From patchwork Thu Sep 14 06:33:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Yang, Weijiang" X-Patchwork-Id: 139503 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp262439vqi; Thu, 14 Sep 2023 04:01:47 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEO3nOopvpfobIyF3KqVZ7EVnQz46SwpGhEgQcqPENN4dhNOg4LVh4AuSKHOiRP4u5MgT4u X-Received: by 2002:a17:90b:1185:b0:268:535f:7c15 with SMTP id gk5-20020a17090b118500b00268535f7c15mr2208117pjb.0.1694689307592; Thu, 14 Sep 2023 04:01:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694689307; cv=none; d=google.com; s=arc-20160816; b=yH9aBxbJr+GDvJs25+9PGf28QL1cJTyXlF4NKaVCSqE5Awrr56CMrbeAolWu/97eBg xnvN4FgyHWplguDp2IH5lt7vz+7zP+vUfwyItrRVSu8ZZM7I6KZiu4JYG1itgy9qurOh IP8lFkuDFdVkD62FsxagOOURi+hVDe0UjpNDpU6pD/DayykhOuQiTYhtFop6y796G8Iv JD7XqMHZTny+JIvE61eBrUoaEc9s4o24C3p6qpWSrOnyx3VwvHYWdppVPq2S3KIPTRzj 7KrVBEATLW/V6PysqpxVgRkQO9p6+wrTj4ZARJtXuJ0dIDX2bBMO4dS6SuKXjj6tgyHX Sszg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LaX4g9w6bHIibhMo4jfzqZMuy6qdFWYH9ItwO86BChU=; fh=jQqUhNQZPAXcZ44u72Wu3jv2pQizzn2Be2T8mkd1RwU=; b=ZLGfZ2Y+ad5af/gvHzMiFaG0As0Bi/oRGTNEht+3g3sVXQayiDM9Nt973bR7o5FrlG /WipI0YLrAvDyAcObVYIpkFmsjIpVK6BA9z6wvBCBBdN1jNyPNoe9v0WVqLPVV6p+UPw TrpymAIv1HecpSHQwEwNLzOyxWbNTiKfjHZ27EMV2D1ASRNoRa/qq4aF/6FdgAkG8/4L eIdpKDkp1QFLiRJ9VbgYo2IEzAQ0oR+KqNtK8P6rjEFjyZ6mo2tLRaDmYat+5nFIxOCi dr9BPlhdoz/NzpJbN1LiRQehJiZy7TB5Q2B4LCL3ZSMf0Is0EzDo90KQU13/zvD3oOTP zgRg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=fJbI0Wz1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id nv7-20020a17090b1b4700b0026b2602b969si1573463pjb.43.2023.09.14.04.01.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 04:01:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=fJbI0Wz1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 93DE6828FC3C; Thu, 14 Sep 2023 02:39:56 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237846AbjINJjl (ORCPT + 35 others); Thu, 14 Sep 2023 05:39:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49836 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237446AbjINJia (ORCPT ); Thu, 14 Sep 2023 05:38:30 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B97201FC0; Thu, 14 Sep 2023 02:38:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1694684304; x=1726220304; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Z0ux6e/uG0dkaGdbqkAWPBXX8t5ysVuvO2txMAe3nKQ=; b=fJbI0Wz17iRogtXpnj1IJ+15nQVIs9/iNezsmhKdvKeV/5lyZq15n04I s7/pnWNFUEHfrU6SKwXo4avuFxROW0BG8I2FTDBHFZIzPDbmWZP9eaFHb eMZe8ly6+gBxuNcXOJiJLpHGfCC6lCr0ZDnauaUnrCIOKZpqKgVLXgzWb jYkyU6UEkZz70mZKBOATwzNHSvn8Q8M/WmDFhcB9uVT7sBCbeSfDto5iB To560UoYchTdUbcYK7oNAM64yddj5G7MUOT4gXD+g5srOZTYgoPVUxfib qKqOeIExWM9ndwvl1aHi/oNBpN9OAnaeckWQN4spnVz3Ur5NnjuOBFYFd Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="409857441" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="409857441" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:24 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="747656306" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="747656306" Received: from embargo.jf.intel.com ([10.165.9.183]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:24 -0700 From: Yang Weijiang To: seanjc@google.com, pbonzini@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: dave.hansen@intel.com, peterz@infradead.