From patchwork Thu Sep 14 06:33:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Yang, Weijiang" X-Patchwork-Id: 140029 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp761355vqi; Thu, 14 Sep 2023 19:40:39 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE9XILd0eFrbx4soZWBw6q371VQJ/BWrNH9RHVVlIx1rvNS8+JQAQTl6u/uulHnIb9hH4KO X-Received: by 2002:a05:6a21:a592:b0:14e:a513:7887 with SMTP id gd18-20020a056a21a59200b0014ea5137887mr5788796pzc.10.1694745639351; Thu, 14 Sep 2023 19:40:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694745639; cv=none; d=google.com; s=arc-20160816; b=i8aPks8397P6HkDRe6N2J+t/FodLukyOSy3drgXyAJRj3XxxZLyZ4Gkr2zcbwiqVsw vFPbqmXYyM3haws2Ugq0jChnDEqRQWHFGvgNQYqs5u7cXmjsvKrnS3C6QemZmoxvnqOo Cy0xTVn7ws9XYYEQFyjEuQf8GrsUhVK5dtZ41gss6uyf89BC2msjAWKG+8sudNIAH/mu GBAQXAyjQ5MLffPl1bI0/tfNwSYMr/2JwSmg5PGM7ihDbCvwhYjMKs4n4kAtXl6ADLq6 FVutj/iZZHF27NDk2mC3IB28ytGzcCm5iw+ZwyiVjkUc21SxX90K1FPkl5vdYbshEsVa HKug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=TtoXZ/pQNkEqCBXMtNXgksrcX+5MWi30v+keLPXJCD4=; fh=jQqUhNQZPAXcZ44u72Wu3jv2pQizzn2Be2T8mkd1RwU=; b=BNY8/vmfzWU8Mk6wWcAYLir9qwT4MRvsebOhyfpBnALx7ur++NSATNuNlwOkxuUUNU Jj2/gQekZNDeqwZSKn6WcKtLD+cIaXlnEhSWhU80bEFyM/SmswooDe3z0xebdDHkkDqq I3CRRfl8S3/PdNoH2AdsWHasMiuax0R1cI2ATnBPg6F2cpofXvqfmtsJNKjW0bTGKPRn 8dIw3UX15erc0WpBSowlAL/QfAaCSEEk43PyTAoN4sVH05lXz9ixa3/cWGsdQojOSxyO sBeiMI4xWwZe0Dv5KUz6EHRSIeUbcTWJq9FZ9++C2FskSE4ec0IMvfNLO4+EoRe6e8PS 49tw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=RTNOUhVP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id z16-20020a656650000000b00565d05b2211si2359458pgv.819.2023.09.14.19.40.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 19:40:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=RTNOUhVP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id DFB588523B45; Thu, 14 Sep 2023 02:39:41 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237781AbjINJj1 (ORCPT + 35 others); Thu, 14 Sep 2023 05:39:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49956 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237415AbjINJi2 (ORCPT ); Thu, 14 Sep 2023 05:38:28 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 611C61FD6; Thu, 14 Sep 2023 02:38:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1694684303; x=1726220303; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=FIh7tQ4a/6RDY7CSVW6DQiHz8WUvFOSxCbxKQrBiXtw=; b=RTNOUhVPT+fzWnrT8nSyUgNgjU6ZmZz5xlZKATnOpd9HbQUz6JO8zHRi B86Buypd0R6nvRSyznsc9AFGWdzltMlcAwhqEzrdqemZHiE4xESYzhTbD 0kQoqUtTiUPT4JRXJ+pKomTEPggB54eAGCMKBr5YDpD+u+5E2vmCmjgz3 3ENOIYD7rGrcwPgPR3kMO5fM1bq811YaD7RJX34RYPR1Hr78k1Wa6aXnF S/1BqvtIs38XDcmjtdvuYxxf4KXuEYj8JjHmlSlReRoj4M0ByH3QuPuir lnheiA0m/ynSuzU58g1Irru35LGBZ5h4viOUIiv8S0ZtUsgYLMKMqq49i Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="409857421" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="409857421" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="747656287" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="747656287" Received: from embargo.jf.intel.com ([10.165.9.183]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:22 -0700 From: Yang Weijiang To: seanjc@google.com, pbonzini@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: dave.hansen@intel.com, peterz@infradead.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, weijiang.yang@intel.com, john.allen@amd.com Subject: [PATCH v6 20/25] KVM: x86: Save and reload SSP to/from SMRAM Date: Thu, 14 Sep 2023 02:33:20 -0400 Message-Id: <20230914063325.85503-21-weijiang.yang@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20230914063325.85503-1-weijiang.yang@intel.com> References: <20230914063325.85503-1-weijiang.yang@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Thu, 14 Sep 2023 02:39:42 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1777069603277213370 X-GMAIL-MSGID: 1777069603277213370 Save CET SSP to SMRAM on SMI and reload it on RSM. KVM emulates HW arch behavior when guest enters/leaves SMM mode,i.e., save registers to SMRAM at the entry of SMM and reload them at the exit to SMM. Per SDM, SSP is one of such registers on 64bit Arch, so add the support for SSP. Suggested-by: Sean Christopherson Signed-off-by: Yang Weijiang --- arch/x86/kvm/smm.c | 8 ++++++++ arch/x86/kvm/smm.h | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/smm.c b/arch/x86/kvm/smm.c index b42111a24cc2..235fca95f103 100644 --- a/arch/x86/kvm/smm.c +++ b/arch/x86/kvm/smm.c @@ -275,6 +275,10 @@ static void enter_smm_save_state_64(struct kvm_vcpu *vcpu, enter_smm_save_seg_64(vcpu, &smram->gs, VCPU_SREG_GS); smram->int_shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu); + + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) + KVM_BUG_ON(kvm_msr_read(vcpu, MSR_KVM_SSP, &smram->ssp), + vcpu->kvm); } #endif @@ -565,6 +569,10 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt, static_call(kvm_x86_set_interrupt_shadow)(vcpu, 0); ctxt->interruptibility = (u8)smstate->int_shadow; + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) + KVM_BUG_ON(kvm_msr_write(vcpu, MSR_KVM_SSP, smstate->ssp), + vcpu->kvm); + return X86EMUL_CONTINUE; } #endif diff --git a/arch/x86/kvm/smm.h b/arch/x86/kvm/smm.h index a1cf2ac5bd78..1e2a3e18207f 100644 --- a/arch/x86/kvm/smm.h +++ b/arch/x86/kvm/smm.h @@ -116,8 +116,8 @@ struct kvm_smram_state_64 { u32 smbase; u32 reserved4[5]; - /* ssp and svm_* fields below are not implemented by KVM */ u64 ssp; + /* svm_* fields below are not implemented by KVM */ u64 svm_guest_pat; u64 svm_host_efer; u64 svm_host_cr4;