[08/12] KVM: nSVM: Use KVM-governed feature framework to track "vVM{SAVE,LOAD} enabled"
| Message ID | 20230217231022.816138-9-seanjc@google.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp115422wrn;
Fri, 17 Feb 2023 15:15:09 -0800 (PST)
X-Google-Smtp-Source:
AK7set8ypeMZY43XmSX8XeUASwQz69FH4Oru2DhaasfKwKTGYXm9hpjc5vvCfCcdU64POlyNO0OS
X-Received: by 2002:a05:6402:2d1:b0:4ac:d925:ee82 with SMTP id
b17-20020a05640202d100b004acd925ee82mr2906030edx.28.1676675709342;
Fri, 17 Feb 2023 15:15:09 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1676675709; cv=none;
d=google.com; s=arc-20160816;
b=oL/g4GlVde9lJ8F1yBD4Ls8DsbFZsjPD3agqAKDW9g5fCIgSStBNj0db2RjQPGQN3E
ZYNz3lwcoACVw0ZBVxMziP/ZnOIp2PcUuWKJuSDUalSMOyvhg/FH1/zIvV0AFH6iBapa
OZ91iKvxNQAMvGBizAJFNpp5DFy8J3xBQ8jLi5jy9x66s86S/Y7nMGw7LxIPAQBHHu9+
KMmTm+xjoknyt09oP7IKQV4LJRlvg76wShvuL8F30nup3Dxqttt6ZCnoh9s8zLBJIXeb
kpwTFSB6+HZ1lZcljr3OlNgN2vwHODevSHQ4zPFA3oIU3FyWNAbZ0t/qAOHWEi0fqlZH
83xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:cc:to:from:subject:message-id:references
:mime-version:in-reply-to:date:reply-to:dkim-signature;
bh=xoyujDYNcmSn6sbEuz9ptxpGQrMCz4NdSnDyJI75LQw=;
b=hmAOYk/xxunJ/k0rle5GxxKiNiupWgl6+bVgILcp6XIcewzLqKpzHadbVJpwyLiIfk
5IkjNx0yRgANXdEQCBTP/8ig7wA1Yx5Urf14IyOIUZ35yn5UBLJ+4tEzAodL6MkGlSeX
BXPbKrsslg5oQJx17rI6OZI6HGo6IVDru7fpMNxrMHE4gjWXda74P3A8EIwMnhTXuu7P
vj9U9DZvoPfA+BPuDBTsokpOjc/9LmO3XDchS+lbri3/TyuEDOf1iaDO76A+omttzDIQ
kta3XkFpaXFj0jQo+xHwedxCuHpmUKM9UpKbQ+W8oKEKHxfJCIgLgZ+OZJSS4963kkRQ
LafA==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@google.com header.s=20210112 header.b=dpQqFvss;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
u26-20020aa7d99a000000b004acb7b6a25csi6570015eds.42.2023.02.17.15.14.46;
Fri, 17 Feb 2023 15:15:09 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@google.com header.s=20210112 header.b=dpQqFvss;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230049AbjBQXLR (ORCPT <rfc822;daweilics@gmail.com> + 99 others);
Fri, 17 Feb 2023 18:11:17 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56928 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229994AbjBQXLF (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Fri, 17 Feb 2023 18:11:05 -0500
Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com
[IPv6:2607:f8b0:4864:20::1149])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 41F566A057
for <linux-kernel@vger.kernel.org>;
Fri, 17 Feb 2023 15:10:41 -0800 (PST)
Received: by mail-yw1-x1149.google.com with SMTP id
00721157ae682-5365663d982so25237067b3.3
for <linux-kernel@vger.kernel.org>;
Fri, 17 Feb 2023 15:10:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20210112;
h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
:date:reply-to:from:to:cc:subject:date:message-id:reply-to;
bh=xoyujDYNcmSn6sbEuz9ptxpGQrMCz4NdSnDyJI75LQw=;
b=dpQqFvssXE0UA8WwasFAKBnP2Qr+hAS9iMB0u9edTg/bAjZj4XhrrT0weBm/X/66Sn
ypVCWH0fcamcMwYZNEgACrCuZJDSNYJfRhyFQLb/NOILy9Q0miLSTkFhTFbq0TrMWfM/
TBSppg3h4vxQWjOUaDfKkQx6IQ8SrOEwxeV9Z761h2EGa/iL/m2uPZdjE3dOUODAHph2
