Re: [PATCH v5 4/5] KVM: VMX: Allow direct access to MSR_IA32_SPEC_CTRL

[KarimAllah Ahmed]

On 01/31/2018 11:52 PM, KarimAllah Ahmed wrote:
> On 01/31/2018 09:18 PM, Jim Mattson wrote:
> > On Wed, Jan 31, 2018 at 12:01 PM, KarimAllah Ahmed 
> > <karahmed@xxxxxxxxxx> wrote:
> >
> > > but save_spec_ctrl_on_exit is also set for L2 write. So once L2 writes
> > > to it, this condition will be true and then the bitmap will be updated.
> >
> > So if L1 or any L2 writes to the MSR, then save_spec_ctrl_on_exit is
> > set to true, even if the MSR permission bitmap for a particular VMCS
> > *doesn't* allow the MSR to be written without an intercept. That's
> > functionally correct, but inefficient. It seems to me that
> > save_spec_ctrl_on_exit should indicate whether or not the *current*
> > MSR permission bitmap allows unintercepted writes to IA32_SPEC_CTRL.
> > To that end, perhaps save_spec_ctrl_on_exit rightfully belongs in the
> > loaded_vmcs structure, alongside the msr_bitmap pointer that it is
> > associated with. For vmcs02, nested_vmx_merge_msr_bitmap() should set
> > the vmcs02 save_spec_ctrl_on_exit based on (a) whether L0 is willing
> > to yield the MSR to L1, and (b) whether L1 is willing to yield the MSR
> > to L2.
>
> I actually got rid of this save_spec_ctrl_on_exit variable and replaced
> it with another variable like the one suggested for IBPB. Just to avoid
> doing an expensive guest_cpuid_has. Now I peak instead in the MSR bitmap
> to figure out if this MSR was supposed to be intercepted or not. This
> test should provide a similar semantics to save_spec_ctrl_on_exit.
>
> Anyway, cleaning up/testing now and will post a new version.

I think this patch should address all your concerns.
Amazon Development Center Germany GmbH
Berlin - Dresden - Aachen
main office: Krausenstr. 38, 10117 Berlin
Geschaeftsfuehrer: Dr. Ralf Herbrich, Christian Schlaeger
Ust-ID: DE289237879
Eingetragen am Amtsgericht Charlottenburg HRB 149173 B