT_SSBD, for using
speculative store bypass disable (SSBD) under SVM.  This will allow guests
to use SSBD on hardware that uses non-architectural mechanisms for enabling
SSBD.

[ tglx: Folded the migration fixup from Paolo Bonzini ]

Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
parent 47c61b39

arch/x86/include/asm/kvm_host.h

+1 −1
Original line number Diff line number Diff line
@@ -924,7 +924,7 @@ struct kvm_x86_ops { 
	int (*hardware_setup)(void);               /* __init */

	void (*hardware_unsetup)(void);            /* __exit */

	bool (*cpu_has_accelerated_tpr)(void);

	bool (*cpu_has_high_real_mode_segbase)(void);

	bool (*has_emulated_msr)(int index);

	void (*cpuid_update)(struct kvm_vcpu *vcpu);



	struct kvm *(*vm_alloc)(void);

arch/x86/kernel/cpu/common.c

+2 −1
Original line number Diff line number Diff line
@@ -767,7 +767,8 @@ static void init_speculation_control(struct cpuinfo_x86 *c) 
	if (cpu_has(c, X86_FEATURE_INTEL_STIBP))

		set_cpu_cap(c, X86_FEATURE_STIBP);



	if (cpu_has(c, X86_FEATURE_SPEC_CTRL_SSBD))

	if (cpu_has(c, X86_FEATURE_SPEC_CTRL_SSBD) ||

	    cpu_has(c, X86_FEATURE_VIRT_SSBD))

		set_cpu_cap(c, X86_FEATURE_SSBD);



	if (cpu_has(c, X86_FEATURE_AMD_IBRS)) {

arch/x86/kvm/cpuid.c

+9 −2
Original line number Diff line number Diff line
@@ -379,7 +379,7 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function, 


	/* cpuid 0x80000008.ebx */

	const u32 kvm_cpuid_8000_0008_ebx_x86_features =

		F(AMD_IBPB) | F(AMD_IBRS);

		F(AMD_IBPB) | F(AMD_IBRS) | F(VIRT_SSBD);



	/* cpuid 0xC0000001.edx */

	const u32 kvm_cpuid_C000_0001_edx_x86_features =
@@ -647,13 +647,20 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function, 
			g_phys_as = phys_as;

		entry->eax = g_phys_as | (virt_as << 8);

		entry->edx = 0;

		/* IBRS and IBPB aren't necessarily present in hardware cpuid */

		/*

		 * IBRS, IBPB and VIRT_SSBD aren't necessarily present in

		 * hardware cpuid

		 */

		if (boot_cpu_has(X86_FEATURE_AMD_IBPB))

			entry->ebx |= F(AMD_IBPB);

		if (boot_cpu_has(X86_FEATURE_AMD_IBRS))

			entry->ebx |= F(AMD_IBRS);

		if (boot_cpu_has(X86_FEATURE_VIRT_SSBD))

			entry->ebx |= F(VIRT_SSBD);

		entry->ebx &= kvm_cpuid_8000_0008_ebx_x86_features;

		cpuid_mask(&entry->ebx, CPUID_8000_0008_EBX);

		if (boot_cpu_has(X86_FEATURE_LS_CFG_SSBD))

			entry->ebx |= F(VIRT_SSBD);

		break;

	}

	case 0x80000019:

arch/x86/kvm/svm.c

+19 −2
Original line number Diff line number Diff line
@@ -4120,6 +4120,13 @@ static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info) 


		msr_info->data = svm->spec_ctrl;

		break;

	case MSR_AMD64_VIRT_SPEC_CTRL:

		if (!msr_info->host_initiated &&

		    !guest_cpuid_has(vcpu, X86_FEATURE_VIRT_SSBD))

			return 1;



		msr_info->data = svm->virt_spec_ctrl;

		break;

	case MSR_F15H_IC_CFG: {



		int family, model;
@@ -4251,6 +4258,16 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) 
			break;

		set_msr_interception(svm->msrpm, MSR_IA32_PRED_CMD, 0, 1);

		break;

	case MSR_AMD64_VIRT_SPEC_CTRL:

		if (!msr->host_initiated &&

		    !guest_cpuid_has(vcpu, X86_FEATURE_VIRT_SSBD))

			return 1;



		if (data & ~SPEC_CTRL_SSBD)

			return 1;



		svm->virt_spec_ctrl = data;

		break;

	case MSR_STAR:

		svm->vmcb->save.star = data;

		break;
@@ -5791,7 +5808,7 @@ static bool svm_cpu_has_accelerated_tpr(void) 
	return false;

}



static bool svm_has_high_real_mode_segbase(void)

static bool svm_has_emulated_msr(int index)

{

	return true;

}
@@ -7017,7 +7034,7 @@ static struct kvm_x86_ops svm_x86_ops __ro_after_init = { 
	.hardware_enable = svm_hardware_enable,

	.hardware_disable = svm_hardware_disable,

	.cpu_has_accelerated_tpr = svm_cpu_has_accelerated_tpr,

	.cpu_has_high_real_mode_segbase = svm_has_high_real_mode_segbase,

	.has_emulated_msr = svm_has_emulated_msr,



	.vcpu_create = svm_create_vcpu,

	.vcpu_free = svm_free_vcpu,

arch/x86/kvm/vmx.c

+15 −3
Original line number Diff line number Diff line
@@ -9477,9 +9477,21 @@ static void vmx_handle_external_intr(struct kvm_vcpu *vcpu) 
}

STACK_FRAME_NON_STANDARD(vmx_handle_external_intr);



static bool vmx_has_high_real_mode_segbase(void)

static bool vmx_has_emulated_msr(int index)

{

	switch (index) {

	case MSR_IA32_SMBASE:

		/*

		 * We cannot do SMM unless we can run the guest in big

		 * real mode.

		 */

		return enable_unrestricted_guest || emulate_invalid_guest_state;

	case MSR_AMD64_VIRT_SPEC_CTRL:

		/* This is AMD only.  */

		return false;

	default:

		return true;

	}

}



static bool vmx_mpx_supported(void)
@@ -12625,7 +12637,7 @@ static struct kvm_x86_ops vmx_x86_ops __ro_after_init = { 
	.hardware_enable = hardware_enable,

	.hardware_disable = hardware_disable,

	.cpu_has_accelerated_tpr = report_flexpriority,

	.cpu_has_high_real_mode_segbase = vmx_has_high_real_mode_segbase,

	.has_emulated_msr = vmx_has_emulated_msr,



	.vm_init = vmx_vm_init,

	.vm_alloc = vmx_vm_alloc,