WORKING This is a comment summarising a bit the statement of work in this bug: Bellow are the commits (and the merge requests they came from) that I could identify by the previous comments. Judging by the selected commits, the intent is to allow MSR supportability to be queried by guest through CPUID MSR query emulation <-> kvm ioctls interface. Every feature to be reported has to have its MSR declared for the CPU type to be used AND the kvm ioctl backend + kernel support (to query the actual hardware). (1) Request is to allow the following features to be reported by QEMU/KVM: CPUID.(EAX=7H,ECX=0):EDX[26] (Enable/Disable IBRS/IBPB feature flag): Enumerates support for indirect branch restricted speculation (IBRS) and the indirect branch predictor barrier (IBPB). Processors that set this bit support the IA32_SPEC_CTRL MSR and the IA32_PRED_CMD MSR. They allow software to set IA32_SPEC_CTRL[0] (IBRS) and IA32_PRED_CMD[0] (IBPB). and CPUID.(EAX=7H,ECX=0):EDX[29] (IA32_ARCH_CAPABILITIES feature flag) Enumerates support for the IA32_ARCH_CAPABILITIES MSR, allowing MSR index 10AH to be read: - (bit 0) RDCL_NO: not susceptible to rogue data cache - (bit 1) IBRS_ALL: processor supports IBRS - (bit 2) RSBA: processor supports RSB alternate (retpol off) - (bit 3) SKIP_L1DFL_VMENTRY: vm entry don't flush L1D on VM entry - (bit 4) SSB_NO: processor not susceptible to spec store bypass (2) There is *no current request* to allow following features to be reported by EAX_7H_ECX_0_EDX QEMU/KVM right now: * CPUID.(EAX=7H,ECX=0):EDX[27] STIBP support flag. * CPUID.(EAX=7H,ECX=0):EDX[28] L1D_FLUSH support flag. * CPUID.(EAX=7H,ECX=0):EDX[31] SSBD support flag. OBS: I haven't checked patch dependencies yet, not sure if more patches are needed yet, just realized that SSBD support flag wasn't being asked to be backported (nor present in 2.11 version, Bionic version which we are targetting this to). That explains the small "statement of work" above. For now the request was fully understood: I'll work tomorrow in a backport attempt to check if big pieces in between 2.11 and something around the v3.0.0-152-g8c80c99fcc .. v4.0.0-rc0-2-g014018e19b range are missing that would require a major refactoring that would not be possible to be done. (3) Possible points of pain: - arch_capabilities unmigratable flag inside cpu data structure (while CPUID was being developed) turned later on into migratable later. - data structure changes to support MSR based features. QEMU: ######## MERGE REQUEST 21ee4787e53367590f284915bf4c30c684e65bdf 174a78a8a5c0cf421236fe14efc5559717f050df bb4928c7cafe50ab2137a0034e350ef1bfa044d9 014018e19b3c54dd1bf5072bc912ceffea40abe8 + 485b1d256bcb0874bcde0223727c159b6837e6f8 + commit 014018e19b3c54dd1bf5072bc912ceffea40abe8 - v4.0.0-rc0-2-g014018e19b Author: Eduardo Habkost Date: Fri Jan 25 20:06:06 2019 i386: Make arch_capabilities migratable Now that kvm_arch_get_supported_cpuid() will only return arch_capabilities if QEMU is able to initialize the MSR properly, we know that the feature is safely migratable. Signed-off-by: Eduardo Habkost Message-Id: Signed-off-by: Eduardo Habkost ---- commit 485b1d256bcb0874bcde0223727c159b6837e6f8 - v4.0.0-rc0-1-g485b1d256b Author: Eduardo Habkost Date: Fri Jan 25 20:06:05 2019 i386: kvm: Disable arch_capabilities if MSR can't be set KVM has two bugs in the handling of MSR_IA32_ARCH_CAPABILITIES: 1) Linux commit commit 1eaafe91a0df ("kvm: x86: IA32_ARCH_CAPABILITIES is always supported") makes GET_SUPPORTED_CPUID return arch_capabilities even if running on SVM. This makes "-cpu host,migratable=off" incorrectly expose arch_capabilities on CPUID on AMD hosts (where the MSR is not emulated by KVM). 2) KVM_GET_MSR_INDEX_LIST does not return MSR_IA32_ARCH_CAPABILITIES if the MSR is not supported by the host CPU. This makes QEMU not initialize the MSR properly at kvm_put_msrs() on those hosts. Work around both bugs on the QEMU side, by checking if the MSR was returned by KVM_GET_MSR_INDEX_LIST before returning the feature flag on kvm_arch_get_supported_cpuid(). This has the unfortunate side effect of making arch_capabilities unavailable on hosts without hardware support for the MSR until bug #2 is fixed on KVM, but I can't see another way to work around bug #1 without that side effect. Signed-off-by: Eduardo Habkost Message-Id: Signed-off-by: Eduardo Habkost ######## ---- possibly just one: commit b0a1980384fc265d91de7e09aa5fe531a69e6288 - v3.1.0-1228-gb0a1980384 Author: Tao Xu Date: Thu Dec 27 00:43:03 2018 i386: Update stepping of Cascadelake-Server Update the stepping from 5 to 6, in order that the Cascadelake-Server CPU model can support AVX512VNNI and MSR