Re: [PATCH v7 22/26] KVM: VMX: Set up interception for CET MSRs

From: Yang, Weijiang
Date: Fri Dec 01 2023 - 04:46:17 EST

Next message: Tomi Valkeinen: "Re: [PATCH v3] drm: omapdrm: Improve check for contiguous buffers"
Previous message: Bartosz Golaszewski: "Re: [PATCH v3] gpiolib: sysfs: Fix error handling on failed export"
In reply to: Maxim Levitsky: "Re: [PATCH v7 22/26] KVM: VMX: Set up interception for CET MSRs"
Next in thread: Maxim Levitsky: "Re: [PATCH v7 22/26] KVM: VMX: Set up interception for CET MSRs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/1/2023 1:44 AM, Maxim Levitsky wrote:

On Fri, 2023-11-24 at 00:53 -0500, Yang Weijiang wrote:

Enable/disable CET MSRs interception per associated feature configuration.
Shadow Stack feature requires all CET MSRs passed through to guest to make
it supported in user and supervisor mode while IBT feature only depends on
MSR_IA32_{U,S}_CETS_CET to enable user and supervisor IBT.

Note, this MSR design introduced an architectural limitation of SHSTK and
IBT control for guest, i.e., when SHSTK is exposed, IBT is also available
to guest from architectual perspective since IBT relies on subset of SHSTK
relevant MSRs.

Signed-off-by: Yang Weijiang <weijiang.yang@xxxxxxxxx>
---
arch/x86/kvm/vmx/vmx.c | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)

diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 554f665e59c3..e484333eddb0 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -699,6 +699,10 @@ static bool is_valid_passthrough_msr(u32 msr)
case MSR_LBR_CORE_TO ... MSR_LBR_CORE_TO + 8:
/* LBR MSRs. These are handled in vmx_update_intercept_for_lbr_msrs() */
return true;
+ case MSR_IA32_U_CET:
+ case MSR_IA32_S_CET:
+ case MSR_IA32_PL0_SSP ... MSR_IA32_INT_SSP_TAB:
+ return true;
}
r = possible_passthrough_msr_slot(msr) != -ENOENT;
@@ -7766,6 +7770,42 @@ static void update_intel_pt_cfg(struct kvm_vcpu *vcpu)
vmx->pt_desc.ctl_bitmask &= ~(0xfULL << (32 + i * 4));
}
+static void vmx_update_intercept_for_cet_msr(struct kvm_vcpu *vcpu)
+{
+ bool incpt;
+
+ if (kvm_cpu_cap_has(X86_FEATURE_SHSTK)) {
+ incpt = !guest_cpuid_has(vcpu, X86_FEATURE_SHSTK);
+
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_U_CET,
+ MSR_TYPE_RW, incpt);
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_S_CET,
+ MSR_TYPE_RW, incpt);
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL0_SSP,
+ MSR_TYPE_RW, incpt);
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL1_SSP,
+ MSR_TYPE_RW, incpt);
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL2_SSP,
+ MSR_TYPE_RW, incpt);
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_PL3_SSP,
+ MSR_TYPE_RW, incpt);
+ if (guest_cpuid_has(vcpu, X86_FEATURE_LM))
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_INT_SSP_TAB,
+ MSR_TYPE_RW, incpt);
+ if (!incpt)
+ return;
+ }
+
+ if (kvm_cpu_cap_has(X86_FEATURE_IBT)) {
+ incpt = !guest_cpuid_has(vcpu, X86_FEATURE_IBT);
+
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_U_CET,
+ MSR_TYPE_RW, incpt);
+ vmx_set_intercept_for_msr(vcpu, MSR_IA32_S_CET,
+ MSR_TYPE_RW, incpt);
+ }
+}
+
static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu)
{
struct vcpu_vmx *vmx = to_vmx(vcpu);
@@ -7843,6 +7883,8 @@ static void vmx_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu)
/* Refresh #PF interception to account for MAXPHYADDR changes. */
vmx_update_exception_bitmap(vcpu);
+
+ vmx_update_intercept_for_cet_msr(vcpu);
}
static u64 vmx_get_perf_capabilities(void)
My review feedback from the previous patch still applies as well,

I still think that we should either try a best effort approach to plug
this virtualization hole, or we at least should fail guest creation
if the virtualization hole is present as I said:

"Another, much simpler option is to fail the guest creation if the shadow stack + indirect branch tracking
state differs between host and the guest, unless both are disabled in the guest.
(in essence don't let the guest be created if (2) or (3) happen)"

Please at least tell me what do you think about this.

Oh, I thought I had replied this patch in v6 but I failed to send it out!
Let me explain it a bit, at early stage of this series, I thought of checking relevant host
feature enabling status before exposing guest CET features, but it's proved
unnecessary and user unfriendly.

E.g., we frequently disable host CET features due to whatever reasons on host, then
the features cannot be used/tested in guest at all. Technically, guest should be allowed
to run the features so long as the dependencies(i.e., xsave related support) are enabled
on host and there're no risks brought up by using of the features in guest.

I think cloud-computing should share the similar pain point when deploy CET into virtualization
usages.

Next message: Tomi Valkeinen: "Re: [PATCH v3] drm: omapdrm: Improve check for contiguous buffers"
Previous message: Bartosz Golaszewski: "Re: [PATCH v3] gpiolib: sysfs: Fix error handling on failed export"
In reply to: Maxim Levitsky: "Re: [PATCH v7 22/26] KVM: VMX: Set up interception for CET MSRs"
Next in thread: Maxim Levitsky: "Re: [PATCH v7 22/26] KVM: VMX: Set up interception for CET MSRs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]