Received: by 10.213.65.68 with SMTP id h4csp392207imn;
        Tue, 27 Mar 2018 00:54:09 -0700 (PDT)
X-Google-Smtp-Source: AG47ELue4B+xhBOv6s4KA6zK02QCvO4Dh+ugxqRSaQOZR9/nexBv7V8RJteJl30KB+Fv0IZqhaZK
X-Received: by 2002:a17:902:9:: with SMTP id 9-v6mr45522825pla.42.1522137249077;
        Tue, 27 Mar 2018 00:54:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1522137249; cv=none;
        d=google.com; s=arc-20160816;
        b=rfQb/w90/3IBr3Y7+1Cj8W5DVlaAQuE5AXChItTMCCaU3dcMo0A6GTF31YTtTTDddy
         VIhXbZXV4+BlWdtwrSn/IaDSviCywb3I/ziDMrxpizs5TJksM4Fwa6VgI3dzF0srCeTd
         oKAEwLG1UGsUT3yHlQuJGenQHQCpuhdonDdwC6Pn+avSP4gpLJSDuNO6d5KDVwprbiUR
         S7Z6s7Jzsubov6F3hCLV9FiMNG30CTY1Ld5jONxq2En4aUB4VHMGXyo+1AqtWa3dKJVf
         a3U9L1fTLnJ1s4EbtM8nNInFVGu/5CBUCXcvzYu007lCrfndHaXkozdZirVJ+KIlD/aw
         9lKw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-disposition
         :content-transfer-encoding:subject:cc:to:from:date:message-id
         :mime-version:dkim-signature:arc-authentication-results;
        bh=7FBPUfmwabTqFyhdDo9hqARgUHIvbEOR9b7bMTQ31ag=;
        b=ivQ0+d4jRVyLuHErTiBJP25swDBosIaJbbRgf/xPfuEHalxuXdmTvV2RNgykyx0xL1
         eKcNCYfHq2o52kOPp0Xp8Q9/gOv5VtuqkgExW4Uaeymb+nM8ovvG+IwWTy24mEzNQeGC
         K8CxGfQ8ivdp5hrL1TvoAfAwWbmxVIw9oa5eA5mufjV/daqFwvDuO5gvr9j9pRWyjqhA
         uypnkC1vZynrBikxUVNGoDdG2/zpGYWadHFsQbm9aFaf1VQOIMffr/9ACewlJpA04NKM
         Q6alYqw0ESzlMQGYPNRJKhqnitf5/k82KhF8F4YvDmtJhzjr9P8FrlKeS+fgldc5Wq+p
         OTmw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=JbyO+qW0;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id x6si459006pgq.260.2018.03.27.00.53.54;
        Tue, 27 Mar 2018 00:54:09 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@oracle.com header.s=corp-2017-10-26 header.b=JbyO+qW0;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752044AbeC0Hws (ORCPT <rfc822;saikripd@gmail.com> + 99 others);
        Tue, 27 Mar 2018 03:52:48 -0400
Received: from aserp2130.oracle.com ([141.146.126.79]:35378 "EHLO
        aserp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750939AbeC0Hwq (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 27 Mar 2018 03:52:46 -0400
Received: from pps.filterd (aserp2130.oracle.com [127.0.0.1])
        by aserp2130.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w2R7HiTA048377;
        Tue, 27 Mar 2018 07:52:42 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=mime-version :
 message-id : date : from : to : cc : subject : content-type :
 content-transfer-encoding; s=corp-2017-10-26;
 bh=7FBPUfmwabTqFyhdDo9hqARgUHIvbEOR9b7bMTQ31ag=;
 b=JbyO+qW07Z0suoiKJ6K2NKPg/OWelAjGVpbS3eiMfMCeDDWwt6tH78MeE00Q+fcZwhva
 COwGcW6oXJTRezGvyBsTa5H9ZZGJG5j+iXg/wnshJOQ3qoXbbjLpagPKdhXAtLWJyPoV
 9Id/vOHJZqXpqqIURpsFJ3wwCHmOCzJj20iDkDRZA8AvoNdUp1K8k2yrtHs3DWotPuHl
 hsY7SxEfzrNyT8w1bV4q6Hf+l38FgW2CRJF4UWFJpON+4eQLckYprnQgMW3Aqe3PnJF6
 W/sup6F4zCJF30moTesUCvN5AYqZuu9BVIgY4BdU9IDxAOwln0DfUH7pRr+CbolPS95t mw== 
Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233])
        by aserp2130.oracle.com with ESMTP id 2gyheh04b9-1
        (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Tue, 27 Mar 2018 07:52:41 +0000
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235])
        by aserv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w2R7qfBh020192
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Tue, 27 Mar 2018 07:52:41 GMT
Received: from abhmp0017.oracle.com (abhmp0017.oracle.com [141.146.116.23])
        by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id w2R7qf8a007251;
        Tue, 27 Mar 2018 07:52:41 GMT
MIME-Version: 1.0
Message-ID: <76d08635-59da-4399-bc35-f99a00236725@default>
Date:   Tue, 27 Mar 2018 00:52:41 -0700 (PDT)
From:   Liran Alon <liran.alon@oracle.com>
To:     <kernellwp@gmail.com>
Cc:     <rkrcmar@redhat.com>, <pbonzini@redhat.com>,
        <linux-kernel@vger.kernel.org>, <andrew.cooper3@citrix.com>,
        <kvm@vger.kernel.org>
Subject: Re: [PATCH 2/2] KVM: VMX: Add Force Emulation Prefix for "emulate the
 next instruction"
X-Mailer: Zimbra on Oracle Beehive
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8844 signatures=668695
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 malwarescore=0
 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.0.1-1711220000 definitions=main-1803270073
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


