From patchwork Mon May 15 14:42:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 13241639 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A8FB4C7EE23 for ; Mon, 15 May 2023 14:43:28 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.534777.832121 (Exim 4.92) (envelope-from ) id 1pyZPq-0000Fq-8J; Mon, 15 May 2023 14:43:10 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 534777.832121; Mon, 15 May 2023 14:43:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZPq-0000ES-1q; Mon, 15 May 2023 14:43:10 +0000 Received: by outflank-mailman (input) for mailman id 534777; Mon, 15 May 2023 14:43:08 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZPo-0000CZ-Q5 for xen-devel@lists.xenproject.org; Mon, 15 May 2023 14:43:08 +0000 Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com [216.71.145.142]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id cc1c406d-f32e-11ed-8611-37d641c3527e; Mon, 15 May 2023 16:43:05 +0200 (CEST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: cc1c406d-f32e-11ed-8611-37d641c3527e DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1684161785; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=9XFTUf7BDejsn84FeldN2UDYxQF11ZKC+fFIFGNNJWI=; b=ZL/1IzA9H6Dzn4YgVKvqmACbJcAVo3zbtxZVW+tRiNHokpe+/nDnoD3q lLgHcFeySKRBA0cKdVs5XPzabNaojGEA+g8iTNMlmL2UY4R970ENLEvTU LsY5aChigc+65FzUkXz9cwOaOZkKhKL+6sB0r8k12ejnTacd94+FZfQgF g=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 4.0 X-MesageID: 109479563 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.123 X-Policy: $RELAYED IronPort-Data: A9a23:PgQf2K6s0opUt0g6H7XBaAxRtDDHchMFZxGqfqrLsTDasY5as4F+v jQeUDjUbv2CZWWkfNFzOdnn9UoAupfVnIUwQQdu/CwwHi5G8cbLO4+Ufxz6V8+wwm8vb2o8t plDNYOQRCwQZiWBzvt4GuG59RGQ7YnRGvynTraCYnsrLeNdYH9JoQp5nOIkiZJfj9G8Agec0 fv/uMSaM1K+s9JOGjt8B5mr9VU+7ZwehBtC5gZlPa0S4QeH/5UoJMl3yZ+ZfiOQrrZ8RoZWd 86bpJml82XQ+QsaC9/Nut4XpWVTH9Y+lSDX4pZnc/DKbipq/0Te4Y5iXBYoUm9Fii3hojxE4 I4lWapc6+seFvakdOw1C3G0GszlVEFM0OevzXOX6aR/w6BaGpdFLjoH4EweZOUlFuhL7W5m3 /02GB03b0i/l/O436inZMdQu9wMI5y+VG8fkikIITDxCP8nRdbIQrnQ5M8e1zA17ixMNa+AP YxDM2MpNUmeJUQVYT/7C7pn9AusrlD5fydVtxS+oq0v7nKI5AdwzKLsIJzefdniqcB9xx7J+ j2Xojqiav0cHJui6heH8iyAvcCMowT9c54ANfqZpvE/1TV/wURMUUZLBDNXu8KRmkO4Ht5SN UEQ0i4vtrQpslymSMHnWB+1q2LCuQQTM/JyOeAn7ACGyoLP/h2UQGMDS1Zpd9gOpMIwAzsw2 Te0c8jBXGI19ufPEDTEq+nS9GnpUcQIEYMcTQUFYzso2di7nJEigA3VUvhNLJOtodKgTFkc3 Au2hCQ5grwSi+sC2KO64U3LjlqQm3TZcuImzl6JBzz4t2uVcKbgPtX1sgaDsZ6sOa7DFjG8U G44d99yBQzkJbWEj2SzTeoEB9lFDN7VYWSH0TaD83TMnglBGkJPn6gKulmSx28zaK7onAMFh 2eN0T69HLcJYBOXgVZfOupd8fgCw6n6DsjCXfvJdNdIaZUZXFbZrH02NR/KgDu9yxBEfUQD1 XCzIK6R4YsyU/w7nFJauc9HuVPU+szO7TyKHs2qp/hW+bGfeGSUWd84Dbd6VchgtPnsiFyMo 75i2z6il003vBvWPnOGrub+7DkicRAGOHwBg5YKJ7/efFA3RDlJ5j246epJRrGJVp99zo/gl kxRkGcCoLYjrRUr8Tm3V00= IronPort-HdrOrdr: A9a23:2I/yoq/Ibf4jrk98fe1uk+AoI+orL9Y04lQ7vn2ZKSY5TiX4rb HLoB1/73XJYVkqN03I9ervBEDiewK4yXcW2/hzAV7KZmCP1FdASrsC0WKL+Vbd8kbFh4xgPM lbE5SWc+eAamSTjazBkXWF+9RL+qj5zEh/792usUuETmtRGtBdBx8SMHf8LqXvLjM2f6bQEv Cnl7N6jgvlQ1s7ROKhCEIIWuDSzue76a4PMXY9dmYaABDlt0LS1ILH X-Talos-CUID: 9a23:Mfbq3mxrosvvN86IBeUPBgU+G+4VX0fclEvAMkGnE3pHZoGoUXCfrfY= X-Talos-MUID: 9a23:7rariQkXFeI4BdhTRuTtdnolCeRF4aTwJHsi0qshveKYJw03GmeS2WE= X-IronPort-AV: E=Sophos;i="5.99,276,1677560400"; d="scan'208";a="109479563" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [PATCH 1/6] x86/boot: Rework dom0 feature configuration Date: Mon, 15 May 2023 15:42:54 +0100 Message-ID: <20230515144259.1009245-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230515144259.1009245-1-andrew.cooper3@citrix.com> References: <20230515144259.1009245-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Right now, dom0's feature configuration is split between between the common path and a dom0-specific one. This mostly is by accident, and causes some very subtle bugs. First, start by clearly defining init_dom0_cpuid_policy() to be the domain that Xen builds automatically. The late hwdom case is still constructed in a mostly normal way, with the control domain having full discretion over the CPU policy. Identifying this highlights a latent bug - the two halves of the MSR_ARCH_CAPS bodge are asymmetric with respect to the hardware domain. This means that shim, or a control-only dom0 sees the MSR_ARCH_CAPS CPUID bit but none of the MSR content. This in turn declares the hardware to be retpoline-safe by failing to advertise the {R,}RSBA bits appropriately. Restrict this logic to the hardware domain, although the special case will cease to exist shortly. For the CPUID Faulting adjustment, the comment in ctxt_switch_levelling() isn't actually relevant. Provide a better explanation. Move the recalculate_cpuid_policy() call outside of the dom0-cpuid= case. This is no change for now, but will become necessary shortly. Finally, place the second half of the MSR_ARCH_CAPS bodge after the recalculate_cpuid_policy() call. This is necessary to avoid transiently breaking the hardware domain's view while the handling is cleaned up. This special case will cease to exist shortly. