From patchwork Tue Dec 17 18:14:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Orlov X-Patchwork-Id: 13912389 Received: from smtp-fw-6001.amazon.com (smtp-fw-6001.amazon.com [52.95.48.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0F67E1F8919; Tue, 17 Dec 2024 18:15:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.95.48.154 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459315; cv=none; b=g7KTfIiQVQgnln0/V2ZxIMNcTcwUhg/SpOA5O919sHGZxpZn1Is2Yj/toXn0CKGnJwammE7xZu6SywMbPPbdFZYOAX0ZhswZUQEWJocYjun1Qi79OoTANZd9ugne02xsuddOsIB78HpHV8c0MogSgcakmgYhfmEWv53ObtXq8C0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459315; c=relaxed/simple; bh=rc7JzmZN0U0cmazanc6cjPkftA8JqudgKFtX9XwF8+E=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=qFyWpw3conTsjz/YdHyzh9TfhdMmXeM6ggdYoMA73E7kSdUoDcsOgCPpsR8evqVrdU1CCafY1AtulmkEqbF14f+REx5noGmZeyRZCj77Ci8Fy1pQoPNQiveEfLE4ABI1MhVxMMrMw7oCsj1FgH/S54CXmY96dzTAvGE8zc33xOo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=vYzcg8Xq; arc=none smtp.client-ip=52.95.48.154 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="vYzcg8Xq" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1734459312; x=1765995312; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4VN5aP9uPohUChbBXN+Eoyl7CFAbxwb756OR/RUx5rY=; b=vYzcg8XqrZcO2EnXMP1qeBKviPS3XqRzS3tgim1S8UiXE+LHSznIAmGT I/joBpzlHQdnRDLt6MBn9ChZBlM6y7hl0rje8VnKq/113CzgC15L5H1/M hJ6TnbRtXXzjA5iwGA95THP3fSTURgSLI5IodhWxqoyLmnni7jmI0pJpr I=; X-IronPort-AV: E=Sophos;i="6.12,242,1728950400"; d="scan'208";a="446604344" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.43.8.2]) by smtp-border-fw-6001.iad6.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2024 18:15:09 +0000 Received: from EX19MTAUEA002.ant.amazon.com [10.0.29.78:63567] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.24.38:2525] with esmtp (Farcaster) id 1c4b3b02-0951-4bdc-a6e8-edde075a77f7; Tue, 17 Dec 2024 18:15:09 +0000 (UTC) X-Farcaster-Flow-ID: 1c4b3b02-0951-4bdc-a6e8-edde075a77f7 Received: from EX19D008UEC003.ant.amazon.com (10.252.135.194) by EX19MTAUEA002.ant.amazon.com (10.252.134.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:09 +0000 Received: from EX19MTAUEC001.ant.amazon.com (10.252.135.222) by EX19D008UEC003.ant.amazon.com (10.252.135.194) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:08 +0000 Received: from email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (10.43.8.6) by mail-relay.amazon.com (10.252.135.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Tue, 17 Dec 2024 18:15:08 +0000 Received: from dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com (dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com [10.253.74.38]) by email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (Postfix) with ESMTPS id 1AAB4A0790; Tue, 17 Dec 2024 18:15:05 +0000 (UTC) From: Ivan Orlov To: , , , , , , CC: Ivan Orlov , , , , , , , , Subject: [PATCH v3 1/7] KVM: x86: Add function for vectoring error generation Date: Tue, 17 Dec 2024 18:14:52 +0000 Message-ID: <20241217181458.68690-2-iorlov@amazon.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20241217181458.68690-1-iorlov@amazon.com> References: <20241217181458.68690-1-iorlov@amazon.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Extract VMX code for unhandleable VM-Exit during vectoring into vendor-agnostic function so that boiler-plate code can be shared by SVM. Report an actual GPA for EPT misconfig or invalid GPA for any other exit code in internal.data[3]. Signed-off-by: Ivan Orlov --- V1 -> V2: - Return GPA for any exit reason, using reported GPA when it is valid or INVALID_GPA otherwise. - Rename the error preparation function - Fix indentation V2 -> V3: - Move 'gpa' declaration into block it is used in - Use 'if' instead of ternary operator when reporting GPA - Remove redundant cast arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/vmx/vmx.c | 17 +++++------------ arch/x86/kvm/x86.c | 22 ++++++++++++++++++++++ 3 files changed, 29 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index e159e44a6a1b..de8fb1ab230c 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2062,6 +2062,8 @@ void __kvm_prepare_emulation_failure_exit(struct kvm_vcpu *vcpu, u64 *data, u8 ndata); void kvm_prepare_emulation_failure_exit(struct kvm_vcpu *vcpu); +void kvm_prepare_event_vectoring_exit(struct kvm_vcpu *vcpu, gpa_t gpa); + void kvm_enable_efer_bits(u64); bool kvm_valid_efer(struct kvm_vcpu *vcpu, u64 efer); int kvm_get_msr_with_filter(struct kvm_vcpu *vcpu, u32 index, u64 *data); diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 893366e53732..acc2f0e0a339 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6557,19 +6557,12 @@ static int __vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) exit_reason.basic != EXIT_REASON_APIC_ACCESS && exit_reason.basic != EXIT_REASON_TASK_SWITCH && exit_reason.basic != EXIT_REASON_NOTIFY)) { - int ndata = 3; + gpa_t gpa = INVALID_GPA; - vcpu->run->exit_reason = KVM_EXIT_INTERNAL_ERROR; - vcpu->run->internal.suberror = KVM_INTERNAL_ERROR_DELIVERY_EV; - vcpu->run->internal.data[0] = vectoring_info; - vcpu->run->internal.data[1] = exit_reason.full; - vcpu->run->internal.data[2] = vmx_get_exit_qual(vcpu); - if (exit_reason.basic == EXIT_REASON_EPT_MISCONFIG) { - vcpu->run->internal.data[ndata++] = - vmcs_read64(GUEST_PHYSICAL_ADDRESS); - } - vcpu->run->internal.data[ndata++] = vcpu->arch.last_vmentry_cpu; - vcpu->run->internal.ndata = ndata; + if (exit_reason.basic == EXIT_REASON_EPT_MISCONFIG) + gpa = vmcs_read64(GUEST_PHYSICAL_ADDRESS); + + kvm_prepare_event_vectoring_exit(vcpu, gpa); return 0; } diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 2e713480933a..7ce9cdb66f19 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -8813,6 +8813,28 @@ void kvm_prepare_emulation_failure_exit(struct kvm_vcpu *vcpu) } EXPORT_SYMBOL_GPL(kvm_prepare_emulation_failure_exit); +void kvm_prepare_event_vectoring_exit(struct kvm_vcpu *vcpu, gpa_t gpa) +{ + u32 reason, intr_info, error_code; + struct kvm_run *run = vcpu->run; + u64 info1, info2; + int ndata = 0; + + kvm_x86_call(get_exit_info)(vcpu, &reason, &info1, &info2, + &intr_info, &error_code); + + run->internal.data[ndata++] = info2; + run->internal.data[ndata++] = reason; + run->internal.data[ndata++] = info1; + run->internal.data[ndata++] = gpa; + run->internal.data[ndata++] = vcpu->arch.last_vmentry_cpu; + + run->exit_reason = KVM_EXIT_INTERNAL_ERROR; + run->internal.suberror = KVM_INTERNAL_ERROR_DELIVERY_EV; + run->internal.ndata = ndata; +} +EXPORT_SYMBOL_GPL(kvm_prepare_event_vectoring_exit); + static int handle_emulation_failure(struct kvm_vcpu *vcpu, int emulation_type) { struct kvm *kvm = vcpu->kvm; From patchwork Tue Dec 17 18:14:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Orlov X-Patchwork-Id: 13912390 Received: from smtp-fw-52004.amazon.com (smtp-fw-52004.amazon.com [52.119.213.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 856901F869E; Tue, 17 Dec 2024 18:15:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.154 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459322; cv=none; b=LycgzV8uacs3js2mNNsoIlEV3xtUE2o+1L07TUohyzRdYaSlHB+KDnTTLQARtiwtpwFP7iMr7wG6Bar083IMxCl1KIYvwK8yuXmKlsP+V0IDJrRB8/M1OvVQhBdXt77WERx6E6zvDx8Wmz4K2lUDt9dTk9F9gp4o5+uZx9G4hDM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459322; c=relaxed/simple; bh=9H/Cqy3PV0ClCDquXysgjPLOWLpExtRhMDhj1G0LfPw=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Ko+Ir2U2+4qFrkxpwzjjVmatG2J70RoT7xTNx9m9ynKxicUsGRTv7d7ontDyrQ9aw+OBGGs3qeCR579PujYBFgqKjPiexLmZlXNKUk4Ir2FO69bnmOjGUnQtBYf99isiuJ0ZeL+i/evoHEzyj1+4vFzfn2v1DFtPX77tC9B/zHo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=TeJ72Cu2; arc=none smtp.client-ip=52.119.213.154 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="TeJ72Cu2" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1734459320; x=1765995320; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=CWb9mwdiPjYqt8933wN0Q1+0SMJntSgscimdaSQvyGY=; b=TeJ72Cu2skrhhmGKQ92aRAfZJ4LBeWfqk8UeZeEkx2vuE5McmoEhyrTx UFISAN/Za+q0SbFwPhPFzUyen/ji2IV77MZ193mS6tMt7kq8Oa0A+fwJq DtRY0zRcSh8tbwsdZhJH2jcfl7Ox4TQFbncWmnzD65ZHHvNz5nUw5YpWG Y=; X-IronPort-AV: E=Sophos;i="6.12,242,1728950400"; d="scan'208";a="255725015" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.43.8.2]) by smtp-border-fw-52004.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2024 18:15:16 +0000 Received: from EX19MTAUEB001.ant.amazon.com [10.0.0.204:63049] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.24.38:2525] with esmtp (Farcaster) id f5bab109-1f85-48c7-9761-74a3f1bf25e4; Tue, 17 Dec 2024 18:15:15 +0000 (UTC) X-Farcaster-Flow-ID: f5bab109-1f85-48c7-9761-74a3f1bf25e4 Received: from EX19D008UEA001.ant.amazon.com (10.252.134.62) by EX19MTAUEB001.ant.amazon.com (10.252.135.108) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:11 +0000 Received: from EX19MTAUEB001.ant.amazon.com (10.252.135.35) by EX19D008UEA001.ant.amazon.com (10.252.134.62) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:11 +0000 Received: from email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (10.43.8.2) by mail-relay.amazon.com (10.252.135.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Tue, 17 Dec 2024 18:15:11 +0000 Received: from dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com (dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com [10.253.74.38]) by email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (Postfix) with ESMTPS id 70DF5A0723; Tue, 17 Dec 2024 18:15:08 +0000 (UTC) From: Ivan Orlov To: , , , , , , CC: Ivan Orlov , , , , , , , , Subject: [PATCH v3 2/7] KVM: x86: Add emulation status for unhandleable vectoring Date: Tue, 17 Dec 2024 18:14:53 +0000 Message-ID: <20241217181458.68690-3-iorlov@amazon.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20241217181458.68690-1-iorlov@amazon.com> References: <20241217181458.68690-1-iorlov@amazon.