Move RIP in tdx_early_handle_ve() after handling the exception. Failure
to do that leads to infinite loop of exceptions.
Signed-off-by: Kirill A. Shutemov <[email protected]>
Fixes: 32e72854fa5f ("x86/tdx: Port I/O: Add early boot support")
---
arch/x86/coco/tdx/tdx.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index 03deb4d6920d..faae53f8d559 100644
--- a/arch/x86/coco/tdx/tdx.c
+++ b/arch/x86/coco/tdx/tdx.c
@@ -447,13 +447,17 @@ static bool handle_io(struct pt_regs *regs, u32 exit_qual)
__init bool tdx_early_handle_ve(struct pt_regs *regs)
{
struct ve_info ve;
+ bool ret;
tdx_get_ve_info(&ve);
if (ve.exit_reason != EXIT_REASON_IO_INSTRUCTION)
return false;
- return handle_io(regs, ve.exit_qual);
+ ret = handle_io(regs, ve.exit_qual);
+ if (ret)
+ regs->ip += ve.instr_len;
+ return ret;
}
void tdx_get_ve_info(struct ve_info *ve)
--
2.35.1
On Fri, May 20, 2022, Sean Christopherson wrote:
> On Fri, May 20, 2022, Kirill A. Shutemov wrote:
> > Move RIP in tdx_early_handle_ve() after handling the exception. Failure
> > to do that leads to infinite loop of exceptions.
> >
> > Signed-off-by: Kirill A. Shutemov <[email protected]>
> > Fixes: 32e72854fa5f ("x86/tdx: Port I/O: Add early boot support")
> > ---
> > arch/x86/coco/tdx/tdx.c | 6 +++++-
> > 1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
> > index 03deb4d6920d..faae53f8d559 100644
> > --- a/arch/x86/coco/tdx/tdx.c
> > +++ b/arch/x86/coco/tdx/tdx.c
> > @@ -447,13 +447,17 @@ static bool handle_io(struct pt_regs *regs, u32 exit_qual)
> > __init bool tdx_early_handle_ve(struct pt_regs *regs)
> > {
> > struct ve_info ve;
> > + bool ret;
> >
> > tdx_get_ve_info(&ve);
> >
> > if (ve.exit_reason != EXIT_REASON_IO_INSTRUCTION)
> > return false;
> >
> > - return handle_io(regs, ve.exit_qual);
> > + ret = handle_io(regs, ve.exit_qual);
> > + if (ret)
>
> Ugh, the boolean returns instead of 0/-errno are fugly. At first glance I thought
> this was wrong, i.e. advancing RIP on failure.
>
> Assuming moving away from booleans isn't happening anytime soon maybe s/ret/success
> or s/ret/handled to make it more obvious that it's a happy path?
Doh, should have looked at patch 2...
On 5/19/22 8:13 PM, Kirill A. Shutemov wrote:
> Move RIP in tdx_early_handle_ve() after handling the exception. Failure
> to do that leads to infinite loop of exceptions.
>
> Signed-off-by: Kirill A. Shutemov <[email protected]>
> Fixes: 32e72854fa5f ("x86/tdx: Port I/O: Add early boot support")
> ---
> arch/x86/coco/tdx/tdx.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
Looks good to me
Reviewed-by: Kuppuswamy Sathyanarayanan
<[email protected]>
>
> diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
> index 03deb4d6920d..faae53f8d559 100644
> --- a/arch/x86/coco/tdx/tdx.c
> +++ b/arch/x86/coco/tdx/tdx.c
> @@ -447,13 +447,17 @@ static bool handle_io(struct pt_regs *regs, u32 exit_qual)
> __init bool tdx_early_handle_ve(struct pt_regs *regs)
> {
> struct ve_info ve;
> + bool ret;
>
> tdx_get_ve_info(&ve);
>
> if (ve.exit_reason != EXIT_REASON_IO_INSTRUCTION)
> return false;
>
> - return handle_io(regs, ve.exit_qual);
> + ret = handle_io(regs, ve.exit_qual);
> + if (ret)
> + regs->ip += ve.instr_len;
> + return ret;
> }
>
> void tdx_get_ve_info(struct ve_info *ve)
--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer
On Fri, May 20, 2022, Kirill A. Shutemov wrote:
> Move RIP in tdx_early_handle_ve() after handling the exception. Failure
> to do that leads to infinite loop of exceptions.
>
> Signed-off-by: Kirill A. Shutemov <[email protected]>
> Fixes: 32e72854fa5f ("x86/tdx: Port I/O: Add early boot support")
> ---
> arch/x86/coco/tdx/tdx.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
> index 03deb4d6920d..faae53f8d559 100644
> --- a/arch/x86/coco/tdx/tdx.c
> +++ b/arch/x86/coco/tdx/tdx.c
> @@ -447,13 +447,17 @@ static bool handle_io(struct pt_regs *regs, u32 exit_qual)
> __init bool tdx_early_handle_ve(struct pt_regs *regs)
> {
> struct ve_info ve;
> + bool ret;
>
> tdx_get_ve_info(&ve);
>
> if (ve.exit_reason != EXIT_REASON_IO_INSTRUCTION)
> return false;
>
> - return handle_io(regs, ve.exit_qual);
> + ret = handle_io(regs, ve.exit_qual);
> + if (ret)
Ugh, the boolean returns instead of 0/-errno are fugly. At first glance I thought
this was wrong, i.e. advancing RIP on failure.
Assuming moving away from booleans isn't happening anytime soon maybe s/ret/success
or s/ret/handled to make it more obvious that it's a happy path?