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monné CC: Wei Liu --- xen/arch/x86/cpu-policy.c | 57 +++++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 26 deletions(-) diff --git a/xen/arch/x86/cpu-policy.c b/xen/arch/x86/cpu-policy.c index ef6a2d0d180a..5e7e19fbcda8 100644 --- a/xen/arch/x86/cpu-policy.c +++ b/xen/arch/x86/cpu-policy.c @@ -687,29 +687,6 @@ int init_domain_cpu_policy(struct domain *d) if ( !p ) return -ENOMEM; - /* See comment in ctxt_switch_levelling() */ - if ( !opt_dom0_cpuid_faulting && is_control_domain(d) && is_pv_domain(d) ) - p->platform_info.cpuid_faulting = false; - - /* - * Expose the "hardware speculation behaviour" bits of ARCH_CAPS to dom0, - * so dom0 can turn off workarounds as appropriate. Temporary, until the - * domain policy logic gains a better understanding of MSRs. - */ - if ( is_hardware_domain(d) && cpu_has_arch_caps ) - { - uint64_t val; - - rdmsrl(MSR_ARCH_CAPABILITIES, val); - - p->arch_caps.raw = val & - (ARCH_CAPS_RDCL_NO | ARCH_CAPS_IBRS_ALL | ARCH_CAPS_RSBA | - ARCH_CAPS_SSB_NO | ARCH_CAPS_MDS_NO | ARCH_CAPS_IF_PSCHANGE_MC_NO | - ARCH_CAPS_TAA_NO | ARCH_CAPS_SBDR_SSDP_NO | ARCH_CAPS_FBSDP_NO | - ARCH_CAPS_PSDP_NO | ARCH_CAPS_FB_CLEAR | ARCH_CAPS_RRSBA | - ARCH_CAPS_BHI_NO | ARCH_CAPS_PBRSB_NO); - } - d->arch.cpu_policy = p; recalculate_cpuid_policy(d); @@ -845,11 +822,15 @@ void recalculate_cpuid_policy(struct domain *d) p->extd.raw[0x19] = EMPTY_LEAF; } +/* + * Adjust the CPU policy for dom0. Really, this is "the domain Xen builds + * automatically on boot", and might not have the domid 0 (e.g. pvshim). + */ void __init init_dom0_cpuid_policy(struct domain *d) { struct cpu_policy *p = d->arch.cpuid; - /* dom0 can't migrate. Give it ITSC if available. */ + /* Dom0 doesn't migrate relative to Xen. Give it ITSC if available. */ if ( cpu_has_itsc ) p->extd.itsc = true; @@ -858,7 +839,7 @@ void __init init_dom0_cpuid_policy(struct domain *d) * so dom0 can turn off workarounds as appropriate. Temporary, until the * domain policy logic gains a better understanding of MSRs. */ - if ( cpu_has_arch_caps ) + if ( is_hardware_domain(d) && cpu_has_arch_caps ) p->feat.arch_caps = true; /* Apply dom0-cpuid= command line settings, if provided. */ @@ -876,8 +857,32 @@ void __init init_dom0_cpuid_policy(struct domain *d) } x86_cpu_featureset_to_policy(fs, p); + } + + /* + * PV Control domains used to require unfiltered CPUID. This was fixed in + * Xen 4.13, but there is an cmdline knob to restore the prior behaviour. + * + * If the domain is getting unfiltered CPUID, don't let the guest kernel + * play with CPUID faulting either, as Xen's CPUID path won't cope. + */ + if ( !opt_dom0_cpuid_faulting && is_control_domain(d) && is_pv_domain(d) ) + p->platform_info.cpuid_faulting = false; - recalculate_cpuid_policy(d); + recalculate_cpuid_policy(d); + + if ( is_hardware_domain(d) && cpu_has_arch_caps ) + { + uint64_t val; + + rdmsrl(MSR_ARCH_CAPABILITIES, val); + + p->arch_caps.raw = val & + (ARCH_CAPS_RDCL_NO | ARCH_CAPS_IBRS_ALL | ARCH_CAPS_RSBA | + ARCH_CAPS_SSB_NO | ARCH_CAPS_MDS_NO | ARCH_CAPS_IF_PSCHANGE_MC_NO | + ARCH_CAPS_TAA_NO | ARCH_CAPS_SBDR_SSDP_NO | ARCH_CAPS_FBSDP_NO | + ARCH_CAPS_PSDP_NO | ARCH_CAPS_FB_CLEAR | ARCH_CAPS_RRSBA | + ARCH_CAPS_BHI_NO | ARCH_CAPS_PBRSB_NO); } } From patchwork Mon May 15 14:42:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 13241644 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9EBFAC77B7D for ; Mon, 15 May 2023 14:43:43 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.534782.832170 (Exim 4.92) (envelope-from ) id 1pyZQB-00027Q-Qz; Mon, 15 May 2023 14:43:31 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 534782.832170; Mon, 15 May 2023 14:43:31 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZQB-00026n-LS; Mon, 15 May 2023 14:43:31 +0000 Received: by outflank-mailman (input) for mailman id 534782; Mon, 15 May 2023 14:43:30 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZQA-0000CT-AL for xen-devel@lists.xenproject.org; Mon, 15 May 2023 14:43:30 +0000 Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com [216.71.155.144]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id db620a99-f32e-11ed-b229-6b7b168915f2; Mon, 15 May 2023 16:43:29 +0200 (CEST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: db620a99-f32e-11ed-b229-6b7b168915f2 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1684161809; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=j2YW2cWonftkq/hMdpKaFZq5iF9LBLJDuv16HmF0O5k=; b=PVZzLs7enL9MtG4DB6ZOo7txhTIPdFr5pR/l5qkP6J3vmYjkyv3Ui0el iyYE+qGcd2IcxWcAs2vRBCTsTmXOnzXaLxEtuKhTvpEWT+Yk2V6UNBTdR cUWQqTArAmRK2TirO5N0QFiKQnOMEWNS2VuL9xkFWZsKV+3ks258Yau/3 A=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 4.0 X-MesageID: 111537998 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.123 X-Policy: $RELAYED IronPort-Data: A9a23:nZ2xyKM54Km6rIjvrR2ul8FynXyQoLVcMsEvi/4bfWQNrUoghjYEy WYeCm/XPa2JMGumcop0a43j8xxQsZ7Wx4VrTAto+SlhQUwRpJueD7x1DKtS0wC6dZSfER09v 63yTvGacajYm1eF/k/F3oDJ9CU6jufQAOKnUoYoAwgpLSd8UiAtlBl/rOAwh49skLCRDhiE/ Nj/uKUzAnf8s9JPGj9SuvPrRC9H5qyo42tF5wFmP5ingXeF/5UrJMNHTU2OByOQrrl8RoaSW +vFxbelyWLVlz9F5gSNy+uTnuUiG9Y+DCDW4pZkc/HKbitq/0Te5p0TJvsEAXq7vh3S9zxHJ HehgrTrIeshFvWkdO3wyHC0GQkmVUFN0OevzXRSLaV/ZqAJGpfh66wGMa04AWEX0uAvKzxS6 +cJESEUSSuZusW7xY+SFeY506zPLOGzVG8eknRpzDWfBvc6W5HTBa7N4Le03h9p2JoIR6yHI ZNEN3w2Nk+ojx5nYz/7DLoXmuuyi2a5WDpfsF+P/oI84nTJzRw327/oWDbQUoXTHJgOwRfJ9 goq+UzfRTo+ZfuH9AOl71/81/X1zCPDY407QejQGvlC3wTImz175ActfUS/iem0jAi5Qd03A 