From patchwork Fri Jul 21 20:18:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124093 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp467133vqg; Fri, 21 Jul 2023 14:12:32 -0700 (PDT) X-Google-Smtp-Source: APBJJlEEp4SmQRMsi+rkpqitKKe7BaqtQTFY2CT5JnPPxidF0HLmKXcBt6iSVxRHhjNkicayoZ5G X-Received: by 2002:a17:906:20de:b0:99b:574a:42b3 with SMTP id c30-20020a17090620de00b0099b574a42b3mr2878839ejc.43.1689973951776; Fri, 21 Jul 2023 14:12:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689973951; cv=none; d=google.com; s=arc-20160816; b=oXV4E3GI9jz9G00GFRnOjHaeWxX/8AdFgKxOCQh/fgraBfN8rguxyhZY7sVzJalcIV ooroqxYGoWoJtzBj1b/UfUnKyp/EtzNBFu6UdLTWNSRoZDW/R+GvymwPTLWxjnlFp327 TacvcDFxCqtIhe3Pr0s3C8PnffWzfi2GtuhX4ACtf/WtYRised+KNsRkqYlfsCBhr1FM niqRRsu+X5f9/z54Q9Q2S8qOXl+2dCO19O8BxctUqDYhOyKPCR5S7IPWKh34z271KCTP kgPc5nZoNXyojtVwhSDnuMtir5SxDR9vsn2a4K2HZVG8iEVec6ANJvXQtw36Mis9l2DI D7Cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=xY+3Pnlxin9cJMvMOS3842OXvOZxwo3V1XbzLrWDw/E=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=Q/SbBddHhXe8oaI7dBPxxhWHhI/R3QnsHVbO6Ko6B/SFIVhlg9mBODNMRJHxIpAS0r 27eUt4+LV3f/+KIKsfJ1gPrIh5Wo8ft3/f3L3Gpl/IaE3v3NdqiQejmg6rFYhKHbxCEq 87w7+YUUbdni4ljRnB3spajmFxz3SSOzzeikCP1orlGARUOKfksbCWZn8NfN6gYp+kzP LHVjKZIv5DRSg82/hyvE6nG5n84ckMJuPbQpGHUmo//CL6Yr61ImP8hUfdHRb6TVAqnK B7QlBwy91sEf75H7r8U1OcYKF8TgvLN+f/dNggHIcbRLeEaV9uk9z5N3+NIsbo+Runix vvKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Lqb3RehZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id pj25-20020a170906d79900b0099367350a8asi2767865ejb.899.2023.07.21.14.12.07; Fri, 21 Jul 2023 14:12:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Lqb3RehZ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230503AbjGUUTZ (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37980 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230044AbjGUUTR (ORCPT ); Fri, 21 Jul 2023 16:19:17 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 81C79359F for ; Fri, 21 Jul 2023 13:19:06 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-ccabb20111dso2289578276.3 for ; Fri, 21 Jul 2023 13:19:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970746; x=1690575546; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=xY+3Pnlxin9cJMvMOS3842OXvOZxwo3V1XbzLrWDw/E=; b=Lqb3RehZeO7ntuc5ijbgqhf+wouAzLMMAFKmweKe4G70L9uc4Bw2Jl5XydLCvynLja MxugEfg74h0RFAs1g/mPDWIA6CQEQjP/1tCMXpzbUBwwHi1wUVOx7FGGl6cj3EKgt4DI 2serW/L/1xq/mdpALeeGTUFcMs8dGf7LsjjD0F7Qj7rNn0+spOMJVHUn7lKygW1pXfr6 V4l0GVwRDsM4qqERhw/rUjtXUDV9O3+sw+gB5y+qOA/uO7E4/u1wlbkArtHA17Pz8aqj lI6iYWVldo4NzF+NtwvTmo0m32Ap85XnNI96DTf2N43IXGAmmG5+ay/zpvN3HuCBAR7U b77Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970746; x=1690575546; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xY+3Pnlxin9cJMvMOS3842OXvOZxwo3V1XbzLrWDw/E=; b=bGuMXEiHTk4sUIkQOoQ6QsbddYs6SydKyUGk6tDW0mUzaXqOD4qeUkaXhIMiMmy3LV V0IWQ1YDtkBNHDdFRqtCQLybUxoPWG+M/bGzEDY+H6uIAq+TXWGUP9q6vggOQK+I43Q+ c7+RQ2Y3CS3VMwBR6VjtlyzRCefJfp2Jn9XQBF2LCE+wCEbEuksI27HI3cs3se5EmzuG hHm7iELHwn4pxWJ4+TnDYxdQacnB+R/yWr4WGaG22eBvspf4dncZ1CW8vH8j/gJgd9p5 LOGLKuQZnlesTkgMGICjRn40ddoOuzcpH5D2OT2phvUfuoHnCi7uiQSunaGgA9AMKECZ Vc6g== X-Gm-Message-State: ABy/qLaNQs13xtxAs8IxmpOdtb5f6b3kJ9SJ/S1Fq+QoXkWQbPz5WS6/ WfX4RKYj+AbDFyV20y1ZuPTqk67WpKw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:428d:0:b0:c65:7352:4b5 with SMTP id p135-20020a25428d000000b00c65735204b5mr21381yba.0.1689970745731; Fri, 21 Jul 2023 13:19:05 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:41 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-2-seanjc@google.com> Subject: [PATCH v4 01/19] x86/reboot: VMCLEAR active VMCSes before emergency reboot From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772066126355738693 X-GMAIL-MSGID: 1772066126355738693 VMCLEAR active VMCSes before any emergency reboot, not just if the kernel may kexec into a new kernel after a crash. Per Intel's SDM, the VMX architecture doesn't require the CPU to flush the VMCS cache on INIT. If an emergency reboot doesn't RESET CPUs, cached VMCSes could theoretically be kept and only be written back to memory after the new kernel is booted, i.e. could effectively corrupt memory after reboot. Opportunistically remove the setting of the global pointer to NULL to make checkpatch happy. Cc: Andrew Cooper Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kexec.h | 2 -- arch/x86/include/asm/reboot.h | 2 ++ arch/x86/kernel/crash.c | 31 ------------------------------- arch/x86/kernel/reboot.c | 22 ++++++++++++++++++++++ arch/x86/kvm/vmx/vmx.c | 10 +++------- 5 files changed, 27 insertions(+), 40 deletions(-) diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h index 5b77bbc28f96..819046974b99 100644 --- a/arch/x86/include/asm/kexec.h +++ b/arch/x86/include/asm/kexec.h @@ -205,8 +205,6 @@ int arch_kimage_file_post_load_cleanup(struct kimage *image); #endif #endif -typedef void crash_vmclear_fn(void); -extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; extern void kdump_nmi_shootdown_cpus(void); #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index 9177b4354c3f..dc201724a643 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,6 +25,8 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 +typedef void crash_vmclear_fn(void); +extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; void cpu_emergency_disable_virtualization(void); typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c index cdd92ab43cda..54cd959cb316 100644 --- a/arch/x86/kernel/crash.c +++ b/arch/x86/kernel/crash.c @@ -48,38 +48,12 @@ struct crash_memmap_data { unsigned int type; }; -/* - * This is used to VMCLEAR all VMCSs loaded on the - * processor. And when loading kvm_intel module, the - * callback function pointer will be assigned. - * - * protected by rcu. - */ -crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss = NULL; -EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); - -static inline void cpu_crash_vmclear_loaded_vmcss(void) -{ - crash_vmclear_fn *do_vmclear_operation = NULL; - - rcu_read_lock(); - do_vmclear_operation = rcu_dereference(crash_vmclear_loaded_vmcss); - if (do_vmclear_operation) - do_vmclear_operation(); - rcu_read_unlock(); -} - #if defined(CONFIG_SMP) && defined(CONFIG_X86_LOCAL_APIC) static void kdump_nmi_callback(int cpu, struct pt_regs *regs) { crash_save_cpu(regs, cpu); - /* - * VMCLEAR VMCSs loaded on all cpus if needed. - */ - cpu_crash_vmclear_loaded_vmcss(); - /* * Disable Intel PT to stop its logging */ @@ -133,11 +107,6 @@ void native_machine_crash_shutdown(struct pt_regs *regs) crash_smp_send_stop(); - /* - * VMCLEAR VMCSs loaded on this cpu if needed. - */ - cpu_crash_vmclear_loaded_vmcss(); - cpu_emergency_disable_virtualization(); /* diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 3adbe97015c1..3fa4c6717a1d 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -787,6 +787,26 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif +/* + * This is used to VMCLEAR all VMCSs loaded on the + * processor. And when loading kvm_intel module, the + * callback function pointer will be assigned. + * + * protected by rcu. + */ +crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; +EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); + +static inline void cpu_crash_vmclear_loaded_vmcss(void) +{ + crash_vmclear_fn *do_vmclear_operation = NULL; + + rcu_read_lock(); + do_vmclear_operation = rcu_dereference(crash_vmclear_loaded_vmcss); + if (do_vmclear_operation) + do_vmclear_operation(); + rcu_read_unlock(); +} /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu = -1; @@ -798,6 +818,8 @@ int crashing_cpu = -1; */ void cpu_emergency_disable_virtualization(void) { + cpu_crash_vmclear_loaded_vmcss(); + cpu_emergency_vmxoff(); cpu_emergency_svm_disable(); } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 0ecf4be2c6af..7f692d97a821 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -41,7 +41,7 @@ #include #include #include -#include +#include #include #include #include @@ -744,7 +744,6 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } -#ifdef CONFIG_KEXEC_CORE static void crash_vmclear_local_loaded_vmcss(void) { int cpu = raw_smp_processor_id(); @@ -754,7 +753,6 @@ static void crash_vmclear_local_loaded_vmcss(void) loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); } -#endif /* CONFIG_KEXEC_CORE */ static void __loaded_vmcs_clear(void *arg) { @@ -8592,10 +8590,9 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr = false; -#ifdef CONFIG_KEXEC_CORE RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); synchronize_rcu(); -#endif + vmx_cleanup_l1d_flush(); } @@ -8644,10 +8641,9 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } -#ifdef CONFIG_KEXEC_CORE rcu_assign_pointer(crash_vmclear_loaded_vmcss, crash_vmclear_local_loaded_vmcss); -#endif + vmx_check_vmcs12_offsets(); /* From patchwork Fri Jul 21 20:18:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124084 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp453434vqg; Fri, 21 Jul 2023 13:41:15 -0700 (PDT) X-Google-Smtp-Source: APBJJlFfZU4zLiMIRDMrLMLbJt6okRmFA3NQKLq/YA7M+VyQxdUbwZYxrqbB5GPgymO6nnZ8pkB4 X-Received: by 2002:a17:907:a043:b0:977:befe:d888 with SMTP id gz3-20020a170907a04300b00977befed888mr2487397ejc.13.1689972075655; Fri, 21 Jul 2023 13:41:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689972075; cv=none; d=google.com; s=arc-20160816; b=SHrEemjjbySKzfUisOBAsA3i8pBQms7z29plVHVxpVijm1aUGFOYergGW3cKSpXDN3 jPzFKBtE1XWF6E9PAW+W6zTW+JrfYErtzMSBBYaZ7jzqHhZI1fCss+qVQl2vL5sTJQqj A+BuvcaAxNUo3KmaxIdXYreDQ0pRCrYwHUQcOKuPFhc8xWi01PNKCR2TnR6mcZF6ayZA VUeWI7wOTvQjcIOvCiEtDMkvlucu1wZdN9NdH8C+YlUPbbgL9UABkjwhF8vJhHdKEK4Q pE9dnXLYu9EC/TbAvVQSIJk6f9Z7y0hBPijqTG2I/Fn0G9ZoM6uSdA3Am1nIECS0/FBb C/4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=8mt2rx9ZLjLB1KoF/SJo016XQ9rXRtE6G9Sw+PvIk2E=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=G1SUT25+kbA7jbcKvLE/GU/Aa1jNxPWcudLPG2UpYU2NJCyGSHXcgYKkO/HCQ0x3vk u9Yw1StqpGQNSu84EeZDMoBoy6XhyNwcAyHKscbuSejFFcOpCOKdrh+2Ud/61o4Fy9IR GHsaWC6fKbkUmr7rW/NnEpVd4JRIcUK1zJMPzNdQrHgio5rXlgvPNCdrQYcDPe4DkByC mYsQIviEwocyJiqww1cIscuQvzybki9OK4Eoddg7InODfbORIUIpD82vASyetamCOiqP 2UgpKXODkZdFDEOtgamTLRrb1eZP7tMXD4D/jV6Jh44j6UDvt4j38tPVx5FveLEmMF77 xqJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=46uRXOuI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w25-20020a1709064a1900b009933309250bsi2589622eju.64.2023.07.21.13.40.51; Fri, 21 Jul 2023 13:41:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=46uRXOuI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230194AbjGUUT2 (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38010 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229572AbjGUUTS (ORCPT ); Fri, 21 Jul 2023 16:19:18 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 811B835AC for ; Fri, 21 Jul 2023 13:19:08 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-d061f324d64so526865276.1 for ; Fri, 21 Jul 2023 13:19:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970748; x=1690575548; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=8mt2rx9ZLjLB1KoF/SJo016XQ9rXRtE6G9Sw+PvIk2E=; b=46uRXOuIfr0DhaSfjJ1gilpLeWI3SkY0gBhy4/JE8Ffy8aB+wmHHv0eZLbPKwxGf1W zRibu2Q+TOMsOsJJb4OHXHOPphrSRQVtzF5JSYhNBOCF7LUJtPtEWSRYc2JzZ4acAnor /zmJ7rgJese6SY0MTnK9LF9xzGYySIQj6WHl2lAxP+dEQMc/jN7H8FWycEgSVz1jPhiN kHTFjuNTxv4dt/QE31tPp7lm/S5hHzAiuf3QYbCoqwzmHIbVLyemLu2fOiOfokkTKl20 itFUL9M3X8lEkW6ABJkQLWfuSKa41xBM+UYU6HXoNTkiMFGmgDhcqWF7uCFWGdPxsAIv jV9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970748; x=1690575548; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=8mt2rx9ZLjLB1KoF/SJo016XQ9rXRtE6G9Sw+PvIk2E=; b=b376PQm6Xfdpm85rM0cqRpxcPkOJPQzw52zmr1Kc7Y1WdecvnFUKYEpf8mlHAbYrwI S2dv/RjwXTyTQJwDOeMaZDqQ/yuSiWyTVwzPYpz6ctKb426wcgBHD4IkFTtEDfQY9UDC +iwxBAxyiUoZobjlkl9keUrq+M8Og7qyXBC5GW/lXrKI/2VhgO1ITjKFFPeTbJYeK8R4 J8rfMy2N+a0ekC4ls3FWou8ct2pFrzfCCG/hHSmLsJxwLEa8eDJodde+/QLepM43eSq3 BT7RxHFb6B8rR21iogIVMw3KIvy2K+lXoxiFnePxwHA+GQZcPMbuU8EDJZCzdhwnhFO8 nXyg== X-Gm-Message-State: ABy/qLaqVcKgRXWgrV6tT4f3IFeDzBQbr9JOmBfa0Eyl9UsL+/Qnexf8 BCg0tG20scFroqpav7sX1erzIZwh2Do= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:8208:0:b0:cf2:9e82:a5b5 with SMTP id q8-20020a258208000000b00cf29e82a5b5mr18342ybk.8.1689970747834; Fri, 21 Jul 2023 13:19:07 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:42 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-3-seanjc@google.com> Subject: [PATCH v4 02/19] x86/reboot: Harden virtualization hooks for emergency reboot From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772064159177137069 X-GMAIL-MSGID: 1772064159177137069 Provide dedicated helpers to (un)register virt hooks used during an emergency crash/reboot, and WARN if there is an attempt to overwrite the registered callback, or an attempt to do an unpaired unregister. Opportunsitically use rcu_assign_pointer() instead of RCU_INIT_POINTER(), mainly so that the set/unset paths are more symmetrical, but also because any performance gains from using RCU_INIT_POINTER() are meaningless for this code. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/include/asm/reboot.h | 5 +++-- arch/x86/kernel/reboot.c | 30 ++++++++++++++++++++++++------ arch/x86/kvm/vmx/vmx.c | 6 ++---- 3 files changed, 29 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index dc201724a643..74c6a624d166 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,8 +25,9 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 -typedef void crash_vmclear_fn(void); -extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; +typedef void (cpu_emergency_virt_cb)(void); +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callback); void cpu_emergency_disable_virtualization(void); typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 3fa4c6717a1d..62ccedeb5e2b 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -794,17 +794,35 @@ void machine_crash_shutdown(struct pt_regs *regs) * * protected by rcu. */ -crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; -EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); +static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; + +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, callback); +} +EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); + +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) != callback)) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, NULL); + synchronize_rcu(); +} +EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); static inline void cpu_crash_vmclear_loaded_vmcss(void) { - crash_vmclear_fn *do_vmclear_operation = NULL; + cpu_emergency_virt_cb *callback; rcu_read_lock(); - do_vmclear_operation = rcu_dereference(crash_vmclear_loaded_vmcss); - if (do_vmclear_operation) - do_vmclear_operation(); + callback = rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); rcu_read_unlock(); } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 7f692d97a821..019cefc65142 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -8590,8 +8590,7 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr = false; - RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); - synchronize_rcu(); + cpu_emergency_unregister_virt_callback(crash_vmclear_local_loaded_vmcss); vmx_cleanup_l1d_flush(); } @@ -8641,8 +8640,7 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } - rcu_assign_pointer(crash_vmclear_loaded_vmcss, - crash_vmclear_local_loaded_vmcss); + cpu_emergency_register_virt_callback(crash_vmclear_local_loaded_vmcss); vmx_check_vmcs12_offsets(); From patchwork Fri Jul 21 20:18:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124097 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp467836vqg; Fri, 21 Jul 2023 14:14:13 -0700 (PDT) X-Google-Smtp-Source: APBJJlHW2qjdc3Te9vUPHAPeaYASklLfYCbddUrQfgnFgScoQKq7hVL2t3eiKhv+SlVNq+C+Fcew X-Received: by 2002:aa7:c749:0:b0:521:aa75:46c4 with SMTP id c9-20020aa7c749000000b00521aa7546c4mr2530811eds.1.1689974053268; Fri, 21 Jul 2023 14:14:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689974053; cv=none; d=google.com; s=arc-20160816; b=mGGodDrURoavL+XS21t4aOANmslip3LB5etDY8eBvwZRVtldRmZeeXoSO6N5Ql2BxY N6G0sLlU6PKPJhJ4TJuPsHTosUmIgUKRSpryG5dtxN7hQeHIfSCh8Wl6I/UHv9vqCIQw CLelH8Svtm6rypEUYnNtbxCbEsmK8dxo3bAU1BRyHB1MbbCcL7FXapkSpyRXIq41ld77 d9JX+cmS3qHhxROEl1vOtJAFgQiHsH+GfYxzOGOPoUeKQeE+AqnYzm/BvBYn/u7GwI/K mGo9LndTuja4O3xka4zMXw8gXAq2urobf2dOkG82xba3FIYhmGNHU86UPEuaaoBEaQTB efQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=IIqhdp8WqL0kWTvtPZo4YKSDQAXM01F7uHc3z46B11M=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=nk/TbuKTOlEKtA/Q55BOFDzTQtCOCMrtBjiMBkdoVewSJMK1b9HvLn25onvLfJNzRN 46Eo8EvdLblgCNbhc5jeQeQq95NiW85y2obngu72KPRDZimrPEvROOhxJlGxLw8UCHo4 loekv/UihjcCJOQlSEH1yP4GuzmQ9e3hdAbBfWTw/glwvm647dU9qwBdi6Gfr7PmvV/F XpaYbGOob9cE/i6WwzS3ttUbuiMz4I1xOTk6XhoPDT6NY322W6T85UP1mVDeg6N+92kZ eMamt5uWBy8WzGytcsK/c1wSHnAwK+v+0iPgK3gtm5951hiY+AhDkmcMxcHu0ZHKBbs0 lzUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=N6+HAnOl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m16-20020a50ef10000000b0051fde3f49cdsi2804714eds.531.2023.07.21.14.13.49; Fri, 21 Jul 2023 14:14:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=N6+HAnOl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231234AbjGUUTb (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37956 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229601AbjGUUTT (ORCPT ); Fri, 21 Jul 2023 16:19:19 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 101EB30CB for ; Fri, 21 Jul 2023 13:19:11 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id d9443c01a7336-1b9de7951easo13877795ad.0 for ; Fri, 21 Jul 2023 13:19:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970750; x=1690575550; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=IIqhdp8WqL0kWTvtPZo4YKSDQAXM01F7uHc3z46B11M=; b=N6+HAnOlKDhLqVNY9edBHUTpkSa+XY7oBMtLhV0W+2bPtkJJTDUxW1hvkMsrnQHj98 oiQUl+6svRNCcwf0uFTQJMji4LvzrNr2XGACfpM6JfC8YBqlliASriW/eTzwiz4Cj+qw Q7/LFi0tCAvBmJlOSW1stt1jDJo1Q/5KJupzQaFRZ4qAZtYc4HevNfBNLG3CVgQQlkBK bL97aMTEWyf0Y5VvSMMlEKaugqItpB+/9EF1SUMbEX1j6K5nBib+wPVofkxxhooK+5V1 rq7l+I5yiOcLjTL43F7br+tt0K4eb8nGYIQxsVTwHV54sBhWTWHF8rKe2hB8x2y2ZwjI A0wQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970750; x=1690575550; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=IIqhdp8WqL0kWTvtPZo4YKSDQAXM01F7uHc3z46B11M=; b=agctSLOvUP/67+A8uWmWhor/2LrzwObkf/q5QkFG/1zPQ22RrIlwkDYW798FVe3t9i MuiB5RT5uKJBqFsijszvmYM/HXBVOCPPaYZIc5CrWHWeJ22nO/oTqFqLA3L1Y1XbsvIS WuT0Q69LH6DPz2/hfbKd7N3j8dwSOQhxk02IHXmcjK/68YyZJMZd7cM4MROMYVmoMedl 9Zn0qMwjXzRtnI5gLg3gMBV7tuPsoDSldIV2tFKBuKoSvK+OCDnxk6DmHnnHkW6y07hX tiihyoef3Akoy7aVNJmg5E+xDt1NFmpmCFjoqApHIMPHFogYir2zcePL7vBGbA3/gTmp 9QAA== X-Gm-Message-State: ABy/qLZwVD8+7ibW8P0q3WcgQdUa2lqCZwy5FFZVD9YmFriHBwfo6HQg upf7wXiQ1ed0CTkRNkbw598Q+1/Mw3U= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:2291:b0:1b8:866f:6fc1 with SMTP id b17-20020a170903229100b001b8866f6fc1mr11914plh.0.1689970750480; Fri, 21 Jul 2023 13:19:10 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:43 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-4-seanjc@google.com> Subject: [PATCH v4 03/19] x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772066232875854871 X-GMAIL-MSGID: 1772066232875854871 Use KVM VMX's reboot/crash callback to do VMXOFF in an emergency instead of manually and blindly doing VMXOFF. There's no need to attempt VMXOFF if a hypervisor, i.e. KVM, isn't loaded/active, i.e. if the CPU can't possibly be post-VMXON. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/include/asm/virtext.h | 10 ---------- arch/x86/kernel/reboot.c | 29 +++++++++-------------------- arch/x86/kvm/vmx/vmx.c | 8 +++++--- 3 files changed, 14 insertions(+), 33 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 3b12e6b99412..5bc29fab15da 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -70,16 +70,6 @@ static inline void __cpu_emergency_vmxoff(void) cpu_vmxoff(); } -/** Disable VMX if it is supported and enabled on the current CPU - */ -static inline void cpu_emergency_vmxoff(void) -{ - if (cpu_has_vmx()) - __cpu_emergency_vmxoff(); -} - - - /* * SVM functions: diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 62ccedeb5e2b..d2d0f2672a64 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -787,13 +787,7 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif -/* - * This is used to VMCLEAR all VMCSs loaded on the - * processor. And when loading kvm_intel module, the - * callback function pointer will be assigned. - * - * protected by rcu. - */ +/* RCU-protected callback to disable virtualization prior to reboot. */ static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) @@ -815,17 +809,6 @@ void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callback) } EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); -static inline void cpu_crash_vmclear_loaded_vmcss(void) -{ - cpu_emergency_virt_cb *callback; - - rcu_read_lock(); - callback = rcu_dereference(cpu_emergency_virt_callback); - if (callback) - callback(); - rcu_read_unlock(); -} - /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu = -1; @@ -836,9 +819,15 @@ int crashing_cpu = -1; */ void cpu_emergency_disable_virtualization(void) { - cpu_crash_vmclear_loaded_vmcss(); + cpu_emergency_virt_cb *callback; - cpu_emergency_vmxoff(); + rcu_read_lock(); + callback = rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); + rcu_read_unlock(); + + /* KVM_AMD doesn't yet utilize the common callback. */ cpu_emergency_svm_disable(); } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 019cefc65142..682c20b33a96 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -744,7 +744,7 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } -static void crash_vmclear_local_loaded_vmcss(void) +static void vmx_emergency_disable(void) { int cpu = raw_smp_processor_id(); struct loaded_vmcs *v; @@ -752,6 +752,8 @@ static void crash_vmclear_local_loaded_vmcss(void) list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); + + __cpu_emergency_vmxoff(); } static void __loaded_vmcs_clear(void *arg) @@ -8590,7 +8592,7 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr = false; - cpu_emergency_unregister_virt_callback(crash_vmclear_local_loaded_vmcss); + cpu_emergency_unregister_virt_callback(vmx_emergency_disable); vmx_cleanup_l1d_flush(); } @@ -8640,7 +8642,7 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } - cpu_emergency_register_virt_callback(crash_vmclear_local_loaded_vmcss); + cpu_emergency_register_virt_callback(vmx_emergency_disable); vmx_check_vmcs12_offsets(); From patchwork Fri Jul 21 20:18:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124076 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp445476vqg; Fri, 21 Jul 2023 13:22:38 -0700 (PDT) X-Google-Smtp-Source: APBJJlGeNumv2Xfo9OUzg9csC9brgp3eNcmFABHcZFGYv6s+DhnwL6g1zi82sTqfaoBObVMU6QYT X-Received: by 2002:a17:907:781a:b0:993:d589:8b70 with SMTP id la26-20020a170907781a00b00993d5898b70mr2530310ejc.10.1689970958637; Fri, 21 Jul 2023 13:22:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689970958; cv=none; d=google.com; s=arc-20160816; b=y9NtlhK3XMKNmMzNhtweyEZA5iT68zGLDLo1EnpRgwEQte/4O+MkzLYkMY1oC54j3S g+W2ejR5EJvL8CNbn6Np+ojuULq8rdo7+62Jxy/Qm54LyIgBqxHH/Ef9dnCUojhuQQUO H3ymoOd7ueptL071RSXVw/LvKc1mIRccBHcep8UOxLZGQaj1v8sGZWJ7CZLhzAkaZjnX SpOqfGXrrQYZcurAaDJoDbfG15DG7UcjECvEf7d1nz2JI6qhWCpxmGLlc70zSc3QnU7b JuBm0GRaMIvv40Ib9GV0Y4SVWV3WR75p7EnCwA6uTghK15NDxqLsRdGuiPTtAotZXKrr NXZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=KapJsJDXZSaTZ0KCMkqJA+w32osB4ivWYrQOtexabwQ=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=oKlKF02mONaLyDdxuUQxcdqgx4wVGAipahRe1XuTJgW5P1v2NkN9tF7R967K2Ykhj6 QGivFq5UyTRJqN7cmKPp3/EGRVvW/nZMv4+qX9fSU9GE6FeGKPMF/HHa5D8hWzRSiaFJ 6MIrQKeERn50hMkFQofmcc3Mz0f+CKEmQJdQc+zqvAMHvUwCUISKoVRz8zt5NP2tMKMv FCJFMHK46Dh1ihVI4uNe46W/wnI9+kXCI2bNGPKLiNGa3KfX8N+SlW2CSGsbsnDdryC+ O2qn7blBXxHe4pO+NBvFn3c2Wjm4Pm5O6OtjqDxd2tTAFnVmNtgcfKsuDB7WTTSh1jEr QE1g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=TrXZbzXJ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m12-20020a1709060d8c00b0098935e138basi2474123eji.286.2023.07.21.13.22.12; Fri, 21 Jul 2023 13:22:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=TrXZbzXJ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231286AbjGUUTk (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38054 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230356AbjGUUTT (ORCPT ); Fri, 21 Jul 2023 16:19:19 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDBFDC6 for ; Fri, 21 Jul 2023 13:19:12 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-57059e6f9c7so39817167b3.0 for ; Fri, 21 Jul 2023 13:19:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970752; x=1690575552; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=KapJsJDXZSaTZ0KCMkqJA+w32osB4ivWYrQOtexabwQ=; b=TrXZbzXJvXjAFMtmdjbY6g43FEEUJ51e56dkvtg+kfgYdfON7FtAc+d4i+2limdYih Fjpb36idC7mIVH+9ApO7W85B+EBgNR1y6VZFqbg9bjcKv172M5172Tu0I1dzmE0TZhX3 D9a4xyqNrw76UX3aD/sp0MisPY3yUWWKy6fXVSHGN4RpngnPjxMpr1WT6B57I5nDMM9h IGtYIrkL6QnQtXLq3ifiyUfnkXFyNu8goNHHb5EOEskvSfgSpgVq/fQOHdiQZkOKHfsp pRjXnhp8+gJFBM/PT+CJZnzWIouDqwd+pTmAWoAH8rgQR31KG+5TVJ87+VibBetAjN4U 9KGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970752; x=1690575552; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KapJsJDXZSaTZ0KCMkqJA+w32osB4ivWYrQOtexabwQ=; b=RUOv8jvbXetdtINDT/14WhPjhxxpX31Z1U95Omh5sR15DO+xxKTRbLLbrHtiG/X2C2 zltzAERAY6vY3jshWLtB0kjanCm3xNFfQB2b7A+GlxJWd5CNEZoVwqjyGWweiB82cVa3 5hSB2ox0jNwADFrrui1gU7V+/mXQwJ/zz8B66chTZEy2acwHDYNZ09ZnJfUnn9uAKCmj RX2izTEuwrpMviwDK/Vaw8JnsVysOkFlthz1SF562aCK/DVqSGElV08Ev4S7/jC5lDTs v0HPa/cUzD53U0wBDUcaDaSQI3yHaBtRZc6XKoeWIEkCvr5qF7hBKbxz8+6QNOvpfMKM 9IxQ== X-Gm-Message-State: ABy/qLZMD2lVe1yhT5uqmYVFeFRyFuZD0cA6mpE8lczuSCAXkErMh2pU J8XA7c7DYu0/2K9vom9UPNVa4pcT40c= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:ad24:0:b0:56c:e53d:ae90 with SMTP id l36-20020a81ad24000000b0056ce53dae90mr13963ywh.4.1689970752188; Fri, 21 Jul 2023 13:19:12 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:44 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-5-seanjc@google.com> Subject: [PATCH v4 04/19] x86/reboot: KVM: Disable SVM during reboot via virt/KVM reboot callback From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772062987866088919 X-GMAIL-MSGID: 1772062987866088919 Use the virt callback to disable SVM (and set GIF=1) during an emergency instead of blindly attempting to disable SVM. Like the VMX case, if a hypervisor, i.e. KVM, isn't loaded/active, SVM can't be in use. Acked-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 8 -------- arch/x86/kernel/reboot.c | 3 --- arch/x86/kvm/svm/svm.c | 19 +++++++++++++++++-- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 5bc29fab15da..aaed66249ccf 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -133,12 +133,4 @@ static inline void cpu_svm_disable(void) } } -/** Makes sure SVM is disabled, if it is supported on the CPU - */ -static inline void cpu_emergency_svm_disable(void) -{ - if (cpu_has_svm(NULL)) - cpu_svm_disable(); -} - #endif /* _ASM_X86_VIRTEX_H */ diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index d2d0f2672a64..48ad2d1ff83d 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -826,9 +826,6 @@ void cpu_emergency_disable_virtualization(void) if (callback) callback(); rcu_read_unlock(); - - /* KVM_AMD doesn't yet utilize the common callback. */ - cpu_emergency_svm_disable(); } #if defined(CONFIG_SMP) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d381ad424554..1ae9c2c7eacb 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -39,6 +39,7 @@ #include #include #include +#include #include #include @@ -563,6 +564,11 @@ void __svm_write_tsc_multiplier(u64 multiplier) preempt_enable(); } +static void svm_emergency_disable(void) +{ + cpu_svm_disable(); +} + static void svm_hardware_disable(void) { /* Make sure we clean up behind us */ @@ -5209,6 +5215,13 @@ static struct kvm_x86_init_ops svm_init_ops __initdata = { .pmu_ops = &amd_pmu_ops, }; +static void __svm_exit(void) +{ + kvm_x86_vendor_exit(); + + cpu_emergency_unregister_virt_callback(svm_emergency_disable); +} + static int __init svm_init(void) { int r; @@ -5222,6 +5235,8 @@ static int __init svm_init(void) if (r) return r; + cpu_emergency_register_virt_callback(svm_emergency_disable); + /* * Common KVM initialization _must_ come last, after this, /dev/kvm is * exposed to userspace! @@ -5234,14 +5249,14 @@ static int __init svm_init(void) return 0; err_kvm_init: - kvm_x86_vendor_exit(); + __svm_exit(); return r; } static void __exit svm_exit(void) { kvm_exit(); - kvm_x86_vendor_exit(); + __svm_exit(); } module_init(svm_init) From patchwork Fri Jul 21 20:18:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124086 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp456035vqg; Fri, 21 Jul 2023 13:47:06 -0700 (PDT) X-Google-Smtp-Source: APBJJlHiNKopt4IFma0zjZ+hJOSUGuN3IDY5ou2Rd/gp8+R960osUbZPKYzFwVxspPN09c37FoVh X-Received: by 2002:a17:902:a609:b0:1b9:de75:d5bb with SMTP id u9-20020a170902a60900b001b9de75d5bbmr3047935plq.7.1689972425837; Fri, 21 Jul 2023 13:47:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689972425; cv=none; d=google.com; s=arc-20160816; b=kX5xR3Aq7cZgUFFiGQi+d7XZbgSaxMAxyMMk/GXrcaJAfQvLmU0hJDcTMR7t6QXGhs cBZBv62rtQQhS1P2/8n3xo/SpWoeGeGAPf+zvg3dcgl0L5t84ftDi04wxtbYBAtQJP8Z b/wa/INSe2u5NZzjdZ1CMUR8mQS+egORIFZu/O5GCWBIhZAxzDLqVIeaKDBKllIP+FGo wGCk795Btu3wUDAj8kUdyrBwJsMtMv0Fb7prtz8m2X7MmSiWaB10fN34cn5mpLy9V0Wk wECcR4bkmfDDDwY1iUt5D4vdlCElGxLSOqulEXLVS1nO36iyvAXyWuWrNeXMemcJxC6Q qb6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=RNIzxG+DyKxhv7/WUhcg42RyR1LzF+A7NEJm4Wy1bYU=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=kHX10zKKQiASEIRkETvJGcneYnAp7h5otkLfrjiZgNxTrPn8gNCICCvM/LfrPFXmLb pB0XfB1cpOcez7YGfnRRZaro1w7piOqBlLH+OKy5m/o9ruZveLeQQb7treH8GDdw32jl uQGDYN61rINHFyeRjg2veflrctYX7uvLb++z6NZT3zf4ikT2FbUcPEHBNluxceApn4OL gCHUBoeXuWK1EnSGD/IEcMh7vdcg51kZKGQzKfAXsI0En/+FFYo7oELg/X6dmyw0V0R0 r1amxo4AN39kYZ88hNrcfW7v0IMOoER6VcQ1eWtqAOkAjmETK3v4e1HhQc39EXtuMfby MsIA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=VLZQUdsQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q8-20020a170902a3c800b001b222cd9826si3628842plb.349.2023.07.21.13.46.52; Fri, 21 Jul 2023 13:47:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=VLZQUdsQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231297AbjGUUTo (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37978 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230291AbjGUUTT (ORCPT ); Fri, 21 Jul 2023 16:19:19 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 064CD12F for ; Fri, 21 Jul 2023 13:19:15 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-bd69bb4507eso2275796276.2 for ; Fri, 21 Jul 2023 13:19:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970754; x=1690575554; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=RNIzxG+DyKxhv7/WUhcg42RyR1LzF+A7NEJm4Wy1bYU=; b=VLZQUdsQavq82AMjpjS9rdHI6jO9sP6xssXKUkaB7U/GQwL8nid7eG6wVk1JwgqkoT FFTkgw45ADeMUlu5ALDnr115Ixck3boFbgPyZpQreyFzl6yJ+S/V+dJuYxQ5XWvOE/eI 4kkQnZ9H9c5aWJmAayTqrjC0yCMJ1b22MPWz1FBwlIMfjWdFE90FsWNd70jKxCl95sG3 QXIGYOX/P4AermBbmroCFajzBcZIR2L3b4+vbW3tHy384n+r5uiD9o4Vvd532w5CUlex ObV2LDr84QRbQEztcWeYQ+Dwl6PU4ML/7junWpBh6RsYoPWUnLQw+9OhPN5uWwkg48ZQ mHIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970754; x=1690575554; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RNIzxG+DyKxhv7/WUhcg42RyR1LzF+A7NEJm4Wy1bYU=; b=PRrY6mNAS1gij1NGKky9Fj3nfv0PIAejt7v+69kZOqNJdmdc2XyVU8MIr2HkxrGr/y A9KIUkvPeEwrEBnPqHq+ZmiGDgjomXF9xNtPRbaVWWBTnI5YQE//2ZWQ1xPjc+BzVqei ei6BnsgiLE6Ky5ZxA8SvP0omUd5UJ9Z6nHCOvH1v+MH0fVlzU4kf6UGMGu2JAx4BmzWa HgDYMXUOX3Hvg1l2QDSNBPdYWSuHThH13MoAvCpNhb/WhbuPdigmuxq0kWG/bxTG0Xk4 j5ym3y4WfSD9rKhAhJ699KfrsZznr0C44cLOQLLymwWZQ0/AbLzpKwm9XQtsSr4cONzP E9hA== X-Gm-Message-State: ABy/qLZYKzdUVBbCCgZtYnEvW0YrOpOXuimsnIdieeRatSxOz2yZ30jt 47iTK2ETIdAjMu254WnBo0tVjpKNxx0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:b310:0:b0:cfd:d50f:df5b with SMTP id l16-20020a25b310000000b00cfdd50fdf5bmr17452ybj.13.1689970754335; Fri, 21 Jul 2023 13:19:14 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:45 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-6-seanjc@google.com> Subject: [PATCH v4 05/19] x86/reboot: Assert that IRQs are disabled when turning off virtualization From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772064526405937392 X-GMAIL-MSGID: 1772064526405937392 Assert that IRQs are disabled when turning off virtualization in an emergency. KVM enables hardware via on_each_cpu(), i.e. could re-enable hardware if a pending IPI were delivered after disabling virtualization. Remove a misleading comment from emergency_reboot_disable_virtualization() about "just" needing to guarantee the CPU is stable (see above). Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kernel/reboot.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 48ad2d1ff83d..4cad7183b89e 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -532,7 +532,6 @@ static inline void nmi_shootdown_cpus_on_restart(void); static void emergency_reboot_disable_virtualization(void) { - /* Just make sure we won't change CPUs while doing this */ local_irq_disable(); /* @@ -821,6 +820,13 @@ void cpu_emergency_disable_virtualization(void) { cpu_emergency_virt_cb *callback; + /* + * IRQs must be disabled as KVM enables virtualization in hardware via + * function call IPIs, i.e. IRQs need to be disabled to guarantee + * virtualization stays disabled. + */ + lockdep_assert_irqs_disabled(); + rcu_read_lock(); callback = rcu_dereference(cpu_emergency_virt_callback); if (callback) From patchwork Fri Jul 21 20:18:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124096 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp467722vqg; Fri, 21 Jul 2023 14:13:56 -0700 (PDT) X-Google-Smtp-Source: APBJJlEjKIbIFZ6KazXRGNv+mXvV6aqj9zsoSmmkH4tGd6a2a8uGkhCrrOTcdVst6MgoJ0H+kaW7 X-Received: by 2002:aa7:c707:0:b0:50b:c630:a956 with SMTP id i7-20020aa7c707000000b0050bc630a956mr2300453edq.17.1689974036715; Fri, 21 Jul 2023 14:13:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689974036; cv=none; d=google.com; s=arc-20160816; b=Y5NIhQeE+4uhJdcxJSrcnkALH7kWUZ+evp2cb0Fnf57ojTYzF0rz9pbSu7eR14afUB kqMD6T7MA1GUlcgaEWt+qWm217LGEBO85h1eHBqFSrkJNwvdJADcORHDBsqIEHLsKNW5 lP8E0EntreL5R1Zv9I+HugxfGBKGHT0S+nI9Tb8yHQlSjrkWY/7Z1Rr6xq4V8fMcLKg7 7IdM9TmDeQlWE5Fh808oASXFIfB5xZtWwETmlF+AD5xQq8YwbgHGB0mlZbSEOvQX1NEA ujiYhJ/dPMrwbjuZ0GRx7XSU2tcSWplWPk0Supgeet8QGe0TtCaXsjPXynnKzLC8BgIn ooOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=Mde8vJ2EtcoesCeVYOs5lIQ6ce5w4DlvdNVLFNYZgvw=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=tPwRQXX5CX1wRtaJFMA71oLVm3d43UxISBUOAbBObgC1gUSBawMQH0ewI9SHC+9T/J DusPCvRZRSm1t5FxQSdYDlWePEQC+1lK47Z8Xi3eUX045pzCBX/Xp7byJnE5J6IcieJD A5bJT7lJ9ZPl+70uzL+dvMVfUmBvlY5UCTSaf1cT62nPoPtHuwrEtIFvtwRozrV0J5E8 pFu9VaWXfT6xJ5pE/Se0fCo0T78GSg29W2UPOTi05UxHLzE17P5mnGjw3duG6ZynChGO is+VVw/zzpOnVW+XcpAfJdKg0ZtzSkysS/E5Lm24g6/RC6yHAF71HSKORuAB9EVYZvr4 GQMg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=OG1xATxc; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x18-20020aa7d6d2000000b0051e0d3bb44fsi2678508edr.21.2023.07.21.14.13.32; Fri, 21 Jul 2023 14:13:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=OG1xATxc; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231273AbjGUUTh (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37980 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230375AbjGUUTU (ORCPT ); Fri, 21 Jul 2023 16:19:20 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0C48F30CA for ; Fri, 21 Jul 2023 13:19:17 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d9443c01a7336-1b888bdacbcso12652395ad.2 for ; Fri, 21 Jul 2023 13:19:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970756; x=1690575556; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Mde8vJ2EtcoesCeVYOs5lIQ6ce5w4DlvdNVLFNYZgvw=; b=OG1xATxce96iuWnMzlgqDnDaZv2FXzskZA+y4BUtx5VmlP67RNa2QHKDFmey4WYDT7 zvNUXdMCZrwTkCSrECGSiGHB6pP4XPFVEmSyDGZDd8vLnmjzw2ELySlD1Ofsw6BwcCYW dTl3nD8gBC7wcs2gpf74X3VknyBBLWpQT/S+GlaYcetZzIGEyFZR0khZhhEpMpUsfHS/ tzCGxebOb956the72GUxF9v7PXeo3Wuf+ivVaHjOogwQNBQ3QYf+d5JiF2PYnWcl7EzX Y7QIP/wBx9b3lUz+RkVAiiY1YweC3T0ki70Hv16Hyb3COP5kSj4beryjARpodF6LnY6v Y/Jg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970756; x=1690575556; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Mde8vJ2EtcoesCeVYOs5lIQ6ce5w4DlvdNVLFNYZgvw=; b=KRsBdwcgJweWUQdK1iYvuU8tYVOIJgtBag4ozRTI7GD3NWHmaUxBv0qtaxvubTGOlb L10xambda66QXTwDFGaxBWYDYSAOoB9tTa/iMCrdlH+bO74yTBbb/QnzlQzRcyW1gBb8 EoVjiiTmWeYvpBGvor3EAdgFIm2TbLs0WwN8iwZW6mSixJ3AwJbuTDB1gTjdLiOY8TtY 12v+PaKBfBvzteTHd8lsJiN4OgQ9Gke478CVlVhf31USs15n2z7ZGiUGy6nGBltAOt65 HMcqUrf3pp5f1V4e0TDNXcQ2zLfRqFOMMzl0c0SM39GNdhLCzqvw6LFHLZ7wiROJIuxb A9qA== X-Gm-Message-State: ABy/qLZWCRJXlBFRKgTqTr8Urfd4tN8xZJjhPN0Q6ypeTByP6Y6OlBjp g1u+iNoeAwnlnciQPF6WZPW8wOW+sE0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:1c7:b0:1b5:2496:8c0d with SMTP id e7-20020a17090301c700b001b524968c0dmr11698plh.3.1689970756405; Fri, 21 Jul 2023 13:19:16 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:46 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-7-seanjc@google.com> Subject: [PATCH v4 06/19] x86/reboot: Hoist "disable virt" helpers above "emergency reboot" path From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772066215470117719 X-GMAIL-MSGID: 1772066215470117719 Move the various "disable virtualization" helpers above the emergency reboot path so that emergency_reboot_disable_virtualization() can be stubbed out in a future patch if neither KVM_INTEL nor KVM_AMD is enabled, i.e. if there is no in-tree user of CPU virtualization. No functional change intended. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kernel/reboot.c | 90 ++++++++++++++++++++-------------------- 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 4cad7183b89e..85cb2dfcb67b 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -530,6 +530,51 @@ static inline void kb_wait(void) static inline void nmi_shootdown_cpus_on_restart(void); +/* RCU-protected callback to disable virtualization prior to reboot. */ +static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; + +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, callback); +} +EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); + +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) != callback)) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, NULL); + synchronize_rcu(); +} +EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); + +/* + * Disable virtualization, i.e. VMX or SVM, to ensure INIT is recognized during + * reboot. VMX blocks INIT if the CPU is post-VMXON, and SVM blocks INIT if + * GIF=0, i.e. if the crash occurred between CLGI and STGI. + */ +void cpu_emergency_disable_virtualization(void) +{ + cpu_emergency_virt_cb *callback; + + /* + * IRQs must be disabled as KVM enables virtualization in hardware via + * function call IPIs, i.e. IRQs need to be disabled to guarantee + * virtualization stays disabled. + */ + lockdep_assert_irqs_disabled(); + + rcu_read_lock(); + callback = rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); + rcu_read_unlock(); +} + static void emergency_reboot_disable_virtualization(void) { local_irq_disable(); @@ -786,54 +831,9 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif -/* RCU-protected callback to disable virtualization prior to reboot. */ -static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; - -void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) -{ - if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) - return; - - rcu_assign_pointer(cpu_emergency_virt_callback, callback); -} -EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); - -void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callback) -{ - if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) != callback)) - return; - - rcu_assign_pointer(cpu_emergency_virt_callback, NULL); - synchronize_rcu(); -} -EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); - /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu = -1; -/* - * Disable virtualization, i.e. VMX or SVM, to ensure INIT is recognized during - * reboot. VMX blocks INIT if the CPU is post-VMXON, and SVM blocks INIT if - * GIF=0, i.e. if the crash occurred between CLGI and STGI. - */ -void cpu_emergency_disable_virtualization(void) -{ - cpu_emergency_virt_cb *callback; - - /* - * IRQs must be disabled as KVM enables virtualization in hardware via - * function call IPIs, i.e. IRQs need to be disabled to guarantee - * virtualization stays disabled. - */ - lockdep_assert_irqs_disabled(); - - rcu_read_lock(); - callback = rcu_dereference(cpu_emergency_virt_callback); - if (callback) - callback(); - rcu_read_unlock(); -} - #if defined(CONFIG_SMP) static nmi_shootdown_cb shootdown_callback; From patchwork Fri Jul 21 20:18:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124079 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp448099vqg; Fri, 21 Jul 2023 13:28:56 -0700 (PDT) X-Google-Smtp-Source: APBJJlEMciDdIcRQRdJtDweqQUibFE3mFlDwsgtBLN65vMmuwECE+bppPH/9u1nq00xG5PShH0yv X-Received: by 2002:aa7:c2c4:0:b0:51e:227c:9492 with SMTP id m4-20020aa7c2c4000000b0051e227c9492mr2885750edp.20.1689971336135; Fri, 21 Jul 2023 13:28:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689971336; cv=none; d=google.com; s=arc-20160816; b=YqpHSfOsjYEf9xg9MRATE5ZdMXTiB/7Ni4HrOU+LmNklREyMbB9Ox51EewxOMQHtUC J/S+inc167jvspOKvewfsw+Z/49uj/GQ8YgIHRB2bzJBdrFU/w2Ci5IdFQkxLfkEaFin c0wvPScl4VCUHVQ3+qx537f8COYXr/pFJWZokTm506VYNCqCU9PjNfYcxlTPsJo8Jqqp lLuApyAdqdpAymhd7gtxlt8tovwnf23NImpVQUyztzxs5qlaa7qEFn4TMT0sZyYce4C6 vIF0HOtdJzQPum7h8lo1TI1TPpHjI6jWRtbk1uwuqHUatSphD0hQlw2z0ITn6s005Aur