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, weijiang.yang@intel.com, john.allen@amd.com Subject: [PATCH v6 24/25] KVM: nVMX: Introduce new VMX_BASIC bit for event error_code delivery to L1 Date: Thu, 14 Sep 2023 02:33:24 -0400 Message-Id: <20230914063325.85503-25-weijiang.yang@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20230914063325.85503-1-weijiang.yang@intel.com> References: <20230914063325.85503-1-weijiang.yang@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 14 Sep 2023 02:39:56 -0700 (PDT) X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06, DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1777010535297889147 X-GMAIL-MSGID: 1777010535297889147 Per SDM description(Vol.3D, Appendix A.1): "If bit 56 is read as 1, software can use VM entry to deliver a hardware exception with or without an error code, regardless of vector" Modify has_error_code check before inject events to nested guest. Only enforce the check when guest is in real mode, the exception is not hard exception and the platform doesn't enumerate bit56 in VMX_BASIC, in all other case ignore the check to make the logic consistent with SDM. Signed-off-by: Yang Weijiang Reviewed-by: Maxim Levitsky --- arch/x86/kvm/vmx/nested.c | 22 ++++++++++++++-------- arch/x86/kvm/vmx/nested.h | 5 +++++ 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index c5ec0ef51ff7..78a3be394d00 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -1205,9 +1205,9 @@ static int vmx_restore_vmx_basic(struct vcpu_vmx *vmx, u64 data) { const u64 feature_and_reserved = /* feature (except bit 48; see below) */ - BIT_ULL(49) | BIT_ULL(54) | BIT_ULL(55) | + BIT_ULL(49) | BIT_ULL(54) | BIT_ULL(55) | BIT_ULL(56) | /* reserved */ - BIT_ULL(31) | GENMASK_ULL(47, 45) | GENMASK_ULL(63, 56); + BIT_ULL(31) | GENMASK_ULL(47, 45) | GENMASK_ULL(63, 57); u64 vmx_basic = vmcs_config.nested.basic; if (!is_bitwise_subset(vmx_basic, data, feature_and_reserved)) @@ -2846,12 +2846,16 @@ static int nested_check_vm_entry_controls(struct kvm_vcpu *vcpu, CC(intr_type == INTR_TYPE_OTHER_EVENT && vector != 0)) return -EINVAL; - /* VM-entry interruption-info field: deliver error code */ - should_have_error_code = - intr_type == INTR_TYPE_HARD_EXCEPTION && prot_mode && - x86_exception_has_error_code(vector); - if (CC(has_error_code != should_have_error_code)) - return -EINVAL; + if (!prot_mode || intr_type != INTR_TYPE_HARD_EXCEPTION || + !nested_cpu_has_no_hw_errcode_cc(vcpu)) { + /* VM-entry interruption-info field: deliver error code */ + should_have_error_code = + intr_type == INTR_TYPE_HARD_EXCEPTION && + prot_mode && + x86_exception_has_error_code(vector); + if (CC(has_error_code != should_have_error_code)) + return -EINVAL; + } /* VM-entry exception error code */ if (CC(has_error_code && @@ -6968,6 +6972,8 @@ static void nested_vmx_setup_basic(struct nested_vmx_msrs *msrs) if (cpu_has_vmx_basic_inout()) msrs->basic |= VMX_BASIC_INOUT; + if (cpu_has_vmx_basic_no_hw_errcode()) + msrs->basic |= VMX_BASIC_NO_HW_ERROR_CODE_CC; } static void nested_vmx_setup_cr_fixed(struct nested_vmx_msrs *msrs) diff --git a/arch/x86/kvm/vmx/nested.h b/arch/x86/kvm/vmx/nested.h index b4b9d51438c6..26842da6857d 100644 --- a/arch/x86/kvm/vmx/nested.h +++ b/arch/x86/kvm/vmx/nested.h @@ -284,6 +284,11 @@ static inline bool nested_cr4_valid(struct kvm_vcpu *vcpu, unsigned long val) __kvm_is_valid_cr4(vcpu, val); } +static inline bool nested_cpu_has_no_hw_errcode_cc(struct kvm_vcpu *vcpu) +{ + return to_vmx(vcpu)->nested.msrs.basic & VMX_BASIC_NO_HW_ERROR_CODE_CC; +} + /* No difference in the restrictions on guest and host CR4 in VMX operation. */ #define nested_guest_cr4_valid nested_cr4_valid #define nested_host_cr4_valid nested_cr4_valid