Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752786AbdLEBHO (ORCPT ); Mon, 4 Dec 2017 20:07:14 -0500 Received: from mail-by2nam01on0087.outbound.protection.outlook.com ([104.47.34.87]:63748 "EHLO NAM01-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752243AbdLEBGs (ORCPT ); Mon, 4 Dec 2017 20:06:48 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky Subject: [Part2 PATCH v9 37/38] KVM: SVM: Do not install #UD intercept when SEV is enabled Date: Mon, 4 Dec 2017 19:06:15 -0600 Message-Id: <20171205010616.5958-8-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010616.5958-1-brijesh.singh@amd.com> References: <20171205010616.5958-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR04CA0055.namprd04.prod.outlook.com (2603:10b6:405:3b::44) To DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 33b3917b-3798-46c0-9962-08d53b7c735c X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286);SRVR:DM2PR12MB0156; X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;3:hq9tyAYajiROYFAMKjd4FBvm7+Q59AWYlKZXpIV2hpzMoNuD3seR45qCcDiheeNN//Vw/lNkmb6z+ZOuTSQNYNdGUC7U9Rd9P9m3r7Rb867NEBi3F6GqHriJkNEPL6KYxojuocb3jL5/WuqJZFhB/vdSeCH0ORTy33Mdeqa9ZHJhjDmMxBgyEH7VUFgUG5X+s4psSwYzbMPyeHsCHuMOvT+PNAn9tyLaFu2dH3FMs0ytBxta7XIvQDHoPskAPIpS;25:g0r0BKQuAUDxTmRlrM/pgHeEGxB9eTrgybI4g5yK//tz/k6YaPwQWYFYh5INzmp+jBJvgP4LUIqkaeaZ4/7XlkCEpCY3YuzDP6PXN4KmzZptC1fZEU4miYywLFGdrVkegKOBDCM6E8ps37kvdEoeywJe4+pDjGHsCeQ/v/4LZk1knHi/H5o1xiFJsi/jCNkke6i3tRn9l/WvIfJ6HF66bmCLTkTO1zqpUxLEV0d9iAzl5TETCsanKE2KHyy2rwshN+UwygCSx0M25sNMc8LKJ3YGZgbcUjlFv0q8NUUbOp641Ynjnj4xK/GrBVWFZLQD99kNxscRns45OjroeN09JQ==;31:tgChEtsRWDEqS7KNVrY0iCak56D3KK5f3wXtJdZ/TEhyErIxHdjn/uTvYo0jexhs4Ql2c7Eu5pqFDWsiMJkiY2EraR/C4rq75GeoF8p5R2GanS6M9gWWeLAJKtm8IK54z8n4o7aJrDGGttnMRlAk2Xl5ljZ0vJPVcMujQAREazDfPHavAo4RTrIZvBQ/oC/8N4jnNW5QveYO0QUbxrDSFmNbk8Q+bzqUj6T0ORsW420= X-MS-TrafficTypeDiagnostic: DM2PR12MB0156: X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;20:4LcAN0knIL89u5j87KGHKLLK8RyNmx9Jx4iRydxnXCBXct1wArkSrrOaTbmuTya7+hk8LizpVIZX17o48CE3+0Xkqpbt/EmMNY7JPYI7Ycb96mIx6XbIARy+8gfIQDI38QrTJVG5TF5fo/tKY+0ZrI1CpK4ZK9OoxEI20ZWYXo631dbp4dMgi7KkjhlBzN4fMoSlIjJ1ucvyoOJ93BVX4nQAd4Sd/zeOvnjGhIaRYpxW3MK7YMLheR6q5cavs0mYOl9ZachxB3bIJE0EyC4YPw88D7JHRCO3bnlK6AjZduaPaQHkHSwEdROHYjWqE725g3RTh42KhblASAdrkPJm1P/QjO8nkDr+lKgYBaXlrzIfAC7e9RXtg53CaA4FO/pmegE2y8W8Z4YTDd+s8ReXK8zzPFXCHRU3Sm+jJzrZLcbVQtlGKNGS15IvfmPC5g4XCDkNUy777SSm/XV57noSxNfCZnlfSrtarOCjG1zqJ04UIjjEoYCav8ST8YrG89UJ;4:gANVirYnW1r4e9q1ld3B5pyosdsMKueFhKjC9gLRCaPAzlZ9t8P2T9uRzklnSeMhUEjBYnNx7FXPps6yee8M/8rTz6+2xgyW4ZHylwQb0BB1OV9BzCqYx9U9tpbOFra8YPs/tL3af0fdVght4SUwrS3MOne34cthHCOHxgFPymzB38NOsph8+YyIgMkmMuckc43OajG7t+