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add emulation status for unhandleable vectoring, i.e. when KVM can't emulate an instruction during vectoring. Such a situation can occur if guest sets the IDT descriptor base to point to MMIO region, and triggers an exception after that. Exit to userspace with event delivery error when KVM can't emulate an instruction when vectoring an event. Signed-off-by: Ivan Orlov --- V1 -> V2: - This patch wasn't included in V1. V2 -> V3: - Make new X86EMUL_ code more generic to allow using it for any type of unhandleable vectoring arch/x86/kvm/kvm_emulate.h | 2 ++ arch/x86/kvm/x86.c | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/arch/x86/kvm/kvm_emulate.h b/arch/x86/kvm/kvm_emulate.h index 10495fffb890..5bcf50ffc3de 100644 --- a/arch/x86/kvm/kvm_emulate.h +++ b/arch/x86/kvm/kvm_emulate.h @@ -88,6 +88,8 @@ struct x86_instruction_info { #define X86EMUL_CMPXCHG_FAILED 4 /* cmpxchg did not see expected value */ #define X86EMUL_IO_NEEDED 5 /* IO is needed to complete emulation */ #define X86EMUL_INTERCEPTED 6 /* Intercepted by nested VMCB/VMCS */ +/* Vectroing can't be emulated */ +#define X86EMUL_UNHANDLEABLE_VECTORING 7 /* x86-specific emulation flags */ #define X86EMUL_F_WRITE BIT(0) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 7ce9cdb66f19..849a6fc364b3 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -9107,6 +9107,11 @@ int x86_emulate_instruction(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, if (r == X86EMUL_RETRY_INSTR || r == X86EMUL_PROPAGATE_FAULT) return 1; + if (r == X86EMUL_UNHANDLEABLE_VECTORING) { + kvm_prepare_event_vectoring_exit(vcpu, cr2_or_gpa); + return 0; + } + WARN_ON_ONCE(r != X86EMUL_UNHANDLEABLE); return handle_emulation_failure(vcpu, emulation_type); } From patchwork Tue Dec 17 18:14:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Orlov X-Patchwork-Id: 13912394 Received: from smtp-fw-6002.amazon.com (smtp-fw-6002.amazon.com [52.95.49.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B02CE1F942E; Tue, 17 Dec 2024 18:15:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.95.49.90 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459325; cv=none; b=uZ0jWAu+6yqwzY9cC5RxKsBQS6UNTGYt7AAU6F31K402rI+VJ1Zisttvux1uW3O71kGaHLsz4a89yZq5+DnvAo+I+z/JxY2xzkBpzZGhPkEohG4JtHl4TvUrriMzaO9TziyVuIeZ0JA9fa34w5gxlYJuVb0iYoq2O5KzMAgIWe4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459325; c=relaxed/simple; bh=pCiEw53LX/kiPJff4iFU2sM0ncHJUbxIYel3PKwQkrY=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=KXao9Dy4uzZSHVdX7/pijmVDlKbmiE3GFKpJ3GmAwDJOjYL1sxjXhCBpuleVv+h2isd39/gQrvXZFgWJ0PArPsQQOSDr6cdNv+qdv3cZZZeaOSaQYSlYvNARPAiMBcFLejJq83JjDmN9Ov3TGZS3dwJKrTadGvRc2yEqFZMPxq4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=QI3QL1vI; arc=none smtp.client-ip=52.95.49.90 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="QI3QL1vI" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1734459324; x=1765995324; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qu3I2fuJZWUmuNAenq6eGdr9/4WhHxiZiaa+v1R1fkY=; b=QI3QL1vIUSZQoPo73305OcTYPX5P2QELM+eNCcWxu5P0GAbo2ybmNyaD AFmxwaZAsyEpvWTLXTvi0tibo9kSr45ix0ulo1gUIvNjS+nD9Gu3CpwX2 hh2MDG5Z/S7goP81acHL8x7DmWGjoT9Ec0Zor/WVB5eMUzzMgwfYdb6rs 4=; X-IronPort-AV: E=Sophos;i="6.12,242,1728950400"; d="scan'208";a="456798162" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-6002.iad6.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2024 18:15:21 +0000 Received: from EX19MTAUEA002.ant.amazon.com [10.0.29.78:49982] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.24.38:2525] with esmtp (Farcaster) id 3eeb9ddb-d581-480d-a478-1c123f119ac3; Tue, 17 Dec 2024 18:15:19 +0000 (UTC) X-Farcaster-Flow-ID: 3eeb9ddb-d581-480d-a478-1c123f119ac3 Received: from EX19D008UEA002.ant.amazon.com (10.252.134.125) by EX19MTAUEA002.ant.amazon.com (10.252.134.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:13 +0000 Received: from EX19MTAUEC001.ant.amazon.com (10.252.135.222) by EX19D008UEA002.ant.amazon.com (10.252.134.125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:13 +0000 Received: from email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (10.43.8.6) by mail-relay.amazon.com (10.252.135.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Tue, 17 Dec 2024 18:15:13 +0000 Received: from dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com (dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com [10.253.74.38]) by email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (Postfix) with ESMTPS id C742AA07DA; Tue, 17 Dec 2024 18:15:10 +0000 (UTC) From: Ivan Orlov To: , , , , , , CC: Ivan Orlov , , , , , , , , Subject: [PATCH v3 3/7] KVM: x86: Unprotect & retry before unhandleable vectoring check Date: Tue, 17 Dec 2024 18:14:54 +0000 Message-ID: <20241217181458.68690-4-iorlov@amazon.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20241217181458.68690-1-iorlov@amazon.com> References: <20241217181458.68690-1-iorlov@amazon.