Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

From: Jim Mattson
Date: Wed Jan 31 2018 - 15:18:49 EST

Next message: Anders Roxell: "[PATCHv2] arch/arm/Kconfig: default ARM_MODULE_PLTS to 'y'"
Previous message: James Bottomley: "Re: [GIT PULL] first round of SCSI updates for the 4.14+ merge window"
In reply to: KarimAllah Ahmed: "Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL"
Next in thread: David Woodhouse: "Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 31, 2018 at 12:01 PM, KarimAllah Ahmed <karahmed@xxxxxxxxxx> wrote:

> but save_spec_ctrl_on_exit is also set for L2 write. So once L2 writes
> to it, this condition will be true and then the bitmap will be updated.

So if L1 or any L2 writes to the MSR, then save_spec_ctrl_on_exit is
set to true, even if the MSR permission bitmap for a particular VMCS
*doesn't* allow the MSR to be written without an intercept. That's
functionally correct, but inefficient. It seems to me that
save_spec_ctrl_on_exit should indicate whether or not the *current*
MSR permission bitmap allows unintercepted writes to IA32_SPEC_CTRL.
To that end, perhaps save_spec_ctrl_on_exit rightfully belongs in the
loaded_vmcs structure, alongside the msr_bitmap pointer that it is
associated with. For vmcs02, nested_vmx_merge_msr_bitmap() should set
the vmcs02 save_spec_ctrl_on_exit based on (a) whether L0 is willing
to yield the MSR to L1, and (b) whether L1 is willing to yield the MSR
to L2.

Next message: Anders Roxell: "[PATCHv2] arch/arm/Kconfig: default ARM_MODULE_PLTS to 'y'"
Previous message: James Bottomley: "Re: [GIT PULL] first round of SCSI updates for the 4.14+ merge window"
In reply to: KarimAllah Ahmed: "Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL"
Next in thread: David Woodhouse: "Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]