ffxbJMs9RdgFl517e8dx/LN6AumlRS3X80c/mT/QLwtAgkM4xONk8O7zKU/QTMep2STF
7/RxkTXmbAtp1FVs07RE/ej5J703siUuwOmmIwMxoXaENzvI3YUKWMPvemIkiMgNtHxj
mbKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
:date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=xoyujDYNcmSn6sbEuz9ptxpGQrMCz4NdSnDyJI75LQw=;
b=mU6kJ/P4nn90lFBiCRncTQCazkO+V8+8f0PdJln+dlPMOZDLQArJigebLF6eY2qaZ/
w8qGQgWYus3+9kbpkF4lPWCnLl00o20YA2vWDA5EXi38zK58pFKasLmNdDs7k0Vft06u
FZUbbcvWUvh5JitgDDGK9JXPfwojkA8FsPyxUZiBtr1NV+vMpUnPC1Yk8YH9LlPKZcA9
VZYLtGkIktzPj+9tLa9hvHisbrsZWRSXivci5g/HxGK94PLMsow+hwOFc/ECA8TBI3lR
PgtDqqJUiJmSLXZ/1jn5POt3MZm4kOmCIfP5b5THJPJ+b+ev7uMBBL8ntz2wVNnbno2b
HxzQ==
X-Gm-Message-State: AO0yUKWFJyk9N3tOMtn4imGVxv03DF99SLK2qAYMm+4gchY5PGchKKyL
JGTeC14xxYfn/a07xgn8TncDpj5LSX4=
X-Received: from zagreus.c.googlers.com
([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
(user=seanjc job=sendgmr) by 2002:a25:9346:0:b0:909:4c2d:3092 with SMTP id
g6-20020a259346000000b009094c2d3092mr1339095ybo.643.1676675440994; Fri, 17
Feb 2023 15:10:40 -0800 (PST)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 Feb 2023 15:10:18 -0800
In-Reply-To: <20230217231022.816138-1-seanjc@google.com>
Mime-Version: 1.0
References: <20230217231022.816138-1-seanjc@google.com>
X-Mailer: git-send-email 2.39.2.637.g21b0678d19-goog
Message-ID: <20230217231022.816138-9-seanjc@google.com>
Subject: [PATCH 08/12] KVM: nSVM: Use KVM-governed feature framework to track
"vVM{SAVE,LOAD} enabled"
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1758121908440931313?=
X-GMAIL-MSGID: =?utf-8?q?1758121908440931313?=
|
| Series |
KVM: x86: Add "governed" X86_FEATURE framework
|
|
Commit Message
Sean Christopherson
Feb. 17, 2023, 11:10 p.m. UTC
Track "virtual VMSAVE/VMLOAD exposed to L1" via a governed feature flag
instead of using a dedicated bit/flag in vcpu_svm.
No functional change intended.
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
arch/x86/kvm/governed_features.h | 1 +
arch/x86/kvm/svm/nested.c | 2 +-
arch/x86/kvm/svm/svm.c | 5 ++---
arch/x86/kvm/svm/svm.h | 1 -
4 files changed, 4 insertions(+), 5 deletions(-)
Comments
On Fri, Feb 17, 2023 at 03:10:18PM -0800, Sean Christopherson wrote: > Track "virtual VMSAVE/VMLOAD exposed to L1" via a governed feature flag > instead of using a dedicated bit/flag in vcpu_svm. > > No functional change intended. > > Signed-off-by: Sean Christopherson <seanjc@google.com> > --- > arch/x86/kvm/governed_features.h | 1 + > arch/x86/kvm/svm/nested.c | 2 +- > arch/x86/kvm/svm/svm.c | 5 ++--- > arch/x86/kvm/svm/svm.h | 1 - > 4 files changed, 4 insertions(+), 5 deletions(-) > > diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h > index 0335576a80a8..b66b9d550f33 100644 > --- a/arch/x86/kvm/governed_features.h > +++ b/arch/x86/kvm/governed_features.h > @@ -9,6 +9,7 @@ KVM_GOVERNED_X86_FEATURE(GBPAGES) > KVM_GOVERNED_X86_FEATURE(XSAVES) > KVM_GOVERNED_X86_FEATURE(NRIPS) > KVM_GOVERNED_X86_FEATURE(TSCRATEMSR) > +KVM_GOVERNED_X86_FEATURE(V_VMSAVE_VMLOAD) > > #undef