diff --git a/debian/patches/extra/0003-kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch b/debian/patches/extra/0003-kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch new file mode 100644 index 0000000..a1b80a9 --- /dev/null +++ b/debian/patches/extra/0003-kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch @@ -0,0 +1,146 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Robert Hoo +Date: Mon, 15 Oct 2018 12:47:23 +0800 +Subject: [PATCH 3/9] kvm: Add support to KVM_GET_MSR_FEATURE_INDEX_LIST and + KVM_GET_MSRS system ioctl + +Add kvm_get_supported_feature_msrs() to get supported MSR feature index list. +Add kvm_arch_get_supported_msr_feature() to get each MSR features value. + +Signed-off-by: Robert Hoo +Message-Id: <1539578845-37944-2-git-send-email-robert.hu@linux.intel.com> +Reviewed-by: Eduardo Habkost +Signed-off-by: Eduardo Habkost +--- + include/sysemu/kvm.h | 2 ++ + target/i386/kvm.c | 80 ++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 82 insertions(+) + +diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h +index 0b64b8e067..97d8d9d0d5 100644 +--- a/include/sysemu/kvm.h ++++ b/include/sysemu/kvm.h +@@ -463,6 +463,8 @@ int kvm_vm_check_extension(KVMState *s, unsigned int extension); + + uint32_t kvm_arch_get_supported_cpuid(KVMState *env, uint32_t function, + uint32_t index, int reg); ++uint32_t kvm_arch_get_supported_msr_feature(KVMState *s, uint32_t index); ++ + + void kvm_set_sigmask_len(KVMState *s, unsigned int sigmask_len); + +diff --git a/target/i386/kvm.c b/target/i386/kvm.c +index 9313602d3d..cd45c79169 100644 +--- a/target/i386/kvm.c ++++ b/target/i386/kvm.c +@@ -107,6 +107,7 @@ static int has_pit_state2; + static bool has_msr_mcg_ext_ctl; + + static struct kvm_cpuid2 *cpuid_cache; ++static struct kvm_msr_list *kvm_feature_msrs; + + int kvm_has_pit_state2(void) + { +@@ -420,6 +421,42 @@ uint32_t kvm_arch_get_supported_cpuid(KVMState *s, uint32_t function, + return ret; + } + ++uint32_t kvm_arch_get_supported_msr_feature(KVMState *s, uint32_t index) ++{ ++ struct { ++ struct kvm_msrs info; ++ struct kvm_msr_entry entries[1]; ++ } msr_data; ++ uint32_t ret; ++ ++ if (kvm_feature_msrs == NULL) { /* Host doesn't support feature MSRs */ ++ return 0; ++ } ++ ++ /* Check if requested MSR is supported feature MSR */ ++ int i; ++ for (i = 0; i < kvm_feature_msrs->nmsrs; i++) ++ if (kvm_feature_msrs->indices[i] == index) { ++ break; ++ } ++ if (i == kvm_feature_msrs->nmsrs) { ++ return 0; /* if the feature MSR is not supported, simply return 0 */ ++ } ++ ++ msr_data.info.nmsrs = 1; ++ msr_data.entries[0].index = index; ++ ++ ret = kvm_ioctl(s, KVM_GET_MSRS, &msr_data); ++ if (ret != 1) { ++ error_report("KVM get MSR (index=0x%x) feature failed, %s", ++ index, strerror(-ret)); ++ exit(1); ++ } ++ ++ return msr_data.entries[0].data; ++} ++ ++ + typedef struct HWPoisonPage { + ram_addr_t ram_addr; + QLIST_ENTRY(HWPoisonPage) list; +@@ -1239,6 +1276,47 @@ void kvm_arch_do_init_vcpu(X86CPU *cpu) + } + } + ++static int kvm_get_supported_feature_msrs(KVMState *s) ++{ ++ int ret = 0; ++ ++ if (kvm_feature_msrs != NULL) { ++ return 0; ++ } ++ ++ if (!kvm_check_extension(s, KVM_CAP_GET_MSR_FEATURES)) { ++ return 0; ++ } ++ ++ struct kvm_msr_list msr_list; ++ ++ msr_list.nmsrs = 0; ++ ret = kvm_ioctl(s, KVM_GET_MSR_FEATURE_INDEX_LIST, &msr_list); ++ if (ret < 0 && ret != -E2BIG) { ++ error_report("Fetch KVM feature MSR list failed: %s", ++ strerror(-ret)); ++ return ret; ++ } ++ ++ assert(msr_list.nmsrs > 0); ++ kvm_feature_msrs = (struct kvm_msr_list *) \ ++ g_malloc0(sizeof(msr_list) + ++ msr_list.nmsrs * sizeof(msr_list.indices[0])); ++ ++ kvm_feature_msrs->nmsrs = msr_list.nmsrs; ++ ret = kvm_ioctl(s, KVM_GET_MSR_FEATURE_INDEX_LIST, kvm_feature_msrs); ++ ++ if (ret < 0) { ++ error_report("Fetch KVM feature MSR list failed: %s", ++ strerror(-ret)); ++ g_free(kvm_feature_msrs); ++ kvm_feature_msrs = NULL; ++ return ret; ++ } ++ ++ return 0; ++} ++ + static int kvm_get_supported_msrs(KVMState *s) + { + static int kvm_supported_msrs; +@@ -1400,6 +1478,8 @@ int kvm_arch_init(MachineState *ms, KVMState *s) + return ret; + } + ++ kvm_get_supported_feature_msrs(s); ++ + uname(&utsname); + lm_capable_kernel = strcmp(utsname.machine, "x86_64") == 0; + +-- +2.20.1 + diff --git a/debian/patches/extra/0004-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch b/debian/patches/extra/0004-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch new file mode 100644 index 0000000..a41a203 --- /dev/null +++ b/debian/patches/extra/0004-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch @@ -0,0 +1,54 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Robert Hoo +Date: Thu, 5 Jul 2018 17:09:55 +0800 +Subject: [PATCH 4/9] i386: Add CPUID bit and feature words for + IA32_ARCH_CAPABILITIES MSR + +Support of IA32_PRED_CMD MSR already be enumerated by same CPUID bit as +SPEC_CTRL. + +At present, mark CPUID_7_0_EDX_ARCH_CAPABILITIES unmigratable, per Paolo's +comment. + +Signed-off-by: Robert Hoo +Message-Id: <1530781798-183214-3-git-send-email-robert.hu@linux.intel.com> +Signed-off-by: Eduardo Habkost +--- + target/i386/cpu.c | 3 ++- + target/i386/cpu.h | 1 + + 2 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 3ac627978f..1d74be02ce 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1006,12 +1006,13 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, "spec-ctrl", NULL, +- NULL, NULL, NULL, "ssbd", ++ NULL, "arch-capabilities", NULL, "ssbd", + }, + .cpuid_eax = 7, + .cpuid_needs_ecx = true, .cpuid_ecx = 0, + .cpuid_reg = R_EDX, + .tcg_features = TCG_7_0_EDX_FEATURES, ++ .unmigratable_flags = CPUID_7_0_EDX_ARCH_CAPABILITIES, + }, + [FEAT_8000_0007_EDX] = { + .feat_names = { +diff --git a/target/i386/cpu.h b/target/i386/cpu.h +index 93ede116d1..58ae637edc 100644 +--- a/target/i386/cpu.h ++++ b/target/i386/cpu.h +@@ -688,6 +688,7 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; + #define CPUID_7_0_EDX_AVX512_4VNNIW (1U << 2) /* AVX512 Neural Network Instructions */ + #define CPUID_7_0_EDX_AVX512_4FMAPS (1U << 3) /* AVX512 Multiply Accumulation Single Precision */ + #define CPUID_7_0_EDX_SPEC_CTRL (1U << 26) /* Speculation Control */ ++#define CPUID_7_0_EDX_ARCH_CAPABILITIES (1U << 29) /*Arch Capabilities*/ + #define CPUID_7_0_EDX_SPEC_CTRL_SSBD (1U << 31) /* Speculative Store Bypass Disable */ + + #define CPUID_8000_0008_EBX_IBPB (1U << 12) /* Indirect Branch Prediction Barrier */ +-- +2.20.1 + diff --git a/debian/patches/extra/0005-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch b/debian/patches/extra/0005-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch new file mode 100644 index 0000000..261f4a0 --- /dev/null +++ b/debian/patches/extra/0005-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Robert Hoo +Date: Thu, 5 Jul 2018 17:09:54 +0800 +Subject: [PATCH 5/9] i386: Add new MSR indices for IA32_PRED_CMD and + IA32_ARCH_CAPABILITIES + +IA32_PRED_CMD MSR gives software a way to issue commands that affect the state +of indirect branch predictors. Enumerated by CPUID.(EAX=7H,ECX=0):EDX[26]. +IA32_ARCH_CAPABILITIES MSR enumerates architectural features of RDCL_NO and +IBRS_ALL. Enumerated by CPUID.(EAX=07H, ECX=0):EDX[29]. + +https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf + +Signed-off-by: Robert Hoo +Message-Id: <1530781798-183214-2-git-send-email-robert.hu@linux.intel.com> +Signed-off-by: Eduardo Habkost +--- + target/i386/cpu.