1wZ/G8ioLY/8GSvT8LhRFuorXicpBkeVtFMVeog52ml6IDZ/gKYDWgsVSNaZZots8peeNAx/ gbXxZWzX2Up6eDLDyvHrd94sA9eJwATdUVfeTEfXDIU+v7YurwUgxfyZ4lsRfvdYsLOJRn8x DWDrS4bjroVjNIW26jTwW0rkw5AtbCSEFdru1y/snaNq1ogOdX7P9DABU3zt64oEWqPcrWWU JHoceC65ftGM5yCnTflrA4lTODwvKbt3NExbDdS83gdG9aFoSTLkWN4umsWyKJV3iEsJ1fUj Lf741852XOqFCLCgVVLS4ywEd826qPrCM7oUPvZBvIXPMgtLF/Wpn41NRXIt4wIrKTLufBXB HtmWZz0USZy5VpPllJauNvxIZd0n3tjlAs/tLjwzgi90Kr2WUN5vYwtaQPUBshgtfPsnekg2 4oHXyd840kFAbKWj+i+2dJ7EG3m2lBhWMGn9pINJ7LbSuekcUl4Y8LsLXoaU9QNt8xoei3go SnVtpNwoLYnuUD6FA== IronPort-HdrOrdr: A9a23:10NsPKtlO5DUIiL4lA5bpxNk7skDhtV00zEX/kB9WHVpm6yj+v xGUs566faUskd0ZJhEo7q90ca7Lk80maQa3WBzB8bGYOCFghrKEGgK1+KLrwEIcxeUygc379 YDT0ERMrzN5CNB/KHHCAnTKadd/DGEmprY+ts3GR1WPH9Xg6IL1XYJNu6CeHcGIjWvnfACZe ChDswsnUvYRV0nKv6VK1MiROb5q9jChPvdEGM7705O0nj3sduwgoSKaCSl4g== X-Talos-CUID: 9a23:emMzwWgM4vLSbgSLVbvsnCMrYTJudCX3kWvOOF6BGH9Oc6eoblKVxYo7nJ87 X-Talos-MUID: 9a23:sAorpA0Ii0I3kkfVYHTIgsuKzjUjxeOFLBEqiag/m9SpZX1qAWadtA+4a9py X-IronPort-AV: E=Sophos;i="5.99,277,1677560400"; d="scan'208";a="111537998" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [PATCH 2/6] x86/boot: Adjust MSR_ARCH_CAPS handling for the Host policy Date: Mon, 15 May 2023 15:42:55 +0100 Message-ID: <20230515144259.1009245-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230515144259.1009245-1-andrew.cooper3@citrix.com> References: <20230515144259.1009245-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 We are about to move MSR_ARCH_CAPS into featureset, but the order of operations (copy raw policy, then copy x86_capabilitiles[] in) will end up clobbering the ARCH_CAPS value currently visible in the Host policy. To avoid this transient breakage, read from raw_cpu_policy rather than modifying it in place. This logic will be removed entirely in due course. Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monné CC: Wei Liu --- xen/arch/x86/cpu-policy.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xen/arch/x86/cpu-policy.c b/xen/arch/x86/cpu-policy.c index 5e7e19fbcda8..49f5465ec445 100644 --- a/xen/arch/x86/cpu-policy.c +++ b/xen/arch/x86/cpu-policy.c @@ -411,7 +411,7 @@ static void __init calculate_host_policy(void) p->platform_info.cpuid_faulting = cpu_has_cpuid_faulting; /* Temporary, until we have known_features[] for feature bits in MSRs. */ - p->arch_caps.raw &= + p->arch_caps.raw = raw_cpu_policy.arch_caps.raw & (ARCH_CAPS_RDCL_NO | ARCH_CAPS_IBRS_ALL | ARCH_CAPS_RSBA | ARCH_CAPS_SKIP_L1DFL | ARCH_CAPS_SSB_NO | ARCH_CAPS_MDS_NO | ARCH_CAPS_IF_PSCHANGE_MC_NO | ARCH_CAPS_TSX_CTRL | ARCH_CAPS_TAA_NO | From patchwork Mon May 15 14:42:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 13241643 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 2B4F4C7EE22 for ; Mon, 15 May 2023 14:43:42 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.534781.832165 (Exim 4.92) (envelope-from ) id 1pyZQB-000252-HM; Mon, 15 May 2023 14:43:31 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 534781.832165; Mon, 15 May 2023 14:43:31 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZQB-00024m-ES; Mon, 15 May 2023 14:43:31 +0000 Received: by outflank-mailman (input) for mailman id 534781; Mon, 15 May 2023 14:43:29 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZQ9-0000CT-AZ for xen-devel@lists.xenproject.org; Mon, 15 May 2023 14:43:29 +0000 Received: from esa4.hc3370-68.iphmx.com (esa4.hc3370-68.iphmx.com [216.71.155.144]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id dabed41e-f32e-11ed-b229-6b7b168915f2; Mon, 15 May 2023 16:43:28 +0200 (CEST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: dabed41e-f32e-11ed-b229-6b7b168915f2 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1684161808; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Fr/2qPrv6QELYt0rVeizVvUhPwwfLWM3DN3E6UnacdY=; b=Rg8A/N/184UXnPi5ozCmRmy7/CzDXYF1Fig7MtYhgU6o8F7lwy/OOQf6 t1H3+bA/QnYY44yNV3cJw8o0Fdav9JI50oyEXp5JdrHhn2cPQ24vxbSMA OkXP0op0HCkPoWADZwTU+AU3tV21TLy063uoHd5rMAeVoFfvpUohnyXOf Y=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 4.0 X-MesageID: 111537999 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.123 X-Policy: $RELAYED IronPort-Data: A9a23:Htmy667TGRBKaTyQxxGhegxRtDPHchMFZxGqfqrLsTDasY5as4F+v jFKXGiOaanbZmGjfNwgPIXl80NV6JeDzoU3QFc4+yxkHi5G8cbLO4+Ufxz6V8+wwm8vb2o8t plDNYOQRCwQZiWBzvt4GuG59RGQ7YnRGvynTraCYnsrLeNdYH9JoQp5nOIkiZJfj9G8Agec0 fv/uMSaM1K+s9JOGjt8B5mr9VU+7ZwehBtC5gZlPa0S4QeE/5UoJMl3yZ+ZfiOQrrZ8RoZWd 86bpJml82XQ+QsaC9/Nut4XpWVTH9Y+lSDX4pZnc/DKbipq/0Te4Y5iXBYoUm9Fii3hojxE4 I4lWapc6+seFvakdOw1C3G0GszlVEFM0OevzXOX6aR/w6BaGpdFLjoH4EweZOUlFuhL7W5m8 6QydSwTdQG6lvuR+6iGbeRpu+18I5y+VG8fkikIITDxCP8nRdbIQrnQ5M8e1zA17ixMNa+AP YxDM2MpNUmeJUQVYT/7C7pn9AusrlD5fydVtxS+oq0v7nKI5AdwzKLsIJzefdniqcB9xx/B+ zmZrjWoav0cHNKA2yOU7Vuyv6jWnCXcCbsdNZeg+tc/1TV/wURMUUZLBDNXu8KRlUqWS99Zb UsO9UIGvaU0sUCmUNT5dxm5u2Kf+A4RXcJKFO834x3LzbDbiy67LGUZSj9KaPQ9qdQ7Azct0 ze0c8jBXGI19ufPEDTEq+nS9GnpUcQIEYMcTSlcZ1YZ/cLymZAqqSnVc/FuFZOc0dKgTFkc3 Au2hCQ5grwSi+sC2KO64U3LjlqQm3TZcuImzl6JBzz4t2uVcKbgPtX1sgaDsZ6sOa7DFjG8U G44d99yBQzkJbWEj2SzTeoEB9lFDN7VYWSH0TaD83TMnglBGkJPn6gKulmSx28zaK7onAMFh 2eN0T69HLcJYBOXgVZfOupd8fgCw6n6DsjCXfvJdNdIaZUZXFbZrH02NR/KgDu9yxBEfUQD1 XCzIK6R4YsyU/w7nFJauc9HuVPU+szO7TyKHs2qp/hW+bGfeGSUWd84Dbd6VchgtPnsiFyMo 75i2z6il003vBvWPnOGrub+7DkicRAGOHwBg5YKJ7/efFA3RDlJ5j246epJRrGJVp99zo/gl