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Try to unprotect and retry the instruction execution before checking for unhandleable vectoring. If there is a write to a shadowed page table when vectoring an event, KVM should be able to unprotect the gfn and retry the instruction execution without returning an error to userspace. This ensures that the subsequent patches won't make KVM exit to userspace when handling an intercepted #PF during vectoring without checking whether unprotect & retry is possible. Suggested-by: Sean Christopherson Signed-off-by: Ivan Orlov --- V1 -> V2: - This patch wasn't included in V1. V2 -> V3: - This patch wasn't included in V2. arch/x86/kvm/x86.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 849a6fc364b3..26faacc99c4c 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -9107,6 +9107,10 @@ int x86_emulate_instruction(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, if (r == X86EMUL_RETRY_INSTR || r == X86EMUL_PROPAGATE_FAULT) return 1; + if (kvm_unprotect_and_retry_on_failure(vcpu, cr2_or_gpa, + emulation_type)) + return 1; + if (r == X86EMUL_UNHANDLEABLE_VECTORING) { kvm_prepare_event_vectoring_exit(vcpu, cr2_or_gpa); return 0; From patchwork Tue Dec 17 18:14:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Orlov X-Patchwork-Id: 13912391 Received: from smtp-fw-80006.amazon.com (smtp-fw-80006.amazon.com [99.78.197.217]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 960321F8930; Tue, 17 Dec 2024 18:15:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=99.78.197.217 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459322; cv=none; b=VocAIzr8liB4ADSpC26Fj4RjBWH7zZRN7kgTNUuHg8eaaoR4AVLOq3jNmlKTSD/lrWvARSQAbJA58h2Td+7aANVUjuo3Le9lROmg12R6hQpztx8q/xRmzpo65WRntV7a53QYzvdQuw4mhYRYNXbOCGIRmf/ojBLOnlL2M6w/q1U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459322; c=relaxed/simple; bh=MzRUkp1l5huWcvHODxn7UEXAHpVA4OorMAWVDvugiS8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=j+5fLnp9SqKwqQt6GLFD+fTU1KGwJb3E7XZKZFeTNz16aVPHD2MRIZArAT2yj940bpsEGZaGXZ+TTsBt7tzWJ8sDKIliBlNjR/mStLd5/ATjYaSiVpXY6W3tHEo97IfOMqP9gGrehdbSwB0PrFjcb5bw1ORWEFIZsKjICsN4GiE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=tAgmEVVf; arc=none smtp.client-ip=99.78.197.217 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="tAgmEVVf" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1734459227; x=1765995227; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4u/ng5qZ3A4+uh9KY/4GLCugKda2yo4r1YX7BgEse9w=; b=tAgmEVVf2GKCdHVPtF+2I/nXesmOCrzhqGvFkUR9KCdXNUHUD9eO5TJm GJVaRCM0xr7OtVnr+TNpGn4RtNXvTVOxJ0u7sE6Gi0NE38nykbj46k2C6 Gg02dYbAbznbqttH/a25wYD7tmJNF4TI03eyzElxCyRt7QksGrw1dqBf5 A=; X-IronPort-AV: E=Sophos;i="6.12,242,1728950400"; d="scan'208";a="6733997" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.25.36.214]) by smtp-border-fw-80006.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2024 18:13:43 +0000 Received: from EX19MTAUEA001.ant.amazon.com [10.0.0.204:12819] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.24.38:2525] with esmtp (Farcaster) id f9a17de5-d760-4f0d-9434-baddac6a13f8; Tue, 17 Dec 2024 18:15:16 +0000 (UTC) X-Farcaster-Flow-ID: f9a17de5-d760-4f0d-9434-baddac6a13f8 Received: from EX19D008UEC002.ant.amazon.com (10.252.135.242) by EX19MTAUEA001.ant.amazon.com (10.252.134.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:15 +0000 Received: from EX19MTAUWB002.ant.amazon.com (10.250.64.231) by EX19D008UEC002.ant.amazon.com (10.252.135.242) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:15 +0000 Received: from email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (10.25.36.214) by mail-relay.amazon.com (10.250.64.228) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Tue, 17 Dec 2024 18:15:15 +0000 Received: from dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com (dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com [10.253.74.38]) by email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (Postfix) with ESMTPS id 29677A0723; Tue, 17 Dec 2024 18:15:13 +0000 (UTC) From: Ivan Orlov To: , , , , , , CC: Ivan Orlov , , , , , , , , Subject: [PATCH v3 4/7] KVM: VMX: Handle vectoring error in check_emulate_instruction Date: Tue, 17 Dec 2024 18:14:55 +0000 Message-ID: <20241217181458.68690-5-iorlov@amazon.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20241217181458.68690-1-iorlov@amazon.com> References: <20241217181458.68690-1-iorlov@amazon.