[PATCH v2] sparse: Track the boundaries of memory sections for accurate checks

ndary can be RAM, it's not valid because there's no 'struct page' for it. Cc: Andrew Morton Cc: Mel Gorman Cc: Vlastimil Babka Cc: Michal Hocko Cc: Johannes Weiner Cc: Yaowei Bai Cc: Dan Williams Cc: Joe Perches Cc: Tejun Heo Cc: Anthony Liguori Cc: linux...@kvack.o

[PATCH] kvm, x86: Properly check whether a pfn is an MMIO or not

ys Vlasenko Cc: Andrew Morton Cc: Toshi Kani Cc: Tony Luck Cc: linux-kernel@vger.kernel.org Cc: k...@vger.kernel.org Cc: x...@kernel.org Signed-off-by: KarimAllah Ahmed --- arch/x86/include/asm/e820.h | 1 + arch/x86/kernel/e820.c | 18 ++ arch/x86/kvm/mmu.c |

Re: [PATCH v3 0/4] KVM: Expose speculation control feature to guests

On 01/30/2018 10:00 AM, David Woodhouse wrote: On Tue, 2018-01-30 at 01:10 +0100, KarimAllah Ahmed wrote: Add direct access to speculation control MSRs for KVM guests. This allows the guest to protect itself against Spectre V2 using IBRS+IBPB instead of a retpoline+IBPB based approach. It

Re: [PATCH v3 4/4] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/30/2018 06:49 PM, Jim Mattson wrote: On Mon, Jan 29, 2018 at 4:10 PM, KarimAllah Ahmed wrote: [ Based on a patch from Ashok Raj ] Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a

Re: [PATCH v3 4/4] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/30/2018 11:49 PM, Jim Mattson wrote: On Tue, Jan 30, 2018 at 1:00 PM, KarimAllah Ahmed wrote: Ooops! I did not think at all about nested :) This should be addressed now, I hope: http://git.infradead.org/linux-retpoline.git/commitdiff/f7f0cbba3e0cffcee050a8a5a9597a162d57e572

Re: [PATCH v3 4/4] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/31/2018 01:27 AM, Jim Mattson wrote: On Tue, Jan 30, 2018 at 4:19 PM, Paolo Bonzini wrote: The new code in nested_vmx_merge_msr_bitmap should be conditional on vmx->save_spec_ctrl_on_exit. But then if L1 doesn't use MSR_IA32_SPEC_CTRL itself and it uses the VM-entry MSR load list to set

[PATCH v4 5/5] KVM: SVM: Allow direct access to MSR_IA32_SPEC_CTRL

Hansen Cc: Andi Kleen Cc: Andrea Arcangeli Cc: Linus Torvalds Cc: Tim Chen Cc: Thomas Gleixner Cc: Dan Williams Cc: Jun Nakajima Cc: Paolo Bonzini Cc: David Woodhouse Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch

[PATCH v4 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

David Woodhouse Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- v4: - Add IBRS to kvm_cpuid_8000_0008_ebx_x86_features - Handling nested guests v3: - Save/restore manually - Fix CPUID handling - Fix a copy & paste error in th

[PATCH v4 1/5] KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX

[dwmw2: Stop using KF() for bits in it, too] Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Thomas Gleixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reviewed-by: Paolo Bonzini Signed-off-by: KarimAllah Ahmed Signed-off-by

[PATCH v4 3/5] KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES

Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch/x86/kvm/cpuid.c | 2 +- arch/x86/kvm/vmx.c | 15 +++ arch/x86/kvm/x86.c | 1 + 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 033004d..1909635

[PATCH v4 0/5] KVM: Expose speculation control feature to guests

and IBRS_ALL. v4: - Add IBRS passthrough for SVM (5/5). - Handle nested guests properly. - expose F(IBRS) in kvm_cpuid_8000_0008_ebx_x86_features Ashok Raj (1): KVM: x86: Add IBPB support KarimAllah Ahmed (4): KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX KVM: VMX: Emulate

[PATCH v4 2/5] KVM: x86: Add IBPB support

-send-email-ashok@intel.com Signed-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/cpuid.c | 11 ++- arch/x86/kvm/svm.c | 27 +++ arch/x86/kvm/vmx.c | 31 ++- 3 files changed, 67 insertions(+), 2 deletions