kxRkGcGmTITWVWvxd22V01e IronPort-HdrOrdr: A9a23:JeYlJ6DFsTaguLPlHelc55DYdb4zR+YMi2TDt3oddfWaSKylfq GV7ZAmPHrP4gr5N0tOpTntAse9qBDnhPtICOsqTNSftWDd0QPFEGgL1+DfKlbbak/DH4BmtJ uICJIOb+EZDTJB/LrHCAvTKade/DFQmprY+9s3zB1WPHBXg7kL1XYeNu4CeHcGPjWvA/ACZe Ohz/sCnRWMU1INYP+2A3EUNtKz2uEixPrdEGY77wdM0nj0sQ+V X-Talos-CUID: 9a23:E9T8v2nv0wE1g2FfdJkhpO3QNuHXOXuF5irMPVSpMHdwb4aPdHid/Z5NzMU7zg== X-Talos-MUID: 9a23:QLo55wtiVZhqF41PlM2nii5wLdZ3yrqXT1kMl7JXgsalHzR8EmLI X-IronPort-AV: E=Sophos;i="5.99,277,1677560400"; d="scan'208";a="111537999" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [PATCH 3/6] x86/cpu-policy: Infrastructure for MSR_ARCH_CAPS Date: Mon, 15 May 2023 15:42:56 +0100 Message-ID: <20230515144259.1009245-4-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230515144259.1009245-1-andrew.cooper3@citrix.com> References: <20230515144259.1009245-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Bits through 24 are already defined, meaning that we're not far off needing the second word. Put both in right away. The bool bitfield names in the arch_caps union are unused, and somewhat out of date. They'll shortly be automatically generated. Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Roger Pau Monné CC: Wei Liu --- tools/misc/xen-cpuid.c | 10 ++++++++++ xen/include/public/arch-x86/cpufeatureset.h | 4 ++++ xen/include/xen/lib/x86/cpu-policy.h | 18 ++++++++---------- xen/lib/x86/cpuid.c | 4 ++++ 4 files changed, 26 insertions(+), 10 deletions(-) diff --git a/tools/misc/xen-cpuid.c b/tools/misc/xen-cpuid.c index 8ec143ebc854..258584aafb9f 100644 --- a/tools/misc/xen-cpuid.c +++ b/tools/misc/xen-cpuid.c @@ -226,6 +226,14 @@ static const char *const str_7d2[32] = [ 4] = "bhi-ctrl", [ 5] = "mcdt-no", }; +static const char *const str_10Al[32] = +{ +}; + +static const char *const str_10Ah[32] = +{ +}; + static const struct { const char *name; const char *abbr; @@ -248,6 +256,8 @@ static const struct { { "0x00000007:2.edx", "7d2", str_7d2 }, { "0x00000007:1.ecx", "7c1", str_7c1 }, { "0x00000007:1.edx", "7d1", str_7d1 }, + { "0x0000010a.lo", "10Al", str_10Al }, + { "0x0000010a.hi", "10Ah", str_10Ah }, }; #define COL_ALIGN "18" diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h index 8de73aebc3e0..032cec3ccba2 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -307,6 +307,10 @@ XEN_CPUFEATURE(AVX_VNNI_INT8, 15*32+ 4) /*A AVX-VNNI-INT8 Instructions */ XEN_CPUFEATURE(AVX_NE_CONVERT, 15*32+ 5) /*A AVX-NE-CONVERT Instructions */ XEN_CPUFEATURE(CET_SSS, 15*32+18) /* CET Supervisor Shadow Stacks safe to use */ +/* Intel-defined CPU features, MSR_ARCH_CAPS 0x10a.eax, word 16 */ + +/* Intel-defined CPU features, MSR_ARCH_CAPS 0x10a.edx, word 17 */ + #endif /* XEN_CPUFEATURE */ /* Clean up from a default include. Close the enum (for C). */ diff --git a/xen/include/xen/lib/x86/cpu-policy.h b/xen/include/xen/lib/x86/cpu-policy.h index bfa425060464..9b51f8330f92 100644 --- a/xen/include/xen/lib/x86/cpu-policy.h +++ b/xen/include/xen/lib/x86/cpu-policy.h @@ -20,6 +20,8 @@ #define FEATURESET_7d2 13 /* 0x00000007:2.edx */ #define FEATURESET_7c1 14 /* 0x00000007:1.ecx */ #define FEATURESET_7d1 15 /* 0x00000007:1.edx */ +#define FEATURESET_10Al 16 /* 0x0000010a.eax */ +#define FEATURESET_10Ah 17 /* 0x0000010a.edx */ struct cpuid_leaf { @@ -350,17 +352,13 @@ struct cpu_policy * fixed in hardware. */ union { - uint32_t raw; + uint64_t raw; + struct { + uint32_t lo, hi; + }; struct { - bool rdcl_no:1; - bool ibrs_all:1; - bool rsba:1; - bool skip_l1dfl:1; - bool ssb_no:1; - bool mds_no:1; - bool if_pschange_mc_no:1; - bool tsx_ctrl:1; - bool taa_no:1; + DECL_BITFIELD(10Al); + DECL_BITFIELD(10Ah); }; } arch_caps; diff --git a/xen/lib/x86/cpuid.c b/xen/lib/x86/cpuid.c index 68aafb404927..a9f31858aeff 100644 --- a/xen/lib/x86/cpuid.c +++ b/xen/lib/x86/cpuid.c @@ -79,6 +79,8 @@ void x86_cpu_policy_to_featureset( fs[FEATURESET_7d2] = p->feat._7d2; fs[FEATURESET_7c1] = p->feat._7c1; fs[FEATURESET_7d1] = p->feat._7d1; + fs[FEATURESET_10Al] = p->arch_caps.lo; + fs[FEATURESET_10Ah] = p->arch_caps.hi; } void x86_cpu_featureset_to_policy( @@ -100,6 +102,8 @@ void x86_cpu_featureset_to_policy( p->feat._7d2 = fs[FEATURESET_7d2]; p->feat._7c1 = fs[FEATURESET_7c1]; p->feat._7d1 = fs[FEATURESET_7d1]; + p->arch_caps.lo = fs[FEATURESET_10Al]; + p->arch_caps.hi = fs[FEATURESET_10Ah]; } void x86_cpu_policy_recalc_synth(struct cpu_policy *p) From patchwork Mon May 15 14:42:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 13241642 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A1FB5C77B7D for ; Mon, 15 May 2023 14:43:31 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.534776.832115 (Exim 4.92) (envelope-from ) id 1pyZPp-0000Cr-Ui; Mon, 15 May 2023 14:43:09 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 534776.832115; Mon, 15 May 2023 14:43:09 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZPp-0000Ck-Re; Mon, 15 May 2023 14:43:09 +0000 Received: by outflank-mailman (input) for mailman id 534776; Mon, 15 May 2023 14:43:08 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZPo-0000CT-7R for xen-devel@lists.xenproject.org; Mon, 15 May 2023 14:43:08 +0000 Received: from esa2.hc3370-68.iphmx.com (esa2.hc3370-68.iphmx.com [216.71.145.153]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id cc62e9d9-f32e-11ed-b229-6b7b168915f2; Mon, 15 May 2023 16:43:05 +0200 (CEST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: cc62e9d9-f32e-11ed-b229-6b7b168915f2 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1684161785; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=hdj4U+pjxuDMgcyNg1EIZzudfZrVmDvOhSwPysOSv2Q=; b=XOlEqfhB8CBcu5aalFX6QukLzEIFyx3lpnGS/STph0molDoWg0uO7LMB wJFr/srSlmLNwwlefcZezt24vCWQ+ldD73r6vUKpcIpxCe8DHvWHe8gdz x2g+ATFudrZIMIr2bNu61Y1UApte/Ky0zEjdmBkGulVT1352r/pfwwQix A=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 4.0 X-MesageID: 108969382 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.123 X-Policy: $RELAYED IronPort-Data: A9a23:ABMLR6zXuSKm1d3KBtx6t+c/xirEfRIJ4+MujC+fZmUNrF6WrkVVy mYfXWjXaKqNYzehfN5xboqw9EtU6J6Dz9VlSQVr+CAxQypGp/SeCIXCJC8cHc8wwu7rFxs7s ppEOrEsCOhuExcwcz/0auCJQUFUjP3OHfykTrafYEidfCc8IA85kxVvhuUltYBhhNm9Emult Mj75sbSIzdJ4RYtWo4vw//F+UIHUMja4mtC5QRjPK0T5TcyqlFOZH4hDfDpR5fHatE88t6SH 47r0Ly/92XFyBYhYvvNfmHTKxBirhb6ZGBiu1IOM0SQqkEqSh8ai87XAME0e0ZP4whlqvgqo Dl7WT5cfi9yVkHEsLx1vxC1iEiSN4UekFPMCSDXXcB+UyQq2pYjqhljJBheAGEWxgp4KXpV2 r82cS8vUk6kucGa3qC7UMJMg+12eaEHPKtH0p1h5TTQDPJgSpHfWaTao9Rf2V/chOgXQ6yYP ZBAL2MyMlKZOUYn1lQ/UfrSmM+BgHXlfiIeg1WSvactuEDYzRBr0airO93QEjCPbZwNzhfG9 zmWpQwVBDk6C/W95iis6UmRh8n2kT7ECNMWS52Ro6sCbFq7mTVIVUx+uUGAiem0jAuyVsxSL 2QQ+zEytu4i+UqzVN7/Uhak5nmesXY0efBdDuk74wGl0bfP7kCSAW1sZiFFQMwrsokxXzNC6 7OSt4q3X3o16uTTEC/DsO7O9lteJBT5M0cZfgBHY1IaweW9h78QogzdTsxIMKuc24id9S7L/ xiGqy03hrM2hMEN1rmm8V2vvw9AtqQlXSZuuFyJAzvNAhdRIdf8Otf2sQSzAeNodt7xc7WXg JQTdyFyBsgqBIrFqiGCSf5l8FqBt6fca220bbKC8vAcG9WRF5yLJ9o4DNJWfh0B3iM4ldjBP ifuVft5vsM7AZdTRfYfj3iNI8or17P8Mt/uS+rZaNFDCrAoKl/bpHE/PxHLjzu1+KTJrU3YE cbzTCpRJSxCVfQPIMSeHY/xLoPHNghhnDiOFPgXPjys0KaEZW79dIrpxGCmN7hjhIvd+VW9z jqqH5fSo/mpeLGkM3a/HE96BQxiEEXX8ris9p0GK7DZc1Y+cIzjYteIqY4cl0Vet/w9vo/1E ruVBye0FHKXaaX7FDi3 IronPort-HdrOrdr: A9a23:zwjuKaoFE+xkGG4B+kZz5ggaV5pFeYIsimQD101hICG9E/b4qy nApp8mPHPP4gr5O0tPpTnjAsW9qBrnnPZICOIqUotKMjOKhFeV X-Talos-CUID: 9a23:Gtx3GGmQ3u8TWWJ7mAkFNG3DgjbXOWbG4zT+elCaNThOdp65V02Q4ohEluM7zg== X-Talos-MUID: 9a23:enawMgnx4pXPe7X2UOnednpCC+5KzLaHE3swkLM/t9S7ZX10ZBe02WE= X-IronPort-AV: E=Sophos;i="5.99,276,1677560400"; d="scan'208";a="108969382" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [PATCH 4/6] x86/cpu-policy: MSR_ARCH_CAPS feature names Date: Mon, 15 May 2023 15:42:57 +0100 Message-ID: <20230515144259.1009245-5-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230515144259.1009245-1-andrew.cooper3@citrix.com> References: <20230515144259.1009245-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Seed the default visibility from the dom0 special case, which for the most part just exposes the *_NO bits. Insert a block dependency from the ARCH_CAPS CPUID bit to the entire content of the MSR. The overall CPUID bit is still max-only, so all of MSR_ARCH_CAPS is hidden in the default policies. Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Roger Pau Monné CC: Wei Liu There is no libxl logic because libxl still uses the older xend format which is specific to CPUID data. That is going to need untangling at some other point. --- tools/misc/xen-cpuid.c | 13 ++++++++++++ xen/include/public/arch-x86/cpufeatureset.h | 23 +++++++++++++++++++++ xen/tools/gen-cpuid.py | 3 +++ 3 files changed, 39 insertions(+) diff --git a/tools/misc/xen-cpuid.c b/tools/misc/xen-cpuid.c index 258584aafb9f..5b717f3f0091 100644 --- a/tools/misc/xen-cpuid.c +++ b/tools/misc/xen-cpuid.c @@ -228,6 +228,19 @@ static const char *const str_7d2[32] = static const char *const str_10Al[32] = { + [ 0] = "rdcl-no", [ 1] = "eibrs", + [ 2] = "rsba", [ 3] = "skip-l1dfl", + [ 4] = "intel-ssb-no", [ 5] = "mds-no", + [ 6] = "if-pschange-mc-no", [ 7] = "tsx-ctrl", + [ 8] = "taa-no", [ 9] = "mcu-ctrl", + [10] = "misc-pkg-ctrl", [11] = "energy-ctrl", + [12] = "doitm", [13] = "sbdr-ssdp-no", + [14] = "fbsdp-no", [15] = "psdp-no", + /* 16 */ [17] = "fb-clear", + [18] = "fb-clear-ctrl", [19] = "rrsba", + [20] = "bhi-no", [21] = "xapic-status", + /* 22 */ [23] = "ovrclk-status", + [24] = "pbrsb-no", }; static const char *const str_10Ah[32] = diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h index 032cec3ccba2..3cfdc71df92b 100644 --- a/xen/include/public/arch-x86/cpufeatureset.h +++ b/xen/include/public/arch-x86/cpufeatureset.h @@ -308,6 +308,29 @@ XEN_CPUFEATURE(AVX_NE_CONVERT, 15*32+ 5) /*A AVX-NE-CONVERT Instructions */ XEN_CPUFEATURE(CET_SSS, 15*32+18) /* CET Supervisor Shadow Stacks safe to use */ /* Intel-defined CPU features, MSR_ARCH_CAPS 0x10a.eax, word 16 */ +XEN_CPUFEATURE(RDCL_NO, 16*32+ 0) /*A No Rogue Data Cache Load (Meltdown) */ +XEN_CPUFEATURE(EIBRS, 16*32+ 1) /*A Enhanced IBRS */ +XEN_CPUFEATURE(RSBA, 16*32+ 2) /*!A RSB Alternative (Retpoline not safe) */ +XEN_CPUFEATURE(SKIP_L1DFL, 16*32+ 3) /*A Don't need to flush L1D on VMEntry */ +XEN_CPUFEATURE(INTEL_SSB_NO, 16*32+ 4) /*A No Speculative Store Bypass */ +XEN_CPUFEATURE(MDS_NO, 16*32+ 5) /*A No Microarchitectural Data Sampling */ +XEN_CPUFEATURE(IF_PSCHANGE_MC_NO, 16*32+ 6) /*A No Instruction fetch #MC */ +XEN_CPUFEATURE(TSX_CTRL, 16*32+ 7) /* MSR_TSX_CTRL */ +XEN_CPUFEATURE(TAA_NO, 16*32+ 8) /*A No TSX Async Abort */ +XEN_CPUFEATURE(MCU_CTRL, 