G3gQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=Xl/21nVHjxj9H71udXldkW3KRDjTiiyAWxQB92FBmLk=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=s6RvJGs21vhjHB3AK7dXcf3TjCJaR22HDzydtBP43lnF7cae7cTPDkCTx9vvFDvioL gZi5/uT4zlNY2ut2SGPWBa5LNg3ulAROUhIgZsiU5HSKDsyo9oOVPCFmGxAyd9AyTqQW VWh2GXW+MSba7kUvrz3blV3RWdvV4m50kC0sPN0IB6MojxW8HZBUCUySINUYQlWqf9UR 95VeVMeBU/+N9WQdDYe7R0OIlwwt4BRZyX+ag3dgB9cSaVXIGAqWm1V29HvdW91L+vkV KS+Sobsp6URBNWcAzheGKY9E4ybeuQuljtcfbyEHq2fJ9O8hT2/rSGikY0c3em5wKHxe rInw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Z9kjVXVG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x19-20020aa7d393000000b0051df7c30429si2880862edq.239.2023.07.21.13.28.31; Fri, 21 Jul 2023 13:28:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Z9kjVXVG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231268AbjGUUTf (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37916 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230490AbjGUUTX (ORCPT ); Fri, 21 Jul 2023 16:19:23 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D32073A87 for ; Fri, 21 Jul 2023 13:19:18 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d9443c01a7336-1b8a4571c1aso12775545ad.0 for ; Fri, 21 Jul 2023 13:19:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970758; x=1690575558; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Xl/21nVHjxj9H71udXldkW3KRDjTiiyAWxQB92FBmLk=; b=Z9kjVXVGPt914xe9fLgGWQ7njz6z0IpDO/S9kHemlYQXnKLvSITcv91xTIWcVJtv4m CbGJMGVWN0Jx7yI0SSDzh5WgyereyRUc/tEyDpGT6MLizJYYxihqtQBSefCIu/1aboBj 0pFG/ifvnhuy1V3QTj222F9L3dkjAm/fM+mZ5LvJsm2PGxEdi2yFpOUZ6DMSDNxMm4DI o/VS8q8UCReLs1GvOJfJFGFkGBUim2JZRxl8RuCfyBdOzDRbkrsJk1z5x/ZIP4GwZ4+o 3wsH96lRHH20QOA7RyxWEHtNxRZlo33VGObc3zEeEV5ho06ifM+g9OcDd0QadVn+P/E+ TuFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970758; x=1690575558; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Xl/21nVHjxj9H71udXldkW3KRDjTiiyAWxQB92FBmLk=; b=LRlhr7uGpyTcSSOPpOeT2tovIR2oAM3uLriwHVozPXtE1kZSvoG8ynd02/B8PcdgmF /+a6F2cYCVb52Zkc9em4tma0tfy+KdgPFQhbAJUc3YgBs37tl7WxdAT41+g3yZI1ady0 NHDj7qPa5zmdzVm2/6twbCim3MqFSW2y7UB2BcqGozgvnAZmgtbUBeqqW/QgDg59NjDl WoKU7BIeksRxGw9PBCNMJ37auosCTgrR2HHcODx3/oRqjYqvsXmMIIuz9ML5qqtLl/ks PzQDqOeglgcBPtu1U0CKl3YcGzV1Pq7FJv3l7m3Yx2mheuKm5IuiX/9TxZBihOl+6/vp 9sGA== X-Gm-Message-State: ABy/qLYkSFYqbMj1vGbOPnVfQGnwmGaRvPYUlbR4a1ea/pXOnBjLtjjJ MeHBW13rElX/EziIBN2PRW/zjS9PwyY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:ecc1:b0:1b8:95fc:d0f with SMTP id a1-20020a170902ecc100b001b895fc0d0fmr13723plh.7.1689970758296; Fri, 21 Jul 2023 13:19:18 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:47 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-8-seanjc@google.com> Subject: [PATCH v4 07/19] x86/reboot: Disable virtualization during reboot iff callback is registered From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772063383404997713 X-GMAIL-MSGID: 1772063383404997713 Attempt to disable virtualization during an emergency reboot if and only if there is a registered virt callback, i.e. iff a hypervisor (KVM) is active. If there's no active hypervisor, then the CPU can't be operating with VMX or SVM enabled (barring an egregious bug). Checking for a valid callback instead of simply for SVM or VMX support can also eliminates spurious NMIs by avoiding the unecessary call to nmi_shootdown_cpus_on_restart(). Note, IRQs are disabled, which prevents KVM from coming along and enabling virtualization after the fact. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/kernel/reboot.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 85cb2dfcb67b..98e5db3fd7f4 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -22,7 +22,6 @@ #include #include #include -#include #include #include #include @@ -589,7 +588,7 @@ static void emergency_reboot_disable_virtualization(void) * Do the NMI shootdown even if virtualization is off on _this_ CPU, as * other CPUs may have virtualization enabled. */ - if (cpu_has_vmx() || cpu_has_svm(NULL)) { + if (rcu_access_pointer(cpu_emergency_virt_callback)) { /* Safely force _this_ CPU out of VMX/SVM operation. */ cpu_emergency_disable_virtualization(); From patchwork Fri Jul 21 20:18:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124083 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp453414vqg; Fri, 21 Jul 2023 13:41:12 -0700 (PDT) X-Google-Smtp-Source: APBJJlFK4vbPMb/cxZS351rgxx/rD2ENvbKoeRP3xocMi/4kAP8OjTZZSO+SttosHgQS2yPIAJYV X-Received: by 2002:a17:906:3107:b0:997:e836:6bb with SMTP id 7-20020a170906310700b00997e83606bbmr3205661ejx.14.1689972072710; Fri, 21 Jul 2023 13:41:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689972072; cv=none; d=google.com; s=arc-20160816; b=IH7Dt1XFXG3ZVC/LeZlQ1AAjqYoXvOthbL1AqNL9VTN4F6rm6loVprKOgopUAUUr2T NpnIZoUmFL+mscTd66o3kCU7iVUluo3dWduXtmqEHToHtSCFrFpAYAQy8VYtIwvVOKKa E0ta+asxioQfa44yIsLO0UcX1r0NbeJ9D8NoA1jndH5+xnZVWU014iNlC6r1NWsarbNY Q2+EzhY6lAQ7YPy+5i01lKchRSL+7UDAsVXSuMhbEcRdNBWxOO1DySJ+cweTdj6kp49b wohlEyZNQv+J/L0DV3mTUG0dPRBbXsblvBg1qBpPgCQwNfsKbTDJkvGY4fc72AxBYmdk 1QDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=kp8wKDt0eMxNmmgxbfIQ59HsgNC9pjZ5TgTeqdMxU/I=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=Nu1Diy99os7S5RvFo3PKGuP2U2QGYiwjwV+HEzL3fONpYpCx+Ou+rWGsP4r7HvVQNG Yo/c51QnZjbwFx0Czv7xuRjIgKErwrgZpAEA1SI/mS7JSoVW5i4Yi5tXO4crm2jpCWBb eCsZv+cgxd0rqP4gK5IwbH8IqIlZhrI3INhIOCGTqaDB32GBtpS592r2m8nhAS7jKj3N BOZnz4TtF4gyY3DmK7AVSRu/wm+GBb5avIIZ40wlc10gobyQdMvtR4B1yHWdkfyzi3ty HYH0XYX3W5U2TsHqFSIkyKzFqoDBUC5dldx8SRrdOBggfnxnvsydF7b3g8oktlorOVTn SYWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=AAcenZvw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p21-20020a1709060dd500b0098d2f716c75si2473036eji.597.2023.07.21.13.40.49; Fri, 21 Jul 2023 13:41:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=AAcenZvw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231339AbjGUUTw (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231179AbjGUUT1 (ORCPT ); Fri, 21 Jul 2023 16:19:27 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D95083A8C for ; Fri, 21 Jul 2023 13:19:21 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-583994e0bc5so12901007b3.0 for ; Fri, 21 Jul 2023 13:19:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970760; x=1690575560; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=kp8wKDt0eMxNmmgxbfIQ59HsgNC9pjZ5TgTeqdMxU/I=; b=AAcenZvw756VBG7/uWjvcLB2GB6SaD9rHsGVP1ovtfQ7g3P1/K5Es/5cP7bQX4Cett TXIqUcFS8rwOAQTdffRrYdTVUeGqUN4Pk1zQVEpgyHZgM5CU4q7BAddWItw5Q7B/HUFX dm9BEq62JHh36Dyv0YCxgBb//gvHCL44aM4hNFvAWv9IYaRXhunR1CtejhbcQSL/3BKu jhhLx9apEs7AWteNUlsHKFY1npg1EGGfPoIogyCbJDG+NVcTCP8a4KpbcRzwBW7l7aEc fnDXtssi6A7cJBIy/mxf0JRinHLH1Q1C9G7n2rTaBE2AVxXbRmy7Sib5y3L9HVmp9h0H 1bJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970760; x=1690575560; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=kp8wKDt0eMxNmmgxbfIQ59HsgNC9pjZ5TgTeqdMxU/I=; b=jrwqRpOghM2r0mFoDborV9a9yuYvhTDdkiW68QJ6YHB04/z8nJ02oeBhqiAWznPmYE Uccj+Q4mVSzRf2A/5riwDi/8TnZqDL9p4Wjb5dEvPQNdvrp3GgvaCTe2+VNu89Xfuzlu b5nQYsN8Jm4nclM4vTz5eJvmxqt85eInm4/hPv4UQsvMifYB3AeqfBE+Q0SKR8hV3W2x 0n5rHXDkMvjC/NiQmrwBbUeq2HooFhJgzT4NUt5NGDrnuyk2VnhOeyzMev2OOmbYJQN/ Pza+NfgEaWV6BWuwcIx6welwiTmdzZDGlJ+OBptThOCvoz6A3js+HGiP8FGGmQr4I0wj 9aQQ== X-Gm-Message-State: ABy/qLbg8EfWdYR7UShtk6j/bNzGVq9IJCwFFmuvmg2di8iJ5jcDViCp DmDHkhgkW/qrm0GyXwNFPFHWzMKI0xk= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:ac14:0:b0:581:3899:91bc with SMTP id k20-20020a81ac14000000b00581389991bcmr9159ywh.6.1689970760558; Fri, 21 Jul 2023 13:19:20 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:48 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-9-seanjc@google.com> Subject: [PATCH v4 08/19] x86/reboot: Expose VMCS crash hooks if and only if KVM_{INTEL,AMD} is enabled From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772064156001166221 X-GMAIL-MSGID: 1772064156001166221 Expose the crash/reboot hooks used by KVM to disable virtualization in hardware and unblock INIT only if there's a potential in-tree user, i.e. either KVM_INTEL or KVM_AMD is enabled. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/include/asm/reboot.h | 4 ++++ arch/x86/kernel/reboot.c | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index 74c6a624d166..6536873f8fc0 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,10 +25,14 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) typedef void (cpu_emergency_virt_cb)(void); void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callback); void cpu_emergency_disable_virtualization(void); +#else +static inline void cpu_emergency_disable_virtualization(void) {} +#endif /* CONFIG_KVM_INTEL || CONFIG_KVM_AMD */ typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); void nmi_shootdown_cpus(nmi_shootdown_cb callback); diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 98e5db3fd7f4..830425e6d38e 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -529,6 +529,7 @@ static inline void kb_wait(void) static inline void nmi_shootdown_cpus_on_restart(void); +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) /* RCU-protected callback to disable virtualization prior to reboot. */ static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; @@ -596,7 +597,9 @@ static void emergency_reboot_disable_virtualization(void) nmi_shootdown_cpus_on_restart(); } } - +#else +static void emergency_reboot_disable_virtualization(void) { } +#endif /* CONFIG_KVM_INTEL || CONFIG_KVM_AMD */ void __attribute__((weak)) mach_reboot_fixups(void) { From patchwork Fri Jul 21 20:18:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124075 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp445046vqg; Fri, 21 Jul 2023 13:21:32 -0700 (PDT) X-Google-Smtp-Source: APBJJlE4lTcbApYADhdrgWppXFk+s3nE82xzSJanG6+rUwIplnbYGAcyX4LJg35RfDJP1MsSD8qH X-Received: by 2002:aa7:c41a:0:b0:51d:d27a:6d3 with SMTP id j26-20020aa7c41a000000b0051dd27a06d3mr2568966edq.11.1689970892011; Fri, 21 Jul 2023 13:21:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689970891; cv=none; d=google.com; s=arc-20160816; b=OPsvLPIyrb3+qLveJYloLgCqk0CW3oqCAY98/+j1uIvx40FK6DR69QmKtdovHwXldj +mFubrWcs9JzPIUqc6ul4HKfJj8F49mDSEb4/CDp/n+frzn36fD9TFw9nk46mbcgmOsx AFWLWhJ7U+qov9KcKU8l8m9HjTsR0ZzqJyXvPDg65Tol95oe/xHkrM6WRqsWhJIcTbT4 O9fzO6ylHEqoYCKjTIhENJmCLOx8TeoxyiBS748yKewbE3B1zWoZCyRfLhXf2KUSHDm8 yn9Ka87HfKcG2JW9L+KpFfwOMLei1pwUuGoCvw86eyGFzaeApceXGpyMWCyuUD/XpYGC 9cag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=BxIdNivQmBNQSOlXPPIQGt5Qzqr/3+s4YS24y1+Qiwc=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=iMSEExmsN7sj5YQTg8pSGN4f7570eHXM0eL/xBdlkFcPgnoakmmbwH65Y0QfOdU0nP 9ymPH+oFy9fD6FFq8sCU+zdXj3NjK0EKuZRfae0Yj7INiaEguDD+NNEe2QuHJ7/ZGeIW Dg+A8/CrTmadksY0uv+eZNIgRWx3vrRSqyNFRzx8zftz8yhN95cuuwdZNRmMAi89d4SS LOL6mz/VMsu0DV4HAxwtDL4l/sxKWAS/Dut6DN7nFPYkHRVleOQoLkgOBXvHfOVd1qx0 RUIez3bzBCtVnwAO44a7ZyyT8e5CIUfc+DB3zBGNnj6hprY1hgMXS//qOAe9UMvvFghf 92IQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Gu6EPZof; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m17-20020aa7d351000000b0051df4787a2esi2869995edr.218.2023.07.21.13.21.07; Fri, 21 Jul 2023 13:21:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=Gu6EPZof; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231405AbjGUUTz (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37962 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231228AbjGUUTb (ORCPT ); Fri, 21 Jul 2023 16:19:31 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE35C35BB for ; Fri, 21 Jul 2023 13:19:23 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5834d9ec5f7so55179147b3.1 for ; Fri, 21 Jul 2023 13:19:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970763; x=1690575563; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=BxIdNivQmBNQSOlXPPIQGt5Qzqr/3+s4YS24y1+Qiwc=; b=Gu6EPZofnedmVcu0puGF5uwGMb+h5xD1qVMdFfjhDXwf0ojqQzZcD1qu3BQJegbXvr KLDtNr2gxNXiIGG01q1nWzcC8TWglrMhxSng4NJhIYe0BpCdke22vxvfKTVbuomgvUAN S0b2LRn9a7StmxWvePSakXfo0f6VjA0axqDjd3pZE1xoRBMdZO313rBIR4eu9qDLo1wM usH/HLHPIkA/2/CyF4G08TZ7X9D3vVMe5uXA535W675kmFLdT8+6jOaYRnBeap6S3TBj xg8Pj92dho+Sxc3VU4JDANpOH3JDVZFimXcHgJArCZfVA+xuGI+5RJ5z3B3A6VLxOY+a DVPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970763; x=1690575563; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=BxIdNivQmBNQSOlXPPIQGt5Qzqr/3+s4YS24y1+Qiwc=; b=VgknbKuV9GgHZQ3qnwgEUYwTAMn1YVYPVIinZM/Xn3vij2MJAUkPnVUVGud7nn8bTh HfLEZ8u6VoQrTdp0IvQNDXN3RksyYj45Z/wB6yCOe2rY5lpeA89V7Prvm7jNdCM45PTK oyc8sXs2X354RoVOaPDSVlL4hGpvXKEA+iYZjp0Gf7ZkCvtCgVaYZEMwkPlbUOxjxA5g 7WsgFUaz1FEmdfTfuRYkUIOA/YFf76mwZ/GSzpJ8Tgn8V5guUwXVCbZDsbPTktOnFW8A cfHSrVYcflKw+4QUf1Nf2VptELdfrw6xqyNf0Py1wOVwQnnzdwWTmHcDTNWRxcp5VWtH tTNA== X-Gm-Message-State: ABy/qLbYj06gyFgavmWUB1EYKMM1mgDhcr1Ctkoy6XBXoYQfgYvFvxDq 2ZC6ONtGXVSm+dzK/+VNKig/OwCNzRg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a5b:a8d:0:b0:d04:6d5e:4ded with SMTP id h13-20020a5b0a8d000000b00d046d5e4dedmr25333ybq.6.1689970762838; Fri, 21 Jul 2023 13:19:22 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:49 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-10-seanjc@google.com> Subject: [PATCH v4 09/19] x86/virt: KVM: Open code cpu_has_vmx() in KVM VMX From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772062917877110248 X-GMAIL-MSGID: 1772062917877110248 Fold the raw CPUID check for VMX into kvm_is_vmx_supported(), its sole user. Keep the check even though KVM also checks X86_FEATURE_VMX, as the intent is to provide a unique error message if VMX is unsupported by hardware, whereas X86_FEATURE_VMX may be clear due to firmware and/or kernel actions. No functional change intended. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 10 ---------- arch/x86/kvm/vmx/vmx.c | 2 +- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index aaed66249ccf..b1171a5ad452 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -22,14 +22,6 @@ /* * VMX functions: */ - -static inline int cpu_has_vmx(void) -{ - unsigned long ecx = cpuid_ecx(1); - return test_bit(5, &ecx); /* CPUID.1:ECX.VMX[bit 5] -> VT */ -} - - /** * cpu_vmxoff() - Disable VMX on the current CPU * @@ -61,8 +53,6 @@ static inline int cpu_vmx_enabled(void) } /** Disable VMX if it is enabled on the current CPU - * - * You shouldn't call this if cpu_has_vmx() returns 0. */ static inline void __cpu_emergency_vmxoff(void) { diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 682c20b33a96..71571cd9adbb 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2718,7 +2718,7 @@ static bool kvm_is_vmx_supported(void) { int cpu = raw_smp_processor_id(); - if (!cpu_has_vmx()) { + if (!(cpuid_ecx(1) & feature_bit(VMX))) { pr_err("VMX not supported by CPU %d\n", cpu); return false; } From patchwork Fri Jul 21 20:18:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124080 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp448404vqg; Fri, 21 Jul 2023 13:29:45 -0700 (PDT) X-Google-Smtp-Source: APBJJlE+8d8gCME4dnu8OXoLPnxGY8799h1ryHJWcB4IHtxvG7h6MH/XeNLJzN3bk4NmUpCPX4P4 X-Received: by 2002:a17:903:2342:b0:1b8:b3f9:58eb with SMTP id c2-20020a170903234200b001b8b3f958ebmr3133655plh.31.1689971384658; Fri, 21 Jul 2023 13:29:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689971384; cv=none; d=google.com; s=arc-20160816; b=XgvjZlc522mYsgE2b0d5ZnLV5ht4JcPFcf1WXh77q1nNaPzq3HUGk9YGn7/IC1MkXT 9hmlWET9IaN9CmW6etgzkd/LhsqL9CeCmSwFeEepLRMSL71wI6r1rOnUv049bWsTdPSA 4S0XJjMe5ozAwI28ec3x0RpGq6HQAzRi3P1LXszTTJuvcKckseDCxZGnN4ZleFJiybet mHwy5VhTJ33DtLgs9vJU4ZLwW1hNCrT+ojnPNLmkJHCt3K+MyL/QaDl3+Fqm+Bz0IXdC pdY999M+0Pm60WPn+DffxKwIEcCKGZZP4X/aDhpUk1duKMzzyrOB06fVaKdR7Y7Wxrz/ 2goQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=BABBYG9T7Yn2sZTHqi5m2u4CXRQ2CmLvyTIjco5c63g=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=SrZM82mrBrBxi3rZ5X1JV6JA5XIVK7638FE5yYq8s71ep4zsrLDdmPp9nFVWBuj1rk F6V14+BWpEuEJpm2/cpKRbymUogn+Ds3oNxAvPVOH6ef1NXW8A/816lK2554DxUw+W3U dfWZQV+6AW05ZmYF0VfH3uCP50UV1Q+vzerdOlGUO+wjJsXDYhfj53W1A/K57cRCcCE7 G1U7HRC9FMvrQjJsJ+sU5VfAVaLUztgY6R1hNNPSJctWH3Ks1kahFLxIfc70RNWp6Z8h p3rxIlC3HVUQimcGWO9qXiV9eLC1jKhBgcMoK1Jwi3DLrohvhvLKSbNiMFO8sR/Uf7z/ iBuw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=L1pQH1k9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h11-20020a170902b94b00b001b80500f5b8si3509959pls.323.2023.07.21.13.29.30; Fri, 21 Jul 2023 13:29:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=L1pQH1k9; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231228AbjGUUT6 (ORCPT + 99 others); Fri, 21 Jul 2023 16:19:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38758 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231311AbjGUUTp (ORCPT ); Fri, 21 Jul 2023 16:19:45 -0400 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E04F6B7 for ; Fri, 21 Jul 2023 13:19:25 -0700 (PDT) Received: by mail-pl1-x649.google.com with SMTP id d9443c01a7336-1b9de7951easo13878525ad.0 for ; Fri, 21 Jul 2023 13:19:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970765; x=1690575565; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=BABBYG9T7Yn2sZTHqi5m2u4CXRQ2CmLvyTIjco5c63g=; b=L1pQH1k9NYEONtiByxTTURMw61jXy4L9Kk3ri6cUN6Z+iQ6l9paGL8Mts/CoI1ah8E p5sh/GxpWGNRTHR8gZR3aL7Z1eHd7efWK8WBAT9JhKhc/YN0RxnOWyQ2JXr/nsvMvRF8 T8UWXdr1r33MMP2c9F+tPUT0Vx9KzkmzaqkWHFTgRAcqdD3k8r+UJhpBa3ubw0HY3ib2 imDCqrcruiJZnhVO9V3DRNlFTLXF0AKlqECEJy2mZKhEppb21CSS06AmUP0RyBFxFEon XhNIiCfxnzxVY8X+aZED+NIEf02YSjU1tdYg+DMuihX7XrM45w+LABXt9Gv1lLloQIHt eExQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970765; x=1690575565; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=BABBYG9T7Yn2sZTHqi5m2u4CXRQ2CmLvyTIjco5c63g=; b=QuplGhVHuzJvyuHnPRXEuLAPiKH17YK5t3cqVHkZB9HP/4/WRHdkSPs8hcGq5/hB2S +DEgePG4db1gnM9X+/2ePxJCml5s6LWe54B1qphymU1LWPEBwecLPkvSMUznayrMi7+A ktqV3QUPaKBrAWos1hjI04fBTGX9jaNEah1TZGp2MvKiiZ254TDYUzmOgqCafq92Ei/K Ii4D3A6mQznr+lOplFDhlMvjvdZP5GFm3v5zwXfIdlkzTzCM3tPmwDhMPDmjHKnX+/Ac jEcRQMvaJqfGWe+TcBYf4ub2L94arUcTY+pVS5zXDtyEWkN6OJd74R0G/Y3Uohx+f9qd okuA== X-Gm-Message-State: ABy/qLZ/5PRGxaaxvjyVzc8tB5iVf6Ar63k1UifQBrrfVN9Ch3ZurG4v CcY1k01969Ujx5jTFlvGuHIvcJfq4Kw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:2308:b0:1b8:80c9:a98e with SMTP id d8-20020a170903230800b001b880c9a98emr11974plh.13.1689970764858; Fri, 21 Jul 2023 13:19:24 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:50 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-11-seanjc@google.com> Subject: [PATCH v4 10/19] x86/virt: KVM: Move VMXOFF helpers into KVM VMX From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772063434720286780 X-GMAIL-MSGID: 1772063434720286780 Now that VMX is disabled in emergencies via the virt callbacks, move the VMXOFF helpers into KVM, the only remaining user. No functional change intended. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 42 ---------------------------------- arch/x86/kvm/vmx/vmx.c | 29 ++++++++++++++++++++--- 2 files changed, 26 insertions(+), 45 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index b1171a5ad452..a27801f2bc71 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -19,48 +19,6 @@ #include #include -/* - * VMX functions: - */ -/** - * cpu_vmxoff() - Disable VMX on the current CPU - * - * Disable VMX and clear CR4.VMXE (even if VMXOFF faults) - * - * Note, VMXOFF causes a #UD if the CPU is !post-VMXON, but it's impossible to - * atomically track post-VMXON state, e.g. this may be called in NMI context. - * Eat all faults as all other faults on VMXOFF faults are mode related, i.e. - * faults are guaranteed to be due to the !post-VMXON check unless the CPU is - * magically in RM, VM86, compat mode, or at CPL>0. - */ -static inline int cpu_vmxoff(void) -{ - asm_volatile_goto("1: vmxoff\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "cc", "memory" : fault); - - cr4_clear_bits(X86_CR4_VMXE); - return 0; - -fault: - cr4_clear_bits(X86_CR4_VMXE); - return -EIO; -} - -static inline int cpu_vmx_enabled(void) -{ - return __read_cr4() & X86_CR4_VMXE; -} - -/** Disable VMX if it is enabled on the current CPU - */ -static inline void __cpu_emergency_vmxoff(void) -{ - if (cpu_vmx_enabled()) - cpu_vmxoff(); -} - - /* * SVM functions: */ diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 71571cd9adbb..6f4fcd82fa6e 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -47,7 +47,6 @@ #include #include #include -#include #include #include "capabilities.h" @@ -744,6 +743,29 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } +/* + * Disable VMX and clear CR4.VMXE (even if VMXOFF faults) + * + * Note, VMXOFF causes a #UD if the CPU is !post-VMXON, but it's impossible to + * atomically track post-VMXON state, e.g. this may be called in NMI context. + * Eat all faults as all other faults on VMXOFF faults are mode related, i.e. + * faults are guaranteed to be due to the !post-VMXON check unless the CPU is + * magically in RM, VM86, compat mode, or at CPL>0. + */ +static int kvm_cpu_vmxoff(void) +{ + asm_volatile_goto("1: vmxoff\n\t" + _ASM_EXTABLE(1b, %l[fault]) + ::: "cc", "memory" : fault); + + cr4_clear_bits(X86_CR4_VMXE); + return 0; + +fault: + cr4_clear_bits(X86_CR4_VMXE); + return -EIO; +} + static void vmx_emergency_disable(void) { int cpu = raw_smp_processor_id(); @@ -753,7 +775,8 @@ static void vmx_emergency_disable(void) loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); - __cpu_emergency_vmxoff(); + if (__read_cr4() & X86_CR4_VMXE) + kvm_cpu_vmxoff(); } static void __loaded_vmcs_clear(void *arg) @@ -2818,7 +2841,7 @@ static void vmx_hardware_disable(void) { vmclear_local_loaded_vmcss(); - if (cpu_vmxoff()) + if (kvm_cpu_vmxoff()) kvm_spurious_fault(); hv_reset_evmcs(); From patchwork Fri Jul 21 20:18:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124092 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp465808vqg; Fri, 21 Jul 2023 14:09:36 -0700 (PDT) X-Google-Smtp-Source: APBJJlGy9pnoN4KFgTYOuPZ8lYdW7RXXu/kfRPjLZX2fMgWKmhfmGD0Ig+xclOJC8565r6vfL7bv X-Received: by 2002:a2e:9951:0:b0:2b9:2e85:2fa0 with SMTP id r17-20020a2e9951000000b002b92e852fa0mr2084539ljj.15.1689973775949; Fri, 21 Jul 2023 14:09:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689973775; cv=none; d=google.com; s=arc-20160816; b=HmuVpdMFfPYevJPYq2DaoknGPeywkjv2f0zM3YDajdTT9aK1a1b4r7tHpKmDt8ccBQ yic8KdB+IYzn3KPdRZXKbflUynpDI1vKFnfs07y5grFKaVa5Bh7lojf76FZvh+ZxTfko KGv40aknns+BicwjC219CmcWjQrgJ3mtCqMpNet2uM0LloV5CoRxQYYN5vS8iyDLQgjX ZGDqH5R7upFFH0WZYJszBU+gBhvl3Av4zLZd0/I/UTyGnZlXEzs0o4qK4J6yf/jkelVx SvNIlWB14jzfo3YiGnB3Vct3wT22HnDdo8qgNLDnzoWLbyLoP9OR6YSd+zyInWlML8tk iv5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=KuoRE5Yl/DRtsjNa9mcAjfrWHh9Er79Gr1x6j80L0wM=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=wiSzpjrd+6d6dVo5VZuTFGol2XU1dntCWgp52qsQdVclAVs/Fxtfew1Xw8etCWksXH EtEPkdVLbf7BkSf1D6AN5I8UwNM79zFEiUMihG70qgm86bti8hdZOuvbYbrv7elcNbp4 soXk+ixMtRLzDgTnVR/dEoCDRbDTX1hfldz1t5kecEDbMfO6Kqf5PhWVMffYvWOFoVNB Fdm/E2ImW2x7Ls0Yk1GXg4Hux+0jDe3M3Rqs7pWc+mY0RSTDdigqMclmq/Iqxq0/lvQM P/v76QpMzFtD9u/8n+Hgfa1wfSFNi7qPG1CiTLjsPD3hJYhUYLePPvNhLkgUl4PQKJ9l f50g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=zD0iPAvs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dc5-20020a170906c7c500b00991b774b3aesi2574071ejb.652.2023.07.21.14.09.10; Fri, 21 Jul 2023 14:09:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=zD0iPAvs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230062AbjGUUUG (ORCPT + 99 others); Fri, 21 Jul 2023 16:20:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38862 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231172AbjGUUTt (ORCPT ); Fri, 21 Jul 2023 16:19:49 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0471A3AAA for ; Fri, 21 Jul 2023 13:19:27 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5704e551e8bso23665447b3.3 for ; Fri, 21 Jul 2023 13:19:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970767; x=1690575567; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=KuoRE5Yl/DRtsjNa9mcAjfrWHh9Er79Gr1x6j80L0wM=; b=zD0iPAvsDw8xZvpkb6VCX2DZ6JQWGPjSkgFkC8hr4z3ClAZZgFh1N6K8U9uOWj82dp 7NBT8FLyUndSgt9nq0w0GtFwlmH6y3aYd4KDVxwEGAqJDg+lEF5owwSgo/isG26leJl2 WSW/txg1FS72tYowQfx/2adEJfka7gRf1lcfiA6tv8sRmumeZcalqKkBWisH0xC3+eSb yl+7xT9TZ7iW0pRwKkHScttEu3f7Wtg+yiiUHWnhPj9o9hWIg78vyIwhZ2EbR4Ua63cn KcHhoZxuRL/UQxqcQF8/gpLWTsmMelRFXVaQb1XBGI14PiIlz3uQu2uIh2s5G4c7ZoKx clBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970767; x=1690575567; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KuoRE5Yl/DRtsjNa9mcAjfrWHh9Er79Gr1x6j80L0wM=; b=XrP8PrsPEylaFQiCHlq9suAjveTR3e3D/MsZt4xoXo9FVVB5KnrMBA3HebcDALAoKt XU6CULr5DFm4VxFG+eyud6FeKt5QbqHw64weIFyn+rWmwN9twzoF5C8G1ZMhbZXLviYZ JsmIAaIwtPYhrHpoB9k2bT9+ib2d38yGFDwvR5yhaw9sYTw6f7bkukSQ8LZcr/JNFEpt j0jFWwKWKcRnf9Yljba2/B8cOM/t/LLdDXCBkDssIS0xXj4yO3G4OuSqmDITFiiuhn/i 0s/mbYqxmybKmT5dSxugPCCi/G5zaRw5L9o+kyrS793lK5Ea7CcdP8BKmadPFCTnV4hp /dew== X-Gm-Message-State: ABy/qLZZcDDY3z+modO6+q4753gGb4roQ5+Fo1648BAK7AsxjhxkB6fb aS0o/JP9/KNhV2g7/S4QK4LLTc+2xtg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:102f:b0:c22:38c2:43de with SMTP id x15-20020a056902102f00b00c2238c243demr21396ybt.11.1689970766940; Fri, 21 Jul 2023 13:19:26 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:51 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-12-seanjc@google.com> Subject: [PATCH v4 11/19] KVM: SVM: Make KVM_AMD depend on CPU_SUP_AMD or CPU_SUP_HYGON From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772065942176669679 X-GMAIL-MSGID: 1772065942176669679 Make building KVM SVM support depend on support for AMD or Hygon. KVM already effectively restricts SVM support to AMD and Hygon by virtue of the vendor string checks in cpu_has_svm(), and KVM VMX supports depends on one of its three known vendors (Intel, Centaur, or Zhaoxin). Add the CPU_SUP_HYGON clause even though CPU_SUP_HYGON selects CPU_SUP_AMD to document that KVM SVM support isn't just for AMD CPUs, and to prevent breakage should Hygon support ever become a standalone thing. Signed-off-by: Sean Christopherson --- arch/x86/kvm/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 89ca7f4c1464..66dbd1f4d57d 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -101,7 +101,7 @@ config X86_SGX_KVM config KVM_AMD tristate "KVM for AMD processors support" - depends on KVM + depends on KVM && (CPU_SUP_AMD || CPU_SUP_HYGON) help Provides support for KVM on AMD processors equipped with the AMD-V (SVM) extensions. From patchwork Fri Jul 21 20:18:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124098 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp468133vqg; Fri, 21 Jul 2023 14:14:58 -0700 (PDT) X-Google-Smtp-Source: APBJJlHXzgbo1ul4njWN3/t1LrHV61IDUW0ZAsYJA7oAHupRa0Z7pg0AbQ7Myv+//97fAAfCZHZz X-Received: by 2002:a17:907:77d1:b0:99b:65fa:fc24 with SMTP id kz17-20020a17090777d100b0099b65fafc24mr3109953ejc.36.1689974098226; Fri, 21 Jul 2023 14:14:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689974098; cv=none; d=google.com; s=arc-20160816; b=Xe2ytTocRFSoXwWz376oBlGGCIUe7phkLwUcV/wraS6DhX8JqfdSjxukr0uG4oEBQA ZxrlBZKTeCTfTp1txfZ6yTS++5HB6ePSdMNr3FhESphQvEFsiLCz2Dgp0hgaeD/239/k cS+MHUVwaVUPqD1DeUmhlzn0QnfXfHxE7oUD/e8pousLyLdzCH4onAlN/0GZRv1BAOgN 2T+EQr4G/GZkZYLFR7B7Y1MIBc2Vj63MYwSXMpUkvI0tJNGzIQ6lbfY0yoO6+y25BpAl +X+IJIOO1ZKakt7lFJLWuFwSR2zEfw0fTb61shOpKRzwmnT/SGWiawjlAMJv8yP2iQVC DN3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=crVRYHKBiix+9k25sqJYwYQ0PSqShcL9j1oDpcsA6Dw=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=W+KLPszCO3PQC1VA5/pDm5bDXnGen/rQcIRupUEv1y4VGG5kxrtVaBba9aQVByKE0a p/Heq1mav7EJSWSyyx+v/Iwwd6G3fcMEr+wB5OqAHbObaaza4hE/cf/djrDsPgPosgm+ BOb9iwQCtXOqEIlgkEbgIvPGpZmFLbUBIO8ZBDWTiusVyuvAsWnaQDWxi92NYmkW5R1x hjmB/dnt2H+NgvcIYV8JWPxqY1i0904RfeXmxVFVg+WKx+h0InKjLN8R5hFiiPWoTnMI 21E3uH2E3rC13RyOYmIj7SQzNEVALwechqbvnmrKvVVcFfRpMvSfu7q6bd14b9uGCLQ9 +Jdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=RBMLDqiH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l17-20020a1709065a9100b00992f45c9350si2579256ejq.1018.2023.07.21.14.14.34; Fri, 21 Jul 2023 14:14:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=RBMLDqiH; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230476AbjGUUUK (ORCPT + 99 others); Fri, 21 Jul 2023 16:20:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38920 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231235AbjGUUTx (ORCPT ); Fri, 21 Jul 2023 16:19:53 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5B2223C0F for ; Fri, 21 Jul 2023 13:19:30 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-cbcffb18afeso2290121276.2 for ; Fri, 21 Jul 2023 13:19:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970769; x=1690575569; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=crVRYHKBiix+9k25sqJYwYQ0PSqShcL9j1oDpcsA6Dw=; b=RBMLDqiHzxUqzpaXDgFLDPjpgSNfDoJR5XmTJs6L39FY207ornlD4wCggqqn+VPvnX obC6S0TQlHfM4bAlkMqGJoQfHMjSkF5rRIvGYLw0fKnXaYAG4jlkOuczjYzK20mkYAdj 2YUb2v/3KZQC34lVsFniXRfYO+rQiS7vKyeoW2e8jLhiydA8oIrl9Lk83BpOAAzGHwsS yQz2W/AOA95nN24PfMg8quSvL9++qNmgUOm8rU4FPZqMM/ZKEf4dQ+KjsJIEJm7VODr3 hN10+m9kznfjnNbZSm7xnVwZJq9pQnA6bgdEHbuu2VCvgb2oKlx6c+qOmdjYfoKCXoAa vzwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970769; x=1690575569; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=crVRYHKBiix+9k25sqJYwYQ0PSqShcL9j1oDpcsA6Dw=; b=CPKSZsjCld4Q0qE63aXH/2q91ntZg5q+Uj8EtdLI6rSWV7rKUx8R6zUCNIpKdCUu+Q shuCBuwvM8YNumZ0OMpPJI1oKQ+5WoUCNQzdea4cfssc0hofbA5Peb2VShm6bYcflRsS //7UvyDGbsOFaQZ7zT1+SMh1RwzjrvJKHiFGtmLxNYC/4BFxst4LBSy9v+c9N1Rr7uo9 nVWZ2w1rotvUtoQxQkR2YgGhQgKwPvwQduU4znBf6iWW1m8B/SwpLD3gFIzfGzj7W/mF JMf0ryDl0VgHWJZBSiDzoglLjfUURwU/9/n7zo0dAC0omuE3KbNkYklQI50Ml0B/GDFm NGFQ== X-Gm-Message-State: ABy/qLYQLkWN19viOfmaHB3I4+UgnPmmMNq4x7nkvgdcVsjvwXgNRGl2 YvAOEuYZE4/e3K53x9JRv2Yy/P2PDJY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:188b:0:b0:cab:e42c:876b with SMTP id 133-20020a25188b000000b00cabe42c876bmr18130yby.3.1689970768563; Fri, 21 Jul 2023 13:19:28 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:52 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-13-seanjc@google.com> Subject: [PATCH v4 12/19] x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm() From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772066279927829860 X-GMAIL-MSGID: 1772066279927829860 Drop the explicit check on the extended CPUID level in cpu_has_svm(), the kernel's cached CPUID info will leave the entire SVM leaf unset if said leaf is not supported by hardware. Prior to using cached information, the check was needed to avoid false positives due to Intel's rather crazy CPUID behavior of returning the values of the maximum supported leaf if the specified leaf is unsupported. Fixes: 682a8108872f ("x86/kvm/svm: Simplify cpu_has_svm()") Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 6 ------ 1 file changed, 6 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index a27801f2bc71..be50c414efe4 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -39,12 +39,6 @@ static inline int cpu_has_svm(const char **msg) return 0; } - if (boot_cpu_data.extended_cpuid_level < SVM_CPUID_FUNC) { - if (msg) - *msg = "can't execute cpuid_8000000a"; - return 0; - } - if (!boot_cpu_has(X86_FEATURE_SVM)) { if (msg) *msg = "svm not available"; From patchwork Fri Jul 21 20:18:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124094 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp467281vqg; Fri, 21 Jul 2023 14:12:50 -0700 (PDT) X-Google-Smtp-Source: APBJJlH1LB/C0RoLZgk2v6DKU5SIruqBXn3XZefq9F3Nn+rR67iEfvzo8JmwNR0cYRyl26k/S6X8 X-Received: by 2002:a17:907:a070:b0:993:da91:6e0c with SMTP id ia16-20020a170907a07000b00993da916e0cmr2434876ejc.3.1689973970578; Fri, 21 Jul 2023 14:12:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689973970; cv=none; d=google.com; s=arc-20160816; b=TunZUliHpMFKM4txZGU7zKAxm2kg4BrXudsrFNFs7E7ruPW+FvvUsnHGyZLXGreQ7O Fl3F1CzWWT0/c5YLSFSfy1Z+/NKFB6nkTbsAdl0/rJYOFSKUait2UVRWh5TA8iSGMqWk dHOy0QKUjOzYQBPSPOQ6ta3KfdNcsYrEQmLdjngWbstC4SqX8B3gnxyHQ7EgR7NAModP JiFkeIK3pK1j6WdSYLYfWpnUWiGQCSi5Mzp/oT7gNvewQlOntp+4g50hnhv2S7iY5uB/ gh3dKUIQIEnbzUvbRFdMiTvRSblnbo76UaQMwc66q9m2sbcgKRInA8jRITOICTcRrwJ1 bOhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=mHJaGcmVZZrx5eJzID4aSbivNsbcbnHCRBUFTHr46UU=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=JiZZqQph5yJgfYXm5jB7YuVCt4DG8HSN6zgfHvz3Ky8Un5megs+5/66oEPsYOQgTg4 u2Ph/7hk6T0pLEvcKX/GVK36PRDSJjczRbXfaL5T5mFf6rElAlsp5MC1Wlc0l/sTG/Jc VzWyEUEqaOtXIfk5pE4Q5c9EhxIlwnDig1kdgDDh5tDaxKk5Nv8vepHXornkbKWfuVBX UYNfA1B2CZBNDn26wggS0Ac090cAfQNPn62fiJqg6WKGbQYfX+oduMgn7O/Ypr+NqaWY yd9zAg9/thOGvf5XDz+GDm5eavk3IkK13ziHEfbBV1dt/Ss2zoyeeLIE2kZS/hKOxG0v 1ZzA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=xFjEUGb0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id lz27-20020a170906fb1b00b0099364d9f0ebsi2716741ejb.559.2023.07.21.14.12.26; Fri, 21 Jul 2023 14:12:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=xFjEUGb0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231362AbjGUUUi (ORCPT + 99 others); Fri, 21 Jul 2023 16:20:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37916 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231460AbjGUUUH (ORCPT ); Fri, 21 Jul 2023 16:20:07 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F303935AB for ; Fri, 21 Jul 2023 13:19:31 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-583a89cccf6so6221507b3.1 for ; Fri, 21 Jul 2023 13:19:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970770; x=1690575570; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=mHJaGcmVZZrx5eJzID4aSbivNsbcbnHCRBUFTHr46UU=; b=xFjEUGb0YeU1GuqO6TMYTw4S8pE3wSKHfAnKkjt80FS5sXpKILObv/a3O3ewHWsGTO /uzvI4F2rqO1kbuzWSa4MliHY9cF1H/Ac9QzYVtv+NpjhbtyPfoNrV+E8v7WZNB/bFw6 ZQ7omF8dzvvNGZgQWyEPIyPC2w4JP9kZNJKLQfZrbxFODjZi5nLgku8ikRETSpBGVBoX oTGOuajDeuXcYaiGo4yFKLgo/FiyRHoPoBqYGCiHsyTHKlkUVEYlJTNm2xlmLZ2ST0En IL9sBALfri08BXauA1hERqbg4OfcffWRTJh4RjhdbbAEe8+cFgFJdJ8ifVoxgauGAZCM iuuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970770; x=1690575570; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=mHJaGcmVZZrx5eJzID4aSbivNsbcbnHCRBUFTHr46UU=; b=ED78eCYn1HC4WemdjwIID/SpOYjC/blCWapItl7GwlWNsPSc/PA5B7uy+Y9DlqevML Vu1zrE214JxqP0XuX74JzyJn8cKWuJY0UWCbUw72Y+/V01eUeJjFJsrsPJW3BmdlFMN9 fdULHlq/gS2sppiLmdbaLWotEpU5jkhiNPAdXmRVgcMC4uVOO+ZGnRvnoALvhiyXKiJo e8OoLNGy/cTq02lwZTroGI1+jMQErpy8OY5MvsxFlJS69EgfJ5m8XyucFT+gQllfnD1+ 2NaBVSNcD4eulUMxiGesAOfn7aCkKKvoHYN72hs/8fbjqXmoVEaS0ZUzuPyFLjhXSFGZ j+hw== X-Gm-Message-State: ABy/qLb/I5X3HLYwgLdok7rAspfbQfQKvf1/wnD58tHii4TlH6DExC5V FNTVhfE+h7hA2uFC3i0pt5L0qcjXxQ4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:ac15:0:b0:55d:d5b1:c2bd with SMTP id k21-20020a81ac15000000b0055dd5b1c2bdmr9808ywh.8.1689970770756; Fri, 21 Jul 2023 13:19:30 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:53 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-14-seanjc@google.com> Subject: [PATCH v4 13/19] x86/virt: KVM: Open code cpu_has_svm() into kvm_is_svm_supported() From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772066146555613407 X-GMAIL-MSGID: 1772066146555613407 Fold the guts of cpu_has_svm() into kvm_is_svm_supported(), its sole remaining user. No functional change intended. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 28 ---------------------------- arch/x86/kvm/svm/svm.c | 11 ++++++++--- 2 files changed, 8 insertions(+), 31 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index be50c414efe4..632575e257d8 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -22,35 +22,7 @@ /* * SVM functions: */ - -/** Check if the CPU has SVM support - * - * You can use the 'msg' arg to get a message describing the problem, - * if the function returns zero. Simply pass NULL if you are not interested - * on the messages; gcc should take care of not generating code for - * the messages on this case. - */ -static inline int cpu_has_svm(const char **msg) -{ - if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD && - boot_cpu_data.x86_vendor != X86_VENDOR_HYGON) { - if (msg) - *msg = "not amd or hygon"; - return 0; - } - - if (!boot_cpu_has(X86_FEATURE_SVM)) { - if (msg) - *msg = "svm not available"; - return 0; - } - return 1; -} - - /** Disable SVM on the current CPU - * - * You should call this only if cpu_has_svm() returned true. */ static inline void cpu_svm_disable(void) { diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 1ae9c2c7eacb..ff6c769aafb2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -521,11 +521,16 @@ static void svm_init_osvw(struct kvm_vcpu *vcpu) static bool kvm_is_svm_supported(void) { int cpu = raw_smp_processor_id(); - const char *msg; u64 vm_cr; - if (!cpu_has_svm(&msg)) { - pr_err("SVM not supported by CPU %d, %s\n", cpu, msg); + if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD && + boot_cpu_data.x86_vendor != X86_VENDOR_HYGON) { + pr_err("CPU %d isn't AMD or Hygon\n", cpu); + return false; + } + + if (!boot_cpu_has(X86_FEATURE_SVM)) { + pr_err("SVM not supported by CPU %d\n", cpu); return false; } From patchwork Fri Jul 21 20:18:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124095 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp467708vqg; Fri, 21 Jul 2023 14:13:54 -0700 (PDT) X-Google-Smtp-Source: APBJJlFFvR/GDRtTTCpLZahDm3+R/nGipiK9ebDPxPrSn2VcnFLJ15CyGKz2CXEztYjhqhEGyWo2 X-Received: by 2002:a17:906:2216:b0:989:3e0d:89fb with SMTP id s22-20020a170906221600b009893e0d89fbmr2548112ejs.45.1689974034167; Fri, 21 Jul 2023 14:13:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689974034; cv=none; d=google.com; s=arc-20160816; b=r0TGUC+XTuo3okifnF5Ulpywpkeq6+Jc6BXugYuO+toUJdMfcVAubLJgLTnTfMHU72 9rC0m6TN/vV4UsWysAgRNf5rPMMfvodEYhECg0pJ8i0Y4RWJJQ6J/V0xlXGNhkdrPY5Y DY7uyJGBsgJpSWHF5EQrnwTFgxS4eEpqlDBpB/+ApZolU+0MnldDHN9tnfFqyqFIHcl7 q1aMJBvD7+/8AyCkDBcFrss2cwjgX1ZkhXuFZLg3weq+am4pXAyoMWnIWcG6X2Jh/k0V yH0ZCXVoMoZwHM7Xh3cDUTmFyIgG/tP5ISg0akcSmhkCnqsoQnNQyBgJJjmqEv9O/E9G sLFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=uhoBWFPCBOgYgQs9Wbxf7anLd8UMxgDqXbWpH+bX2KY=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=Ta7o9RiUgQ/731rvnnZCPt3EoH53EXb73Rdbe7eUhzCGLztASSnpxqptp+Cpujyr9J VEUvP0kFXrqU4PUFrzaB1CbRlHgHFKxDNP6vCw0cafy6PE7zHdvA86yqLsYDeOej1CG8 Q3iD5tfeAfknVKZwueQJMlvpnfDYzGzjOj2jvYCHQuRl8QRZ8htj30+mnXcGTJbj7Oyo IRrpu8h71fqa0kB6v9Q9ud6q0qCf3IfS32l/llP8yVmAt2QIUT0Fs9AuXLZk1L7SQUip iAxT9NKb+fqL2YyxD9fGmhAqPetZK8bPQk9HNis1J483J3eDnjePcX3MOefIxAA+4E9F 6tqg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=BqJBwjEk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s11-20020a170906168b00b009942c859e77si2602604ejd.193.2023.07.21.14.13.28; Fri, 21 Jul 2023 14:13:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=BqJBwjEk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231167AbjGUUUd (ORCPT + 99 others); Fri, 21 Jul 2023 16:20:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39200 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231439AbjGUUUF (ORCPT ); Fri, 21 Jul 2023 16:20:05 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F5664216 for ; Fri, 21 Jul 2023 13:19:33 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-c5a479bc2d4so2186020276.1 for ; Fri, 21 Jul 2023 13:19:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970772; x=1690575572; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=uhoBWFPCBOgYgQs9Wbxf7anLd8UMxgDqXbWpH+bX2KY=; b=BqJBwjEk+/zhFp4v5DrxQNReQVSoNlh/Bn0hUbsO8ZiEO/etbAIosjlClY7b6ifBBy wi3HDJfJE+jUUceINpJHN6wSTWbqUmyfzZi1k/JQKHiIJGwA7j6u5reIne4DWb5D1UeB p7pcAuNqF4vndeC9wIz/8uWHcddezeQhI8tep358HE0tpXUoAcue+Ghl6YEpRZEzbO/U J3+qH1Zc8yvKpVjIjnIx/75G7nRlmV863pOmIuyo9J3xyzA50nbAtEa0Myyb9v3ipxpH kDIyKNilgiU1a4xzVdhXo9++dIWuAlATjktwg3RONaxNWlAzAQafqJVzTHbU6vE4FJ1e d34g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970772; x=1690575572; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=uhoBWFPCBOgYgQs9Wbxf7anLd8UMxgDqXbWpH+bX2KY=; b=ioPM0KVZdVzr750WNG+NuaMelMGwhJd6klo0H6CLm7AtcHPPs49o1WIXUuD5ax9uiH anZML967yc8GhY297JQpXwuEBVZZezLGyQOkEb8BaCBtG5cLF9CVw2OapMyXe7eOz5XL 6L1+HNeMYuhot2dt8Gp+Y7IDQZxMpSz75qmaGVC5tk4piVE9P/5eIgVDx3dBVmupoWsX qsZqHS67nExZfNZXEwRZJcCtq1iBJTFK4kspH2F6Mo+VBggVvwgM9agWAQeW1oz+62KU DJLBmryrZsjxQ69N9SEYuslGFR8A+q4Kagvcl3vUvMFuwGx5pqoZAUTnt8OqpyFJhQSB Z1Bw== X-Gm-Message-State: ABy/qLbSm38lnt9zS73T52AvEvPT8+sa/m2sKB83tjTuJtuxTxXvKLDZ RkyYRe3ENsbFRo+bQT+RVSMKmoXjiLg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:40cf:0:b0:cc7:b850:7f2 with SMTP id n198-20020a2540cf000000b00cc7b85007f2mr19598yba.5.1689970772756; Fri, 21 Jul 2023 13:19:32 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:54 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-15-seanjc@google.com> Subject: [PATCH v4 14/19] KVM: SVM: Check that the current CPU supports SVM in kvm_is_svm_supported() From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772066212938188462 X-GMAIL-MSGID: 1772066212938188462 Check "this" CPU instead of the boot CPU when querying SVM support so that the per-CPU checks done during hardware enabling actually function as intended, i.e. will detect issues where SVM isn't support on all CPUs. Disable migration for the use from svm_init() mostly so that the standard accessors for the per-CPU data can be used without getting yelled at by CONFIG_DEBUG_PREEMPT=y sanity checks. Preventing the "disabled by BIOS" error message from reporting the wrong CPU is largely a bonus, as ensuring a stable CPU during module load is a non-goal for KVM. Link: https://lore.kernel.org/all/ZAdxNgv0M6P63odE@google.com Cc: Kai Huang Cc: Chao Gao Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index ff6c769aafb2..9e449167e71b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -518,18 +518,20 @@ static void svm_init_osvw(struct kvm_vcpu *vcpu) vcpu->arch.osvw.status |= 1; } -static bool kvm_is_svm_supported(void) +static bool __kvm_is_svm_supported(void) { - int cpu = raw_smp_processor_id(); + int cpu = smp_processor_id(); + struct cpuinfo_x86 *c = &cpu_data(cpu); + u64 vm_cr; - if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD && - boot_cpu_data.x86_vendor != X86_VENDOR_HYGON) { + if (c->x86_vendor != X86_VENDOR_AMD && + c->x86_vendor != X86_VENDOR_HYGON) { pr_err("CPU %d isn't AMD or Hygon\n", cpu); return false; } - if (!boot_cpu_has(X86_FEATURE_SVM)) { + if (!cpu_has(c, X86_FEATURE_SVM)) { pr_err("SVM not supported by CPU %d\n", cpu); return false; } @@ -548,9 +550,20 @@ static bool kvm_is_svm_supported(void) return true; } +static bool kvm_is_svm_supported(void) +{ + bool supported; + + migrate_disable(); + supported = __kvm_is_svm_supported(); + migrate_enable(); + + return supported; +} + static int svm_check_processor_compat(void) { - if (!kvm_is_svm_supported()) + if (!