Re: [PATCH v4 2/5] KVM: x86: Add IBPB support

On 01/31/2018 05:50 PM, Jim Mattson wrote: On Wed, Jan 31, 2018 at 5:10 AM, KarimAllah Ahmed wrote: + vmx_disable_intercept_for_msr(vmx->vmcs01.msr_bitmap, MSR_IA32_PRED_CMD, + MSR_TYPE_W); Why not disable this intercept eage

Re: [PATCH v4 2/5] KVM: x86: Add IBPB support

On 01/31/2018 05:55 PM, Paolo Bonzini wrote: On 31/01/2018 11:50, Jim Mattson wrote: + if (to_vmx(vcpu)->save_spec_ctrl_on_exit) { + nested_vmx_disable_intercept_for_msr( + msr_bitmap_l1, msr_bitmap_l0, + MSR_IA32_PR

[PATCH v5 1/5] KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX

[dwmw2: Stop using KF() for bits in it, too] Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Thomas Gleixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reviewed-by: Paolo Bonzini Signed-off-by: KarimAllah Ahmed Signed-off-by

[PATCH v5 0/5] KVM: Expose speculation control feature to guests

for SVM (5/5). - Handle nested guests properly. - expose F(IBRS) in kvm_cpuid_8000_0008_ebx_x86_features Ashok Raj (1): KVM: x86: Add IBPB support KarimAllah Ahmed (4): KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES KVM: VMX

[PATCH v5 2/5] KVM: x86: Add IBPB support

ttp://lkml.kernel.org/r/1515720739-43819-6-git-send-email-ashok@intel.com Signed-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed v5: - Use MSR_TYPE_W instead of MSR_TYPE_R for the MSR. - Always merge the bitmaps unconditionally. - Add PRED_CMD to direct_access_msrs. - Also check for

[PATCH v5 3/5] KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES

Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch/x86/kvm/cpuid.c | 2 +- arch/x86/kvm/vmx.c | 15 +++ arch/x86/kvm/x86.c | 1 + 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 033004d..1909635

[PATCH v5 5/5] KVM: SVM: Allow direct access to MSR_IA32_SPEC_CTRL

Hansen Cc: Andi Kleen Cc: Andrea Arcangeli Cc: Linus Torvalds Cc: Tim Chen Cc: Thomas Gleixner Cc: Dan Williams Cc: Jun Nakajima Cc: Paolo Bonzini Cc: David Woodhouse Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- v5

[PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

David Woodhouse Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- v5: - Also check for X86_FEATURE_SPEC_CTRL for the msr reads/writes v4: - Add IBRS to kvm_cpuid_8000_0008_ebx_x86_features - Handling nested guests v3: - Save/re

Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/31/2018 08:53 PM, Jim Mattson wrote: On Wed, Jan 31, 2018 at 11:37 AM, KarimAllah Ahmed wrote: + + if (to_vmx(vcpu)->save_spec_ctrl_on_exit) { + nested_vmx_disable_intercept_for_msr( + msr_bitmap_l1, msr_bitmap

Re: [PATCH v5 2/5] KVM: x86: Add IBPB support

On 01/31/2018 09:28 PM, Konrad Rzeszutek Wilk wrote: diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index d46a61b..2e4e8af 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -2285,6 +2285,7 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) if (per_cpu(current_vmc

Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/31/2018 09:18 PM, Jim Mattson wrote: On Wed, Jan 31, 2018 at 12:01 PM, KarimAllah Ahmed wrote: but save_spec_ctrl_on_exit is also set for L2 write. So once L2 writes to it, this condition will be true and then the bitmap will be updated. So if L1 or any L2 writes to the MSR, then

Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/31/2018 11:52 PM, KarimAllah Ahmed wrote: On 01/31/2018 09:18 PM, Jim Mattson wrote: On Wed, Jan 31, 2018 at 12:01 PM, KarimAllah Ahmed wrote: but save_spec_ctrl_on_exit is also set for L2 write. So once L2 writes to it, this condition will be true and then the bitmap will be updated

Re: [PATCH v5 2/5] KVM: x86: Add IBPB support

ki Cc: Greg KH Cc: Paolo Bonzini Signed-off-by: Ashok Raj Signed-off-by: Peter Zijlstra (Intel) Link: http://lkml.kernel.org/r/1515720739-43819-6-git-send-email-ashok@intel.com Signed-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed --- v6: - introduce pred_cmd_used v5: - Use MSR_T

Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 02/01/2018 03:19 PM, Konrad Rzeszutek Wilk wrote: .snip.. +/* Is SPEC_CTRL intercepted for the currently running vCPU? */ +static bool spec_ctrl_intercepted(struct kvm_vcpu *vcpu) +{ + unsigned long *msr_bitmap; + int f = sizeof(unsigned long); + + if (!cpu_has_vmx_msr_bitma

Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 02/01/2018 02:25 PM, David Woodhouse wrote: On Wed, 2018-01-31 at 23:26 -0500, Konrad Rzeszutek Wilk wrote: diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 6a9f4ec..bfc80ff 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -594,6 +594,14 @@ struct vcpu_vmx {   #endif

Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

On 02/01/2018 06:37 PM, KarimAllah Ahmed wrote: On 02/01/2018 02:25 PM, David Woodhouse wrote: On Wed, 2018-01-31 at 23:26 -0500, Konrad Rzeszutek Wilk wrote: diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 6a9f4ec..bfc80ff 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm

[PATCH v6 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

David Woodhouse Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- v6: - got rid of save_spec_ctrl_on_exit - introduce msr_write_intercepted v5: - Also check for X86_FEATURE_SPEC_CTRL for the msr reads/writes v4: - Add IB

[PATCH v6 3/5] KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES

: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch/x86/kvm/cpuid.c | 2 +- arch/x86/kvm/vmx.c | 15 +++ arch/x86/kvm/x86.c | 1 + 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 033004d..1909635 100644 --- a

[PATCH v6 2/5] KVM: x86: Add IBPB support

ttp://lkml.kernel.org/r/1515720739-43819-6-git-send-email-ashok@intel.com Signed-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed --- v6: - introduce msr_write_intercepted_l01 v5: - Use MSR_TYPE_W instead of MSR_TYPE_R for the MSR. - Always merge the bitmaps unconditionally. - Add PR

[PATCH v6 0/5] KVM: Expose speculation control feature to guests

). - Handle nested guests properly. - expose F(IBRS) in kvm_cpuid_8000_0008_ebx_x86_features Ashok Raj (1): KVM: x86: Add IBPB support KarimAllah Ahmed (4): KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES KVM: VMX: Allow direct access to

[PATCH v6 5/5] KVM: SVM: Allow direct access to MSR_IA32_SPEC_CTRL

Hansen Cc: Andi Kleen Cc: Andrea Arcangeli Cc: Linus Torvalds Cc: Tim Chen Cc: Thomas Gleixner Cc: Dan Williams Cc: Jun Nakajima Cc: Paolo Bonzini Cc: David Woodhouse Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- v5

[PATCH v6 1/5] KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX

: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch/x86/kvm/cpuid.c | 8 +++- arch/x86/kvm/cpuid.h | 1 + 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 0099e10..c0eb337 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm

[PATCH] kvm: x86: Use X86_CR4_PAE instead of X86_CR4_PAE_BIT while validating sregs

Use the mask (X86_CR4_PAE) instead of the bit itself (X86_CR4_PAE_BIT) while validating sregs. Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Thomas Gleixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah

Re: [PATCH] kvm: x86: Use X86_CR4_PAE instead of X86_CR4_PAE_BIT while validating sregs

Please ignore. I just noticed that a similar patch is already in Radim's tree and queued for linus. On 01/20/2018 07:08 PM, KarimAllah Ahmed wrote: Use the mask (X86_CR4_PAE) instead of the bit itself (X86_CR4_PAE_BIT) while validating sregs. Cc: Paolo Bonzini Cc: Radim Krčmář Cc: T

[RFC 01/10] x86/speculation: Add basic support for IBPB

x27;d out] Signed-off-by: Thomas Gleixner Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/nospec-branch.h | 16 arch/x86/kernel/cpu/bugs.c | 7 +++ 3 files changed, 24 inser

[RFC 00/10] Speculation Control feature support

Woodhouse (1): x86/speculation: Add basic IBRS support infrastructure KarimAllah Ahmed (1): x86: Simplify spectre_v2 command line parsing Thomas Gleixner (4): x86/speculation: Add basic support for IBPB x86/speculation: Use Indirect Branch Prediction Barrier in context switch x86

[RFC 03/10] x86/speculation: Use Indirect Branch Prediction Barrier in context switch

From: Thomas Gleixner [peterz: comment] Signed-off-by: Thomas Gleixner Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: David Woodhouse --- arch/x86/mm/tlb.c | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c index a156195.

[RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

code in a less privileged prediction mode that executed *AFTER* IBRS mode was last written with a value of 1. """ [ tglx: Changed macro names and rewrote changelog ] [ karahmed: changed macro names *again* and rewrote changelog ] Signed-off-by: Tim Chen Signed-off-by: Thomas Gleix

[RFC 07/10] x86: Simplify spectre_v2 command line parsing

Signed-off-by: KarimAllah Ahmed --- arch/x86/kernel/cpu/bugs.c | 106 + 1 file changed, 58 insertions(+), 48 deletions(-) diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 1d5e12f..349c7f4 100644 --- a/arch/x86/kernel/cpu

[RFC 05/10] x86/speculation: Add basic IBRS support infrastructure

ff-by: KarimAllah Ahmed --- Documentation/admin-guide/kernel-parameters.txt | 1 + arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/nospec-branch.h| 2 - arch/x86/kernel/cpu/bugs.c | 108 +++- 4 files changed, 68 inser

[RFC 04/10] x86/mm: Only flush indirect branches when switching into non dumpable process

From: Tim Chen Flush indirect branches when switching into a process that marked itself non dumpable. This protects high value processes like gpg better, without having too high performance overhead. Signed-off-by: Andi Kleen Signed-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed

[RFC 10/10] x86/enter: Use IBRS on syscall and interrupts

-off-by: Thomas Gleixner Signed-off-by: KarimAllah Ahmed Cc: Andi Kleen Cc: Peter Zijlstra Cc: Greg KH Cc: Dave Hansen Cc: Andy Lutomirski Cc: Paolo Bonzini Cc: Dan Williams Cc: Arjan Van De Ven Cc: Linus Torvalds Cc: David Woodhouse Cc: Ashok R

[RFC 08/10] x86/idle: Control Indirect Branch Speculation in idle

From: Thomas Gleixner Indirect Branch Speculation (IBS) is controlled per physical core. If one thread disables it then it's disabled for the core. If a thread enters idle it makes sense to reenable IBS so the sibling thread can run with full speculation enabled in user space. This makes only se

[RFC 02/10] x86/kvm: Add IBPB support

Signed-off-by: Ashok Raj Signed-off-by: Peter Zijlstra (Intel) Link: http://lkml.kernel.org/r/1515720739-43819-6-git-send-email-ashok@intel.com Signed-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/svm.c | 14 ++ arch/x86/kvm/vmx.c | 4 2 files

[RFC 06/10] x86/speculation: Add inlines to control Indirect Branch Speculation

it IBRS, put a reference to the spec, and have a clear "you must be →this← tall to ride." [karahmed: switch to using ALTERNATIVES instead of static_cpu_has] [dwmw2: wrmsr args inside the ALTERNATIVE again, bikeshed naming] Signed-off-by: Thomas Gleixner Signed-off-by: KarimAllah Ah

Re: [RFC 10/10] x86/enter: Use IBRS on syscall and interrupts

On 01/21/2018 02:50 PM, Konrad Rzeszutek Wilk wrote: On Sat, Jan 20, 2018 at 08:23:01PM +0100, KarimAllah Ahmed wrote: From: Tim Chen Stop Indirect Branch Speculation on every user space to kernel space transition and reenable it when returning to user space./ How about interrupts? That is

Re: [PATCH v2 5/8] x86/speculation: Add basic support for IBPB

?), switch to using ALTERNATIVES instead of static_cpu_has] [dwmw2:set up ax/cx/dx in the asm too so it gets NOP'd out] Signed-off-by: Thomas Gleixner Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/n

[PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

Cc: Greg KH Cc: Andy Lutomirski Signed-off-by: KarimAllah Ahmed Signed-off-by: Ashok Raj --- arch/x86/kvm/cpuid.c | 4 +++- arch/x86/kvm/cpuid.h | 1 + arch/x86/kvm/vmx.c | 63 3 files changed, 67 insertions(+), 1 deletion(-) diff