qJqeKRNS5LPrBkBNEMGbzm4grfBwij/Z19ipZG4WIuwelSwU2uZMXMoMIbnLsFSn8kepb1wQxqpH9e3T5ejTNe1HAfTDXP4J+ci4Ol6noxQOaXN3cDmUqbkcGdjN+R3OdSEmjJ1wxlvw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231022)(6055026)(6041248)(20161123562025)(20161123560025)(20161123558100)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(6072148)(201708071742011);SRVR:DM2PR12MB0156;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:DM2PR12MB0156; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(376002)(346002)(39860400002)(366004)(189002)(199003)(316002)(66066001)(50466002)(23676004)(47776003)(25786009)(54906003)(86362001)(53416004)(7696005)(76176011)(16526018)(36756003)(8936002)(81166006)(6486002)(81156014)(305945005)(50226002)(7736002)(53936002)(5660300001)(52116002)(2950100002)(6666003)(33646002)(4326008)(101416001)(8676002)(478600001)(2906002)(7416002)(2870700001)(1076002)(189998001)(106356001)(6116002)(3846002)(68736007)(97736004)(105586002);DIR:OUT;SFP:1101;SCL:1;SRVR:DM2PR12MB0156;H:wsp141597wss.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU2OzIzOjRnc2dQOHNSQVlKVURLUm02cVQxKzhXWHRl?= =?utf-8?B?WVpld2xqZWlqYWdVNmZtaVlONWdvT3lXVnZHTnVTZHltSjI2SWpaM1RTaStx?= =?utf-8?B?SWRILzE1WUZVcERLZVd0OUpSKzNGaWNnb2VsNHQxVVhiYU51MFprZ0ZiZHpN?= =?utf-8?B?N3prMkhvUW8rVDhjcC9pbFBwMEdmdGtXYWFTNnhOOHlpTHJXbktTa1hvS0pn?= =?utf-8?B?ODJ1bWRiOXhnUXVWaEFUbkQyZHpoRXJFYWZZNFpITzcvZkJoUVhwYU94NWFJ?= =?utf-8?B?NnpQQk9kQ0FleEt6cGF1K0dPSGpqOC9TcFhJUitUTlF4RVRoZTRGbWdDNWwz?= =?utf-8?B?TGZILzlmenk1NUhRL0lQNjZUaU9FS0xiVkNlaDV5OVMrVjBabzRwOWR1SWpU?= =?utf-8?B?dFh5ZWZyL0xER3Jqd3RCek9VRUVQRm5GT2lVbUtWeDVYNjNoSG16TmxkRHNj?= =?utf-8?B?TGFDa3daQ1RYSmpaMm1Pak1ZcVZtc0xURkZJL0x4MUJoSTVrRjFwS0plSkZy?= =?utf-8?B?S3VRZWR6MUcvMDlaMnFyNDdwSnFvWXBuZzYyN2RHaktkYnhIWU9LZm9TempB?= =?utf-8?B?NjNaRjVKSTBOWlZPb01xVjdNVzBaN0lVZTFKOHNQTDNRWmF6T2orb1IweWs2?= =?utf-8?B?VkpFQzJYcFNJTFdtbllIamVMYnlHMWJGRjNSdjJGRzA0OHdWMEV1TEVRZFZ1?= =?utf-8?B?OVMya2JhTFFVL2VpcFZYVi9rdVppWGVJWTNRWndjNGcxSkxaam1yVmlocmMy?= =?utf-8?B?eFdqL2FpQVE4ejdybUQ0RWxtc0kxQzg1aW4xUDI2RFJVZzRUMk5pc0dKaGVT?= =?utf-8?B?SHBFdnRjWmVkcjZYSk1zUmV2VzVRK1k5TGQ0VmRDNCtSSjJtYmFmdy80MjUw?= =?utf-8?B?SU1vUnk5d0VwWi9XWmxKUklxZERpeGo2cEtSRTdCUUY1ZEV1U1lITEdOWlV1?= =?utf-8?B?bjFqV2c2SXo1d0xkK1dINk5qd2JrMjdXQ29jeitJU1R3QUVVVDVlZmRwNnFZ?= =?utf-8?B?RnFlankzbVlHTW5yWFR5ekF3VmJKcFB6T1lud0pXbVZ4c1dkRytSTHFQVEVs?= =?utf-8?B?SmZ4ekd5UXdLRHBWbTZ3dFYza0hNeHRmd3dtYWJHeGN1QjVsaVZ6RER2NDFR?= =?utf-8?B?ZlNPS0VyeVlrdlpLWEtUV25VemJTYnR3YVhqWWg0NTlXMEV2cE5NaDZWZTNN?= =?utf-8?B?K25SSjZTYmlSenRLbldrcWxxTDdJbHoxNitnZ1BHazNlcFk2bXZlMUNpRTg4?= =?utf-8?B?R3Rlc002MjVSU1pLbVBueGQrUW9iNFBGQURqc1c3VGYzWnJIWGhYR2VNMm9k?