----- kernellwp@gmail.com wrote:

> From: Wanpeng Li <wanpengli@tencent.com>
>=20
> This patch introduces a Force Emulation Prefix (ud2a; .ascii "kvm")
> for=20
> "emulate the next instruction", the codes will be executed by emulator
>=20
> instead of processor, for testing purposes.

I think this should be better explained in commit message.
We should explain that there is no easy way to force KVM to run an
instruction through the emulator (by design as that will expose the
x86 emulator as a significant attack-surface).
However, we do wish to expose the x86 emulator in case we are testing it
(e.g. via kvm-unit-tests). Therefore, this patch adds a "force emulation pr=
efix"
that is designed to raise #UD which KVM will trap and it's #UD exit-handler=
 will
match "force emulation prefix" to run instruction after prefix by the x86 e=
mulator.
To not expose the x86 emulator by default, we add a module parameter that s=
hould be
off by default.

> =20
> A testcase here:
>=20
> #include <stdio.h>
> #include <string.h>
>   =20
> #define HYPERVISOR_INFO 0x40000000
>   =20
> #define CPUID(idx, eax, ebx, ecx, edx)\
>     asm volatile (\
>     "ud2a; .ascii \"kvm\"; 1: cpuid" \
>     :"=3Db" (*ebx), "=3Da" (*eax),"=3Dc" (*ecx), "=3Dd" (*edx)\
>         :"0"(idx) ); =20
>   =20
> void main() =20
> { =20
> =09unsigned int eax,ebx,ecx,edx; =20
> =09char string[13]; =20
>   =20
> =09CPUID(HYPERVISOR_INFO, &eax, &ebx, &ecx, &edx); =20
> =09*(unsigned int *)(string+0) =3D ebx; =20
> =09*(unsigned int *)(string+4) =3D ecx; =20
> =09*(unsigned int *)(string+8) =3D edx; =20
>   =20
> =09string[12] =3D 0; =20
> =09if (strncmp(string, "KVMKVMKVM\0\0\0",12) =3D=3D 0)
> =09=09printf("kvm guest\n"); =20
> =09else =20
> =09=09printf("bare hardware\n"); =20
> }
>=20
> Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>
> Cc: Andrew Cooper <andrew.cooper3@citrix.com>
> Signed-off-by: Wanpeng Li <wanpengli@tencent.com>
> ---
>  arch/x86/kvm/vmx.c | 18 +++++++++++++++++-
>  1 file changed, 17 insertions(+), 1 deletion(-)
>=20
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index 0f99833..90abed8 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -108,6 +108,9 @@ module_param_named(enable_shadow_vmcs,
> enable_shadow_vmcs, bool, S_IRUGO);
>  static bool __read_mostly nested =3D 0;
>  module_param(nested, bool, S_IRUGO);
> =20
> +static bool __read_mostly fep =3D 0;
> +module_param(fep, bool, S_IRUGO);

I think this module parameter should have a better name...
Why not "emulation_prefix" or "enable_emulation_prefix"?
This short names just confuse the average user.
It makes him think it is some kind of Intel VT-x technology
that he isn't aware of :P

In addition, I think this module parameter should be in kvm module
(not kvm_intel) and you should add similar logic to kvm_amd module (SVM)

> +
>  static u64 __read_mostly host_xss;
> =20
>  static bool __read_mostly enable_pml =3D 1;
> @@ -6218,8 +6221,21 @@ static int handle_machine_check(struct kvm_vcpu
> *vcpu)
>  static int handle_ud(struct kvm_vcpu *vcpu)
>  {
>  =09enum emulation_result er;
> +=09int emulation_type =3D EMULTYPE_TRAP_UD;
> +
> +=09if (fep) {
> +=09=09char sig[5]; /* ud2; .ascii "kvm" */
> +=09=09struct x86_exception e;
> +
> +=09=09kvm_read_guest_virt(&vcpu->arch.emulate_ctxt,
> +=09=09=09=09kvm_get_linear_rip(vcpu), sig, sizeof(sig), &e);
> +=09=09if (memcmp(sig, "\xf\xbkvm", sizeof(sig)) =3D=3D 0) {
> +=09=09=09emulation_type =3D 0;
> +=09=09=09kvm_rip_write(vcpu, kvm_rip_read(vcpu) + sizeof(sig));
> +=09=09}
> +=09}
> =20
> -=09er =3D emulate_instruction(vcpu, EMULTYPE_TRAP_UD);
> +=09er =3D emulate_instruction(vcpu, emulation_type);
>  =09if (er =3D=3D EMULATE_USER_EXIT)
>  =09=09return 0;
>  =09if (er !=3D EMULATE_DONE)
> --=20
> 2.7.4