From patchwork Thu Feb 11 21:22:37 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bandan Das X-Patchwork-Id: 12084185 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.3 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE800C433DB for ; Thu, 11 Feb 2021 21:25:18 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8811364E42 for ; Thu, 11 Feb 2021 21:25:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229933AbhBKVZO (ORCPT ); Thu, 11 Feb 2021 16:25:14 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:26456 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229886AbhBKVZK (ORCPT ); Thu, 11 Feb 2021 16:25:10 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1613078624; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=el7j+rmZA3EiDQrnbTpaheKflbW47Lq347I0dXbFzvo=; b=DC/ncbTOqr3IwAzch22v9kE3+h6vnXqFJxMnbVF07N7DDADuWNrCCdLBNZr127o1kas4hZ quEmr/IZfUWiM6Lb+lPMh5bvLFWrocPnMNrdcQoZ/MSaKPs54Pd71fWGq2gA0a28fZhlz9 djbOQF/JQt6ou9qOs5VvLyvfOL1L3sk= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-361-9Hx285pvPc6GFFye5jsYoA-1; Thu, 11 Feb 2021 16:23:41 -0500 X-MC-Unique: 9Hx285pvPc6GFFye5jsYoA-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E77DB192D786; Thu, 11 Feb 2021 21:23:39 +0000 (UTC) Received: from gigantic.usersys.redhat.com (helium.bos.redhat.com [10.18.17.132]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7231D60C0F; Thu, 11 Feb 2021 21:23:39 +0000 (UTC) From: Bandan Das To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, jmattson@google.com, wei.huang2@amd.com, babu.moger@amd.com Subject: [PATCH 1/3] KVM: Add a stub for invpcid in the emulator table Date: Thu, 11 Feb 2021 16:22:37 -0500 Message-Id: <20210211212241.3958897-2-bsd@redhat.com> In-Reply-To: <20210211212241.3958897-1-bsd@redhat.com> References: <20210211212241.3958897-1-bsd@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Upon an exception, this can be used to successfully decode the instruction and will be used by the next patch to inject the correct exception. Signed-off-by: Bandan Das --- arch/x86/kvm/emulate.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index 72a1bd04dfe1..78b47fe60239 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -4956,7 +4956,8 @@ static const struct opcode opcode_map_0f_38[256] = { /* 0x00 - 0x7f */ X16(N), X16(N), X16(N), X16(N), X16(N), X16(N), X16(N), X16(N), /* 0x80 - 0xef */ - X16(N), X16(N), X16(N), X16(N), X16(N), X16(N), X16(N), + N, N, D(SrcNone | Prot), N, X4(N), X8(N), + X16(N), X16(N), X16(N), X16(N), X16(N), X16(N), /* 0xf0 - 0xf1 */ GP(EmulateOnUD | ModRM, &three_byte_0f_38_f0), GP(EmulateOnUD | ModRM, &three_byte_0f_38_f1), From patchwork Thu Feb 11 21:22:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bandan Das X-Patchwork-Id: 12084187 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.3 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA0BEC433E0 for ; Thu, 11 Feb 2021 21:25:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A67A764E42 for ; Thu, 11 Feb 2021 21:25:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229907AbhBKVZ0 (ORCPT ); Thu, 11 Feb 2021 16:25:26 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:44356 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229714AbhBKVZX (ORCPT ); Thu, 11 Feb 2021 16:25:23 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1613078637; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RERqyVecoC0CfcYPF9w5jxKANHKVv67OPd/lj0yaULM=; b=f4hFKL0en1bw4guiA7x4LfBNisHdIdkLq/a+dBKaEhT4PaThToqYlmUE1DykAcjHPVMCRG ErrS6psQfda/KH/DFgqPUPT0Oextefq0C6RAvevax/DYiCN2A+O+mzb74AS72xSuOlbL6u h6copPTLLoLByX2vq+bIBDWlYMKtPE8= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-563-dE1L1Y-LP8KpG3kVWW2v7w-1; Thu, 11 Feb 2021 16:23:55 -0500 X-MC-Unique: dE1L1Y-LP8KpG3kVWW2v7w-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 26119192FDAB; Thu, 11 Feb 2021 21:23:53 +0000 (UTC) Received: from gigantic.usersys.redhat.com (helium.bos.redhat.com [10.18.17.132]) by smtp.corp.redhat.com (Postfix) with ESMTP id A9F7660BF1; Thu, 11 Feb 2021 21:23:52 +0000 (UTC) From: Bandan Das To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, jmattson@google.com, wei.huang2@amd.com, babu.moger@amd.com Subject: [PATCH 2/3] KVM: SVM: Handle invpcid during gp interception Date: Thu, 11 Feb 2021 16:22:38 -0500 Message-Id: <20210211212241.3958897-3-bsd@redhat.com> In-Reply-To: <20210211212241.3958897-1-bsd@redhat.com> References: <20210211212241.3958897-1-bsd@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Use the gp interception path to inject a #UD to the guest if the guest has invpcid disabled. This is required because for CPL > 0, #GP takes precedence over the INVPCID intercept. Signed-off-by: Bandan Das --- arch/x86/kvm/svm/svm.