[PATCH v2 2/4] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed --- v2: - remove 'host_spec_ctrl' in favor of only a comment (dwmw@). - special case writing '0' in SPEC_CTRL to avoid confusing live-migration when the instance never used the MSR

[PATCH v2 1/4] x86: kvm: Update the reverse_cpuid list to include CPUID_7_EDX

Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Thomas Gleixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/cpuid.h | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm

[PATCH v2 4/4] x86: vmx: Allow direct access to MSR_IA32_ARCH_CAPABILITIES

: Dan Williams Cc: Jun Nakajima Cc: Andy Lutomirski Cc: Greg KH Cc: Paolo Bonzini Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/cpuid.c | 4 +++- arch/x86/kvm/vmx.c | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm

[PATCH v2 0/4] KVM: Expose speculation control feature to guests

and IBRS_ALL. Ashok Raj (1): x86/kvm: Add IBPB support KarimAllah Ahmed (3): x86: kvm: Update the reverse_cpuid list to include CPUID_7_EDX x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL x86: vmx: Allow direct access to MSR_IA32_ARCH_CAPABILITIES arch/x86/kvm/cpuid.c | 6 - arch

[PATCH v2 3/4] x86/kvm: Add IBPB support

Raj Signed-off-by: Peter Zijlstra (Intel) Link: http://lkml.kernel.org/r/1515720739-43819-6-git-send-email-ashok@intel.com Signed-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/svm.c | 14 ++ arch/x86/kvm/vmx.c | 4 2 files changed, 18

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/28/2018 09:21 PM, Konrad Rzeszutek Wilk wrote: On January 28, 2018 2:29:10 PM EST, KarimAllah Ahmed wrote: Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a retpoline+IBPB based

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/29/2018 09:46 AM, David Woodhouse wrote: On Sun, 2018-01-28 at 16:39 -0800, Liran Alon wrote: Windows use IBRS and Microsoft don't have any plans to switch to retpoline. Running a Windows guest should be a pretty common use-case no? In addition, your handle of the first WRMSR intercept c

Re: [PATCH v2 2/4] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

On 01/29/2018 11:44 AM, Paolo Bonzini wrote: On 29/01/2018 01:58, KarimAllah Ahmed wrote: Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a retpoline+IBPB based approach. To avoid the

Re: [PATCH v2 4/4] x86: vmx: Allow direct access to MSR_IA32_ARCH_CAPABILITIES

On 01/29/2018 07:55 PM, Jim Mattson wrote: Why should this MSR be pass-through? I doubt that it would be accessed frequently. True. Will update it to be emulated and allow user-space to set the value exposed. On Sun, Jan 28, 2018 at 4:58 PM, KarimAllah Ahmed wrote: Add direct access to

Re: [PATCH] x86: vmx: Allow direct access to MSR_IA32_SPEC_CTRL

wrote: On Sun, Jan 28, 2018 at 11:29 AM, KarimAllah Ahmed wrote: Add direct access to MSR_IA32_SPEC_CTRL for guests. This is needed for guests that will only mitigate Spectre V2 through IBRS+IBPB and will not be using a retpoline+IBPB based approach. To avoid the overhead of atomically saving an

[PATCH v3 1/4] KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX

[dwmw2: Stop using KF() for bits in it, too] Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Thomas Gleixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- arch/x86

[PATCH v3 2/4] KVM: x86: Add IBPB support

-off-by: David Woodhouse Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/cpuid.c | 11 ++- arch/x86/kvm/svm.c | 14 ++ arch/x86/kvm/vmx.c | 12 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index

[PATCH v3 3/4] KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES

unconditional] Cc: Asit Mallick Cc: Dave Hansen Cc: Arjan Van De Ven Cc: Tim Chen Cc: Linus Torvalds Cc: Andrea Arcangeli Cc: Andi Kleen Cc: Thomas Gleixner Cc: Dan Williams Cc: Jun Nakajima Cc: Andy Lutomirski Cc: Greg KH Cc: Paolo Bonzini Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed

[PATCH v3 4/4] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

David Woodhouse Cc: Greg KH Cc: Andy Lutomirski Cc: Ashok Raj Signed-off-by: KarimAllah Ahmed Signed-off-by: David Woodhouse --- v2: - remove 'host_spec_ctrl' in favor of only a comment (dwmw@). - special case writing '0' in SPEC_CTRL to avoid confusing live-migration whe

