Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5435606yba; Mon, 13 May 2019 10:46:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqxJeKi2jhP5pt0NMQ/7bJTOIf4k7pS/aeM+p7JsuZ+mbcQ4cEmosa9M2Mj15YHvfaGqqB8q X-Received: by 2002:a62:6c43:: with SMTP id h64mr35164275pfc.5.1557769610173; Mon, 13 May 2019 10:46:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557769610; cv=none; d=google.com; s=arc-20160816; b=wOTzVMegCOW0DgGOHadlU3Ms4aygsjsM1kLGT22ykuuC8al5p4uYD5mviunZaXuk/d FipUDTj9l514b+YOrBppckGbvruCL+cY9RyiA6mkGjokFeNzxGuF4Ypgubdn+9OGb5GI zOX4gT2BnGU4GeLDsOOt/EuF7harMWCbZgMiy7UYv0gP7pmaQjFYlaCEBLwJfgsAflJl D+YztHVtYyS8lQbyQTyav0hOMA3vaLw0ltHyYrppiTACvLx9PvtVPZ1BlnfQARpDWewK dfE/iGRTcEx0xHakZv1p7QFuM2+HyNojk+X8v2N6oJsLa9w6XV7siCxJvqBFygVZTZIr 9BKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=GS3GihsPyz7Y99NHOiQDTtmA0apAWQh5Zi8mHVLNyoo=; b=TwcSCmh4RWRlbsFW4CENcm8/B5gXrTc6WwN4teOiXtbAsYrteBbyfXHtOY36q9w+aU YkU45putWWgFjf8G/GOyeaS4DoUS+mhaDwLplvmHTRHsmB0nCp1VsfiNSzdXu1AKKKXY YePKxDkjZ+rW0/4VAiM+vfNKXLczt6UL4uHjMnqc0Oc6Pca6DQdE27v2A2zZb0S3hW/p d7K2tNY65t4k1Eb+a07JVMIgT5sv3ARGhcLftEBtgrkw6Hh6uLOuPIZsAu5KrrN7QNzI xc2TO4GCK21YSK6smmLCK2vIDVuaxE+kl/6B7s89/T7jnmIoM5NNbgK8HH7G1GHA1icB QuzA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=mJcTtw57; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q82si19955394pfc.12.2019.05.13.10.46.33; Mon, 13 May 2019 10:46:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b=mJcTtw57; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730416AbfEMOj7 (ORCPT + 99 others); Mon, 13 May 2019 10:39:59 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:45680 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730320AbfEMOj5 (ORCPT ); Mon, 13 May 2019 10:39:57 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x4DESlCI171427; Mon, 13 May 2019 14:38:54 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2018-07-02; bh=GS3GihsPyz7Y99NHOiQDTtmA0apAWQh5Zi8mHVLNyoo=; b=mJcTtw571vBY/DqchePtoK+a2fMaLqNsWff99ts41cz3uW81AVh8k2kIjQIXfkadX5Q3 6F/E6e4/O6myTDqiwNYcUSpAOVMeeIBt5z6sBwlWmvIiYKdfzx0Qg4nsfGs0iR0Ee/ws 8fyDT/ryZpc/Obi/2zRq7DJqs0810bOvF26HLCD7ir3wtStKFUFAa7Ws6PKz+Pu1UJQL dU9UJa5EK8+LYETRyQ5DuH2DbGMtHYVtA2jgoPUK3ziD1XjXnCkAD9TDmm7V4635R9i5 XflzqnTQJehHeZrV5CJoVBXa8ETCmtisHC5rPPYYhukBl0cMbZnPTDNSWhzzDSLkexDm Fw== Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234]) by userp2130.oracle.com with ESMTP id 2sdnttfecf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 13 May 2019 14:38:54 +0000 Received: from achartre-desktop.fr.oracle.com (dhcp-10-166-106-34.fr.oracle.com [10.166.106.34]) by aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id x4DEcZQ7022780; Mon, 13 May 2019 14:38:50 GMT From: Alexandre Chartre To: pbonzini@redhat.com, rkrcmar@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, dave.hansen@linux.intel.com, luto@kernel.org, peterz@infradead.org, kvm@vger.kernel.org, x86@kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org Cc: konrad.wilk@oracle.com, jan.setjeeilers@oracle.com, liran.alon@oracle.com, jwadams@google.com, alexandre.chartre@oracle.com Subject: [RFC KVM 04/27] KVM: x86: Switch to KVM address space on entry to guest Date: Mon, 13 May 2019 16:38:12 +0200 Message-Id: <1557758315-12667-5-git-send-email-alexandre.chartre@oracle.com> X-Mailer: git-send-email 1.7.1 In-Reply-To: <1557758315-12667-1-git-send-email-alexandre.chartre@oracle.com> References: <1557758315-12667-1-git-send-email-alexandre.chartre@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9255 signatures=668686 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1905130102 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Liran Alon Switch to KVM address space on entry to guest and switch out on immediately at exit (before enabling host interrupts). For now, this is not effectively switching, we just remain on the kernel address space. In addition, we switch back as soon as we exit guest, which makes KVM #VMExit handlers still run with full host address space. However, this introduces the entry points and places for switching. Next commits will change switch to happen only when necessary. Signed-off-by: Liran Alon Signed-off-by: Alexandre Chartre --- arch/x86/kvm/isolation.c | 20 ++++++++++++++++++++ arch/x86/kvm/isolation.h | 2 ++ arch/x86/kvm/x86.c | 8 ++++++++ 3 files changed, 30 insertions(+), 0 deletions(-) diff --git a/arch/x86/kvm/isolation.c b/arch/x86/kvm/isolation.c index 74bc0cd..35aa659 100644 --- a/arch/x86/kvm/isolation.c +++ b/arch/x86/kvm/isolation.c @@ -119,3 +119,23 @@ void kvm_isolation_uninit(void) kvm_isolation_uninit_mm(); pr_info("KVM: x86: End of isolated address space\n"); } + +void kvm_isolation_enter(void) +{ + if (address_space_isolation) { + /* + * Switches to kvm_mm should happen from vCPU thread, + * which should not be a kernel thread with no mm + */ + BUG_ON(current->active_mm == NULL); + /* TODO: switch to kvm_mm */ + } +} + +void kvm_isolation_exit(void) +{ + if (address_space_isolation) { + /* TODO: Kick sibling hyperthread before switch to host mm */ + /* TODO: switch back to original mm */ + } +} diff --git a/arch/x86/kvm/isolation.h b/arch/x86/kvm/isolation.h index cf8c7d4..595f62c 100644 --- a/arch/x86/kvm/isolation.h +++ b/arch/x86/kvm/isolation.h @@ -4,5 +4,7 @@ extern int kvm_isolation_init(void); extern void kvm_isolation_uninit(void); +extern void kvm_isolation_enter(void); +extern void kvm_isolation_exit(void); #endif diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 4b7cec2..85700e0 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -7896,6 +7896,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) goto cancel_injection; } + kvm_isolation_enter(); + if (req_immediate_exit) { kvm_make_request(KVM_REQ_EVENT, vcpu); kvm_x86_ops->request_immediate_exit(vcpu); @@ -7946,6 +7948,12 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) vcpu->arch.last_guest_tsc = kvm_read_l1_tsc(vcpu, rdtsc()); + /* + * TODO: Move this to where we architectually need to access + * host (or other VM) sensitive data + */ + kvm_isolation_exit(); + vcpu->mode = OUTSIDE_GUEST_MODE; smp_wmb(); -- 1.7.1