KVM_GOVERNED_X86_FEATURE > #undef KVM_GOVERNED_FEATURE > diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c > index 30e00c4e07c7..6a96058c0e48 100644 > --- a/arch/x86/kvm/svm/nested.c > +++ b/arch/x86/kvm/svm/nested.c > @@ -107,7 +107,7 @@ static void nested_svm_uninit_mmu_context(struct kvm_vcpu *vcpu) > > static bool nested_vmcb_needs_vls_intercept(struct vcpu_svm *svm) > { > - if (!svm->v_vmload_vmsave_enabled) > + if (!guest_can_use(&svm->vcpu, X86_FEATURE_V_VMSAVE_VMLOAD)) > return true; > > if (!nested_npt_enabled(svm)) > diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c > index dd4aead5462c..b3f0271c73b9 100644 > --- a/arch/x86/kvm/svm/svm.c > +++ b/arch/x86/kvm/svm/svm.c > @@ -1162,8 +1162,6 @@ static inline void init_vmcb_after_set_cpuid(struct kvm_vcpu *vcpu) > > set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 0, 0); > set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 0, 0); > - > - svm->v_vmload_vmsave_enabled = false; > } else { > /* > * If hardware supports Virtual VMLOAD VMSAVE then enable it > @@ -4153,7 +4151,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) > > svm->lbrv_enabled = lbrv && guest_cpuid_has(vcpu, X86_FEATURE_LBRV); > > - svm->v_vmload_vmsave_enabled = vls && guest_cpuid_has(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); > + if (vls && !guest_cpuid_is_intel(vcpu)) > + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); Sorry, why guest_cpuid_is_intel(vcpu)? Is it becasue that a AMD host with virtual VMSAVE/VMLOAD capability will always expose this feature for all AMD guests? If yes, how about adding some comments? Thanks! B.R. Yu
> Sorry, why guest_cpuid_is_intel(vcpu)? Is it becasue that a AMD host with virtual > VMSAVE/VMLOAD capability will always expose this feature for all AMD guests? Oh, sorry. I missed the guest_cpuid_has() in kvm_governed_feature_check_and_set(). So please just ignore my 2nd question. As to the check of guest_cpuid_is_intel(), is it necessary? B.R. Yu
On Tue, Feb 21, 2023, Yu Zhang wrote: > > Sorry, why guest_cpuid_is_intel(vcpu)? Is it becasue that a AMD host with virtual > > VMSAVE/VMLOAD capability will always expose this feature for all AMD guests? > > Oh, sorry. I missed the guest_cpuid_has() in kvm_governed_feature_check_and_set(). > So please just ignore my 2nd question. > > As to the check of guest_cpuid_is_intel(), is it necessary? Yes? The comment in init_vmcb_after_set_cpuid() says: /* * We must intercept SYSENTER_EIP and SYSENTER_ESP * accesses because the processor only stores 32 bits. * For the same reason we cannot use virtual VMLOAD/VMSAVE. */ but I'm struggling to connect the dots to SYSENTER. I suspect the comment is misleading and has nothing to do 32-bit vs. 64-bit (or I'm reading it wrong) and should be something like: /* * Disable virtual VMLOAD/VMSAVE and intercept VMLOAD/VMSAVE if the * guest CPU is Intel in order to inject #UD. */ In other words, a non-SVM guest shouldn't be allowed to execute VMLOAD/VMSAVE.
