Message ID | 20230510060611.12950-7-binbin.wu@linux.intel.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Linear Address Masking (LAM) KVM Enabling | expand |
On Wed, 2023-05-10 at 14:06 +0800, Binbin Wu wrote: > From: Robert Hoo <robert.hu@linux.intel.com> > > LAM feature is enumerated by CPUID.7.1:EAX.LAM[bit 26]. > Expose the feature to userspace as the final step after the following > supports: > - CR4.LAM_SUP virtualization > - CR3.LAM_U48 and CR3.LAM_U57 virtualization > - Check and untag 64-bit linear address when LAM applies in instruction > emulations and VMExit handlers. > > Signed-off-by: Robert Hoo <robert.hu@linux.intel.com> > Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com> > Reviewed-by: Jingqi Liu <jingqi.liu@intel.com> > Reviewed-by: Chao Gao <chao.gao@intel.com> > Tested-by: Xuelian Guo <xuelian.guo@intel.com> > --- > arch/x86/kvm/cpuid.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c > index 123bf8b97a4b..fc8286f747ac 100644 > --- a/arch/x86/kvm/cpuid.c > +++ b/arch/x86/kvm/cpuid.c > @@ -664,7 +664,7 @@ void kvm_set_cpu_caps(void) > kvm_cpu_cap_mask(CPUID_7_1_EAX, > F(AVX_VNNI) | F(AVX512_BF16) | F(CMPCCXADD) | > F(FZRM) | F(FSRS) | F(FSRC) | > - F(AMX_FP16) | F(AVX_IFMA) > + F(AMX_FP16) | F(AVX_IFMA) | F(LAM) > ); > > kvm_cpu_cap_init_kvm_defined(CPUID_7_1_EDX, Per spec LAM supports SGX enclave mode too (chapter 6.8 INTEL SGX INTERACTIONS). Per my read, whether you can enable LAM57 or LAM48 can be determined by bit 8 and 9 of CPUID.(EAX=12H, ECX=01H):EAX. There are some special rule of whether LAM is applied to certain linear address too, i.e. per my read SECS.BASEADDR isn't subject to LAM in ECREATE. My first glance to expose LAM to guest's SGX enclave is just as simple as what you did here -- we just need to expose the two new bits to userspace in KVM_GET_SUPPORTED_CPUID. But I think this can be done in a separate series, especially as the spec doesn't say when LAM is available in CPUID(0x7, 0x1):EAX, it will be always available in CPUID(0x12, 0x1).EAX. But could you help to check the hardware hehaviour whether they will always appear together in CPUID?
On 5/12/2023 8:49 PM, Huang, Kai wrote: > On Wed, 2023-05-10 at 14:06 +0800, Binbin Wu wrote: >> From: Robert Hoo <robert.hu@linux.intel.com> >> >> LAM feature is enumerated by CPUID.7.1:EAX.LAM[bit 26]. >> Expose the feature to userspace as the final step after the following >> supports: >> - CR4.LAM_SUP virtualization >> - CR3.LAM_U48 and CR3.LAM_U57 virtualization >> - Check and untag 64-bit linear address when LAM applies in instruction >> emulations and VMExit handlers. >> >> Signed-off-by: Robert Hoo <robert.hu@linux.intel.com> >> Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com> >> Reviewed-by: Jingqi Liu <jingqi.liu@intel.com> >> Reviewed-by: Chao Gao <chao.gao@intel.com> >> Tested-by: Xuelian Guo <xuelian.guo@intel.com> >> --- >> arch/x86/kvm/cpuid.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c >> index 123bf8b97a4b..fc8286f747ac 100644 >> --- a/arch/x86/kvm/cpuid.c >> +++ b/arch/x86/kvm/cpuid.c >> @@ -664,7 +664,7 @@ void kvm_set_cpu_caps(void) >> kvm_cpu_cap_mask(CPUID_7_1_EAX, >> F(AVX_VNNI) | F(AVX512_BF16) | F(CMPCCXADD) | >> F(FZRM) | F(FSRS) | F(FSRC) | >> - F(AMX_FP16) | F(AVX_IFMA) >> + F(AMX_FP16) | F(AVX_IFMA) | F(LAM) >> ); >> >> kvm_cpu_cap_init_kvm_defined(CPUID_7_1_EDX, > Per spec LAM supports SGX enclave mode too (chapter 6.8 INTEL SGX INTERACTIONS). > > Per my read, whether you can enable LAM57 or LAM48 can be determined by bit 8 > and 9 of CPUID.(EAX=12H, ECX=01H):EAX. There are some special rule of whether > LAM is applied to certain linear address too, i.e. per my read SECS.BASEADDR > isn't subject to LAM in ECREATE. This is considered when implement patch 5, but you remind me that I should add the materials to describe the handling of SGX system leaf functions in the chagelog. > > My first glance to expose LAM to guest's SGX enclave is just as simple as what > you did here -- we just need to expose the two new bits to userspace in > KVM_GET_SUPPORTED_CPUID. > > But I think this can be done in a separate series, Yes, support LAM inside SGX enclave is not included in the inital enabling patch series. > especially as the spec > doesn't say when LAM is available in CPUID(0x7, 0x1):EAX, it will be always > available in CPUID(0x12, 0x1).EAX. > > But could you help to check the hardware hehaviour whether they will always > appear together in CPUID? For this part, I need furtuer investigation. Will get back to you when I get the answer.
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 123bf8b97a4b..fc8286f747ac 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -664,7 +664,7 @@ void kvm_set_cpu_caps(void) kvm_cpu_cap_mask(CPUID_7_1_EAX, F(AVX_VNNI) | F(AVX512_BF16) | F(CMPCCXADD) | F(FZRM) | F(FSRS) | F(FSRC) | - F(AMX_FP16) | F(AVX_IFMA) + F(AMX_FP16) | F(AVX_IFMA) | F(LAM) ); kvm_cpu_cap_init_kvm_defined(CPUID_7_1_EDX,