From patchwork Thu Nov 28 11:44:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11265877 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5948B112B for ; Thu, 28 Nov 2019 11:45:19 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 32ECE21775 for ; Thu, 28 Nov 2019 11:45:19 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="MP9exv+R" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 32ECE21775 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iaIDc-0007Nu-U7; Thu, 28 Nov 2019 11:44:20 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iaIDb-0007Nf-96 for xen-devel@lists.xenproject.org; Thu, 28 Nov 2019 11:44:19 +0000 X-Inumbo-ID: 690fffe2-11d4-11ea-9db0-bc764e2007e4 Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 690fffe2-11d4-11ea-9db0-bc764e2007e4; Thu, 28 Nov 2019 11:44:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1574941458; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=iIaaJIQ729GGWLDfrypyiMBXHXF4JW+4G9BD9bGxuE0=; b=MP9exv+RQwhkBV8I7MehAhMb1T/xdgwAYMlUIX19SZIA3NzLsgjF5BbW bIABsFMwFQi+9SpHtiC8ydM9t6gj8Jx5pX/RiX1EkxVXXpBBAtY7PeRIo MZtzHnikceLNe+SPXdlMVjlMjPxaelIEaL/8XQjeb7g7oZs75wFKE29e1 g=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa4.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ip4:168.245.78.127 ~all" Received-SPF: None (esa4.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa4.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: b6YrPB4Y3YwzDl2DQmofYB+cFsiOEJ8AlzVTch+rlmliOM1gUJ4hWsLx+a/SudLf/Lk+/+SUm6 KxyrnTPthyeZqv8k7fzPhR2Wuuly+vkjxxbLZbqXMBVozxaZAwtWLwpp/IkBIU+ji/u+9tt/nz o2dKb5K/nzqOSTIbTzbD7cZIdXEXl18Oug+zPFdTBhJVO8v4Jy2igySAuRniFojGPWzkGUqei7 8D4MOiz/cOkbV4Vsqihm8pNtuLavLRkSI5tgWmdUp9LssM++hhOTuyx+Ytw91hF5/Y8RFMTGEu xFw= X-SBRS: 2.7 X-MesageID: 9498495 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.69,253,1571716800"; d="scan'208";a="9498495" From: Andrew Cooper To: Xen-devel Date: Thu, 28 Nov 2019 11:44:14 +0000 Message-ID: <20191128114414.21716-1-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 MIME-Version: 1.0 Subject: [Xen-devel] [PATCH for-next] x86/svm: Correct vm_event API for descriptor accesses X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Petre Pircalabu , Tamas K Lengyel , Wei Liu , Razvan Cojocaru , Adrian Pop , Andrew Cooper , Jan Beulich , Alexandru Isaila , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" c/s d0a699a389f1 "x86/monitor: add support for descriptor access events" introduced logic looking for what appeared to be exitinfo (not that this exists in SVM - exitinfo1 or 2 do), but actually passed the exit IDT vectoring information. There is never any IDT vectoring involved in these intercepts so the value passed is always zero. In fact, SVM doesn't provide any information, even in exitinfo1 and 2. Note the error in the public API and state that this field is always 0, and drop the SVM logic in hvm_monitor_descriptor_access(). In the SVM vmexit handler itself, optimise the switch statement by observing that there is a linear transformation between the SVM exit_reason and VM_EVENT_DESC_* values. (Bloat-o-meter reports 6028 => 5877 for a saving of 151 bytes). Signed-off-by: Andrew Cooper Acked-by: Razvan Cojocaru Reviewed-by: Alexandru Isaila Acked-by: Adrian Pop Acked-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monné