From: Tom Lendacky <[email protected]>
Handle #VC exceptions caused by CPUID instructions. These happen in
early boot code when the KASLR code checks for RDTSC.
Signed-off-by: Tom Lendacky <[email protected]>
[ [email protected]: Adapt to #VC handling framework ]
Co-developed-by: Joerg Roedel <[email protected]>
Signed-off-by: Joerg Roedel <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
---
arch/x86/boot/compressed/sev-es.c | 4 ++++
arch/x86/kernel/sev-es-shared.c | 35 +++++++++++++++++++++++++++++++
2 files changed, 39 insertions(+)
diff --git a/arch/x86/boot/compressed/sev-es.c b/arch/x86/boot/compressed/sev-es.c
index 4f2fc7a85c2f..851d7af29d79 100644
--- a/arch/x86/boot/compressed/sev-es.c
+++ b/arch/x86/boot/compressed/sev-es.c
@@ -16,6 +16,7 @@
#include <asm/trapnr.h>
#include <asm/trap_pf.h>
#include <asm/msr-index.h>
+#include <asm/fpu/xcr.h>
#include <asm/ptrace.h>
#include <asm/svm.h>
@@ -183,6 +184,9 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code)
case SVM_EXIT_IOIO:
result = vc_handle_ioio(boot_ghcb, &ctxt);
break;
+ case SVM_EXIT_CPUID:
+ result = vc_handle_cpuid(boot_ghcb, &ctxt);
+ break;
default:
result = ES_UNSUPPORTED;
break;
diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c
index bae7cf28455b..a6b41910b8ab 100644
--- a/arch/x86/kernel/sev-es-shared.c
+++ b/arch/x86/kernel/sev-es-shared.c
@@ -432,3 +432,38 @@ static enum es_result vc_handle_ioio(struct ghcb *ghcb, struct es_em_ctxt *ctxt)
return ret;
}
+
+static enum es_result vc_handle_cpuid(struct ghcb *ghcb,
+ struct es_em_ctxt *ctxt)
+{
+ struct pt_regs *regs = ctxt->regs;
+ u32 cr4 = native_read_cr4();
+ enum es_result ret;
+
+ ghcb_set_rax(ghcb, regs->ax);
+ ghcb_set_rcx(ghcb, regs->cx);
+
+ if (cr4 & X86_CR4_OSXSAVE)
+ /* Safe to read xcr0 */
+ ghcb_set_xcr0(ghcb, xgetbv(XCR_XFEATURE_ENABLED_MASK));
+ else
+ /* xgetbv will cause #GP - use reset value for xcr0 */
+ ghcb_set_xcr0(ghcb, 1);
+
+ ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_CPUID, 0, 0);
+ if (ret != ES_OK)
+ return ret;
+
+ if (!(ghcb_rax_is_valid(ghcb) &&
+ ghcb_rbx_is_valid(ghcb) &&
+ ghcb_rcx_is_valid(ghcb) &&
+ ghcb_rdx_is_valid(ghcb)))
+ return ES_VMM_ERROR;
+
+ regs->ax = ghcb->save.rax;
+ regs->bx = ghcb->save.rbx;
+ regs->cx = ghcb->save.rcx;
+ regs->dx = ghcb->save.rdx;
+
+ return ES_OK;
+}
--
2.28.0
On Mon, Aug 24, 2020 at 10:54:22AM +0200, Joerg Roedel wrote:
> From: Tom Lendacky <[email protected]>
>
> Handle #VC exceptions caused by CPUID instructions. These happen in
> early boot code when the KASLR code checks for RDTSC.
>
> Signed-off-by: Tom Lendacky <[email protected]>
> [ [email protected]: Adapt to #VC handling framework ]
> Co-developed-by: Joerg Roedel <[email protected]>
> Signed-off-by: Joerg Roedel <[email protected]>
> Link: https://lore.kernel.org/r/[email protected]
> ---
> +
> +static enum es_result vc_handle_cpuid(struct ghcb *ghcb,
> + struct es_em_ctxt *ctxt)
> +{
> + struct pt_regs *regs = ctxt->regs;
> + u32 cr4 = native_read_cr4();
> + enum es_result ret;
> +
> + ghcb_set_rax(ghcb, regs->ax);
> + ghcb_set_rcx(ghcb, regs->cx);
> +
> + if (cr4 & X86_CR4_OSXSAVE)
Will this ever happen? trampoline_32bit_src will clear CR4 except for
PAE and possibly LA57, no?
> + /* Safe to read xcr0 */
> + ghcb_set_xcr0(ghcb, xgetbv(XCR_XFEATURE_ENABLED_MASK));
> + else
> + /* xgetbv will cause #GP - use reset value for xcr0 */
> + ghcb_set_xcr0(ghcb, 1);
> +
> + ret = sev_es_ghcb_hv_call(ghcb, ctxt, SVM_EXIT_CPUID, 0, 0);
> + if (ret != ES_OK)
> + return ret;
> +
> + if (!(ghcb_rax_is_valid(ghcb) &&
> + ghcb_rbx_is_valid(ghcb) &&
> + ghcb_rcx_is_valid(ghcb) &&
> + ghcb_rdx_is_valid(ghcb)))
> + return ES_VMM_ERROR;
> +
> + regs->ax = ghcb->save.rax;
> + regs->bx = ghcb->save.rbx;
> + regs->cx = ghcb->save.rcx;
> + regs->dx = ghcb->save.rdx;
> +
> + return ES_OK;
> +}
> --
> 2.28.0
>
On Thu, Aug 27, 2020 at 06:48:10PM -0400, Arvind Sankar wrote:
> On Mon, Aug 24, 2020 at 10:54:22AM +0200, Joerg Roedel wrote:
> > From: Tom Lendacky <[email protected]>
> >
> > Handle #VC exceptions caused by CPUID instructions. These happen in
> > early boot code when the KASLR code checks for RDTSC.
> >
> > Signed-off-by: Tom Lendacky <[email protected]>
> > [ [email protected]: Adapt to #VC handling framework ]
> > Co-developed-by: Joerg Roedel <[email protected]>
> > Signed-off-by: Joerg Roedel <[email protected]>
> > Link: https://lore.kernel.org/r/[email protected]
> > ---
> > +
> > +static enum es_result vc_handle_cpuid(struct ghcb *ghcb,
> > + struct es_em_ctxt *ctxt)
> > +{
> > + struct pt_regs *regs = ctxt->regs;
> > + u32 cr4 = native_read_cr4();
> > + enum es_result ret;
> > +
> > + ghcb_set_rax(ghcb, regs->ax);
> > + ghcb_set_rcx(ghcb, regs->cx);
> > +
> > + if (cr4 & X86_CR4_OSXSAVE)
>
> Will this ever happen? trampoline_32bit_src will clear CR4 except for
> PAE and possibly LA57, no?
This same code is later re-used in the runtime handler and there the
check is needed :)
Regards,
Joerg