[PATCH v3 0/4] KVM: Expose speculation control feature to guests

and IBRS_ALL. Ashok Raj (1): KVM: x86: Add IBPB support KarimAllah Ahmed (3): KVM: x86: Update the reverse_cpuid list to include CPUID_7_EDX KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL arch/x86/kvm/cpuid.c | 22 ++ arch/x86

Re: [PATCH v3 3/4] KVM: VMX: Emulate MSR_IA32_ARCH_CAPABILITIES

On 01/30/2018 01:22 AM, Raj, Ashok wrote: On Tue, Jan 30, 2018 at 01:10:27AM +0100, KarimAllah Ahmed wrote: Future intel processors will use MSR_IA32_ARCH_CAPABILITIES MSR to indicate RDCL_NO (bit 0) and IBRS_ALL (bit 1). This is a read-only MSR. By default the contents will come directly from

[PATCH] kvm: Map PFN-type memory regions as writable (if possible)

acking the memory region. So also enable it for memory regions that do not have a "struct page". Cc: Paolo Bonzini Cc: Radim Krčmář Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- virt/kvm/kvm_main.c | 2 ++ 1 file changed, 2 insertions(+) d

[PATCH] pci: Store more data about VFs into the SRIOV struct

... to avoid reading them from the config space of all the PCI VFs. This is specially a useful optimization when bringing up thousands of VFs. Cc: Bjorn Helgaas Cc: linux-...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- drivers/pci/iov.c | 20

[PATCH v2] kvm: Map PFN-type memory regions as writable (if possible)

acking the memory region. So also enable it for memory regions that do not have a "struct page". Cc: Paolo Bonzini Cc: Radim Krčmář Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- v2: - Move setting writable to hva_to_pfn_remapped - Extend

[PATCH] pci: Do not read INTx PIN and LINE registers for virtual functions

... since INTx is not supported by-spec for virtual functions. Cc: Bjorn Helgaas Cc: linux-...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed Signed-off-by: Jan H. Schönherr --- drivers/pci/probe.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a

Re: [PATCH] pci: Do not read INTx PIN and LINE registers for virtual functions

On 01/17/2018 07:49 PM, Alex Williamson wrote: On Wed, 17 Jan 2018 19:30:29 +0100 KarimAllah Ahmed wrote: ... since INTx is not supported by-spec for virtual functions. But the spec also states that VFs must implement the interrupt pin register as read-only zero, so either this is

[PATCH] X86/KVM: Do not allow DISABLE_EXITS_MWAIT when LAPIC ARAT is not available

s with VMX support but no LAPIC ARAT or not. Cc: Paolo Bonzini Cc: Radim Krčmář Cc: Thomas Gleixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reported-by: Wanpeng Li Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/x86.c

[PATCH 1/2] X86/KVM: Properly restore 'tsc_offset' when running an L2 guest

mář Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/vmx.c | 12 +--- arch/x86/kvm/x86.c | 1 - 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index cff2f50..2f57571 100644 --- a/arch/x86

[PATCH 2/2] kvm: nVMX: Introduce KVM_CAP_STATE

t of refactoring. - Merge 7/8 and 8/8 into one patch. - Force a VMExit from L2 after reading the kvm_state to avoid mixed state between L1 and L2 on resurrecting the instance. ] Signed-off-by: KarimAllah Ahmed --- v2 -> v3: - Remove the forced VMExit from L

[PATCH v4 1/2] X86/KVM: Properly update 'tsc_offset' to represent the running guest

lo Bonzini Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Rewrote the patch to always update tsc_offset to represent the current guest (pbonzini@) --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/vmx.c | 25 - arch/x86/kvm/x86.c | 9

[PATCH v4 2/2] kvm: nVMX: Introduce KVM_CAP_STATE

t of refactoring. - Merge 7/8 and 8/8 into one patch. - Force a VMExit from L2 after reading the kvm_state to avoid mixed state between L1 and L2 on resurrecting the instance. ] Signed-off-by: KarimAllah Ahmed --- v3 -> v4: - Rename function to have _nested v

[PATCH v4 2/2] PCI/IOV: Use VF0 cached config space size for other VFs

-...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- drivers/pci/iov.c | 3 +++ drivers/pci/pci.h | 1 + drivers/pci/probe.c | 11 ++- include/linux/pci.h | 1 + 4 files changed, 15 insertions(+), 1 deletion(-) diff --git a/drivers/pci/iov.c b/drivers/pci