On Tue, Feb 21, 2023 at 03:48:07PM -0800, Sean Christopherson wrote: > On Tue, Feb 21, 2023, Yu Zhang wrote: > > > Sorry, why guest_cpuid_is_intel(vcpu)? Is it becasue that a AMD host with virtual > > > VMSAVE/VMLOAD capability will always expose this feature for all AMD guests? > > > > Oh, sorry. I missed the guest_cpuid_has() in kvm_governed_feature_check_and_set(). > > So please just ignore my 2nd question. > > > > As to the check of guest_cpuid_is_intel(), is it necessary? > > Yes? The comment in init_vmcb_after_set_cpuid() says: > > /* > * We must intercept SYSENTER_EIP and SYSENTER_ESP > * accesses because the processor only stores 32 bits. > * For the same reason we cannot use virtual VMLOAD/VMSAVE. > */ > > but I'm struggling to connect the dots to SYSENTER. I suspect the comment is > misleading and has nothing to do 32-bit vs. 64-bit (or I'm reading it wrong) and > should be something like: > > /* > * Disable virtual VMLOAD/VMSAVE and intercept VMLOAD/VMSAVE if the > * guest CPU is Intel in order to inject #UD. > */ > > In other words, a non-SVM guest shouldn't be allowed to execute VMLOAD/VMSAVE. Yes. Such interpretation makes sense. And vmload/vmsave shall be intercepted if guest CPU is Intel and #UD shall be injected. I guess this is done indirectly by judging the EFER_SVME not set in EFER in nested_svm_check_permissions()? And as to X86_FEATURE_V_VMSAVE_VMLOAD, should the guest_cpuid_has() return true at all for a Intel guest? B.R. Yu
+Maxim On Wed, Feb 22, 2023, Yu Zhang wrote: > On Tue, Feb 21, 2023 at 03:48:07PM -0800, Sean Christopherson wrote: > > On Tue, Feb 21, 2023, Yu Zhang wrote: > > > > Sorry, why guest_cpuid_is_intel(vcpu)? Is it becasue that a AMD host with virtual > > > > VMSAVE/VMLOAD capability will always expose this feature for all AMD guests? > > > > > > Oh, sorry. I missed the guest_cpuid_has() in kvm_governed_feature_check_and_set(). > > > So please just ignore my 2nd question. > > > > > > As to the check of guest_cpuid_is_intel(), is it necessary? > > > > Yes? The comment in init_vmcb_after_set_cpuid() says: > > > > /* > > * We must intercept SYSENTER_EIP and SYSENTER_ESP > > * accesses because the processor only stores 32 bits. > > * For the same reason we cannot use virtual VMLOAD/VMSAVE. > > */ > > > > but I'm struggling to connect the dots to SYSENTER. I suspect the comment is > > misleading and has nothing to do 32-bit vs. 64-bit (or I'm reading it wrong) and > > should be something like: > > > > /* > > * Disable virtual VMLOAD/VMSAVE and intercept VMLOAD/VMSAVE if the > > * guest CPU is Intel in order to inject #UD. > > */ > > > > In other words, a non-SVM guest shouldn't be allowed to execute VMLOAD/VMSAVE. > > Yes. Such interpretation makes sense. And vmload/vmsave shall be intercepted > if guest CPU is Intel and #UD shall be injected. I guess this is done indirectly > by judging the EFER_SVME not set in EFER in nested_svm_check_permissions()? Nope, my interpretation is wrong. vmload_vmsave_interception() clears the upper bits of SYSENTER_{EIP,ESP} if (vmload) { svm_copy_vmloadsave_state(svm->vmcb, vmcb12); svm->sysenter_eip_hi = 0; svm->sysenter_esp_hi = 0; } else { svm_copy_vmloadsave_state(vmcb12, svm->vmcb); } From commit adc2a23734ac ("KVM: nSVM: improve SYSENTER emulation on AMD"): 3. Disable vmload/vmsave virtualization if vendor=GenuineIntel. (It is somewhat insane to set vendor=GenuineIntel and still enable SVM for the guest but well whatever). Then zero the high 32 bit parts when kvm intercepts and emulates vmload. Presumably AMD hardware loads only the lower 32 bits, which would leave garbage in the upper bits and even leak state from L1 to L2 (again ignoring the fact that exposing SVM to an Intel vCPU is bonkers). I'll opportunistically massage the comment to make it more explicit about why VMLOAD needs to be intercepted. That said, clearing the bits for this seems wrong. That would corrupt the MSRs for 64-bit Intel guests. The "target" of the fix was 32-bit L2s, i.e. I doubt anything would notice. This patch fixes nested migration of 32 bit nested guests, that was broken because incorrect cached values of SYSENTER msrs were stored in the migration stream if L1 changed these msrs with vmload prior to L2 entry. Maxim, would anything actually break if KVM let L1 load 64-bit values for the SYSENTER MSRs? > And as to X86_FEATURE_V_VMSAVE_VMLOAD, should the guest_cpuid_has() return true > at all for a Intel guest? Yes, because guest CPUID is userspace controlled. Except for emulating architectural side effects, e.g. size of XSAVE area, KVM doesn't sanitize guest CPUID.
