Re: [PATCH v3 2/8] KVM: x86: Clear all supported MPX xfeatures if they are not all set

Mingwei Zhang <mizhang@xxxxxxxxxx> · Thu, 23 Mar 2023 14:10:02 -0700

>
> Aaron and/or Mingwei, can you give the attached patches a spin?  Patch 1 is a
> slightly reworked version of Aaron's patch 1, and patch 2 implements what I just
> described (guts of patch 2 also pasted below).  If things look good, I'll post a v4
> of this series.

Overall I don't have a strong opinion. Extending the sanitization from
AMX to AVX512 and MPX does seem to slightly change the purpose from
permission adjustment to hw feature sanitization. So, it is ok for me
to see the push for AVX512 and MPX as a different motivation, thus
peeling them off from this series.

>
> [0] https://lore.kernel.org/all/Y7R36wsXn3JqwfEv@xxxxxxxxxx
> [1] https://lore.kernel.org/all/CALMp9eQD8EpS50A0iAxsoaW-_yFmWERWw6rbAh9VSEJjDrMkNQ@xxxxxxxxxxxxxx
>
I can take a look but in general [1] the whole series should fix the
problem. Let me check the following code.

>
> ---
>  arch/x86/kvm/x86.h | 18 +++++++++++++++++-
>  1 file changed, 17 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/x86.h b/arch/x86/kvm/x86.h
> index b6c6988d99b5..ae235bc2b9bc 100644
> --- a/arch/x86/kvm/x86.h
> +++ b/arch/x86/kvm/x86.h
> @@ -3,6 +3,7 @@
>  #define ARCH_X86_KVM_X86_H
>
>  #include <linux/kvm_host.h>
> +#include <asm/fpu/xstate.h>
>  #include <asm/mce.h>
>  #include <asm/pvclock.h>
>  #include "kvm_cache_regs.h"
> @@ -325,7 +326,22 @@ extern bool enable_pmu;
>   */
>  static inline u64 kvm_get_filtered_xcr0(void)
>  {
> -       return kvm_caps.supported_xcr0 & xstate_get_guest_group_perm();
> +       u64 supported_xcr0 = kvm_caps.supported_xcr0;
> +
> +       BUILD_BUG_ON(XFEATURE_MASK_USER_DYNAMIC != XFEATURE_MASK_XTILE_DATA);
> +
> +       if (supported_xcr0 & XFEATURE_MASK_USER_DYNAMIC) {
> +               supported_xcr0 &= xstate_get_guest_group_perm();
> +
> +               /*
> +                * Treat XTILE_CFG as unsupported if the current process isn't
> +                * allowed to use XTILE_DATA, as attempting to set XTILE_CFG in
> +                * XCR0 without setting XTILE_DATA is architecturally illegal.
> +                */
> +               if (!(supported_xcr0 & XFEATURE_MASK_XTILE_DATA))
> +                       supported_xcr0 &= XFEATURE_MASK_XTILE_CFG;

should be this? supported_xcr0 &= ~XFEATURE_MASK_XTILE_CFG;

> +       }
> +       return supported_xcr0;
>  }
>
>  static inline bool kvm_mpx_supported(void)
> --
>