[PATCH v4 1/2] PCI/IOV: Use VF0 cached config registers for other VFs

a device with many VFs. Cc: Bjorn Helgaas Cc: linux-...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed [bhelgaas: changelog, simplify comments, remove unused "device"] Signed-off-by: Bjorn Helgaas --- v3->v4: - Restructure the code to handle C

[PATCH v2] kvm: nVMX: Introduce KVM_CAP_STATE

t of refactoring. - Merge 7/8 and 8/8 into one patch. - Force a VMExit from L2 after reading the kvm_state to avoid mixed state between L1 and L2 on resurrecting the instance. ] Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - rename structs and functions and ma

[PATCH] X86/VMX: Disable VMX preempition timer if MWAIT is not intercepted

eixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/lapic.c| 3 ++- arch/x86/kvm/vmx.c | 11 +-- 3 file

[PATCH v2] X86/VMX: Disable VMX preemption timer if MWAIT is not intercepted

eixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Drop everything .. just return -EOPNOTSUPP (pbonzini@) :D --- arch/x86/kvm/vmx.c | 3 +++ 1 file changed, 3 insertions(+) diff

[PATCH v3] X86/VMX: Disable VMX preemption timer if MWAIT is not intercepted

eixner Cc: Ingo Molnar Cc: H. Peter Anvin Cc: x...@kernel.org Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: KarimAllah Ahmed --- v2 -> v3: - return -EOPNOTSUPP before any other operation in vmx_set_hv_timer v1 -> v2: - Drop everything .. just return -EOPNOTSUPP (p

[PATCH v4 06/14] KVM/nVMX: Use kvm_vcpu_map when mapping the L1 MSR bitmap

Use kvm_vcpu_map when mapping the L1 MSR bitmap since using kvm_vcpu_gpa_to_page() and kmap() will only work for guest memory that has a "struct page". Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Do not change the lifecycle of the mapping (pbonzini) --- arch/x86/k

[PATCH v4 02/14] X86/nVMX: handle_vmptrld: Copy the VMCS12 directly from guest memory

Copy the VMCS12 directly from guest memory instead of the map->copy->unmap sequence. This also avoids using kvm_vcpu_gpa_to_page() and kmap() which assumes that there is a "struct page" for guest memory. Signed-off-by: KarimAllah Ahmed --- v3

[PATCH v4 03/14] X86/nVMX: Update the PML table without mapping and unmapping the page

Update the PML table without mapping and unmapping the page. This also avoids using kvm_vcpu_gpa_to_page(..) which assumes that there is a "struct page" for guest memory. Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Use kvm_write_guest_page instead of kvm_write_guest (pbonzini)

[PATCH v4 12/14] KVM/nSVM: Use the new mapping API for mapping guest memory

Use the new mapping API for mapping guest memory to avoid depending on "struct page". Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/svm.c | 97 +++--- 1 file changed, 49 insertions(+), 48 deletions(-) diff --git a/arch/x86/kvm/svm.c

[PATCH v4 01/14] X86/nVMX: handle_vmon: Read 4 bytes from guest memory

Read the data directly from guest memory instead of the map->read->unmap sequence. This also avoids using kvm_vcpu_gpa_to_page() and kmap() which assumes that there is a "struct page" for guest memory. Suggested-by: Jim Mattson Signed-off-by: KarimAllah Ahmed Reviewed-by: Jim

[PATCH v4 11/14] KVM/X86: hyperv: Use kvm_vcpu_map in synic_deliver_msg

Use kvm_vcpu_map in synic_deliver_msg since using kvm_vcpu_gpa_to_page() and kmap() will only work for guest memory that has a "struct page". Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Update to match the new API return codes --- arch/x86/kvm/hyperv.c | 12 ++-- 1 fi

[PATCH v4 14/14] KVM/nVMX: Use kvm_vcpu_map for accessing the enhanced VMCS

Use kvm_vcpu_map for accessing the enhanced VMCS since using kvm_vcpu_gpa_to_page() and kmap() will only work for guest memory that has a "struct page". Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/vmx.c | 16 ++-- 1 file changed, 6 insertions(+), 10 deletions(-) di