On Wed, Feb 22, 2023 at 08:39:01AM -0800, Sean Christopherson wrote: > +Maxim > > On Wed, Feb 22, 2023, Yu Zhang wrote: > > On Tue, Feb 21, 2023 at 03:48:07PM -0800, Sean Christopherson wrote: > > > On Tue, Feb 21, 2023, Yu Zhang wrote: > > > > > Sorry, why guest_cpuid_is_intel(vcpu)? Is it becasue that a AMD host with virtual > > > > > VMSAVE/VMLOAD capability will always expose this feature for all AMD guests? > > > > > > > > Oh, sorry. I missed the guest_cpuid_has() in kvm_governed_feature_check_and_set(). > > > > So please just ignore my 2nd question. > > > > > > > > As to the check of guest_cpuid_is_intel(), is it necessary? > > > > > > Yes? The comment in init_vmcb_after_set_cpuid() says: > > > > > > /* > > > * We must intercept SYSENTER_EIP and SYSENTER_ESP > > > * accesses because the processor only stores 32 bits. > > > * For the same reason we cannot use virtual VMLOAD/VMSAVE. > > > */ > > > > > > but I'm struggling to connect the dots to SYSENTER. I suspect the comment is > > > misleading and has nothing to do 32-bit vs. 64-bit (or I'm reading it wrong) and > > > should be something like: > > > > > > /* > > > * Disable virtual VMLOAD/VMSAVE and intercept VMLOAD/VMSAVE if the > > > * guest CPU is Intel in order to inject #UD. > > > */ > > > > > > In other words, a non-SVM guest shouldn't be allowed to execute VMLOAD/VMSAVE. > > > > Yes. Such interpretation makes sense. And vmload/vmsave shall be intercepted > > if guest CPU is Intel and #UD shall be injected. I guess this is done indirectly > > by judging the EFER_SVME not set in EFER in nested_svm_check_permissions()? > > Nope, my interpretation is wrong. vmload_vmsave_interception() clears the upper > bits of SYSENTER_{EIP,ESP} > > if (vmload) { > svm_copy_vmloadsave_state(svm->vmcb, vmcb12); > svm->sysenter_eip_hi = 0; > svm->sysenter_esp_hi = 0; > } else { > svm_copy_vmloadsave_state(vmcb12, svm->vmcb); > } > > From commit adc2a23734ac ("KVM: nSVM: improve SYSENTER emulation on AMD"): > > 3. Disable vmload/vmsave virtualization if vendor=GenuineIntel. > (It is somewhat insane to set vendor=GenuineIntel and still enable > SVM for the guest but well whatever). > Then zero the high 32 bit parts when kvm intercepts and emulates vmload. > > Presumably AMD hardware loads only the lower 32 bits, which would leave garbage > in the upper bits and even leak state from L1 to L2 (again ignoring the fact that > exposing SVM to an Intel vCPU is bonkers). Is it because L1 is a VM migrated from Intel platform to AMD's? So w/o commit adc2a23734ac ("KVM: nSVM: improve SYSENTER emulation on AMD"): 1> L1 could be a "GenuineIntel" with SVM capability (bizarre as it is), running in 64-bit mode. 2> With no interception of MSR writes to the SYSENTER_EIP/ESP, L1 may set its SYSENTER_EIP/ESP to a 64-bit value successfully (though sysenter/sysexit may fail). 