x86/msr: Virtualise MSR_SPEC_CTRL.SSBD for guests to use

Almost all infrastructure is already in place.  Update the reserved bits
calculation in guest_wrmsr(), and offer SSBD to guests by default.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Gbp-Pq: Name x86msr-virtualise-msr_spec_ctrl.ssbd-for.patch

diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c
index 659dc9f4a26cd74569be55e1610bb61a3ea293f8..ad5d20bc5ab331370edb1a9fdfb809c0278bdde3 100644 (file)
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -1389,7 +1389,8 @@ long arch_do_domctl(
                      * ignored) when STIBP isn't enumerated in hardware.
                      */
 
-                    if ( msr.value & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP) )
+                    if ( msr.value & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP |
+                                       (boot_cpu_has(X86_FEATURE_SSBD) ? SPEC_CTRL_SSBD : 0)) )
                         break;
                     v->arch.spec_ctrl = msr.value;
                     continue;

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 7c88023c35c6926c267b7718dfed2602b345b592..6a95ae97662857a0ff4addca43027d251f8d5804 100644 (file)
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4147,7 +4147,8 @@ int hvm_msr_write_intercept(unsigned int msr, uint64_t msr_content,
          * when STIBP isn't enumerated in hardware.
          */
 
-        if ( msr_content & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP) )
+        if ( msr_content & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP |
+                             ((edx & cpufeat_mask(X86_FEATURE_SSBD) ? SPEC_CTRL_SSBD : 0))) )
             goto gp_fault; /* Rsvd bit set? */
 
         v->arch.spec_ctrl = msr_content;

diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 4a0ad5dc73ba9a19f891b92c0bc4391fe8805c40..f8c85e3112cc10e07d478b829593853a277ae4aa 100644 (file)
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2752,7 +2752,8 @@ static int priv_op_write_msr(unsigned int reg, uint64_t val,
          * when STIBP isn't enumerated in hardware.
          */
 
-        if ( val & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP) )
+        if ( val & ~(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP |
+                     ((edx & cpufeat_mask(X86_FEATURE_SSBD) ? SPEC_CTRL_SSBD : 0))) )
             break; /* Rsvd bit set? */
 
         curr->arch.spec_ctrl = val;

diff --git a/xen/include/public/arch-x86/cpufeatureset.h b/xen/include/public/arch-x86/cpufeatureset.h
index 93645bd8aeaabf98b0b221e2a4e097f2f548d77e..70a17f73cdfcb67fe0db04b744fa7ab6bd36faa9 100644 (file)
--- a/xen/include/public/arch-x86/cpufeatureset.h
+++ b/xen/include/public/arch-x86/cpufeatureset.h
@@ -239,7 +239,7 @@ XEN_CPUFEATURE(IBPB,          8*32+12) /*A  IBPB support only (no IBRS, used by
 XEN_CPUFEATURE(IBRSB,         9*32+26) /*A  IBRS and IBPB support (used by Intel) */
 XEN_CPUFEATURE(STIBP,         9*32+27) /*A! STIBP */
 XEN_CPUFEATURE(ARCH_CAPS,     9*32+29) /*   IA32_ARCH_CAPABILITIES MSR */
-XEN_CPUFEATURE(SSBD,          9*32+31) /*   MSR_SPEC_CTRL.SSBD available */
+XEN_CPUFEATURE(SSBD,          9*32+31) /*A  MSR_SPEC_CTRL.SSBD available */
 
 #endif /* XEN_CPUFEATURE */