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Move unhandleable vmexit during vectoring error detection into check_emulate_instruction. Implement the function which prohibits the emulation if EMULTYPE_PF is set when vectoring, otherwise such a situation may occur: 1. CPU executes an instruction and hits a #GP 2. While vectoring the #GP, a shadow #PF occurs 3. On vmexit, KVM re-injects #GP 4. KVM emulates because of the write-protected page 5. KVM "successfully" emulates and also detects the #GP 6. KVM synthesizes a #GP, and since #GP has already been injected, incorrectly escalates to a #DF. Fix the comment about EMULTYPE_PF as this flag doesn't necessarily mean MMIO anymore: it can also be set due to the write protection violation. Suggested-by: Sean Christopherson Signed-off-by: Ivan Orlov --- V1 -> V2: - Detect the unhandleable vectoring error in vmx_check_emulate_instruction instead of handling it in the common MMU code (which is specific for cached MMIO) V2 -> V3: - Prohibit any emulation during vectoring if it happens due to an intercepted #PF. arch/x86/include/asm/kvm_host.h | 9 +++++++-- arch/x86/kvm/vmx/vmx.c | 23 +++++++++-------------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index de8fb1ab230c..f3a1d050e1d6 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2019,8 +2019,8 @@ u64 vcpu_tsc_khz(struct kvm_vcpu *vcpu); * VMware backdoor emulation handles select instructions * and reinjects the #GP for all other cases. * - * EMULTYPE_PF - Set when emulating MMIO by way of an intercepted #PF, in which - * case the CR2/GPA value pass on the stack is valid. + * EMULTYPE_PF - Set when an intercepted #PF triggers the emulation, in which case + * the CR2/GPA value pass on the stack is valid. * * EMULTYPE_COMPLETE_USER_EXIT - Set when the emulator should update interruptibility * state and inject single-step #DBs after skipping @@ -2055,6 +2055,11 @@ u64 vcpu_tsc_khz(struct kvm_vcpu *vcpu); #define EMULTYPE_COMPLETE_USER_EXIT (1 << 7) #define EMULTYPE_WRITE_PF_TO_SP (1 << 8) +static inline bool kvm_can_emulate_event_vectoring(int emul_type) +{ + return !(emul_type & EMULTYPE_PF); +} + int kvm_emulate_instruction(struct kvm_vcpu *vcpu, int emulation_type); int kvm_emulate_instruction_from_buffer(struct kvm_vcpu *vcpu, void *insn, int insn_len); diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index acc2f0e0a339..89ddbe1175c7 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1705,6 +1705,12 @@ int vmx_check_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type, kvm_queue_exception(vcpu, UD_VECTOR); return X86EMUL_PROPAGATE_FAULT; } + + /* Check that emulation is possible during event vectoring */ + if ((to_vmx(vcpu)->idt_vectoring_info & VECTORING_INFO_VALID_MASK) && + !kvm_can_emulate_event_vectoring(emul_type)) + return X86EMUL_UNHANDLEABLE_VECTORING; + return X86EMUL_CONTINUE; } @@ -6543,26 +6549,15 @@ static int __vmx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) return 0; } - /* - * Note: - * Do not try to fix EXIT_REASON_EPT_MISCONFIG if it caused by - * delivery event since it indicates guest is accessing MMIO. - * The vm-exit can be triggered again after return to guest that - * will cause infinite loop. - */ if ((vectoring_info & VECTORING_INFO_VALID_MASK) && (exit_reason.basic != EXIT_REASON_EXCEPTION_NMI && exit_reason.basic != EXIT_REASON_EPT_VIOLATION && exit_reason.basic != EXIT_REASON_PML_FULL && exit_reason.basic != EXIT_REASON_APIC_ACCESS && exit_reason.basic != EXIT_REASON_TASK_SWITCH && - exit_reason.basic != EXIT_REASON_NOTIFY)) { - gpa_t gpa = INVALID_GPA; - - if (exit_reason.basic == EXIT_REASON_EPT_MISCONFIG) - gpa = vmcs_read64(GUEST_PHYSICAL_ADDRESS); - - kvm_prepare_event_vectoring_exit(vcpu, gpa); + exit_reason.basic != EXIT_REASON_NOTIFY && + exit_reason.basic != EXIT_REASON_EPT_MISCONFIG)) { + kvm_prepare_event_vectoring_exit(vcpu, INVALID_GPA); return 0; } From patchwork Tue Dec 17 18:14:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Orlov X-Patchwork-Id: 13912392 Received: from smtp-fw-52002.amazon.com (smtp-fw-52002.amazon.com [52.119.213.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 83AC31F8926; Tue, 17 Dec 2024 18:15:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.150 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459323; cv=none; b=CC1IA12GJQaHD2374KElojAhnZ2I/RDe19FLX+U6xWtQRPHXN+LguKAbkudWHdN4rSxLwWSDpB4Jcn14Gy80XV51AQePLtXZjfCXyiLpQYOPORpfaliXwN6dANSESPnOdQLJNvSBgVFnmIYB6oOKupbSxFk0bc7yFRkQGmQRU+o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459323; c=relaxed/simple; bh=BlFiVRX84VKB+lYW0JlENh5OHc/YiO1YD8ZW2XFsitY=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=XYSdiBr2n5mjP7p+nwwJgzOm5joC9AJSV56n0F3VziC6eFGqZLqpvSb2YAjDzgW25KWfMuSvJkyXZPlG3IYbwo7VRax0szwSvkRmhdDXeVmI5tuT3Gb6bcprYAG4YKwVP0gCFgHNxuHpOG230hyxin7PFOXPKsx88Q74JACNEJk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=SO9mURks; arc=none smtp.client-ip=52.119.213.150 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="SO9mURks" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1734459321; x=1765995321; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=6Bb3yk5m8+2ssI3UJ2EET3EK/UrkVfIMo+0kcIuYef0=; b=SO9mURksLHEZ2EOElVjKX1wjJjnYEFQrC6GitprwmlGqhEpMRZaRwAfH 83B7qScdvLQYNgiOdkSMd6a+eVOzrnCICS6c0fppIgItNz3V+bRC41oXR BqsG8w5O4e3cl79x/v9Srz9IvMjDrXOQ+rYXPZhDVwgvM0205z4s39saM I=; X-IronPort-AV: E=Sophos;i="6.12,242,1728950400"; d="scan'208";a="682125540" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-52002.