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/target/i386/cpu.h b/target/i386/cpu.h +index 58ae637edc..fb2f5f6ebc 100644 +--- a/target/i386/cpu.h ++++ b/target/i386/cpu.h +@@ -354,6 +354,8 @@ typedef enum X86Seg { + #define MSR_TSC_ADJUST 0x0000003b + #define MSR_IA32_SPEC_CTRL 0x48 + #define MSR_VIRT_SSBD 0xc001011f ++#define MSR_IA32_PRED_CMD 0x49 ++#define MSR_IA32_ARCH_CAPABILITIES 0x10a + #define MSR_IA32_TSCDEADLINE 0x6e0 + + #define FEATURE_CONTROL_LOCKED (1<<0) +-- +2.20.1 + diff --git a/debian/patches/extra/0006-x86-Data-structure-changes-to-support-MSR-based-feat.patch b/debian/patches/extra/0006-x86-Data-structure-changes-to-support-MSR-based-feat.patch new file mode 100644 index 0000000..278325c --- /dev/null +++ b/debian/patches/extra/0006-x86-Data-structure-changes-to-support-MSR-based-feat.patch @@ -0,0 +1,485 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Robert Hoo +Date: Mon, 15 Oct 2018 12:47:24 +0800 +Subject: [PATCH 6/9] x86: Data structure changes to support MSR based features + +Add FeatureWordType indicator in struct FeatureWordInfo. +Change feature_word_info[] accordingly. +Change existing functions that refer to feature_word_info[] accordingly. + +Signed-off-by: Robert Hoo +Message-Id: <1539578845-37944-3-git-send-email-robert.hu@linux.intel.com> +[ehabkost: fixed hvf_enabled() case] +Signed-off-by: Eduardo Habkost +--- + target/i386/cpu.c | 197 +++++++++++++++++++++++++++++++++------------- + 1 file changed, 142 insertions(+), 55 deletions(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 1d74be02ce..d2985144a3 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -770,17 +770,36 @@ static void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1, + /* missing: + CPUID_XSAVE_XSAVEC, CPUID_XSAVE_XSAVES */ + ++typedef enum FeatureWordType { ++ CPUID_FEATURE_WORD, ++ MSR_FEATURE_WORD, ++} FeatureWordType; ++ + typedef struct FeatureWordInfo { ++ FeatureWordType type; + /* feature flags names are taken from "Intel Processor Identification and + * the CPUID Instruction" and AMD's "CPUID Specification". + * In cases of disagreement between feature naming conventions, + * aliases may be added. + */ + const char *feat_names[32]; +- uint32_t cpuid_eax; /* Input EAX for CPUID */ +- bool cpuid_needs_ecx; /* CPUID instruction uses ECX as input */ +- uint32_t cpuid_ecx; /* Input ECX value for CPUID */ +- int cpuid_reg; /* output register (R_* constant) */ ++ union { ++ /* If type==CPUID_FEATURE_WORD */ ++ struct { ++ uint32_t eax; /* Input EAX for CPUID */ ++ bool needs_ecx; /* CPUID instruction uses ECX as input */ ++ uint32_t ecx; /* Input ECX value for CPUID */ ++ int reg; /* output register (R_* constant) */ ++ } cpuid; ++ /* If type==MSR_FEATURE_WORD */ ++ struct { ++ uint32_t index; ++ struct { /*CPUID that enumerate this MSR*/ ++ FeatureWord cpuid_class; ++ uint32_t cpuid_flag; ++ } cpuid_dep; ++ } msr; ++ }; + uint32_t tcg_features; /* Feature flags supported by TCG */ + uint32_t unmigratable_flags; /* Feature flags known to be unmigratable */ + uint32_t migratable_flags; /* Feature flags known to be migratable */ +@@ -790,6 +809,7 @@ typedef struct FeatureWordInfo { + + static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + [FEAT_1_EDX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "fpu", "vme", "de", "pse", + "tsc", "msr", "pae", "mce", +@@ -800,10 +820,11 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + "fxsr", "sse", "sse2", "ss", + "ht" /* Intel htt */, "tm", "ia64", "pbe", + }, +- .cpuid_eax = 1, .cpuid_reg = R_EDX, ++ .cpuid = {.eax = 1, .reg = R_EDX, }, + .tcg_features = TCG_FEATURES, + }, + [FEAT_1_ECX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "pni" /* Intel,AMD sse3 */, "pclmulqdq", "dtes64", "monitor", + "ds-cpl", "vmx", "smx", "est", +@@ -814,7 +835,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + "tsc-deadline", "aes", "xsave", NULL /* osxsave */, + "avx", "f16c", "rdrand", "hypervisor", + }, +- .cpuid_eax = 1, .cpuid_reg = R_ECX, ++ .cpuid = { .eax = 1, .reg = R_ECX, }, + .tcg_features = TCG_EXT_FEATURES, + }, + /* Feature names that are already defined on feature_name[] but +@@ -823,6 +844,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + * to features[FEAT_8000_0001_EDX] if and only if CPU vendor is AMD. + */ + [FEAT_8000_0001_EDX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL /* fpu */, NULL /* vme */, NULL /* de */, NULL /* pse */, + NULL /* tsc */, NULL /* msr */, NULL /* pae */, NULL /* mce */, +@@ -833,10 +855,11 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL /* fxsr */, "fxsr-opt", "pdpe1gb", "rdtscp", + NULL, "lm", "3dnowext", "3dnow", + }, +- .cpuid_eax = 0x80000001, .cpuid_reg = R_EDX, ++ .cpuid = { .eax = 0x80000001, .reg = R_EDX, }, + .tcg_features = TCG_EXT2_FEATURES, + }, + [FEAT_8000_0001_ECX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "lahf-lm", "cmp-legacy", "svm", "extapic", + "cr8legacy", "abm", "sse4a", "misalignsse", +@@ -847,7 +870,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + "perfctr-nb", NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0x80000001, .cpuid_reg = R_ECX, ++ .cpuid = { .eax = 0x80000001, .reg = R_ECX, }, + .tcg_features = TCG_EXT3_FEATURES, + /* + * TOPOEXT is always allowed but can't be enabled blindly by +@@ -857,6 +880,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .no_autoenable_flags = CPUID_EXT3_TOPOEXT, + }, + [FEAT_C000_0001_EDX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL, NULL, "xstore", "xstore-en", + NULL, NULL, "xcrypt", "xcrypt-en", +@@ -867,10 +891,11 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0xC0000001, .cpuid_reg = R_EDX, ++ .cpuid = { .eax = 0xC0000001, .reg = R_EDX, }, + .tcg_features = TCG_EXT4_FEATURES, + }, + [FEAT_KVM] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "kvmclock", "kvm-nopiodelay", "kvm-mmu", "kvmclock", + "kvm-asyncpf", "kvm-steal-time", "kvm-pv-eoi", "kvm-pv-unhalt", +@@ -881,10 +906,11 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + "kvmclock-stable-bit", NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = KVM_CPUID_FEATURES, .cpuid_reg = R_EAX, ++ .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EAX, }, + .tcg_features = TCG_KVM_FEATURES, + }, + [FEAT_KVM_HINTS] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "kvm-hint-dedicated", NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +@@ -895,7 +921,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = KVM_CPUID_FEATURES, .cpuid_reg = R_EDX, ++ .cpuid = { .eax = KVM_CPUID_FEATURES, .reg = R_EDX, }, + .tcg_features = TCG_KVM_FEATURES, + /* + * KVM hints aren't auto-enabled by -cpu host, they need to be +@@ -904,6 +930,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .no_autoenable_flags = ~0U, + }, + [FEAT_HYPERV_EAX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL /* hv_msr_vp_runtime_access */, NULL /* hv_msr_time_refcount_access */, + NULL /* hv_msr_synic_access */, NULL /* hv_msr_stimer_access */, +@@ -918,9 +945,10 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0x40000003, .cpuid_reg = R_EAX, ++ .cpuid = { .eax = 0x40000003, .reg = R_EAX, }, + }, + [FEAT_HYPERV_EBX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL /* hv_create_partitions */, NULL /* hv_access_partition_id */, + NULL /* hv_access_memory_pool */, NULL /* hv_adjust_message_buffers */, +@@ -934,9 +962,10 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0x40000003, .cpuid_reg = R_EBX, ++ .cpuid = { .eax = 0x40000003, .reg = R_EBX, }, + }, + [FEAT_HYPERV_EDX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL /* hv_mwait */, NULL /* hv_guest_debugging */, + NULL /* hv_perf_monitor */, NULL /* hv_cpu_dynamic_part */, +@@ -949,9 +978,10 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0x40000003, .cpuid_reg = R_EDX, ++ .cpuid = { .eax = 0x40000003, .reg = R_EDX, }, + }, + [FEAT_SVM] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "npt", "lbrv", "svm-lock", "nrip-save", + "tsc-scale", "vmcb-clean", "flushbyasid", "decodeassists", +@@ -962,10 +992,11 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0x8000000A, .cpuid_reg = R_EDX, ++ .cpuid = { .eax = 0x8000000A, .reg = R_EDX, }, + .tcg_features = TCG_SVM_FEATURES, + }, + [FEAT_7_0_EBX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "fsgsbase", "tsc-adjust", NULL, "bmi1", + "hle", "avx2", NULL, "smep", +@@ -976,12 +1007,15 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + "clwb", "intel-pt", "avx512pf", "avx512er", + "avx512cd", "sha-ni", "avx512bw", "avx512vl", + }, +- .cpuid_eax = 7, +- .cpuid_needs_ecx = true, .cpuid_ecx = 0, +- .cpuid_reg = R_EBX, ++ .cpuid = { ++ .eax = 7, ++ .needs_ecx = true, .ecx = 0, ++ .reg = R_EBX, ++ }, + .tcg_features = TCG_7_0_EBX_FEATURES, + }, + [FEAT_7_0_ECX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL, "avx512vbmi", "umip", "pku", + NULL /* ospke */, NULL, "avx512vbmi2", NULL, +@@ -992,12 +1026,15 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, "cldemote", NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 7, +- .cpuid_needs_ecx = true, .cpuid_ecx = 0, +- .cpuid_reg = R_ECX, ++ .cpuid = { ++ .eax = 7, ++ .needs_ecx = true, .ecx = 0, ++ .reg = R_ECX, ++ }, + .tcg_features = TCG_7_0_ECX_FEATURES, + }, + [FEAT_7_0_EDX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL, NULL, "avx512-4vnniw", "avx512-4fmaps", + NULL, NULL, NULL, NULL, +@@ -1008,13 +1045,16 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, "spec-ctrl", NULL, + NULL, "arch-capabilities", NULL, "ssbd", + }, +- .cpuid_eax = 7, +- .cpuid_needs_ecx = true, .cpuid_ecx = 0, +- .cpuid_reg = R_EDX, ++ .cpuid = { ++ .eax = 7, ++ .needs_ecx = true, .ecx = 0, ++ .reg = R_EDX, ++ }, + .tcg_features = TCG_7_0_EDX_FEATURES, + .unmigratable_flags = CPUID_7_0_EDX_ARCH_CAPABILITIES, + }, + [FEAT_8000_0007_EDX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +@@ -1025,12 +1065,12 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0x80000007, +- .cpuid_reg = R_EDX, ++ .cpuid = { .eax = 0x80000007, .reg = R_EDX, }, + .tcg_features = TCG_APM_FEATURES, + .unmigratable_flags = CPUID_APM_INVTSC, + }, + [FEAT_8000_0008_EBX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +@@ -1041,12 +1081,12 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + "amd-ssbd", "virt-ssbd", "amd-no-ssb", NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0x80000008, +- .cpuid_reg = R_EBX, ++ .cpuid = { .eax = 0x80000008, .reg = R_EBX, }, + .tcg_features = 0, + .unmigratable_flags = 0, + }, + [FEAT_XSAVE] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + "xsaveopt", "xsavec", "xgetbv1", "xsaves", + NULL, NULL, NULL, NULL, +@@ -1057,12 +1097,15 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 0xd, +- .cpuid_needs_ecx = true, .cpuid_ecx = 1, +- .cpuid_reg = R_EAX, ++ .cpuid = { ++ .eax = 0xd, ++ .needs_ecx = true, .ecx = 1, ++ .reg = R_EAX, ++ }, + .tcg_features = TCG_XSAVE_FEATURES, + }, + [FEAT_6_EAX] = { ++ .type = CPUID_FEATURE_WORD, + .feat_names = { + NULL, NULL, "arat", NULL, + NULL, NULL, NULL, NULL, +@@ -1073,13 +1116,16 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + }, +- .cpuid_eax = 6, .cpuid_reg = R_EAX, ++ .cpuid = { .eax = 6, .reg = R_EAX, }, + .tcg_features = TCG_6_EAX_FEATURES, + }, + [FEAT_XSAVE_COMP_LO] = { +- .cpuid_eax = 0xD, +- .cpuid_needs_ecx = true, .cpuid_ecx = 0, +- .cpuid_reg = R_EAX, ++ .type = CPUID_FEATURE_WORD, ++ .cpuid = { ++ .eax = 0xD, ++ .needs_ecx = true, .ecx = 0, ++ .reg = R_EAX, ++ }, + .tcg_features = ~0U, + .migratable_flags = XSTATE_FP_MASK | XSTATE_SSE_MASK | + XSTATE_YMM_MASK | XSTATE_BNDREGS_MASK | XSTATE_BNDCSR_MASK | +@@ -1087,9 +1133,12 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + XSTATE_PKRU_MASK, + }, + [FEAT_XSAVE_COMP_HI] = { +- .cpuid_eax = 0xD, +- .cpuid_needs_ecx = true, .cpuid_ecx = 0, +- .cpuid_reg = R_EDX, ++ .type = CPUID_FEATURE_WORD, ++ .cpuid = { ++ .eax = 0xD, ++ .needs_ecx = true, .ecx = 0, ++ .reg = R_EDX, ++ }, + .tcg_features = ~0U, + }, + }; +@@ -2860,21 +2909,41 @@ static const TypeInfo host_x86_cpu_type_info = { + + #endif + ++static char *feature_word_description(FeatureWordInfo *f, uint32_t bit) ++{ ++ assert(f->type == CPUID_FEATURE_WORD || f->type == MSR_FEATURE_WORD); ++ ++ switch (f->type) { ++ case CPUID_FEATURE_WORD: ++ { ++ const char *reg = get_register_name_32(f->cpuid.reg); ++ assert(reg); ++ return g_strdup_printf("CPUID.%02XH:%s", ++ f->cpuid.eax, reg); ++ } ++ case MSR_FEATURE_WORD: ++ return g_strdup_printf("MSR(%02XH)", ++ f->msr.index); ++ } ++ ++ return NULL; ++} ++ + static void report_unavailable_features(FeatureWord w, uint32_t mask) + { + FeatureWordInfo *f = &feature_word_info[w]; + int i; ++ char *feat_word_str; + + for (i = 0; i < 32; ++i) { + if ((1UL << i) & mask) { +- const char *reg = get_register_name_32(f->cpuid_reg); +- assert(reg); +- warn_report("%s doesn't support requested feature: " +- "CPUID.%02XH:%s%s%s [bit %d]", ++ feat_word_str = feature_word_description(f, i); ++ warn_report("%s doesn't support requested feature: %s%s%s [bit %d]", + accel_uses_host_cpuid() ? "host" : "TCG", +- f->cpuid_eax, reg, ++ feat_word_str, + f->feat_names[i] ? "." : "", + f->feat_names[i] ? f->feat_names[i] : "", i); ++ g_free(feat_word_str); + } + } + } +@@ -3118,11 +3187,18 @@ static void x86_cpu_get_feature_words(Object *obj, Visitor *v, + + for (w = 0; w < FEATURE_WORDS; w++) { + FeatureWordInfo *wi = &feature_word_info[w]; ++ /* ++ * We didn't have MSR features when "feature-words" was ++ * introduced. Therefore skipped other type entries. ++ */ ++ if (wi->type != CPUID_FEATURE_WORD) { ++ continue; ++ } + X86CPUFeatureWordInfo *qwi = &word_infos[w]; +- qwi->cpuid_input_eax = wi->cpuid_eax; +- qwi->has_cpuid_input_ecx = wi->cpuid_needs_ecx; +- qwi->cpuid_input_ecx = wi->cpuid_ecx; +- qwi->cpuid_register = x86_reg_info_32[wi->cpuid_reg].qapi_enum; ++ qwi->cpuid_input_eax = wi->cpuid.eax; ++ qwi->has_cpuid_input_ecx = wi->cpuid.needs_ecx; ++ qwi->cpuid_input_ecx = wi->cpuid.ecx; ++ qwi->cpuid_register = x86_reg_info_32[wi->cpuid.reg].qapi_enum; + qwi->features = array[w]; + + /* List will be in reverse order, but order shouldn't matter */ +@@ -3495,16 +3571,26 @@ static uint32_t x86_cpu_get_supported_feature_word(FeatureWord w, + bool migratable_only) + { + FeatureWordInfo *wi = &feature_word_info[w]; +- uint32_t r; ++ uint32_t r = 0; + + if (kvm_enabled()) { +- r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid_eax, +- wi->cpuid_ecx, +- wi->cpuid_reg); ++ switch (wi->type) { ++ case CPUID_FEATURE_WORD: ++ r = kvm_arch_get_supported_cpuid(kvm_state, wi->cpuid.eax, ++ wi->cpuid.ecx, ++ wi->cpuid.reg); ++ break; ++ case MSR_FEATURE_WORD: ++ r = kvm_arch_get_supported_msr_feature(kvm_state, wi->msr.index); ++ break; ++ } + } else if (hvf_enabled()) { +- r = hvf_get_supported_cpuid(wi->cpuid_eax, +- wi->cpuid_ecx, +- wi->cpuid_reg); ++ if (wi->type != CPUID_FEATURE_WORD) { ++ return 0; ++ } ++ r = hvf_get_supported_cpuid(wi->cpuid.eax, ++ wi->cpuid.ecx, ++ wi->cpuid.reg); + } else if (tcg_enabled()) { + r = wi->tcg_features; + } else { +@@ -4568,9 +4654,10 @@ static void x86_cpu_adjust_feat_level(X86CPU *cpu, FeatureWord w) + { + CPUX86State *env = &cpu->env; + FeatureWordInfo *fi = &feature_word_info[w]; +- uint32_t eax = fi->cpuid_eax; ++ uint32_t eax = fi->cpuid.eax; + uint32_t region = eax & 0xF0000000; + ++ assert(feature_word_info[w].type == CPUID_FEATURE_WORD); + if (!env->features[w]) { + return; + } +-- +2.20.1 + diff --git a/debian/patches/extra/0007-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch b/debian/patches/extra/0007-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch new file mode 100644 index 0000000..32365cd --- /dev/null +++ b/debian/patches/extra/0007-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch @@ -0,0 +1,113 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Robert Hoo +Date: Mon, 15 Oct 2018 12:47:25 +0800 +Subject: [PATCH 7/9] x86: define a new MSR based feature word -- + FEATURE_WORDS_ARCH_CAPABILITIES + +Note RSBA is specially treated -- no matter host support it or not, qemu +pretends it is supported. + +Signed-off-by: Robert Hoo +Message-Id: <1539578845-37944-4-git-send-email-robert.hu@linux.intel.com> +[ehabkost: removed automatic enabling of RSBA] +Reviewed-by: Eduardo Habkost +Signed-off-by: Eduardo Habkost +--- + target/i386/cpu.c | 24 +++++++++++++++++++++++- + target/i386/cpu.h | 8 ++++++++ + target/i386/kvm.c | 11 +++++++++++ + 3 files changed, 42 insertions(+), 1 deletion(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index d2985144a3..a64aa8793e 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1141,6 +1141,27 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + }, + .tcg_features = ~0U, + }, ++ /*Below are MSR exposed features*/ ++ [FEAT_ARCH_CAPABILITIES] = { ++ .type = MSR_FEATURE_WORD, ++ .feat_names = { ++ "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry", ++ "ssb-no", NULL, NULL, NULL, ++ NULL, NULL, NULL, NULL, ++ NULL, NULL, NULL, NULL, ++ NULL, NULL, NULL, NULL, ++ NULL, NULL, NULL, NULL, ++ NULL, NULL, NULL, NULL, ++ NULL, NULL, NULL, NULL, ++ }, ++ .msr = { ++ .index = MSR_IA32_ARCH_CAPABILITIES, ++ .cpuid_dep = { ++ FEAT_7_0_EDX, ++ CPUID_7_0_EDX_ARCH_CAPABILITIES ++ } ++ }, ++ }, + }; + + typedef struct X86RegisterInfo32 { +@@ -3581,7 +3602,8 @@ static uint32_t x86_cpu_get_supported_feature_word(FeatureWord w, + wi->cpuid.reg); + break; + case MSR_FEATURE_WORD: +- r = kvm_arch_get_supported_msr_feature(kvm_state, wi->msr.index); ++ r = kvm_arch_get_supported_msr_feature(kvm_state, ++ wi->msr.index); + break; + } + } else if (hvf_enabled()) { +diff --git a/target/i386/cpu.h b/target/i386/cpu.h +index fb2f5f6ebc..ae54a98249 100644 +--- a/target/i386/cpu.h ++++ b/target/i386/cpu.h +@@ -502,6 +502,7 @@ typedef enum FeatureWord { + FEAT_6_EAX, /* CPUID[6].EAX */ + FEAT_XSAVE_COMP_LO, /* CPUID[EAX=0xd,ECX=0].EAX */ + FEAT_XSAVE_COMP_HI, /* CPUID[EAX=0xd,ECX=0].EDX */ ++ FEAT_ARCH_CAPABILITIES, + FEATURE_WORDS, + } FeatureWord; + +@@ -727,6 +728,13 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; + #define CPUID_TOPOLOGY_LEVEL_SMT (1U << 8) + #define CPUID_TOPOLOGY_LEVEL_CORE (2U << 8) + ++/* MSR Feature Bits */ ++#define MSR_ARCH_CAP_RDCL_NO (1U << 0) ++#define MSR_ARCH_CAP_IBRS_ALL (1U << 1) ++#define MSR_ARCH_CAP_RSBA (1U << 2) ++#define MSR_ARCH_CAP_SKIP_L1DFL_VMENTRY (1U << 3) ++#define MSR_ARCH_CAP_SSB_NO (1U << 4) ++ + #ifndef HYPERV_SPINLOCK_NEVER_RETRY + #define HYPERV_SPINLOCK_NEVER_RETRY 0xFFFFFFFF + #endif +diff --git a/target/i386/kvm.c b/target/i386/kvm.c +index cd45c79169..0b7fcb4f7f 100644 +--- a/target/i386/kvm.c ++++ b/target/i386/kvm.c +@@ -1936,6 +1936,17 @@ static int kvm_put_msrs(X86CPU *cpu, int level) + } + #endif + ++ /* If host supports feature MSR, write down. */ ++ if (kvm_feature_msrs) { ++ int i; ++ for (i = 0; i < kvm_feature_msrs->nmsrs; i++) ++ if (kvm_feature_msrs->indices[i] == MSR_IA32_ARCH_CAPABILITIES) { ++ kvm_msr_entry_add(cpu, MSR_IA32_ARCH_CAPABILITIES, ++ env->features[FEAT_ARCH_CAPABILITIES]); ++ break; ++ } ++ } ++ + /* + * The following MSRs have side effects on the guest or are too heavy + * for normal writeback. Limit them to reset or full state updates. +-- +2.20.1 + diff --git a/debian/patches/extra/0008-target-i386-add-MDS-NO-feature.patch b/debian/patches/extra/0008-target-i386-add-MDS-NO-feature.patch new file mode 100644 index 0000000..6da1947 --- /dev/null +++ b/debian/patches/extra/0008-target-i386-add-MDS-NO-feature.patch @@ -0,0 +1,36 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Thu, 16 May 2019 20:53:20 +0200 +Subject: [PATCH 8/9] target/i386: add MDS-NO feature + +Microarchitectural Data Sampling is a hardware vulnerability which allows +unprivileged speculative access to data which is available in various CPU +internal buffers. + +Some Intel processors use the ARCH_CAP_MDS_NO bit in the +IA32_ARCH_CAPABILITIES +MSR to report that they are not vulnerable, make it available to guests. + +Signed-off-by: Paolo Bonzini +Message-Id: <20190516185320.28340-1-pbonzini@redhat.com> +Signed-off-by: Eduardo Habkost +--- + target/i386/cpu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index a64aa8793e..02b64f730c 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1146,7 +1146,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .type = MSR_FEATURE_WORD, + .feat_names = { + "rdctl-no", "ibrs-all", "rsba", "skip-l1dfl-vmentry", +- "ssb-no", NULL, NULL, NULL, ++ "ssb-no", "mds-no", NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +-- +2.20.1 + diff --git a/debian/patches/extra/0009-target-i386-define-md-clear-bit.patch b/debian/patches/extra/0009-target-i386-define-md-clear-bit.patch new file mode 100644 index 0000000..445a6f6 --- /dev/null +++ b/debian/patches/extra/0009-target-i386-define-md-clear-bit.patch @@ -0,0 +1,32 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini +Date: Wed, 15 May 2019 15:10:10 +0100 +Subject: [PATCH 9/9] target/i386: define md-clear bit + +md-clear is a new CPUID bit which is set when microcode provides the +mechanism to invoke a flush of various exploitable CPU buffers by invoking +the VERW instruction. + +Signed-off-by: Paolo Bonzini +Message-Id: <20190515141011.5315-2-berrange@redhat.com> +Signed-off-by: Eduardo Habkost +--- + target/i386/cpu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/target/i386/cpu.c b/target/i386/cpu.c +index 02b64f730c..5ddcd72c9c 100644 +--- a/target/i386/cpu.c ++++ b/target/i386/cpu.c +@@ -1038,7 +1038,7 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { + .feat_names = { + NULL, NULL, "avx512-4vnniw", "avx512-4fmaps", + NULL, NULL, NULL, NULL, +- NULL, NULL, NULL, NULL, ++ NULL, NULL, "md-clear", NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, +-- +2.20.1 + diff --git a/debian/patches/series b/debian/patches/series index 91171f9..f3e6c45 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -28,3 +28,10 @@ pve/0027-PVE-Config-Revert-target-i386-disable-LINT0-after-re.patch pve/0028-PVE-Up-Config-file-posix-make-locking-optiono-on-cre.patch extra/0001-monitor-guard-iothread-access-by-mon-use_io_thread.patch extra/0002-monitor-delay-monitor-iothread-creation.patch +extra/0003-kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch +extra/0004-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch +extra/0005-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch +extra/0006-x86-Data-structure-changes-to-support-MSR-based-feat.patch +extra/0007-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch +extra/0008-target-i386-add-MDS-NO-feature.patch +extra/0009-target-i386-define-md-clear-bit.patch