16*32+ 9) /* MSR_MCU_CTRL */ +XEN_CPUFEATURE(MISC_PKG_CTRL, 16*32+10) /* MSR_MISC_PKG_CTRL */ +XEN_CPUFEATURE(ENERGY_FILTERING, 16*32+11) /* MSR_MISC_PKG_CTRL.ENERGY_FILTERING */ +XEN_CPUFEATURE(DOITM, 16*32+12) /* Data Operand Invariant Timing Mode */ +XEN_CPUFEATURE(SBDR_SSBD_NO, 16*32+13) /*A No Shared Buffer Data Read or Sideband Stale Data Propagation */ +XEN_CPUFEATURE(FBDSP_NO, 16*32+14) /*A No Fill Buffer Stale Data Propagation */ +XEN_CPUFEATURE(PSDP_NO, 16*32+15) /*A No Primary Stale Data Propagation */ +XEN_CPUFEATURE(FB_CLEAR, 16*32+17) /*A Fill Buffers cleared by VERW */ +XEN_CPUFEATURE(FB_CLEAR_CTRL, 16*32+18) /* MSR_OPT_CPU_CTRL.FB_CLEAR_DIS */ +XEN_CPUFEATURE(RRSBA, 16*32+19) /*!A Restricted RSB Alternative */ +XEN_CPUFEATURE(BHI_NO, 16*32+20) /*A No Branch History Injection */ +XEN_CPUFEATURE(XAPIC_STATUS, 16*32+21) /* MSR_XAPIC_DISABLE_STATUS */ +XEN_CPUFEATURE(OVRCLK_STATUS, 16*32+23) /* MSR_OVERCLOCKING_STATUS */ +XEN_CPUFEATURE(PBRSB_NO, 16*32+24) /*A No Post-Barrier RSB predictions */ /* Intel-defined CPU features, MSR_ARCH_CAPS 0x10a.edx, word 17 */ diff --git a/xen/tools/gen-cpuid.py b/xen/tools/gen-cpuid.py index 86d00bb3c273..f28ff708a2fc 100755 --- a/xen/tools/gen-cpuid.py +++ b/xen/tools/gen-cpuid.py @@ -325,6 +325,9 @@ def crunch_numbers(state): # In principle the TSXLDTRK insns could also be considered independent. RTM: [TSXLDTRK], + + # The ARCH_CAPS CPUID bit enumerates the availability of the whole register. + ARCH_CAPS: list(range(RDCL_NO, RDCL_NO + 64)), } deep_features = tuple(sorted(deps.keys())) From patchwork Mon May 15 14:42:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 13241641 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B94C0C7EE23 for ; Mon, 15 May 2023 14:43:31 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.534779.832145 (Exim 4.92) (envelope-from ) id 1pyZQ1-00016h-Px; Mon, 15 May 2023 14:43:21 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 534779.832145; Mon, 15 May 2023 14:43:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZQ1-00016a-MD; Mon, 15 May 2023 14:43:21 +0000 Received: by outflank-mailman (input) for mailman id 534779; Mon, 15 May 2023 14:43:20 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZQ0-0000CT-TK for xen-devel@lists.xenproject.org; Mon, 15 May 2023 14:43:20 +0000 Received: from esa5.hc3370-68.iphmx.com (esa5.hc3370-68.iphmx.com [216.71.155.168]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id d4c22416-f32e-11ed-b229-6b7b168915f2; Mon, 15 May 2023 16:43:19 +0200 (CEST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: d4c22416-f32e-11ed-b229-6b7b168915f2 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1684161799; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=gxW2n1DVfIuRfs7m6wcVAnKuUcSoIDDOH3lmvyYJ/Bs=; b=UkT0JuDlM4RDzTOpNMbkX4eJCBcCiqghNiEZTkr1oFjvy9Accnm95wiC u6XUmG+ZNBjucs/pPvs+5kyDVnP9m8EqW+htSvqEJOFvplkV3CoLRrtGL ZfND+IOtCLcUTdrkN6K1zQg/u0pCh2saFGExlnpsad9F8/idE9YZPaOMA o=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 4.0 X-MesageID: 107840892 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.123 X-Policy: $RELAYED IronPort-Data: A9a23:+/MxvqxazdqT65HDIKJ6t+c/xirEfRIJ4+MujC+fZmUNrF6WrkUAx 2MeXm/TbK6DN2HyKd1yOd+28h8G75OBnII1HQI9pSAxQypGp/SeCIXCJC8cHc8wwu7rFxs7s ppEOrEsCOhuExcwcz/0auCJQUFUjP3OHfykTrafYEidfCc8IA85kxVvhuUltYBhhNm9Emult Mj75sbSIzdJ4RYtWo4vw//F+UIHUMja4mtC5QRjPK0T5TcyqlFOZH4hDfDpR5fHatE88t6SH 47r0Ly/92XFyBYhYvvNfmHTKxBirhb6ZGBiu1IOM0SQqkEqSh8ai87XAME0e0ZP4whlqvgqo Dl7WT5cfi9yVkHEsLx1vxC1iEiSN4UekFPMCSDXXcB+UyQq2pYjqhljJBheAGEWxgp4KW9Q/ /1DNGsWUk+8itOPmZG5erRxme12eaEHPKtH0p1h5TTQDPJgSpHfWaTao9Rf2V/chOgXQ6yYP ZBAL2MyMlKZOUYn1lQ/UfrSmM+BgHXlfiIeg1WSvactuEDYzRBr0airO93QEjCPbZwNwRbE/ jKXpQwVBDlEDfK6zBO400mhvf2UrXj5Rt4bDJiBo6sCbFq7mTVIVUx+uUGAiea9ol6zXZRYM UN80jojq+0++VKmSvH5XgakuziUsxgEQd1SHuYmrgaXxcL8wSyUG2wFRT5pc8E9uYk9QjlC6 7OSt4q3X3o16uTTEC/DsO7O9lteJBT5M0cMeyUFFhde+OW8n4wCt0vsTOY+DbGc24id9S7L/ xiGqy03hrM2hMEN1rmm8V2vvw9AtqQlXSZuuFyJAzvNAhdRIdf8Otf2sQSzAeNodt7xc7WXg JQTdyFyBsgqBIrFqiGCSf5l8FqBt6fca220bbKC8vAcG9WRF5yLJ9o4DNJWfh0B3iM4ldjBP ifuVft5vsM7AZdTRfYfj3iNI8or17P8Mt/uS+rZaNFDCrAoKl/bpHE/PxHLjzu1+KTJrU3YE cbzTCpRJSxCVfQPIMSeHY/xLoPHNghhnDiOFPgXPjys0KaEZW79dIrpxGCmN7hjhIvd+VW9z jqqH5fSo/mpeLGkM3a/HE96BQxiEEXX8ris9p0GK7DZc1Y+cIzjYteIqY4cl0Vet/w9vo/1E ruVBie0FHKXaaX7FDi3 IronPort-HdrOrdr: A9a23:ofAXFKs+dUl0UkyNAXMTdMSw7skDhtV00zEX/kB9WHVpm6yj+v xGUs566faUskd0ZJhEo7q90ca7Lk80maQa3WBzB8bGYOCFghrKEGgK1+KLrwEIcxeUygc379 YDT0ERMrzN5CNB/KHHCAnTKadd/DGEmprY+ts3GR1WPH9Xg6IL1XYJNu6CeHcGIjWvnfACZe ChDswsnUvYRV0nKv6VK1MiROb5q9jChPvdEGM7705O0nj3sduwgoSKaCSl4g== X-Talos-CUID: 9a23:/qgE+muIPnPi3f4Y3qDcczSe6IsrbHfcl2uLOHPnNmtYceS2S2/N5bxNxp8= X-Talos-MUID: 9a23:EVJnxAlBBa+JybIGNocUdno8DelN5o2TKXsAqoddi5KGK3B5IxKk2WE= X-IronPort-AV: E=Sophos;i="5.99,276,1677560400"; d="scan'208";a="107840892" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [PATCH 5/6] x86/boot: Record MSR_ARCH_CAPS for the Raw and Host CPU policy Date: Mon, 15 May 2023 15:42:58 +0100 Message-ID: <20230515144259.1009245-6-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230515144259.1009245-1-andrew.cooper3@citrix.com> References: <20230515144259.1009245-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Extend x86_cpu_policy_fill_native() with a