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2024 18:15:18 +0000 Received: from EX19MTAUEC002.ant.amazon.com [10.0.29.78:60145] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.36.121:2525] with esmtp (Farcaster) id 365cb594-0db9-4605-a381-469b8f367db5; Tue, 17 Dec 2024 18:15:18 +0000 (UTC) X-Farcaster-Flow-ID: 365cb594-0db9-4605-a381-469b8f367db5 Received: from EX19D008UEA003.ant.amazon.com (10.252.134.116) by EX19MTAUEC002.ant.amazon.com (10.252.135.253) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:18 +0000 Received: from EX19MTAUEB002.ant.amazon.com (10.252.135.47) by EX19D008UEA003.ant.amazon.com (10.252.134.116) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:18 +0000 Received: from email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (10.43.8.2) by mail-relay.amazon.com (10.252.135.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Tue, 17 Dec 2024 18:15:18 +0000 Received: from dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com (dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com [10.253.74.38]) by email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (Postfix) with ESMTPS id 7FA39A0790; Tue, 17 Dec 2024 18:15:15 +0000 (UTC) From: Ivan Orlov To: , , , , , , CC: Ivan Orlov , , , , , , , , Subject: [PATCH v3 5/7] KVM: SVM: Handle vectoring error in check_emulate_instruction Date: Tue, 17 Dec 2024 18:14:56 +0000 Message-ID: <20241217181458.68690-6-iorlov@amazon.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20241217181458.68690-1-iorlov@amazon.com> References: <20241217181458.68690-1-iorlov@amazon.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Detect unhandleable vectoring in check_emulate_instruction to prevent infinite loop on SVM and eliminate the difference in how intercepted #PF during vectoring is handled on SVM and VMX. Signed-off-by: Ivan Orlov --- V1 -> V2: - Detect the unhandleable vectoring error in svm_check_emulate_instruction instead of handling it in the common MMU code (which is specific for cached MMIO) V2 -> V3: - Use more generic function to check if emulation is allowed when vectoring arch/x86/kvm/svm/svm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index dd15cc635655..e89c6fc2c4e6 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4802,6 +4802,12 @@ static int svm_check_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type, bool smep, smap, is_user; u64 error_code; + /* Check that emulation is possible during event vectoring */ + if ((to_svm(vcpu)->vmcb->control.exit_int_info & + SVM_EXITINTINFO_TYPE_MASK) && + !kvm_can_emulate_event_vectoring(emul_type)) + return X86EMUL_UNHANDLEABLE_VECTORING; + /* Emulation is always possible when KVM has access to all guest state. */ if (!sev_guest(vcpu->kvm)) return X86EMUL_CONTINUE; From patchwork Tue Dec 17 18:14:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Orlov X-Patchwork-Id: 13912395 Received: from smtp-fw-6001.amazon.com (smtp-fw-6001.amazon.com [52.95.48.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5223B1F8AEC; Tue, 17 Dec 2024 18:15:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.95.48.154 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459326; cv=none; b=MLl1TX/cF7PW4z2DZ+A3ACca6ms4qLRkXkI4F6EWQT+7jOfxRC5lpOqFc9gAR5IIIzTZkvazVkf5h3o7yZ+Co4uxP+pxCBjYBrmDCPYYQXmf7zZnvIGU40y5lz2kXzY3T24dVVgMiHaV6PLasdJwzSHbhzxpYtUqucr1vw8MhBI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459326; c=relaxed/simple; bh=2o7S8BDu0sZi5YHEyQOzYJEOVcXGnKx1bjML9XDHTm4=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=HKC3kR4uXxkOpca4i+M9zaKPqQtaqCt6oeEZ/DCpTA6lBJnNTf2v6nwGBNTa1Du5j+VB7SDW6W0PnMAeja9DUPIuLPzSvbf7+37qYqTfqD5FQ0SCk+wuIyNh5LvGzjpcuxQDYjji0Kkmh55xgvXlw/C+hniRogsc4D++H71WkaA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=YQz5IhIz; arc=none smtp.client-ip=52.95.48.154 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="YQz5IhIz" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1734459323; x=1765995323; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=hK4TfNbzwafMN1JBUmasDQUaI0rwkIzBfWJzH6DW6to=; b=YQz5IhIzFg9Gqxh7F8vaS3QVIVTb7e1ZfF/DDFhyG1FDU8oB8ESIahl1 8QzAe4Rr0gWubSY71evBPwo+XvkVMY4tAwICes9qjvW6R9XtmL3yLGBR3 rkToS2GP2rqkYqPWE7dpYF4pD0dlSEoOOR+2qIdVWeDAUc/8jU4W75GTR 8=; X-IronPort-AV: E=Sophos;i="6.12,242,1728950400"; d="scan'208";a="446604429" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.43.8.2]) by smtp-border-fw-6001.iad6.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2024 18:15:22 +0000 Received: from EX19MTAUEB002.ant.amazon.com [10.0.0.204:44920] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.36.121:2525] with esmtp (Farcaster) id 05bd3edc-a4ab-4399-bf04-79b001e25ed6; Tue, 17 Dec 2024 18:15:23 +0000 (UTC) X-Farcaster-Flow-ID: 05bd3edc-a4ab-4399-bf04-79b001e25ed6 Received: from EX19D008UEA004.ant.amazon.com (10.252.134.191) by EX19MTAUEB002.ant.amazon.com (10.252.135.