CC: Razvan Cojocaru CC: Tamas K Lengyel CC: Alexandru Isaila CC: Petre Pircalabu CC: Adrian Pop Adrian: Do you recall what information you were attempting to forward from the VMCB? I can't locate anything which would plausibly be interesting. This is part of a longer cleanup series I gathered in the wake of the task switch issues, but it is pulled out ahead due to its interaction with the public interface. --- xen/arch/x86/hvm/monitor.c | 4 ---- xen/arch/x86/hvm/svm/svm.c | 37 +++++++++++++++++-------------------- xen/include/public/vm_event.h | 4 ++-- 3 files changed, 19 insertions(+), 26 deletions(-) diff --git a/xen/arch/x86/hvm/monitor.c b/xen/arch/x86/hvm/monitor.c index 7fb1e2c04e..1f23fe25e8 100644 --- a/xen/arch/x86/hvm/monitor.c +++ b/xen/arch/x86/hvm/monitor.c @@ -113,10 +113,6 @@ void hvm_monitor_descriptor_access(uint64_t exit_info, req.u.desc_access.arch.vmx.instr_info = exit_info; req.u.desc_access.arch.vmx.exit_qualification = vmx_exit_qualification; } - else - { - req.u.desc_access.arch.svm.exitinfo = exit_info; - } monitor_traps(current, true, &req); } diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 0fb1908c18..776cf11459 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -2980,29 +2980,26 @@ void svm_vmexit_handler(struct cpu_user_regs *regs) svm_vmexit_do_pause(regs); break; - case VMEXIT_IDTR_READ: - case VMEXIT_IDTR_WRITE: - hvm_descriptor_access_intercept(vmcb->exitintinfo.bytes, 0, - VM_EVENT_DESC_IDTR, exit_reason == VMEXIT_IDTR_WRITE); - break; - - case VMEXIT_GDTR_READ: - case VMEXIT_GDTR_WRITE: - hvm_descriptor_access_intercept(vmcb->exitintinfo.bytes, 0, - VM_EVENT_DESC_GDTR, exit_reason == VMEXIT_GDTR_WRITE); - break; + case VMEXIT_IDTR_READ ... VMEXIT_TR_WRITE: + { + /* + * Consecutive block of 8 exit codes (sadly not aligned). Top bit + * indicates write (vs read), bottom 2 bits map linearly to + * VM_EVENT_DESC_* values. + */ +#define E2D(e) ((((e) - VMEXIT_IDTR_READ) & 3) + 1) + bool write = ((exit_reason - VMEXIT_IDTR_READ) & 4); + unsigned int desc = E2D(exit_reason); - case VMEXIT_LDTR_READ: - case VMEXIT_LDTR_WRITE: - hvm_descriptor_access_intercept(vmcb->exitintinfo.bytes, 0, - VM_EVENT_DESC_LDTR, exit_reason == VMEXIT_LDTR_WRITE); - break; + BUILD_BUG_ON(E2D(VMEXIT_IDTR_READ) != VM_EVENT_DESC_IDTR); + BUILD_BUG_ON(E2D(VMEXIT_GDTR_READ) != VM_EVENT_DESC_GDTR); + BUILD_BUG_ON(E2D(VMEXIT_LDTR_READ) != VM_EVENT_DESC_LDTR); + BUILD_BUG_ON(E2D(VMEXIT_TR_READ) != VM_EVENT_DESC_TR); +#undef E2D - case VMEXIT_TR_READ: - case VMEXIT_TR_WRITE: - hvm_descriptor_access_intercept(vmcb->exitintinfo.bytes, 0, - VM_EVENT_DESC_TR, exit_reason == VMEXIT_TR_WRITE); + hvm_descriptor_access_intercept(0, 0, desc, write); break; + } default: unexpected_exit_type: diff --git a/xen/include/public/vm_event.h b/xen/include/public/vm_event.h index 959083d8c4..d1b5c95f72 100644 --- a/xen/include/public/vm_event.h +++ b/xen/include/public/vm_event.h @@ -302,8 +302,8 @@ struct vm_event_desc_access { uint64_t exit_qualification; /* VMX: VMCS Exit Qualification */ } vmx; struct { - uint64_t exitinfo; /* SVM: VMCB EXITINFO */ - uint64_t _pad2; + uint64_t exitinfo; /* SVM: Always 0. This field made */ + uint64_t _pad2; /* its way into the API by error. */ } svm; } arch; uint8_t descriptor; /* VM_EVENT_DESC_* */