__kvm_is_svm_supported()) return -EIO; return 0; From patchwork Fri Jul 21 20:18:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124114 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp476844vqg; Fri, 21 Jul 2023 14:33:28 -0700 (PDT) X-Google-Smtp-Source: APBJJlHpYpo/3V+PnF9vMx4peO2chqpZGhuSpFdI2+G3SwgQWIqFDG86fgATlZTnUgCCeDxYC5dh X-Received: by 2002:a05:6a00:22d3:b0:684:aa3e:7bf3 with SMTP id f19-20020a056a0022d300b00684aa3e7bf3mr1677455pfj.31.1689975208026; Fri, 21 Jul 2023 14:33:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689975208; cv=none; d=google.com; s=arc-20160816; b=lDWOoSwkY7OuV8RzpBjq0z9zXuGr+DSYjf71wAQOI7gkLT9TdQVxfKKWtjtexvKVWP SK8X/+D4zcLJLKSkZCdR7IKihN2Ss1R0KVtF28LJzdrLn8QpdHJgd3emY63VmZMFRPsE Q+YXrxR9aoS118+s5pyZMwscIvXqsuaQdog25Jrs6QRErPZ3ovY3ja2r6GES8VhOk50X khxe5NEYiPwvNA+sby4LVLvmjVF8U4j/eMCfJSIR20zRo0g3P9xd6voNFlUnj5z7ugv7 PQgIe6HCtNFVZTmpKJfn5lsC3Ep5vOPnH8ZoGdQYj0JLjFclfS9Hsoui+4r7nl0oY32V Il5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=wPlbfa+N8zgfbkJ5TFjNvfC430Np593GRATA+kV4uv8=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=fuQ+r1zHSnUeEkHxN2Xnb/nYirGx+WrdoHkReaF8VXpl/yJyEG3ZYlXg3tObLxFzQA Zr2IDs4O6v6TJUNlAhO/d5h+VBP2ntFxi3ir8gpG+lFayAoAEGkMksdgCKA2Pebr6Kfx iOWFwkVYH33anBkPtKWoMRjtFsiOPwMyTOfUG4n/I9W6c5t52bzmth+IerjQzeLexYsE vGSmtaYguNnPhIkMAh4Kn/yt70KeZxNVNroL23KGqN5VfVX70oYmNSGzbRcKwPyo90+t TSxkzQsr0hCE2Rbse5BSyE3gGQHtoOuZcOqlUgtyGXifHINO6sHGuAYPL8ooiwAvXppZ nCOQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=YMYRUHzU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j5-20020a056a00174500b0067de347ee12si3906138pfc.164.2023.07.21.14.33.14; Fri, 21 Jul 2023 14:33:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=YMYRUHzU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231435AbjGUUU1 (ORCPT + 99 others); Fri, 21 Jul 2023 16:20:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39180 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230460AbjGUUUE (ORCPT ); Fri, 21 Jul 2023 16:20:04 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2B680422D for ; Fri, 21 Jul 2023 13:19:35 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5734d919156so26637607b3.3 for ; Fri, 21 Jul 2023 13:19:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970774; x=1690575574; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=wPlbfa+N8zgfbkJ5TFjNvfC430Np593GRATA+kV4uv8=; b=YMYRUHzUDCVMuYn52ynlOKvBnRXOyiLr1dfgtoseNBOu4bDGsTucDMvLpEpL1MqmUe 4GSO5jlD2I9GxnBXQQRXoK5LwMCPEGlozlc4vlePKaqf3bhgsDxPjj+cBfWd7xupVa2/ i0NHbQtd24teDqosxIhfXN30cvUCTA5BSKtrqljErAnCSidWLnVSreSjcp9t3cgs8/8f j1Q2DQWnzLCp1MpXEbmnFdAh1ipvd0bngkKlEdgjYWvm70IfbIeCjdTuzIFN9rQlcRMX LZJ/W3WzKqojxqlMu8WlcWnJ0ILoNtfwLgJUzJKLYFQ7bJ52u6OwVjmUKa7/uN93JeuR y32A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970774; x=1690575574; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=wPlbfa+N8zgfbkJ5TFjNvfC430Np593GRATA+kV4uv8=; b=eQYFBcWsRet42VEw/ul8L+f8mxIANPU9eEG3NTrERtSixg4Ztg9gjrNVoegI1ibwuB TxQl/TbXi45cVRK95qEnwhgGcBcCPFI3x2fIMaimQbB95QGTk6PifbGiV4/E7TLmxDDw KeUzR1A2ewJQzBGXnFG6Y9uVrgkPFdThwdu0k9l4IRIV5Q9tLVWYYmsMU6D8byzI9uCx TzXOVblKklRAwq08T9wopTY/6z8cVhSFBx24jyPpYIrNWZGrb2gYzR83ZYjCs/y+PTis jvKmMXCL+6KkUXwNmG4KDHCvaD3uQZYwEkTx8FVpmiR4fqJ4BGVeuPIm9BrIu7v86ufa yd6g== X-Gm-Message-State: ABy/qLZx6X6EORU5PV4tOwdeM2O93jEMdUPTylL0PiJ8jrFS3cO3UVdG zAXpEG4SM1fX2HO30BpDYrf48ESvIyU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:ad55:0:b0:583:6f04:4267 with SMTP id l21-20020a81ad55000000b005836f044267mr10407ywk.8.1689970774670; Fri, 21 Jul 2023 13:19:34 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:55 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-16-seanjc@google.com> Subject: [PATCH v4 15/19] KVM: VMX: Ensure CPU is stable when probing basic VMX support From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772067444016373233 X-GMAIL-MSGID: 1772067444016373233 Disable migration when probing VMX support during module load to ensure the CPU is stable, mostly to match similar SVM logic, where allowing migration effective requires deliberately writing buggy code. As a bonus, KVM won't report the wrong CPU to userspace if VMX is unsupported, but in practice that is a very, very minor bonus as the only way that reporting the wrong CPU would actually matter is if hardware is broken or if the system is misconfigured, i.e. if KVM gets migrated from a CPU that _does_ support VMX to a CPU that does _not_ support VMX. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 6f4fcd82fa6e..0e1f3856a9be 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2737,9 +2737,9 @@ static int setup_vmcs_config(struct vmcs_config *vmcs_conf, return 0; } -static bool kvm_is_vmx_supported(void) +static bool __kvm_is_vmx_supported(void) { - int cpu = raw_smp_processor_id(); + int cpu = smp_processor_id(); if (!(cpuid_ecx(1) & feature_bit(VMX))) { pr_err("VMX not supported by CPU %d\n", cpu); @@ -2755,13 +2755,24 @@ static bool kvm_is_vmx_supported(void) return true; } +static bool kvm_is_vmx_supported(void) +{ + bool supported; + + migrate_disable(); + supported = __kvm_is_vmx_supported(); + migrate_enable(); + + return supported; +} + static int vmx_check_processor_compat(void) { int cpu = raw_smp_processor_id(); struct vmcs_config vmcs_conf; struct vmx_capability vmx_cap; - if (!kvm_is_vmx_supported()) + if (!__kvm_is_vmx_supported()) return -EIO; if (setup_vmcs_config(&vmcs_conf, &vmx_cap) < 0) { From patchwork Fri Jul 21 20:18:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124117 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp477275vqg; Fri, 21 Jul 2023 14:34:30 -0700 (PDT) X-Google-Smtp-Source: APBJJlHzmgbon11aPI5I37I9XxIkEQn55WWuDcB/IxiN2h0LBHYjJ+H/ToGNVsX+ns9bGu6CXO+j X-Received: by 2002:a05:6358:2619:b0:135:57d0:d171 with SMTP id l25-20020a056358261900b0013557d0d171mr1136362rwc.15.1689975269946; Fri, 21 Jul 2023 14:34:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689975269; cv=none; d=google.com; s=arc-20160816; b=FA7GF0nQnjx1IftsAXxzbyZ/YEdnGe7MLEIfazMbrn7S9jMv1SvUItMcQtWBjtRcax ZggJBNqMnxCBWC6qM7HBBPZ41ojRAsAhhnOM3BZiApyl7kf7TWM8ta7iuGLnUuieXPA/ 1NHQgI77fGJIJWYuLaA17xV39AW7vHw9Ma37m/1f6KlGVhtel2qn/y/tFhxBufUPBo+n lmHztjsMNf2qIvbH6xFJVFb0xhaMhwkdmFrhqBYn3gtWzmWyHjrokFkcQle8hVRso/T6 NPRxS4i1NG0IuFJx82IUGO0ylfeoZhqV8eIXJFCqna+JUEsGFSgDMk+k6dPq6c++BHkC 9zAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=7MVEPPMPG5BIE/ZORskfpxdkerEVsprNO1/ccabxK1U=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=a6Sl6khFv0gGIPTJskzMRScF/sF1C9Ei9k80keT+vUqzJGS+98f/u+7vyu6oEQPo6W yBB+D2U9sOvkRY/RYiLuBB7hcCwM8OXchkhyAM0y189hH1zVXpDFb2Xwz+qSwhUzWxZX 3mIy+K+ItsL8LY/U56mqP4ILSXxwziDIsF/Hic69K4O143rPDeJPuFXHooQ7PcofLtxn jpQpfdR7Rl+LD11FmoItRJibaYqftRqwZ7NRgcRloPer9Dzqn/Sn/rwQjn8uI7e/FzmK SGnB3yJVY/9qVlQgOamTBXyvPDnv5akZEXTD9Aih+k18wbXtqriBANClTdPooHIxL/qS OcGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=dsfCRhtX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v24-20020a63f218000000b005578994f212si3710467pgh.425.2023.07.21.14.34.17; Fri, 21 Jul 2023 14:34:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=dsfCRhtX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231409AbjGUUUw (ORCPT + 99 others); Fri, 21 Jul 2023 16:20:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38780 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231311AbjGUUUT (ORCPT ); Fri, 21 Jul 2023 16:20:19 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85CB94493 for ; Fri, 21 Jul 2023 13:19:40 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d9443c01a7336-1b8af49a5d2so20437515ad.2 for ; Fri, 21 Jul 2023 13:19:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970777; x=1690575577; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=7MVEPPMPG5BIE/ZORskfpxdkerEVsprNO1/ccabxK1U=; b=dsfCRhtXu+8WBW50E8oV+3uhZ2IRmNPTr+fYzCXaE7ye0usyPQ3FcgUx3z2bDgBp+b 2JtfRRWLip6QDC4cSBq7Ef5ocutDHXkXkY6mDSEOjLvzRlaA2XjN+g38YAUYj932UeSm FH2O1fYjeHuQfQFMZ+X68cDDdQ0UDLkoOdRf/CzfI13WPYzklLaH5a295isOpx4XsjFI ACUsOr8ONPZJWnXokIUrjZxk++/XpQnD0doONOc5k8lzC3jKOYe3fnHmlqne9aCmE0mt ZCSzWJ2xDQKusbcs0tM4RFyc9d8iON18lHvW/YwToWhPC8ogAzcrqzslH4pNfPJ19Nnf /vJA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970777; x=1690575577; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7MVEPPMPG5BIE/ZORskfpxdkerEVsprNO1/ccabxK1U=; b=Fg4WQhq4KLb9UMrqO+LDnfO26vwZM/barmO0XamyuLrWbbk2j+H7PNLlHEyt+iy4ny p6s6ewQd8cLzy+9SbZimIMBQDsFGu/sgJEoObSkRHjF0pJG+Nfva+VfPfgAUnZr67pwh MKQeo86zbaEG1e8VG/rLGywS8pSR+7w260gd18HJJbaUqW65WsBe2T8c0eU88NPSAXZb RtKwPUeGXhI+CSfuOXeLX9FnHmnFwcDghcEhFFJy8M2oEkP5Idp6n4tfg8aupkOgm1fX lXcDBdVS+YgUXs3fqny3ABQoIsnSbnPVdQO+y1PQGTL0OYVBZJWen81em7buVbdaEPVc 0j4A== X-Gm-Message-State: ABy/qLbKrhlOSlXQMku8AZe2ht7SYlDvSTU81ljvu56lJtx9hwiPy85g VoTsdejxKlRjjy9sqfiNkYhIKnzIjDs= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:903:22c9:b0:1b8:7f21:6d3 with SMTP id y9-20020a17090322c900b001b87f2106d3mr12669plg.6.1689970776409; Fri, 21 Jul 2023 13:19:36 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:56 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-17-seanjc@google.com> Subject: [PATCH v4 16/19] x86/virt: KVM: Move "disable SVM" helper into KVM SVM From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772067508797125570 X-GMAIL-MSGID: 1772067508797125570 Move cpu_svm_disable() into KVM proper now that all hardware virtualization management is routed through KVM. Remove the now-empty virtext.h. No functional change intended. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 50 ---------------------------------- arch/x86/kvm/svm/svm.c | 29 +++++++++++++++++--- 2 files changed, 25 insertions(+), 54 deletions(-) delete mode 100644 arch/x86/include/asm/virtext.h diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h deleted file mode 100644 index 632575e257d8..000000000000 --- a/arch/x86/include/asm/virtext.h +++ /dev/null @@ -1,50 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* CPU virtualization extensions handling - * - * This should carry the code for handling CPU virtualization extensions - * that needs to live in the kernel core. - * - * Author: Eduardo Habkost - * - * Copyright (C) 2008, Red Hat Inc. - * - * Contains code from KVM, Copyright (C) 2006 Qumranet, Inc. - */ -#ifndef _ASM_X86_VIRTEX_H -#define _ASM_X86_VIRTEX_H - -#include - -#include -#include -#include - -/* - * SVM functions: - */ -/** Disable SVM on the current CPU - */ -static inline void cpu_svm_disable(void) -{ - uint64_t efer; - - wrmsrl(MSR_VM_HSAVE_PA, 0); - rdmsrl(MSR_EFER, efer); - if (efer & EFER_SVME) { - /* - * Force GIF=1 prior to disabling SVM to ensure INIT and NMI - * aren't blocked, e.g. if a fatal error occurred between CLGI - * and STGI. Note, STGI may #UD if SVM is disabled from NMI - * context between reading EFER and executing STGI. In that - * case, GIF must already be set, otherwise the NMI would have - * been blocked, so just eat the fault. - */ - asm_volatile_goto("1: stgi\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "memory" : fault); -fault: - wrmsrl(MSR_EFER, efer & ~EFER_SVME); - } -} - -#endif /* _ASM_X86_VIRTEX_H */ diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 9e449167e71b..47f9c7156609 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -42,8 +42,6 @@ #include #include -#include - #include #include "trace.h" @@ -582,9 +580,32 @@ void __svm_write_tsc_multiplier(u64 multiplier) preempt_enable(); } +static inline void kvm_cpu_svm_disable(void) +{ + uint64_t efer; + + wrmsrl(MSR_VM_HSAVE_PA, 0); + rdmsrl(MSR_EFER, efer); + if (efer & EFER_SVME) { + /* + * Force GIF=1 prior to disabling SVM to ensure INIT and NMI + * aren't blocked, e.g. if a fatal error occurred between CLGI + * and STGI. Note, STGI may #UD if SVM is disabled from NMI + * context between reading EFER and executing STGI. In that + * case, GIF must already be set, otherwise the NMI would have + * been blocked, so just eat the fault. + */ + asm_volatile_goto("1: stgi\n\t" + _ASM_EXTABLE(1b, %l[fault]) + ::: "memory" : fault); +fault: + wrmsrl(MSR_EFER, efer & ~EFER_SVME); + } +} + static void svm_emergency_disable(void) { - cpu_svm_disable(); + kvm_cpu_svm_disable(); } static void svm_hardware_disable(void) @@ -593,7 +614,7 @@ static void svm_hardware_disable(void) if (tsc_scaling) __svm_write_tsc_multiplier(SVM_TSC_RATIO_DEFAULT); - cpu_svm_disable(); + kvm_cpu_svm_disable(); amd_pmu_disable_virt(); } From patchwork Fri Jul 21 20:18:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124099 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp468907vqg; Fri, 21 Jul 2023 14:16:48 -0700 (PDT) X-Google-Smtp-Source: APBJJlE1r60K+icZGeFedhdHP7aR0mMPZamS3yjzNUvYEaJuRkUqi0+AnuKCFLa0hepjm0xZTqiJ X-Received: by 2002:a05:6402:3551:b0:51e:85d7:2c79 with SMTP id f17-20020a056402355100b0051e85d72c79mr10551360edd.7.1689974208319; Fri, 21 Jul 2023 14:16:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689974208; cv=none; d=google.com; s=arc-20160816; b=SZ0vGCAQRZ2mqOLLTdC9hvMaJVjH+HUdtG8IcqQOtSDZAqknJxMGCUp7XaJiyan68S qe+ZavtL2YKP+AvfoVPPItdyHGv7PrH+x27D1NOKTwHUlzknvWFMNZS1aKOWLl8lgtmn fOIm0gndaZyI4keEltP7W+6spfx1Y/ifyUB/+DIJX6sKA9ZhCnMFjAehnR5aXe29CcjF roV7Tb9xfe2APkmDkU2uyrf/XhRJwJY69mKTNrY/ZlGewYTLu2qAflyziKmPu1z7Ptz5 ZmiYjtVcFwmaz9YJgL3C8bwNu7/cBW9JfRE54Pad2u3ARbp6yG7LG02uEDYLzyq2wXc0 vQRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=0ufOgL/ovXKIGQEYukNshYDCW2QOagoVOtmN2psRo9c=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=ste0jMi6QzmZgk5bCVDEvQJNeRWFi1UUfs+TxIXXI/Ut5HXdVj1rrlpda3pPCeGuMX 