[PATCH v4 08/14] KVM/nVMX: Use kvm_vcpu_map when mapping the posted interrupt descriptor table

ifetime of the pinning of the interrupt descriptor table page on the host side. Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Do not change the lifecycle of the mapping (pbonzini) --- arch/x86/kvm/vmx.c | 45 +++-- 1 file changed, 15 insertions(+),

[PATCH v4 04/14] X86/KVM: Handle PFNs outside of kernel reach when touching GPTEs

space with memremap(). Signed-off-by: Filippo Sironi Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/paging_tmpl.h | 38 +- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h index 7cf2185..b953

[PATCH v4 09/14] KVM/X86: Use kvm_vcpu_map in emulator_cmpxchg_emulated

Use kvm_vcpu_map in emulator_cmpxchg_emulated since using kvm_vcpu_gpa_to_page() and kmap() will only work for guest memory that has a "struct page". Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Update to match the new API return codes --- arch/x86/kvm/x86.c | 13 ++--

[PATCH v4 13/14] KVM/nVMX: Use kvm_vcpu_map for accessing the shadow VMCS

Use kvm_vcpu_map for accessing the shadow VMCS since using kvm_vcpu_gpa_to_page() and kmap() will only work for guest memory that has a "struct page". Signed-off-by: KarimAllah Ahmed --- arch/x86/kvm/vmx.c | 25 - 1 file changed, 12 insertions(+), 13 deletion

[PATCH v4 07/14] KVM/nVMX: Use kvm_vcpu_map when mapping the virtual APIC page

pinning of the virtual APIC page on the host side. Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Do not change the lifecycle of the mapping (pbonzini) - Use pfn_to_hpa instead of gfn_to_gpa --- arch/x86/kvm/vmx.c | 39 +-- 1 file changed, 13 insertions(+),

[PATCH v4 10/14] KVM/X86: hyperv: Use kvm_vcpu_map in synic_clear_sint_msg_pending

Use kvm_vcpu_map in synic_clear_sint_msg_pending since using kvm_vcpu_gpa_to_page() and kmap() will only work for guest memory that has a "struct page". Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Update to match the new API return codes --- arch/x86/kvm/hyperv.c | 16 ++

[PATCH v4 05/14] KVM: Introduce a new guest mapping API

ove the performance of the memremap case. Signed-off-by: KarimAllah Ahmed --- v3 -> v4: - Update the commit message. v1 -> v2: - Drop the caching optimization (pbonzini) - Use 'hva' instead of 'kaddr' (pbonzini) - Return 0/-EINVAL/-EFAULT instead of true/false. -EFAULT will

[PATCH v4 00/14] KVM/X86: Introduce a new guest mapping interface

a new patch to also fix the newly introduced enhanced VMCS. v2 -> v3: - Rebase - Add a new patch to also fix the newly introduced shadow VMCS. Filippo Sironi (1): X86/KVM: Handle PFNs outside of kernel reach when touching GPTEs KarimAllah Ahmed (13): X86/nVMX: handle_vmon: Read 4 b

[PATCH] KVM/nVMX: Stop mapping the "APIC-access address" page into the kernel

APIC-access address" page into the kernel and even drop the requirements to have a valid page backing it. Instead, just use some token that: 1) Not one of the valid guest pages. 2) Within the physical address supported by the CPU. Suggested-by: Jim Mattson Signed-off-by: KarimAllah Ah

[PATCH v5 1/2] KVM: Switch 'requests' to be 64-bit (explicitly)

k. The only exception here is ARM32 as it is still 32-bits. Cc: Paolo Bonzini Cc: Radim Krčmář Cc: k...@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reviewed-by: Jim Mattson Signed-off-by: KarimAllah Ahmed --- v1 -> v2: - Use FIELD_SIZEOF --- include/linux/kvm_host.h | 10 +- 1

[PATCH v5 2/2] kvm: nVMX: Introduce KVM_CAP_NESTED_STATE

nested.smm state. - rebase & a bit of refactoring. - Merge 7/8 and 8/8 into one patch. ] Signed-off-by: KarimAllah Ahmed --- v4 -> v5: - Drop the update to KVM_REQUEST_ARCH_BASE in favor of a patch to switch to u64 instead. - Fix commit message. - Handle nested.smm state

  1   2   3   >