read of ARCH_CAPS based on the CPUID information just read, which removes the need handling it specially in calculate_raw_cpu_policy(). Extend generic_identify() to read ARCH_CAPS into x86_capability[], which is fed into the Host Policy. This in turn means there's no need to special case arch_caps in calculate_host_policy(). No practical change. Signed-off-by: Andrew Cooper Reviewed-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monné CC: Wei Liu --- xen/arch/x86/cpu-policy.c | 12 ------------ xen/arch/x86/cpu/common.c | 5 +++++ xen/lib/x86/cpuid.c | 7 ++++++- 3 files changed, 11 insertions(+), 13 deletions(-) diff --git a/xen/arch/x86/cpu-policy.c b/xen/arch/x86/cpu-policy.c index 49f5465ec445..dfd9abd8564c 100644 --- a/xen/arch/x86/cpu-policy.c +++ b/xen/arch/x86/cpu-policy.c @@ -354,9 +354,6 @@ void calculate_raw_cpu_policy(void) /* 0x000000ce MSR_INTEL_PLATFORM_INFO */ /* Was already added by probe_cpuid_faulting() */ - - if ( cpu_has_arch_caps ) - rdmsrl(MSR_ARCH_CAPABILITIES, p->arch_caps.raw); } static void __init calculate_host_policy(void) @@ -409,15 +406,6 @@ static void __init calculate_host_policy(void) /* 0x000000ce MSR_INTEL_PLATFORM_INFO */ /* probe_cpuid_faulting() sanity checks presence of MISC_FEATURES_ENABLES */ p->platform_info.cpuid_faulting = cpu_has_cpuid_faulting; - - /* Temporary, until we have known_features[] for feature bits in MSRs. */ - p->arch_caps.raw = raw_cpu_policy.arch_caps.raw & - (ARCH_CAPS_RDCL_NO | ARCH_CAPS_IBRS_ALL | ARCH_CAPS_RSBA | - ARCH_CAPS_SKIP_L1DFL | ARCH_CAPS_SSB_NO | ARCH_CAPS_MDS_NO | - ARCH_CAPS_IF_PSCHANGE_MC_NO | ARCH_CAPS_TSX_CTRL | ARCH_CAPS_TAA_NO | - ARCH_CAPS_SBDR_SSDP_NO | ARCH_CAPS_FBSDP_NO | ARCH_CAPS_PSDP_NO | - ARCH_CAPS_FB_CLEAR | ARCH_CAPS_RRSBA | ARCH_CAPS_BHI_NO | - ARCH_CAPS_PBRSB_NO); } static void __init guest_common_default_feature_adjustments(uint32_t *fs) diff --git a/xen/arch/x86/cpu/common.c b/xen/arch/x86/cpu/common.c index edc4db1335eb..a3a341fd7db2 100644 --- a/xen/arch/x86/cpu/common.c +++ b/xen/arch/x86/cpu/common.c @@ -474,6 +474,11 @@ static void generic_identify(struct cpuinfo_x86 *c) cpuid_count(0xd, 1, &c->x86_capability[FEATURESET_Da1], &tmp, &tmp, &tmp); + + if (test_bit(X86_FEATURE_ARCH_CAPS, c->x86_capability)) + rdmsr(MSR_ARCH_CAPABILITIES, + c->x86_capability[FEATURESET_10Al], + c->x86_capability[FEATURESET_10Ah]); } /* diff --git a/xen/lib/x86/cpuid.c b/xen/lib/x86/cpuid.c index a9f31858aeff..dfd377cfb7ef 100644 --- a/xen/lib/x86/cpuid.c +++ b/xen/lib/x86/cpuid.c @@ -226,7 +226,12 @@ void x86_cpu_policy_fill_native(struct cpu_policy *p) p->hv_limit = 0; p->hv2_limit = 0; - /* TODO MSRs */ +#ifdef __XEN__ + /* TODO MSR_PLATFORM_INFO */ + + if ( p->feat.arch_caps ) + rdmsrl(MSR_ARCH_CAPABILITIES, p->arch_caps.raw); +#endif x86_cpu_policy_recalc_synth(p); } From patchwork Mon May 15 14:42:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 13241640 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id E2FB1C7EE26 for ; Mon, 15 May 2023 14:43:29 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.534778.832128 (Exim 4.92) (envelope-from ) id 1pyZPq-0000M3-HA; Mon, 15 May 2023 14:43:10 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 534778.832128; Mon, 15 May 2023 14:43:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZPq-0000LD-Av; Mon, 15 May 2023 14:43:10 +0000 Received: by outflank-mailman (input) for mailman id 534778; Mon, 15 May 2023 14:43:09 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1pyZPp-0000CT-3R for xen-devel@lists.xenproject.org; Mon, 15 May 2023 14:43:09 +0000 Received: from esa2.hc3370-68.iphmx.com (esa2.hc3370-68.iphmx.com [216.71.145.153]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id ce87b97a-f32e-11ed-b229-6b7b168915f2; Mon, 15 May 2023 16:43:08 +0200 (CEST) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ce87b97a-f32e-11ed-b229-6b7b168915f2 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1684161788; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7ExPV3k5UxWmHtT8O4awxl/SNyiFP8/mlp5LymAqznU=; b=b3SvCzhH2xJnuVY7xu7SZIO/wpl5VTzFPniz77zXKO0qxYfC51DK6SPp 5hI+BPyH7bhe4OEQ32vP2yi5SbqG6u2a7rUqYCV/+cj6Pwqu2VZsdBJSn rX4j5Zk6JhuNkZ+4YhVcRG7sOkogvzQccUOXLainCjAJdEQVWbNGv2Xtp Q=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 4.0 X-MesageID: 108969384 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.123 X-Policy: $RELAYED IronPort-Data: A9a23:cTwuhawJh2tPRVLJuEV6t+c/xirEfRIJ4+MujC+fZmUNrF6WrkVRz 2BMCDjTb//YNjakKY0nYIyyoU8PsJTdytNrSQU5qyAxQypGp/SeCIXCJC8cHc8wwu7rFxs7s ppEOrEsCOhuExcwcz/0auCJQUFUjP3OHfykTrafYEidfCc8IA85kxVvhuUltYBhhNm9Emult Mj75sbSIzdJ4RYtWo4vw//F+UIHUMja4mtC5QRjPK0T5TcyqlFOZH4hDfDpR5fHatE88t6SH 47r0Ly/92XFyBYhYvvNfmHTKxBirhb6ZGBiu1IOM0SQqkEqSh8ai87XAME0e0ZP4whlqvgqo Dl7WT5cfi9yVkHEsLx1vxC1iEiSN4UekFPMCSDXXcB+UyQq2pYjqhljJBheAGEWxgp4KXpV2 r82cS8vUk6kucGa3qC7UMJMg+12eaEHPKtH0p1h5TTQDPJgSpHfWaTao9Rf2V/chOgXQ6yYP ZBAL2MyMlKZOUYn1lQ/UfrSmM+BgHXlfiIeg1WSvactuEDYzRBr0airO93QEjCPbZwNzhfG9 zmWowwVBDkqBMe+kjWO3kimrfHfhgWjSYIALZ2Ro6sCbFq7mTVIVUx+uUGAiem0jAuyVsxSL 2QQ+zEytu4i+UqzVN7/Uhak5nmesXY0efBdDuk74wGl0bfP7kCSAW1sZiFFQMwrsokxXzNC6 7OSt4q3X3o16uTTEC/DsO7O9lteJBT5M0cZfgBHY1IaweW9h78QogzdTsxIMKuc24id9S7L/ xiGqy03hrM2hMEN1rmm8V2vvw9AtqQlXSZuuFyJAzvNAhdRIdf8Otf2sQSzAeNodt7xc7WXg