3> L2 could be in 32-bit mode. And if virtual vmload/vmsave is enabled for L1, only lower 32 bits of those MSRs will be loaded, leaking the higher 32 bits. Is above scenario the reason of Maxim's fix? But why it is related to nested migration? > I'll opportunistically massage the comment to make it more explicit about why > VMLOAD needs to be intercepted. > > That said, clearing the bits for this seems wrong. That would corrupt the MSRs > for 64-bit Intel guests. The "target" of the fix was 32-bit L2s, i.e. I doubt > anything would notice. > > This patch fixes nested migration of 32 bit nested guests, that was > broken because incorrect cached values of SYSENTER msrs were stored in > the migration stream if L1 changed these msrs with > vmload prior to L2 entry. > > Maxim, would anything actually break if KVM let L1 load 64-bit values for the > SYSENTER MSRs? > > > And as to X86_FEATURE_V_VMSAVE_VMLOAD, should the guest_cpuid_has() return true > > at all for a Intel guest? > > Yes, because guest CPUID is userspace controlled. Except for emulating architectural > side effects, e.g. size of XSAVE area, KVM doesn't sanitize guest CPUID. > B.R. Yu
On Fri, Feb 24, 2023, Yu Zhang wrote: > On Wed, Feb 22, 2023 at 08:39:01AM -0800, Sean Christopherson wrote: > > +Maxim > > > > On Wed, Feb 22, 2023, Yu Zhang wrote: > > > On Tue, Feb 21, 2023 at 03:48:07PM -0800, Sean Christopherson wrote: > > Nope, my interpretation is wrong. vmload_vmsave_interception() clears the upper > > bits of SYSENTER_{EIP,ESP} > > > > if (vmload) { > > svm_copy_vmloadsave_state(svm->vmcb, vmcb12); > > svm->sysenter_eip_hi = 0; > > svm->sysenter_esp_hi = 0; > > } else { > > svm_copy_vmloadsave_state(vmcb12, svm->vmcb); > > } > > > > From commit adc2a23734ac ("KVM: nSVM: improve SYSENTER emulation on AMD"): > > > > 3. Disable vmload/vmsave virtualization if vendor=GenuineIntel. > > (It is somewhat insane to set vendor=GenuineIntel and still enable > > SVM for the guest but well whatever). > > Then zero the high 32 bit parts when kvm intercepts and emulates vmload. > > > > Presumably AMD hardware loads only the lower 32 bits, which would leave garbage > > in the upper bits and even leak state from L1 to L2 (again ignoring the fact that > > exposing SVM to an Intel vCPU is bonkers). > Is it because L1 is a VM migrated from Intel platform to AMD's? I believe so. > So w/o commit adc2a23734ac ("KVM: nSVM: improve SYSENTER emulation on AMD"): > 1> L1 could be a "GenuineIntel" with SVM capability (bizarre as it is), running > in 64-bit mode. > 2> With no interception of MSR writes to the SYSENTER_EIP/ESP, L1 may set its > SYSENTER_EIP/ESP to a 64-bit value successfully (though sysenter/sysexit may > fail). Yes, though the MSRs don't need to be passed through, KVM emulates the full 64 bits if the guest CPUID model is Intel. > 3> L2 could be in 32-bit mode. And if virtual vmload/vmsave is enabled for L1, > only lower 32 bits of those MSRs will be loaded, leaking the higher 32 bits. > > Is above scenario the reason of Maxim's fix? Yes, that's my understanding. > But why it is related to nested migration? I understand why it's related, but I don't understand why we bothered to add "support" for this. In theory, if L1 is migrated by L0 while L1 is running an L2 that uses SYSENTER, problems will occur. I'm a bit lost as to how this matters in practice, as KVM doesn't support cross-vendor nested virtualization, and if L1 can be enlightened to the point where it can switch from VMX=>SVM during migration, what's the point of doing a migration?