= =?utf-8?B?YmZxRE1XS0daSU4xdHI4RkE1SXE1TnVwZjE4QnRXZlN6QjhaWEdVam5JdDd5?= =?utf-8?B?RFQ3MnFGSE5QckhVWHVPd1M4b2hxYThjcmVCOHdWRkNxNTM1aTdZMEVxUXNR?= =?utf-8?B?R1AvZ2d2NnNqcnVTUXB2UHYwZjVLdWUxOUF6eFBtbEU2Zjd1K0cwZC9VMUMx?= =?utf-8?Q?sDPONEnytfUq1g/bB+MJMQ05g=3D?= X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;6:RrgXwv7aMx14lT8tg/UDy0WD8RQnq4VVd7Hpb7AAGG6QHncc5PrYnKURsSgrQf0L/fef87YhWO6KWI+ENerF5SCFQ9yuLWc5/NhQmfFfTnpy1KzmqFjEGMjLfZEMxs/DvQ0LfCPdl6tTamdyXqMGvcoawuyQCnPN7BnJOWZSg4TM3vOmnXIbJoIVxVMJn4RhT9h5oLhI6b3Mc+xQI+s36iMjzaZyPDjlSwRCGAG2QHuviztcylKaX9GZHsUsljrx8fLZ3Upqlxm47ohvSgJSnYZefT4UVBxNWgpopV3En6Lc7TInSjs67IJ6ndPSM/T1frw3MnkAOkV3UKL3ldtFDLb6Z7P0NgSCCFFo0xyd8Z4=;5:qMqHQ71yjKWaDqVx0kYe4AW0a9kEex3KHaas5r8AHhkh9O0K39a4UgcH/c/LUHYhrPhD3GGtLi87Qc5K/BdszC8fftfh9CYR4JOshLzmFH1rZCtm7tUQibL6C9QW62FkIxbno10GTNImrPqmzP5x8E/wIaomJMwWjfn8attte4Q=;24:xw9XsFehCFZRHRGFxRw1AqDRRZRv96Eg7um1ZqtO+lG+cV4lyCVlfTaIsGTky5MhysElfnfMfSUSs4NTiJhc2TmxK/4awy/fYzW2bPuNTZI=;7:+/uGBphhDvhPnVh5XQnKsD3PdyryijnVQfhXqa5GNsOpn+7F6Ercw11mBdPnSXF8oq7PqStms/bVEIwJESJmiRFB2Q3diUJmB7BwtgG5cxIhfOLr/SLOdDFnhWTnd/OsjaZcrJIyK+ND3uo9whV30+IXU2wFlU6a1QAZUQraNtCNx5Cn/CFeUZ7WRqwjZoHmQPEwr7At65nsfFFHbCpLfCMpRyiw7GHFA9t0vOmMbXJF8wyHlPac+yRxXV1iArUA SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;20:tnS3F6DwLvYae9bATE/cVvWQwp1y/2bItB60jlYTBNS0pKvrWLXwMDuVHeQIUkW2GiqwIpRZgZQL4nJ25y9Z5iucA4qUKbramcneUTz5SM6KKsh4ycz0GtvnqCxXX6+UpikaD4TDyfGBRZhNRhDH5WhajppzVmnVUBa38kKWudQn7HhJADg6N3PP2HseQNQmhl3UD9aPdwzu0nhAHl3NqmiYQs2ZxDlMXxkTeUE4ztP6WC1UI9y1EILgMZqQ6J7H X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:06:42.8818 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 33b3917b-3798-46c0-9962-08d53b7c735c X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1423 Lines: 42 On #UD, x86_emulate_instruction() fetches the data from guest memory and decodes the instruction bytes to assist further. When SEV is enabled, the instruction bytes will be encrypted using the guest-specific key and the hypervisor will no longer able to fetch the instruction bytes to assist UD handling. By not installing intercept we let the guest receive and handle #UD. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reviewed-by: Borislav Petkov Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index f350e9bac9eb..3e848f952b4f 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -1443,8 +1443,10 @@ static void init_vmcb(struct vcpu_svm *svm) svm->vmcb->control.int_ctl |= V_GIF_ENABLE_MASK; } - if (sev_guest(svm->vcpu.kvm)) + if (sev_guest(svm->vcpu.kvm)) { svm->vmcb->control.nested_ctl |= SVM_NESTED_CTL_SEV_ENABLE; + clr_exception_intercept(svm, UD_VECTOR); + } mark_all_dirty(svm->vmcb); -- 2.9.5