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 754e07538b4a..0e8ce7adb815 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2170,6 +2170,7 @@ enum { SVM_INSTR_VMRUN, SVM_INSTR_VMLOAD, SVM_INSTR_VMSAVE, + SVM_INSTR_INVPCID, }; /* Return NONE_SVM_INSTR if not SVM instrs, otherwise return decode result */ @@ -2177,6 +2178,8 @@ static int svm_instr_opcode(struct kvm_vcpu *vcpu) { struct x86_emulate_ctxt *ctxt = vcpu->arch.emulate_ctxt; + if (ctxt->b == 0x82) + return SVM_INSTR_INVPCID; if (ctxt->b != 0x1 || ctxt->opcode_len != 2) return NONE_SVM_INSTR; @@ -2200,11 +2203,13 @@ static int emulate_svm_instr(struct kvm_vcpu *vcpu, int opcode) [SVM_INSTR_VMRUN] = SVM_EXIT_VMRUN, [SVM_INSTR_VMLOAD] = SVM_EXIT_VMLOAD, [SVM_INSTR_VMSAVE] = SVM_EXIT_VMSAVE, + [SVM_INSTR_INVPCID] = SVM_EXIT_EXCP_BASE + UD_VECTOR, }; int (*const svm_instr_handlers[])(struct kvm_vcpu *vcpu) = { [SVM_INSTR_VMRUN] = vmrun_interception, [SVM_INSTR_VMLOAD] = vmload_interception, [SVM_INSTR_VMSAVE] = vmsave_interception, + [SVM_INSTR_INVPCID] = ud_interception, }; struct vcpu_svm *svm = to_svm(vcpu); @@ -2253,8 +2258,12 @@ static int gp_interception(struct kvm_vcpu *vcpu) if (!is_guest_mode(vcpu)) return kvm_emulate_instruction(vcpu, EMULTYPE_VMWARE_GP | EMULTYPE_NO_DECODE); - } else + } else { + if ((opcode == SVM_INSTR_INVPCID) && + guest_cpuid_has(vcpu, X86_FEATURE_INVPCID)) + goto reinject; return emulate_svm_instr(vcpu, opcode); + } reinject: kvm_queue_exception_e(vcpu, GP_VECTOR, error_code); From patchwork Thu Feb 11 21:22:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bandan Das X-Patchwork-Id: 12084189 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.3 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5B65C433DB for ; Thu, 11 Feb 2021 21:25:33 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 861FF64E42 for ; Thu, 11 Feb 2021 21:25:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229938AbhBKVZc (ORCPT ); Thu, 11 Feb 2021 16:25:32 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:38912 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229553AbhBKVZb (ORCPT ); Thu, 11 Feb 2021 16:25:31 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1613078645; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2ADT06ck/6Xn7ictWiXc1dStSUqWO1AGKXN0MDBeaO8=; b=gp4WiEKKlnZpmh6Kv5WFgof+b+mcduenxrs8PMIE+B6dbRTFOXiHOUTBSoJ9qIj7H2DawC +WPLI8/vkmyWLRDtYWRgnB+1tOoOaibIa0LBoGZADBcqSlnAALu0vD4WwgbH1DQ3qC20sd k8+ATuSg8eIVkexffeXeI3wC8fkmZmc= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-519-1n-ftOs4MFiND3SBrnspKw-1; Thu, 11 Feb 2021 16:24:03 -0500 X-MC-Unique: 1n-ftOs4MFiND3SBrnspKw-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6868A107ACE3; Thu, 11 Feb 2021 21:24:02 +0000 (UTC) Received: from gigantic.usersys.redhat.com (helium.bos.redhat.com [10.18.17.132]) by smtp.corp.redhat.com (Postfix) with ESMTP id EDCAE60BF1; Thu, 11 Feb 2021 21:24:01 +0000 (UTC) From: Bandan Das To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, jmattson@google.com, wei.huang2@amd.com, babu.moger@amd.com Subject: [PATCH 3/3] KVM: SVM: check if we need to track GP intercept for invpcid Date: Thu, 11 Feb 2021 16:22:39 -0500 Message-Id: <20210211212241.3958897-4-bsd@redhat.com> In-Reply-To: <20210211212241.3958897-1-bsd@redhat.com> References: <20210211212241.3958897-1-bsd@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org This is only set when the feature is available on the host but the guest has disabled it, this will allow us to inject the correct exception to the guest Signed-off-by: Bandan Das --- arch/x86/kvm/svm/svm.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 0e8ce7adb815..2ecbf9bc929f 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1102,6 +1102,7 @@ static u64 svm_write_l1_tsc_offset(struct kvm_vcpu *vcpu, u64 offset) static void svm_check_invpcid(struct vcpu_svm *svm) { + struct kvm_vcpu *vcpu = &svm->vcpu; /* * Intercept INVPCID instruction only if shadow page table is * enabled. Interception is not required with nested page table @@ -1112,6 +1113,16 @@ static void svm_check_invpcid(struct vcpu_svm *svm) svm_set_intercept(svm, INTERCEPT_INVPCID); else svm_clr_intercept(svm, INTERCEPT_INVPCID); + /* + * For CPL <> 0, #GP takes priority over intercepts. + * This means that if invpcid is present but guest has disabled + * it, it might end up getting a #GP instead of #UD + * Let kvm inject the correct exception instead. + */ + if (!guest_cpuid_has(vcpu, X86_FEATURE_INVPCID)) + set_exception_intercept(svm, GP_VECTOR); + else + clr_exception_intercept(svm, GP_VECTOR); } }