On Wed, Feb 22, 2023, Sean Christopherson wrote: > +Maxim > > On Wed, Feb 22, 2023, Yu Zhang wrote: > I'll opportunistically massage the comment to make it more explicit about why > VMLOAD needs to be intercepted. > > That said, clearing the bits for this seems wrong. That would corrupt the MSRs > for 64-bit Intel guests. The "target" of the fix was 32-bit L2s, i.e. I doubt > anything would notice. > > This patch fixes nested migration of 32 bit nested guests, that was > broken because incorrect cached values of SYSENTER msrs were stored in > the migration stream if L1 changed these msrs with > vmload prior to L2 entry. Aha! Finally figured out what this code is doing. KVM intercepts VMLOAD so that KVM can correctly model the VMLOAD behavior of dropping bits 63:32, i.e. to clear svm->sysenter_eip_hi and svm->sysenter_esp_hi. So the code is correct. I'll add this comment: /* * Intercept VMLOAD if the vCPU mode is Intel in order to emulate that * VMLOAD drops bits 63:32 of SYSENTER (ignoring the fact that exposing * SVM on Intel is bonkers and extremely unlikely to work). */
On Thu, Jun 29, 2023 at 09:50:34AM -0700, Sean Christopherson wrote: > On Wed, Feb 22, 2023, Sean Christopherson wrote: > > +Maxim > > > > On Wed, Feb 22, 2023, Yu Zhang wrote: > > I'll opportunistically massage the comment to make it more explicit about why > > VMLOAD needs to be intercepted. > > > > That said, clearing the bits for this seems wrong. That would corrupt the MSRs > > for 64-bit Intel guests. The "target" of the fix was 32-bit L2s, i.e. I doubt > > anything would notice. > > > > This patch fixes nested migration of 32 bit nested guests, that was > > broken because incorrect cached values of SYSENTER msrs were stored in > > the migration stream if L1 changed these msrs with > > vmload prior to L2 entry. > > Aha! Finally figured out what this code is doing. KVM intercepts VMLOAD so that > KVM can correctly model the VMLOAD behavior of dropping bits 63:32, i.e. to clear > svm->sysenter_eip_hi and svm->sysenter_esp_hi. > > So the code is correct. I'll add this comment: > > /* > * Intercept VMLOAD if the vCPU mode is Intel in order to emulate that > * VMLOAD drops bits 63:32 of SYSENTER (ignoring the fact that exposing > * SVM on Intel is bonkers and extremely unlikely to work). > */ > Oh.. Because L2 will never be a 64-bit Intel guest, and the emulation of vmload shall follow APM's requirement(to clear the upper 32 bits)? Thanks a lot for bring me back to this discussion... I totally forgot it. :) B.R. Yu Thanks a lot for this explanation, Sean!
diff --git a/arch/x86/kvm/governed_features.h b/arch/x86/kvm/governed_features.h index 0335576a80a8..b66b9d550f33 100644 --- a/arch/x86/kvm/governed_features.h +++ b/arch/x86/kvm/governed_features.h @@ -9,6 +9,7 @@ KVM_GOVERNED_X86_FEATURE(GBPAGES) KVM_GOVERNED_X86_FEATURE(XSAVES) KVM_GOVERNED_X86_FEATURE(NRIPS) KVM_GOVERNED_X86_FEATURE(TSCRATEMSR) +KVM_GOVERNED_X86_FEATURE(V_VMSAVE_VMLOAD) #undef KVM_GOVERNED_X86_FEATURE #undef KVM_GOVERNED_FEATURE diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index 30e00c4e07c7..6a96058c0e48 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -107,7 +107,7 @@ static void nested_svm_uninit_mmu_context(struct kvm_vcpu *vcpu) static bool nested_vmcb_needs_vls_intercept(struct vcpu_svm *svm) { - if (!svm->v_vmload_vmsave_enabled) + if (!guest_can_use(&svm->vcpu, X86_FEATURE_V_VMSAVE_VMLOAD)) return true; if (!nested_npt_enabled(svm)) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index dd4aead5462c..b3f0271c73b9 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1162,8 +1162,6 @@ static inline void init_vmcb_after_set_cpuid(struct kvm_vcpu *vcpu) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 0, 0); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 0, 0); - - svm->v_vmload_vmsave_enabled = false; } else { /* * If hardware supports Virtual VMLOAD VMSAVE then enable it @@ -4153,7 +4151,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) svm->lbrv_enabled = lbrv && guest_cpuid_has(vcpu, X86_FEATURE_LBRV); - svm->v_vmload_vmsave_enabled = vls && guest_cpuid_has(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); + if (vls && !guest_cpuid_is_intel(vcpu)) + kvm_governed_feature_check_and_set(vcpu, X86_FEATURE_V_VMSAVE_VMLOAD); svm->pause_filter_enabled = kvm_cpu_cap_has(X86_FEATURE_PAUSEFILTER) && guest_cpuid_has(vcpu, X86_FEATURE_PAUSEFILTER); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index a523cfcdd12e..1e3e7462b1d7 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -258,7 +258,6 @@ struct vcpu_svm { bool soft_int_injected; /* optional nested SVM features that are enabled for this guest */ - bool v_vmload_vmsave_enabled : 1; bool lbrv_enabled : 1; bool pause_filter_enabled : 1; bool pause_threshold_enabled : 1;