based features exposed by ARCH_CAPABILITIES. Signed-off-by: Tao Xu Message-Id: Signed-off-by: Eduardo Habkost ---- possibly just one: commit aec5e9c3a94cf8b7920f59bef69a6f426092c4a0 - v3.1.0-rc2-32-gaec5e9c3a9 Author: Bandan Das Date: Mon Nov 26 02:17:28 2018 kvm: Use KVM_GET_MSR_INDEX_LIST for MSR_IA32_ARCH_CAPABILITIES support When writing to guest's MSR_IA32_ARCH_CAPABILITIES, check whether it's supported in the guest using the KVM_GET_MSR_INDEX_LIST ioctl. Fixes: d86f963694df27f11b3681ffd225c9362de1b634 Suggested-by: Eduardo Habkost Tested-by: Signed-off-by: Bandan Das Message-Id: Signed-off-by: Eduardo Habkost ######## MERGE REQUEST: 09b9ee643f90ef95e30e594df2a3c83ccaf75b1f c7a88b52f62b30c04158eeb07f73e3f72221b6a8 d86f963694df27f11b3681ffd225c9362de1b634 + 07585923485952bf4cb7da563c9f91fecc85d09c + f57bceb6ab5163ddd6c41ff4344ab8cf28a9c63d + 38bf9e3b6185e6e4e4d50f7ff968676bf92a5bd7 de2e68c902f7b6e438b0fa3cfedd74a06a20704f ---- commit c7a88b52f62b30c04158eeb07f73e3f72221b6a8 - v3.0.0-1662-gc7a88b52f6 Author: Tao Xu Date: Wed Sep 19 00:11:22 2018 i386: Add new model of Cascadelake-Server New CPU models mostly inherit features from ancestor Skylake-Server, while addin new features: AVX512_VNNI, Intel PT. SSBD support for speculative execution side channel mitigations. Note: On Cascadelake, some capabilities (RDCL_NO, IBRS_ALL, RSBA, SKIP_L1DFL_VMENTRY and SSB_NO) are enumerated by MSR. These features rely on MSR based feature support patch. Will be added later after that patch's in. http://lists.nongnu.org/archive/html/qemu-devel/2018-09/msg00074.html Signed-off-by: Tao Xu Message-Id: Signed-off-by: Eduardo Habkost ---- commit d86f963694df27f11b3681ffd225c9362de1b634 - v3.0.0-1661-gd86f963694 Author: Robert Hoo Date: Mon Oct 15 01:47:25 2018 x86: define a new MSR based feature word -- FEATURE_WORDS_ARCH_CAPABILITIES Note RSBA is specially treated -- no matter host support it or not, qemu pretends it is supported. Signed-off-by: Robert Hoo Message-Id: [ehabkost: removed automatic enabling of RSBA] Reviewed-by: Eduardo Habkost Signed-off-by: Eduardo Habkost ---- commit 07585923485952bf4cb7da563c9f91fecc85d09c - v3.0.0-1660-g0758592348 Author: Robert Hoo Date: Mon Oct 15 01:47:24 2018 x86: Data structure changes to support MSR based features Add FeatureWordType indicator in struct FeatureWordInfo. Change feature_word_info[] accordingly. Change existing functions that refer to feature_word_info[] accordingly. Signed-off-by: Robert Hoo Message-Id: [ehabkost: fixed hvf_enabled() case] Signed-off-by: Eduardo Habkost ---- commit f57bceb6ab5163ddd6c41ff4344ab8cf28a9c63d - v3.0.0-1659-gf57bceb6ab Author: Robert Hoo Date: Mon Oct 15 01:47:23 2018 kvm: Add support to KVM_GET_MSR_FEATURE_INDEX_LIST and KVM_GET_MSRS system ioctl Add kvm_get_supported_feature_msrs() to get supported MSR feature index list. Add kvm_arch_get_supported_msr_feature() to get each MSR features value. Signed-off-by: Robert Hoo Message-Id: Reviewed-by: Eduardo Habkost Signed-off-by: Eduardo Habkost ######## MERGE REQUEST: 7210a02c58572b2686a3a8d610c6628f87864aed 7f710c32bb893c68b931c68265f0427c032eb7f4 8a11c62da9146dd89aee98947e6bd831e65a970d + 59a80a19ca31a6fff9fdbb6b4cf55a5a0767c3bc 5131dc433df54b37e8e918d8fba7fe10344e7a7b 3fc7c73139d2d38ae80c3b0bc963b1ac1555924c + 8c80c99fcceabd0708a5a83f08577e778c9419f5 + 2544e9e4aa2bcef8ac069057a681a5ff37a23e49 ---- commit 8a11c62da9146dd89aee98947e6bd831e65a970d - v3.0.0-156-g8a11c62da9 Author: Robert Hoo Date: Thu Jul 5 06:09:58 2018 i386: Add new CPU model Icelake-{Server,Client} New CPU models mostly inherit features from ancestor Skylake, while addin new features: UMIP, New Instructions ( PCONIFIG (server only), WBNOINVD, AVX512_VBMI2, GFNI, AVX512_VNNI, VPCLMULQDQ, VAES, AVX512_BITALG), Intel PT and 5-level paging (Server only). As well as IA32_PRED_CMD, SSBD support for speculative execution side channel mitigations. Note: For 5-level paging, Guest physical address width can be configured, with parameter "phys-bits". Unless explicitly specified, we still use its default value, even for Icelake-Server cpu model. At present, hold on expose IA32_ARCH_CAPABILITIES to guest, as 1) This MSR actually presents more than 1 'feature', maintainers are considering expanding current features presentation of only CPUIDs to MSR bits; 2) a reasonable default value for MSR_IA32_ARCH_CAPABILITIES needs to settled first. These 2 are actully beyond Icelake CPU model itself but fundamental. So split these work apart and do it later. https://lists.gnu.org/archive/html/qemu-devel/2018-07/msg00774.html https://lists.gnu.org/archive/html/qemu-devel/2018-07/msg00796.html Signed-off-by: Robert Hoo