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:20 +0000 Received: from EX19MTAUEC001.ant.amazon.com (10.252.135.222) by EX19D008UEA004.ant.amazon.com (10.252.134.191) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:20 +0000 Received: from email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (10.43.8.6) by mail-relay.amazon.com (10.252.135.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Tue, 17 Dec 2024 18:15:20 +0000 Received: from dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com (dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com [10.253.74.38]) by email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (Postfix) with ESMTPS id D5E3AA0723; Tue, 17 Dec 2024 18:15:17 +0000 (UTC) From: Ivan Orlov To: , , , , , , CC: Ivan Orlov , , , , , , , , Subject: [PATCH v3 6/7] selftests: KVM: extract lidt into helper function Date: Tue, 17 Dec 2024 18:14:57 +0000 Message-ID: <20241217181458.68690-7-iorlov@amazon.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20241217181458.68690-1-iorlov@amazon.com> References: <20241217181458.68690-1-iorlov@amazon.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Implement a function for setting the IDT descriptor from the guest code. Replace the existing lidt occurrences with calls to this function as `lidt` is used in multiple places. Signed-off-by: Ivan Orlov --- V1 -> V2: - This patch wasn't included in V1. V2 -> V3: - No changes tools/testing/selftests/kvm/include/x86_64/processor.h | 5 +++++ tools/testing/selftests/kvm/set_memory_region_test.c | 2 +- tools/testing/selftests/kvm/x86_64/sev_smoke_test.c | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86_64/processor.h b/tools/testing/selftests/kvm/include/x86_64/processor.h index 645200e95f89..69938c649a5e 100644 --- a/tools/testing/selftests/kvm/include/x86_64/processor.h +++ b/tools/testing/selftests/kvm/include/x86_64/processor.h @@ -571,6 +571,11 @@ static inline void set_cr4(uint64_t val) __asm__ __volatile__("mov %0, %%cr4" : : "r" (val) : "memory"); } +static inline void set_idt(const struct desc_ptr *idt_desc) +{ + __asm__ __volatile__("lidt %0"::"m"(*idt_desc)); +} + static inline u64 xgetbv(u32 index) { u32 eax, edx; diff --git a/tools/testing/selftests/kvm/set_memory_region_test.c b/tools/testing/selftests/kvm/set_memory_region_test.c index a8267628e9ed..a1c53cc854a5 100644 --- a/tools/testing/selftests/kvm/set_memory_region_test.c +++ b/tools/testing/selftests/kvm/set_memory_region_test.c @@ -235,7 +235,7 @@ static void guest_code_delete_memory_region(void) * in the guest will never succeed, and so isn't an option. */ memset(&idt, 0, sizeof(idt)); - __asm__ __volatile__("lidt %0" :: "m"(idt)); + set_idt(&idt); GUEST_SYNC(0); diff --git a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c index ae77698e6e97..a1a688e75266 100644 --- a/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86_64/sev_smoke_test.c @@ -155,7 +155,7 @@ static void guest_shutdown_code(void) /* Clobber the IDT so that #UD is guaranteed to trigger SHUTDOWN. */ memset(&idt, 0, sizeof(idt)); - __asm__ __volatile__("lidt %0" :: "m"(idt)); + set_idt(&idt); __asm__ __volatile__("ud2"); } From patchwork Tue Dec 17 18:14:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Orlov X-Patchwork-Id: 13912396 Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C925C1F8AEC; Tue, 17 Dec 2024 18:15:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=99.78.197.218 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459331; cv=none; b=qSE4KdURYSIfI/xtH4AijpoLO+AMv5lxzR6ydOulDa9yWS34w0q7eHpoVT7yBUKHHxIuqZV7qQcNrwQm5z39HJY6VSk9wcKx1ey3nypP4i3Ve2OWob2y2xabpOJx28m3wXfXWj4fl5paUCCD1EBy6qAe07gI0lKzW3PazzVbssE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734459331; c=relaxed/simple; bh=m06ZpDC3ycQiyX/+jlw0dUpUrcyKmws5uuBN48CVKV0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=JF+u2pZsqfMy6FTUQ3za/OtOhA9OYwwrr0yXUNbZlgpfiqIrAqX4q4lT2JhGZfJjHOBkhdW00SA/9sCC0F6KEb+DOI1SWlSBvzkwehiGpNkrUMN6zHW60RuoUyhQaNDdX9/dn1eoA7BeoZ9EeaK9hVHV+EmLPIQpoL4mWTaBL44= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b=kg3lP7/Z; arc=none smtp.client-ip=99.78.197.218 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="kg3lP7/Z" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1734459330; x=1765995330; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=S/cIqhO28REfnE/vFnzIeOr5dRvBYI+ntt7bRR/bpmY=; b=kg3lP7/ZM7ZGkqJKMVT1OVhRLKPGTAOjMxsk3Hxf7miVHrLFwNi1Sd0H SLjgWyO8twxBkcq8fBEx1tP7pXF+G8D3R/Gqn6icMbIUkGLGv3FXHstTk uLfRx/RGZBvi+AVNwM43Ir0pcVNE8kzNNGEef932AqS5i/M2QANTmxsKs g=; X-IronPort-AV: E=Sophos;i="6.12,242,1728950400"; d="scan'208";a="361530438" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80007.