0MbmcQ9kcnlRxrqpI3AZXVAv+F+E0eHiQQkJEdAU6mqYo79f9zTPjnSvydqM9rVU8R4P 5vWPRn4q9MgYbuKkEEtW4IIOhw1jcHq++C0mbwpBGgcmNwWDfS/9vNt2d6O8/QhB+NKV WFxGcGw7wpTK8VLKJ3jmAAQIGHtwvo80mPOAWW0uRrKZCkVtxFwH7c+rGfbz504ElUPk IW5jBb88APugwFj3VxvSma4QPW2V7puhvK2g6hFzeL1CUW4q++4Na1iZleYrxZRO8rxM 3kWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b="b12Ttu/+"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h14-20020a50ed8e000000b0051e29447e4fsi2639238edr.548.2023.07.21.14.16.23; Fri, 21 Jul 2023 14:16:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b="b12Ttu/+"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231538AbjGUUVB (ORCPT + 99 others); Fri, 21 Jul 2023 16:21:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38926 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231503AbjGUUUf (ORCPT ); Fri, 21 Jul 2023 16:20:35 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 488923A8C for ; Fri, 21 Jul 2023 13:19:50 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-c8f360a07a2so2266280276.2 for ; Fri, 21 Jul 2023 13:19:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970779; x=1690575579; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=0ufOgL/ovXKIGQEYukNshYDCW2QOagoVOtmN2psRo9c=; b=b12Ttu/+eAKMYYr+ZtWZDhO9f8tIZzhiWDUyfkYKkQAGZ8PdoM7SUfhXHfFjda9SM8 wHTbZcaIxbvpo6ZC55UJc/d6aRulVjhV0CUNJrul/2S2FZZweyArAU2EVJUBrcBBXquN vU05kJwjb1NAJHt3dCz+9FG0HhYvLHlgxT/IyC/seKzCxR/UFSkK+WuX3JN2T1Zjexz/ cn2JU6UHxz3FopptseYCiqsx2AYAfIKAmTFUMY10/d1txCxH5yYIetLq3/s5ohB7VhvC xsH/zGKExBxyiHcmYi130rGplxqvQDFOSlqz2e7jwYp5AIvNTdYLOF8Ndw+tBLCt7PL8 HW5A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970779; x=1690575579; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0ufOgL/ovXKIGQEYukNshYDCW2QOagoVOtmN2psRo9c=; b=jqmezKvGRiaAfz+LvDoeIAf4E9uHBtMnT/dIotQcBOBA7EZvI0Uuo+T3fdZ9eVApkF 3q60f9tKOK6MbhTC4nwmFFEPx9d1zSAuiYOBEcUTB1fndOLUYluLifeCRqFuVjbIhkyD JL7nnr4eYtBHkcADK1r9Kay4lN0h3IZ14KFjmVJStCbpZ6W6AtQANHn7ONTK8/kV9A26 zWaDCvxKRfidb7CT8LgjTN8FludMiIY4RMMWa14TORgzruUEeCEKbiJPaT1JlX0NDZRj rTW1QOWulVqqd+zj+LTBwBLLg172g5jqHoTisbLLfqD1uLlrIMYt1n533Qr3MRMzGOwK +/Rw== X-Gm-Message-State: ABy/qLZZpcZCKK5bf+nqujVJkS03UwAsReJl/64z+lwMqBtRnlKeY+S/ 0fCjKpYfJNaWaFnNSLhgJ7ICpU+yDeM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:81cf:0:b0:c5d:dac2:cb2a with SMTP id n15-20020a2581cf000000b00c5ddac2cb2amr18048ybm.13.1689970779472; Fri, 21 Jul 2023 13:19:39 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:57 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-18-seanjc@google.com> Subject: [PATCH v4 17/19] KVM: x86: Force kvm_rebooting=true during emergency reboot/crash From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772066395574672275 X-GMAIL-MSGID: 1772066395574672275 Set kvm_rebooting when virtualization is disabled in an emergency so that KVM eats faults on virtualization instructions even if kvm_reboot() isn't reached. Reviewed-by: Kai Huang Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 2 ++ arch/x86/kvm/vmx/vmx.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 47f9c7156609..8d1b3c801629 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -605,6 +605,8 @@ static inline void kvm_cpu_svm_disable(void) static void svm_emergency_disable(void) { + kvm_rebooting = true; + kvm_cpu_svm_disable(); } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 0e1f3856a9be..5d21931842a5 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -771,6 +771,8 @@ static void vmx_emergency_disable(void) int cpu = raw_smp_processor_id(); struct loaded_vmcs *v; + kvm_rebooting = true; + list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); From patchwork Fri Jul 21 20:18:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124085 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp455849vqg; Fri, 21 Jul 2023 13:46:44 -0700 (PDT) X-Google-Smtp-Source: APBJJlE0tRPtBnl7KAxX307N94xQuqIdnaGbvq9OYED0hxpG/iVVzEGQBKMf2A/HRGH+LNNadJ4G X-Received: by 2002:a05:6a20:1d0:b0:130:11e4:d693 with SMTP id 16-20020a056a2001d000b0013011e4d693mr3217744pzz.53.1689972403783; Fri, 21 Jul 2023 13:46:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689972403; cv=none; d=google.com; s=arc-20160816; b=O5Iy112qYkNabx7aPCkJk4IWOkC00SfChiDfa5n1qtMQm2zOu2s+YTeHqPpaDy+tsz 85J4Y1Ic7KFoqI6O5hoamOIasC/8y6wWGcbL8kGL4FUiZyiNPaFg2qeo3d1NwWgp8gxO sfcHRF9gM6IOLL08ASHTiRPLXqgmkMkxC3IEdYAP/H9rF5wSznGB+xMlv8RJsr3nzScD DpY8S1els33LYbCWn8x64Ei89Eui1AoaAACXC7fadrg628/DqiA1agNveYCc7KuR1Zwe wJDulWOy1kJvIRbhdLnYQ/FehJ035x0I9U3lOChHWL1DEfsXhMadbrFcN1RA2oFG26pU tQ8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=vAOLLgTu+0QNT9Om4NpxWB91aAPEeSvRzwHwJVAa2Xs=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=YCQpxzolEde083Ai2Ika7+B+3eNFadq3nSJ64UqKOU2TaChO91qVvAkYzrvNOT7BuG p6bbtGmgoPLvojMBnwybpGZMHizS4232s7iMsWZ5bfJxU7PEoVoCtdbcrc/MMYAs8gNn PL5xBHe6uQyGhKJtllWozYe3yn1o+XtaGlfqLQPHA0t3Di7pjZythpZjflFQ3b80/VEH oF0cbOK07y7xZkLuymi7c+ywLptrAc+jsFCO/OBWfL2LhO53ix9ZDpVPBkgkbXRwK9lx bmG6E79iepckRNESRNUDnBFFnysYxUNAShp2eNXw0EhCcCxdwKxLWIOGu6bEcnHUG0By eH1w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=imhgBKzx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c8-20020a056a000ac800b006826f17d020si4047047pfl.243.2023.07.21.13.46.30; Fri, 21 Jul 2023 13:46:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=imhgBKzx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231547AbjGUUVF (ORCPT + 99 others); Fri, 21 Jul 2023 16:21:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38750 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231229AbjGUUUq (ORCPT ); Fri, 21 Jul 2023 16:20:46 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BD780359F for ; Fri, 21 Jul 2023 13:19:55 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-5839bad0ba7so11013217b3.0 for ; Fri, 21 Jul 2023 13:19:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970781; x=1690575581; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=vAOLLgTu+0QNT9Om4NpxWB91aAPEeSvRzwHwJVAa2Xs=; b=imhgBKzxrXtouuf5PfcKL7zBn0uz33+q5k8Z0nIhm6BNxLjvMukg2vArkkk5NgTFDM NCaOxaOau0vLfoyQRsInuw+KAa7AslkSTBn6yul+5eiPK0IjOxtTfZI+5BUlLIVKvaaf zctolS0OU9qe/eA0SfoB4J52oxFAqZ+fh+FLtJaIaIPFFG750jsFlZ2Mc9quoQp2Unyu 4inyMQQxkm2n98I2kfK3YCgsPjNs4UlB9VWVghYk87tTe4jdkygy4sS2+Mqd1axuaOKZ Y80wBoNxrdfW0VnTAvlYpjVOt8tpfiwmBahTWl8/tfevz/dYYviEbtSr/R7buC1VS27v nuqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970781; x=1690575581; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vAOLLgTu+0QNT9Om4NpxWB91aAPEeSvRzwHwJVAa2Xs=; b=DauQHLsbRiqO7ytJPcQtbJG8RaVZN73hfCe6Pj8jaohdtAVgsS+ma1FCpK8KAndWSc SWa/CHpGmWOGyfunjcGLHC6fmGW3OPnFoeLI4f7NqAnBH02ZtqPYrendrrexfgZ7MVu3 WHdkYMtcJGpCGTXkgwE3O9lBx1dqfGQt/q6zve5RH65R++1TzH98wUdE1RTA6W08YPMF muVhRUgo1htmQrvk4bqKC30B+QbfV+PLEeW+zuFdwx5dTJznIo/vCiTHwlohPTXTFos3 S6G648iV1bxBC2CFVsXDgmbcX31yWU+mHYfIMCPx1C6PZ6VcUvTjR1z0wzJ+J0fnHADq wNeg== X-Gm-Message-State: ABy/qLZdBhwI1JNWVciQn8xZBklDUQaLNN56i7+/GmVKJ6ZRGynPhqZB MgbrefUPfvc6iBInBhJDz4ifXcvDx1o= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:81cf:0:b0:c5d:dac2:cb2a with SMTP id n15-20020a2581cf000000b00c5ddac2cb2amr18050ybm.13.1689970781205; Fri, 21 Jul 2023 13:19:41 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:58 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-19-seanjc@google.com> Subject: [PATCH v4 18/19] KVM: SVM: Use "standard" stgi() helper when disabling SVM From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772064503500655907 X-GMAIL-MSGID: 1772064503500655907 Now that kvm_rebooting is guaranteed to be true prior to disabling SVM in an emergency, use the existing stgi() helper instead of open coding STGI. In effect, eat faults on STGI if and only if kvm_rebooting==true. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 8d1b3c801629..4785d780cce3 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -588,17 +588,10 @@ static inline void kvm_cpu_svm_disable(void) rdmsrl(MSR_EFER, efer); if (efer & EFER_SVME) { /* - * Force GIF=1 prior to disabling SVM to ensure INIT and NMI - * aren't blocked, e.g. if a fatal error occurred between CLGI - * and STGI. Note, STGI may #UD if SVM is disabled from NMI - * context between reading EFER and executing STGI. In that - * case, GIF must already be set, otherwise the NMI would have - * been blocked, so just eat the fault. + * Force GIF=1 prior to disabling SVM, e.g. to ensure INIT and + * NMI aren't blocked. */ - asm_volatile_goto("1: stgi\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "memory" : fault); -fault: + stgi(); wrmsrl(MSR_EFER, efer & ~EFER_SVME); } } From patchwork Fri Jul 21 20:18:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 124115 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp476890vqg; Fri, 21 Jul 2023 14:33:32 -0700 (PDT) X-Google-Smtp-Source: APBJJlFUWauTB0VNFvaUwAk39KNMvt6gJuu5plo3lcinVTe+Kbhg2kZ1/7jZ6DRXdM2An1lCHZKI X-Received: by 2002:a05:6358:3422:b0:134:d78f:67bc with SMTP id h34-20020a056358342200b00134d78f67bcmr1221913rwd.14.1689975212199; Fri, 21 Jul 2023 14:33:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689975212; cv=none; d=google.com; s=arc-20160816; b=bKQS3tIBlr1cyfpS+MaaccQxrKjXGVjAHU0X1perOICIz6+0djZFt5lL07J9KLtxrh 90E5Bplx3pR9JD1hxlOO/STi84yXUIRS+h40NyeYj1gqajZwpjF9q3BvyGVs4YJWtGiD gu38fFSCCrfU4Q/YaHqaBbuCwmoQauWbKzvkCsagrHAk2yn7U+s2VnEp2NBPwWo/Ahl5 dOthbAJxwrDR9rPHAI9ezIvm3awQtiEeYT16gm4M6wjcrSAPpliWz9UgoIZ9/OXsxxaL CJm58s3vHnBRc+FgBBpP4GSnJNluG6OEGmoS0j7a/7TuupwTUEgLF+1NoPMpcwRvsldt RuZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:dkim-signature; bh=f1LNi9Sq5NIBXtzGJVGKttDHRo4VG7MGlit5nvyUtF0=; fh=GitwJflddDxrBBVhnTGEzIZYOBTU7RKSqL+OyCDv/0M=; b=QpVeTniUCEydqBei/ktf2HG+BYms/00hmVHw9D+bAbA5bdR9gTj2GezmSVXvaeL2FS kqCTGJNqMtinEsLXS66E/diOAK1HJYzTdtDmDqs6oQ11oa7WIUtcBYCsP/0htw1xzKy4 nD3Tc9j8Y1OLHqQJpwhESW8t44+ohS0QFJ2f5rFzaSKFsUNxCWjuoYydt8hsLr/hvD5b gjr6RWO1PjFdTios5NxGgPbmI5vdqS1jdxzB8cordnCvK11FEahKfUfkvxs77jjLZn15 rfTLqHXCkII7tCqjospSGQFn/Hi/Tlg9Uvo2SWISKLHsBSAP8fNq1XOaVAYmW8jjQcXN ehhw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=lupqznqf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v24-20020a63f218000000b005578994f212si3710467pgh.425.2023.07.21.14.33.18; Fri, 21 Jul 2023 14:33:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=lupqznqf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230502AbjGUUVU (ORCPT + 99 others); Fri, 21 Jul 2023 16:21:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38862 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231311AbjGUUUy (ORCPT ); Fri, 21 Jul 2023 16:20:54 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F04883AA2 for ; Fri, 21 Jul 2023 13:20:02 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-c8f360a07a2so2266429276.2 for ; Fri, 21 Jul 2023 13:20:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689970783; x=1690575583; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=f1LNi9Sq5NIBXtzGJVGKttDHRo4VG7MGlit5nvyUtF0=; b=lupqznqfPScgKgAlsl68k2HwQOWYVzqFz7+e39gz+UVj6wvvC+ma4BNLkDyLgMbDCr sXcaIXufKIRqTjEo6kaASseH4LuovJPFo1FpnMySbHlymLZC8toxxIjvN2Aiw4ju6EAG VaD/mWdhEO8ur/DDeO9tEnMiMm8VItIJH8OP+EP+LpWzQ/NrR5L8c8s2LMhTcLypPS2U oBg+8IvkdXfhKuyTvHG3Xef0QbwUQ6ZzSvJM7Mo/H4jFrr/vFd5FgUJyl+qeE3dTtsH5 MY6DHfpkgF/82Qh+aTdBRtINfnVpzFGxerBDIxZVXvcHDxqf5FZ0G6Srcd0y+VCH+a4h +9CA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689970783; x=1690575583; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=f1LNi9Sq5NIBXtzGJVGKttDHRo4VG7MGlit5nvyUtF0=; b=UE9jJl4FmdRBt8lVAb8J0GqHbC9FtiPMgkofkW2dh9ugrklT4sy1td/iXtfna/RJT6 GjIIlvu9TU/QzVZjrCtQV0WWwWsJoW7OjVbg64Uo7lNcafxofTJSaV0iJOkiWCsKXyhA ADcT2SYT6+W5mMeExzrQaeFzsPU9aB5cBZNbUReCOuQy7hk78nQuLe5Bh1zm/R6nZse5 9uZKmtqkXjtDI4Su8ShA6TvfBm3cUjhllE5bFq4ksGoXWvC+/sucbPauPpYaO6erEq/s ladM1OwD4Q1SJck+Pc8pU8p6WCQPHvnF/rY4oqd15+oCeE/vtHSqruVikiHbLxfUzjLI BR2w== X-Gm-Message-State: ABy/qLYiejwXCdiKng84QDxgOLtaZUQFWEEVF3pGVngPUNnd8ijDShwK f4PlfqIVhNQARc8ZvT4EYh4LpbWwP4k= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a5b:bc2:0:b0:ce9:64b3:80dc with SMTP id c2-20020a5b0bc2000000b00ce964b380dcmr18891ybr.1.1689970783817; Fri, 21 Jul 2023 13:19:43 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 21 Jul 2023 13:18:59 -0700 In-Reply-To: <20230721201859.2307736-1-seanjc@google.com> Mime-Version: 1.0 References: <20230721201859.2307736-1-seanjc@google.com> X-Mailer: git-send-email 2.41.0.487.g6d72f3e995-goog Message-ID: <20230721201859.2307736-20-seanjc@google.com> Subject: [PATCH v4 19/19] KVM: VMX: Skip VMCLEAR logic during emergency reboots if CR4.VMXE=0 From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1772067448268133010 X-GMAIL-MSGID: 1772067448268133010 Bail from vmx_emergency_disable() without processing the list of loaded VMCSes if CR4.VMXE=0, i.e. if the CPU can't be post-VMXON. It should be impossible for the list to have entries if VMX is already disabled, and even if that invariant doesn't hold, VMCLEAR will #UD anyways, i.e. processing the list is pointless even if it somehow isn't empty. Assuming no existing KVM bugs, this should be a glorified nop. The primary motivation for the change is to avoid having code that looks like it does VMCLEAR, but then skips VMXON, which is nonsensical. Suggested-by: Kai Huang Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/kvm/vmx/vmx.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 5d21931842a5..0ef5ede9cb7c 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -773,12 +773,20 @@ static void vmx_emergency_disable(void) kvm_rebooting = true; + /* + * Note, CR4.VMXE can be _cleared_ in NMI context, but it can only be + * set in task context. If this races with VMX is disabled by an NMI, + * VMCLEAR and VMXOFF may #UD, but KVM will eat those faults due to + * kvm_rebooting set. + */ + if (!(__read_cr4() & X86_CR4_VMXE)) + return; + list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); - if (__read_cr4() & X86_CR4_VMXE) - kvm_cpu_vmxoff(); + kvm_cpu_vmxoff(); } static void __loaded_vmcs_clear(void *arg)