JQTdyFyBsgqBIrFqiGCSf5l8FqBt6fca220bbKC8vAcG9WRF5yLJ9o4DNJWfh0B3iM4ldjBP ifuVft5vsM7AZdTRfYfj3iNI8or17P8Mt/uS+rZaNFDCrAoKl/bpHE/PxHLjzu1+KTJrU3YE cbzTCpRJSxCVfQPIMSeHY/xLoPHNghhnDiOFPgXPjys0KaEZW79dIrpxGCmN7hjhIvd+VW9z jqqH5fSo/mpeLGkM3a/HE96BQxiEEXX8ris9p0GK7DZc1Y+cIzjYteIqY4cl0Vet/w9vo/1E ruVBie0FHKXaaX7FDi3 IronPort-HdrOrdr: A9a23:HPF36qx/FWb12r6faVwSKrPx/uskLtp133Aq2lEZdPULSKGlfp GV9sjziyWetN9xYgBHpTnkAsW9qBznhPpICOUqTNWftWrdyQiVxeNZnPLfKlTbckWQmI5gPM 9bAtBD4bbLfD9HZKjBkWyF+uIbsaK6Ge2T9JTj5kYoaTsvR7Br7g9/BAreOkpqRDNeDZ58MJ aH/MJIqxepZHxSN62Adww4dtmGg+eOuIPtYBYACRJiwA6SjQmw4Lq/NxSDxB8RXx5G3L9n22 nYlA7S4LmlrpiAu23h/l6Wy64TtMrqy9NFCsDJos8JKg/0ggLtX4hlU63qhkFKnAn6gmxKrP D85zMbe+hj4XLYeW+45TH33RP77Too43j+jXeFnHrKu6XCNXgHIvsEobgcXgrS6kImst05+r lMxXilu51eCg6FtDjh5uLPSwphmiOP0DEfeNYo/jFiuLYlGfZsRM0kjTVo+a47bVXHAVUcYa FT5MK13ocoTbrVVQGUgoBV+q3RYp0CJGb6fqE8gL3u79F3pgEJ86JK/r1uop5HzuNId6V5 X-Talos-CUID: 9a23:/FHBuGAh2VKbReL6EzJ82w06Q98HTiP68lT8PV24E01JTZTAHA== X-Talos-MUID: 9a23:NisFiQVVxbrwjjfq/A/cnxA5O8xE2a6FFlAWt80Xu9u9FQUlbg== X-IronPort-AV: E=Sophos;i="5.99,276,1677560400"; d="scan'208";a="108969384" From: Andrew Cooper To: Xen-devel CC: Andrew Cooper , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu Subject: [PATCH 6/6] x86/boot: Expose MSR_ARCH_CAPS data in guest max policies Date: Mon, 15 May 2023 15:42:59 +0100 Message-ID: <20230515144259.1009245-7-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230515144259.1009245-1-andrew.cooper3@citrix.com> References: <20230515144259.1009245-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 We already have common and default feature adjustment helpers. Introduce one for max featuresets too. Offer MSR_ARCH_CAPS unconditionally in the max policy, and stop clobbering the data inherited from the Host policy. This will be necessary level a VM safely for migration. Note: ARCH_CAPS is still max-only for now, so will not be inhereted by the default policies. With this done, the special case for dom0 can be shrunk to just resampling the Host policy (as ARCH_CAPS isn't visible by default yet). Signed-off-by: Andrew Cooper --- CC: Jan Beulich CC: Roger Pau Monné CC: Wei Liu --- xen/arch/x86/cpu-policy.c | 42 ++++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/xen/arch/x86/cpu-policy.c b/xen/arch/x86/cpu-policy.c index dfd9abd8564c..74266d30b551 100644 --- a/xen/arch/x86/cpu-policy.c +++ b/xen/arch/x86/cpu-policy.c @@ -408,6 +408,25 @@ static void __init calculate_host_policy(void) p->platform_info.cpuid_faulting = cpu_has_cpuid_faulting; } +static void __init guest_common_max_feature_adjustments(uint32_t *fs) +{ + if ( boot_cpu_data.x86_vendor == X86_VENDOR_INTEL ) + { + /* + * MSR_ARCH_CAPS is just feature data, and we can offer it to guests + * unconditionally, although limit it to Intel systems as it is highly + * uarch-specific. + * + * In particular, the RSBA and RRSBA bits mean "you might migrate to a + * system where RSB underflow uses alternative predictors (a.k.a + * Retpoline not safe)", so these need to be visible to a guest in all + * cases, even when it's only some other server in the pool which + * suffers the identified behaviour. + */ + __set_bit(X86_FEATURE_ARCH_CAPS, fs); + } +} + static void __init guest_common_default_feature_adjustments(uint32_t *fs) { /* @@ -483,6 +502,7 @@ static void __init calculate_pv_max_policy(void) __clear_bit(X86_FEATURE_IBRS, fs); } + guest_common_max_feature_adjustments(fs); guest_common_feature_adjustments(fs); sanitise_featureset(fs); @@ -490,8 +510,6 @@ static void __init calculate_pv_max_policy(void) recalculate_xstate(p); p->extd.raw[0xa] = EMPTY_LEAF; /* No SVM for PV guests. */ - - p->arch_caps.raw = 0; /* Not supported yet. */ } static void __init calculate_pv_def_policy(void) @@ -598,6 +616,7 @@ static void __init calculate_hvm_max_policy(void) if ( !cpu_has_vmx ) __clear_bit(X86_FEATURE_PKS, fs); + guest_common_max_feature_adjustments(fs); guest_common_feature_adjustments(fs); sanitise_featureset(fs); @@ -606,8 +625,6 @@ static void __init calculate_hvm_max_policy(void) /* It's always possible to emulate CPUID faulting for HVM guests */ p->platform_info.cpuid_faulting = true; - - p->arch_caps.raw = 0; /* Not supported yet. */ } static void __init calculate_hvm_def_policy(void) @@ -828,7 +845,10 @@ void __init init_dom0_cpuid_policy(struct domain *d) * domain policy logic gains a better understanding of MSRs. */ if ( is_hardware_domain(d) && cpu_has_arch_caps ) + { p->feat.arch_caps = true; + p->arch_caps.raw = host_cpu_policy.arch_caps.raw; + } /* Apply dom0-cpuid= command line settings, if provided. */ if ( dom0_cpuid_cmdline ) @@ -858,20 +878,6 @@ void __init init_dom0_cpuid_policy(struct domain *d) p->platform_info.cpuid_faulting = false; recalculate_cpuid_policy(d); - - if ( is_hardware_domain(d) && cpu_has_arch_caps ) - { - uint64_t val; - - rdmsrl(MSR_ARCH_CAPABILITIES, val); - - p->arch_caps.raw = val & - (ARCH_CAPS_RDCL_NO | ARCH_CAPS_IBRS_ALL | ARCH_CAPS_RSBA | - ARCH_CAPS_SSB_NO | ARCH_CAPS_MDS_NO | ARCH_CAPS_IF_PSCHANGE_MC_NO | - ARCH_CAPS_TAA_NO | ARCH_CAPS_SBDR_SSDP_NO | ARCH_CAPS_FBSDP_NO | - ARCH_CAPS_PSDP_NO | ARCH_CAPS_FB_CLEAR | ARCH_CAPS_RRSBA | - ARCH_CAPS_BHI_NO | ARCH_CAPS_PBRSB_NO); - } } static void __init __maybe_unused build_assertions(void)