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2024 18:15:27 +0000 Received: from EX19MTAUEC002.ant.amazon.com [10.0.29.78:18585] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.88.227:2525] with esmtp (Farcaster) id 9034aab4-d5a5-48ae-aaf5-29c92cc03174; Tue, 17 Dec 2024 18:15:26 +0000 (UTC) X-Farcaster-Flow-ID: 9034aab4-d5a5-48ae-aaf5-29c92cc03174 Received: from EX19D008UEC002.ant.amazon.com (10.252.135.242) by EX19MTAUEC002.ant.amazon.com (10.252.135.253) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:22 +0000 Received: from EX19MTAUWB002.ant.amazon.com (10.250.64.231) by EX19D008UEC002.ant.amazon.com (10.252.135.242) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Tue, 17 Dec 2024 18:15:22 +0000 Received: from email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (10.25.36.214) by mail-relay.amazon.com (10.250.64.228) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Tue, 17 Dec 2024 18:15:22 +0000 Received: from dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com (dev-dsk-iorlov-1b-d2eae488.eu-west-1.amazon.com [10.253.74.38]) by email-imr-corp-prod-pdx-1box-2b-8c2c6aed.us-west-2.amazon.com (Postfix) with ESMTPS id 38EFFA0790; Tue, 17 Dec 2024 18:15:20 +0000 (UTC) From: Ivan Orlov To: , , , , , , CC: Ivan Orlov , , , , , , , , Subject: [PATCH v3 7/7] selftests: KVM: Add test case for MMIO during vectoring Date: Tue, 17 Dec 2024 18:14:58 +0000 Message-ID: <20241217181458.68690-8-iorlov@amazon.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20241217181458.68690-1-iorlov@amazon.com> References: <20241217181458.68690-1-iorlov@amazon.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Extend the 'set_memory_region_test' with a test case which covers the MMIO during vectoring error handling. The test case 1) Sets an IDT descriptor base to point to an MMIO address 2) Generates a #GP in the guest 3) Verifies that we got a correct exit reason and suberror code 4) Verifies that we got a corrent reported GPA in internal.data[3] Also, add a definition of non-canonical address to processor.h Signed-off-by: Ivan Orlov --- V1 -> V2: - Get rid of pronouns, redundant comments and incorrect wording - Define noncanonical address in processor.h - Fix indentation and wrap lines at 80 columns V2 -> V3: - Move "NONCANONICAL" definition to the beginning of the file .../selftests/kvm/include/x86_64/processor.h | 2 + .../selftests/kvm/set_memory_region_test.c | 51 +++++++++++++++++++ 2 files changed, 53 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86_64/processor.h b/tools/testing/selftests/kvm/include/x86_64/processor.h index 69938c649a5e..6b8d12f042a8 100644 --- a/tools/testing/selftests/kvm/include/x86_64/processor.h +++ b/tools/testing/selftests/kvm/include/x86_64/processor.h @@ -29,6 +29,8 @@ extern uint64_t guest_tsc_khz; #define MAX_NR_CPUID_ENTRIES 100 #endif +#define NONCANONICAL 0xaaaaaaaaaaaaaaaaull + /* Forced emulation prefix, used to invoke the emulator unconditionally. */ #define KVM_FEP "ud2; .byte 'k', 'v', 'm';" diff --git a/tools/testing/selftests/kvm/set_memory_region_test.c b/tools/testing/selftests/kvm/set_memory_region_test.c index a1c53cc854a5..d65a9f20aa1a 100644 --- a/tools/testing/selftests/kvm/set_memory_region_test.c +++ b/tools/testing/selftests/kvm/set_memory_region_test.c @@ -553,6 +553,56 @@ static void test_add_overlapping_private_memory_regions(void) close(memfd); kvm_vm_free(vm); } + +static void guest_code_mmio_during_vectoring(void) +{ + const struct desc_ptr idt_desc = { + .address = MEM_REGION_GPA, + .size = 0xFFF, + }; + + set_idt(&idt_desc); + + /* Generate a #GP by dereferencing a non-canonical address */ + *((uint8_t *)NONCANONICAL) = 0x1; + + GUEST_ASSERT(0); +} + +/* + * This test points the IDT descriptor base to an MMIO address. It should cause + * a KVM internal error when an event occurs in the guest. + */ +static void test_mmio_during_vectoring(void) +{ + struct kvm_vcpu *vcpu; + struct kvm_run *run; + struct kvm_vm *vm; + u64 expected_gpa; + + pr_info("Testing MMIO during vectoring error handling\n"); + + vm = vm_create_with_one_vcpu(&vcpu, guest_code_mmio_during_vectoring); + virt_map(vm, MEM_REGION_GPA, MEM_REGION_GPA, 1); + + run = vcpu->run; + + vcpu_run(vcpu); + TEST_ASSERT_KVM_EXIT_REASON(vcpu, KVM_EXIT_INTERNAL_ERROR); + TEST_ASSERT(run->internal.suberror == KVM_INTERNAL_ERROR_DELIVERY_EV, + "Unexpected suberror = %d", vcpu->run->internal.suberror); + TEST_ASSERT(run->internal.ndata != 4, "Unexpected internal error data array size = %d", + run->internal.ndata); + + /* The reported GPA should be IDT base + offset of the GP vector */ + expected_gpa = MEM_REGION_GPA + GP_VECTOR * sizeof(struct idt_entry); + + TEST_ASSERT(run->internal.data[3] == expected_gpa, + "Unexpected GPA = %llx (expected %lx)", + vcpu->run->internal.data[3], expected_gpa); + + kvm_vm_free(vm); +} #endif int main(int argc, char *argv[]) @@ -568,6 +618,7 @@ int main(int argc, char *argv[]) * KVM_RUN fails with ENOEXEC or EFAULT. */ test_zero_memory_regions(); + test_mmio_during_vectoring(); #endif test_invalid_memory_region_flags();