diff mbox series

[v8,6/6] KVM: x86: Expose LAM feature to userspace VMM

Message ID 20230510060611.12950-7-binbin.wu@linux.intel.com (mailing list archive)
State New, archived
Headers show
Series Linear Address Masking (LAM) KVM Enabling | expand

Commit Message

Binbin Wu May 10, 2023, 6:06 a.m. UTC
From: Robert Hoo <robert.hu@linux.intel.com>

LAM feature is enumerated by CPUID.7.1:EAX.LAM[bit 26].
Expose the feature to userspace as the final step after the following
supports:
- CR4.LAM_SUP virtualization
- CR3.LAM_U48 and CR3.LAM_U57 virtualization
- Check and untag 64-bit linear address when LAM applies in instruction
  emulations and VMExit handlers.

Signed-off-by: Robert Hoo <robert.hu@linux.intel.com>
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
Reviewed-by: Chao Gao <chao.gao@intel.com>
Tested-by: Xuelian Guo <xuelian.guo@intel.com>
---
 arch/x86/kvm/cpuid.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Huang, Kai May 12, 2023, 12:49 p.m. UTC | #1
On Wed, 2023-05-10 at 14:06 +0800, Binbin Wu wrote:
> From: Robert Hoo <robert.hu@linux.intel.com>
> 
> LAM feature is enumerated by CPUID.7.1:EAX.LAM[bit 26].
> Expose the feature to userspace as the final step after the following
> supports:
> - CR4.LAM_SUP virtualization
> - CR3.LAM_U48 and CR3.LAM_U57 virtualization
> - Check and untag 64-bit linear address when LAM applies in instruction
>   emulations and VMExit handlers.
> 
> Signed-off-by: Robert Hoo <robert.hu@linux.intel.com>
> Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
> Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
> Reviewed-by: Chao Gao <chao.gao@intel.com>
> Tested-by: Xuelian Guo <xuelian.guo@intel.com>
> ---
>  arch/x86/kvm/cpuid.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
> index 123bf8b97a4b..fc8286f747ac 100644
> --- a/arch/x86/kvm/cpuid.c
> +++ b/arch/x86/kvm/cpuid.c
> @@ -664,7 +664,7 @@ void kvm_set_cpu_caps(void)
>  	kvm_cpu_cap_mask(CPUID_7_1_EAX,
>  		F(AVX_VNNI) | F(AVX512_BF16) | F(CMPCCXADD) |
>  		F(FZRM) | F(FSRS) | F(FSRC) |
> -		F(AMX_FP16) | F(AVX_IFMA)
> +		F(AMX_FP16) | F(AVX_IFMA) | F(LAM)
>  	);
>  
>  	kvm_cpu_cap_init_kvm_defined(CPUID_7_1_EDX,

Per spec LAM supports SGX enclave mode too (chapter 6.8 INTEL SGX INTERACTIONS).

Per my read, whether you can enable LAM57 or LAM48 can be determined by bit 8
and 9 of CPUID.(EAX=12H, ECX=01H):EAX.  There are some special rule of whether
LAM is applied to certain linear address too, i.e. per my read SECS.BASEADDR
isn't subject to LAM in ECREATE.

My first glance to expose LAM to guest's SGX enclave is just as simple as what
you did here -- we just need to expose the two new bits to userspace in
KVM_GET_SUPPORTED_CPUID.

But I think this can be done in a separate series, especially as the spec
doesn't say when LAM is available in CPUID(0x7, 0x1):EAX, it will be always
available in CPUID(0x12, 0x1).EAX.

But could you help to check the hardware hehaviour whether they will always
appear together in CPUID?
Binbin Wu May 16, 2023, 3:30 a.m. UTC | #2
On 5/12/2023 8:49 PM, Huang, Kai wrote:
> On Wed, 2023-05-10 at 14:06 +0800, Binbin Wu wrote:
>> From: Robert Hoo <robert.hu@linux.intel.com>
>>
>> LAM feature is enumerated by CPUID.7.1:EAX.LAM[bit 26].
>> Expose the feature to userspace as the final step after the following
>> supports:
>> - CR4.LAM_SUP virtualization
>> - CR3.LAM_U48 and CR3.LAM_U57 virtualization
>> - Check and untag 64-bit linear address when LAM applies in instruction
>>    emulations and VMExit handlers.
>>
>> Signed-off-by: Robert Hoo <robert.hu@linux.intel.com>
>> Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
>> Reviewed-by: Jingqi Liu <jingqi.liu@intel.com>
>> Reviewed-by: Chao Gao <chao.gao@intel.com>
>> Tested-by: Xuelian Guo <xuelian.guo@intel.com>
>> ---
>>   arch/x86/kvm/cpuid.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
>> index 123bf8b97a4b..fc8286f747ac 100644
>> --- a/arch/x86/kvm/cpuid.c
>> +++ b/arch/x86/kvm/cpuid.c
>> @@ -664,7 +664,7 @@ void kvm_set_cpu_caps(void)
>>   	kvm_cpu_cap_mask(CPUID_7_1_EAX,
>>   		F(AVX_VNNI) | F(AVX512_BF16) | F(CMPCCXADD) |
>>   		F(FZRM) | F(FSRS) | F(FSRC) |
>> -		F(AMX_FP16) | F(AVX_IFMA)
>> +		F(AMX_FP16) | F(AVX_IFMA) | F(LAM)
>>   	);
>>   
>>   	kvm_cpu_cap_init_kvm_defined(CPUID_7_1_EDX,
> Per spec LAM supports SGX enclave mode too (chapter 6.8 INTEL SGX INTERACTIONS).
>
> Per my read, whether you can enable LAM57 or LAM48 can be determined by bit 8
> and 9 of CPUID.(EAX=12H, ECX=01H):EAX.  There are some special rule of whether
> LAM is applied to certain linear address too, i.e. per my read SECS.BASEADDR
> isn't subject to LAM in ECREATE.
This is considered when implement patch 5, but you remind me that I 
should add the materials to describe the handling of SGX system leaf 
functions in the chagelog.


>
> My first glance to expose LAM to guest's SGX enclave is just as simple as what
> you did here -- we just need to expose the two new bits to userspace in
> KVM_GET_SUPPORTED_CPUID.
>
> But I think this can be done in a separate series,
Yes, support LAM inside SGX enclave is not included in the inital 
enabling patch series.

>   especially as the spec
> doesn't say when LAM is available in CPUID(0x7, 0x1):EAX, it will be always
> available in CPUID(0x12, 0x1).EAX.
>
> But could you help to check the hardware hehaviour whether they will always
> appear together in CPUID?
For this part, I need furtuer investigation.
Will get back to you when I get the answer.
diff mbox series

Patch

diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index 123bf8b97a4b..fc8286f747ac 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -664,7 +664,7 @@  void kvm_set_cpu_caps(void)
 	kvm_cpu_cap_mask(CPUID_7_1_EAX,
 		F(AVX_VNNI) | F(AVX512_BF16) | F(CMPCCXADD) |
 		F(FZRM) | F(FSRS) | F(FSRC) |
-		F(AMX_FP16) | F(AVX_IFMA)
+		F(AMX_FP16) | F(AVX_IFMA) | F(LAM)
 	);
 
 	kvm_cpu_cap_init_kvm_defined(CPUID_7_1_EDX,