Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp11113736ybl; Fri, 27 Dec 2019 08:00:03 -0800 (PST) X-Google-Smtp-Source: APXvYqwiqim8COwVIVEOxWYDq6s0py2DlOasUKSnRUsrHU0DK6Qj8IIq0y/CseGpge20LP1cNUnp X-Received: by 2002:a05:6830:2097:: with SMTP id y23mr43414850otq.286.1577462403217; Fri, 27 Dec 2019 08:00:03 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1577462403; cv=pass; d=google.com; s=arc-20160816; b=D6CODGYrPkO6EbuJ12bfoZEbYLwu86Gy2YTt+WzsbKK2TatYUWaEmimHYMmr4iNYlt iVaPyULa6dq86e4E2tX4KTkuaK07Y0Ss9qZ69Rz5sGatUjHmVTsdvx9ZtxPgyZSpvK9T MuMVfeWvUQJvx3ScV8ttnyfCpn7LCogg78UaFpGjY80DcjlIQPjFVZuik2fMbwvFgmMa XdWKRGiSi0kv22RXqeVa6h3+kcCFIo9OsaC7JuQTgtMfD93Tz9gIIk6rnFI+7ouMo+9O X4Jeex/YBtvkoDchwZ4oYpSrfUAG5+y18sxta/I3woGM4EoPW9wzNGSpIkqg+rw8zJTZ GSNQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:cc :to:from:dkim-signature; bh=Wk8uak0Vil/mw6zN+A+wF6b0s7FpuAD4lfooSEVwZXg=; b=G0TRsmHkhIbuvvERW/m+pWr3Lktg9fZOvoGZe1B7kN2TyQAAkJI6h3An1D/npvdDTE vhVbM5T2YACoqKKkJKOOwE+id/e+9YlxG3AqE64G/KdaAN9IHvTnkU0p5/uxYDWhKfPI xB5Va+pQ84jrtFprieF5eC/X9b5imD2dihL7If54agZZ7LX55aa/fjxxfRT7oDaGPFgk sAuRJ7qn+ZWCRv0seEJqr77zTlbeDeb7Pm0i0/DtBjG49bBGAF6zA3VbkD1dqGUrW2G+ gRjtFBN+UCqISYq3zXnfov2BoEheZFcM0J/dRp4HKv5PqB5980tzpXw5+/FNKqUSX5Vp JFvA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=aeeKxbr8; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n63si9153045oib.210.2019.12.27.07.59.51; Fri, 27 Dec 2019 08:00:03 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=aeeKxbr8; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726995AbfL0P6U (ORCPT + 99 others); Fri, 27 Dec 2019 10:58:20 -0500 Received: from mail-bn8nam12on2055.outbound.protection.outlook.com ([40.107.237.55]:6230 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726379AbfL0P6T (ORCPT ); Fri, 27 Dec 2019 10:58:19 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gOCj0L+MJkcE6PT0yMnecRNUUnNGXcndEidqrbDtA9C/AIH3kNzHj+9HpPHHVqwjOFQP8oNV/lPu2oMWIDy2aFtWbyDlRFkyvOGnxqrB6Au2GfGRkmNMFz5z4bB1YxZtf1/21mmRwqWq8kenKjwboVH5qgQX+LnS7ZqVpEIMrhlohCjxr42tRtu9f7JUTWNrAcnkv8fOMoORva26MlnYiBUlSeC+ZvGm8wfF1/uE2+zNQTgUMsdunGaUMNX08RWbJzCSjZ8k2f9NlfiOHTpHEcWn5KZ5VaALJW/wAa8RB90mKndDCTOX/XGDjmv9qKEmMcvK1y4v8uJzf0zpUKqfaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Wk8uak0Vil/mw6zN+A+wF6b0s7FpuAD4lfooSEVwZXg=; b=MwmytmLcYaSzAfXDDO27F8LQPRvCgQQ2w+1u4flDIT4j/HSZdTwn9jV+e0pAu1VdVm8RXpyMBqAPvka1/v24TeZqIIOgzx1A2sjCwd7DPCAcF/KDX9C1IIWw/ExBdAAeIEnIqcah96ZZLiPzrlhiy6TKFXZ+eXRk8jYS6x2EuSaCe9ZOOYWdrSV5AF/3H14bA2lEEmeUrp3/qHuox66qz9EsVh5oIski755HS/jYxOdbZRzWr1TawAOexXua+JfVGH5j+pLxZAp0+Z67Pm6ulpYDQk9LsTDbDTO6UYCDKNUu3WYUEzHd+2gbfJC5BuQ0dZ42Fia1hywIF5CFyo1T9A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Wk8uak0Vil/mw6zN+A+wF6b0s7FpuAD4lfooSEVwZXg=; b=aeeKxbr8eDCJ2oOcCAhLHcMzG6WlQ8W9JlG0v0kWASeZrE1VnBbXshxUwUSJ8PtIra/GQfnNXY0DcJJvGhLxVsb666R1ypTx6tQPW1skcIhWzmB/IeKyNG9JsK2tjr1TouUtWi3CdmXSN/OXS8r12gI9eXLTvbpLqQ5qDWYLTQs= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by DM6PR12MB3737.namprd12.prod.outlook.com (10.255.173.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2581.11; Fri, 27 Dec 2019 15:58:16 +0000 Received: from DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2581.007; Fri, 27 Dec 2019 15:58:16 +0000 From: Tom Lendacky To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Brijesh Singh Subject: [PATCH v2] KVM: SVM: Override default MMIO mask if memory encryption is enabled Date: Fri, 27 Dec 2019 09:58:00 -0600 Message-Id: X-Mailer: git-send-email 2.17.1 Content-Type: text/plain X-ClientProxiedBy: SN1PR12CA0087.namprd12.prod.outlook.com (2603:10b6:802:21::22) To DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) MIME-Version: 1.0 Received: from tlendack-t1.amd.com (165.204.77.1) by SN1PR12CA0087.namprd12.prod.outlook.com (2603:10b6:802:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2581.12 via Frontend Transport; Fri, 27 Dec 2019 15:58:15 +0000 X-Mailer: git-send-email 2.17.1 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: ad600a2b-c3fa-4b0a-029d-08d78ae595a6 X-MS-TrafficTypeDiagnostic: DM6PR12MB3737:|DM6PR12MB3737: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-Forefront-PRVS: 0264FEA5C3 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4636009)(136003)(346002)(376002)(396003)(39860400002)(366004)(189003)(199004)(81166006)(6666004)(8676002)(86362001)(478600001)(16526019)(4326008)(66946007)(52116002)(81156014)(6486002)(186003)(8936002)(7696005)(66476007)(26005)(66556008)(36756003)(956004)(2616005)(54906003)(5660300002)(2906002)(316002);DIR:OUT;SFP:1101;SCL:1;SRVR:DM6PR12MB3737;H:DM6PR12MB3163.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6l4wxQYBe0gYgd8OKZsJbgxNi+smx6xdqW9h3bJzP2AmZEr/g+2jEIMWEZh2y9mrYcix4P7aK4BxuAoLmzeaQxQfl1XqVvgDbMNwExVwM7qHLaZJb3ie71fpqoNlX4Rsu+zSJqejNlWJ9dNeBlhPHiseN25HozJ5xMYJ2HA0DDn1ggk6odrkvWty6qWG6T9Mg2xZTsaImSrGhBFTaKyWWCgSJfdAlk6eRYzWp7geGs5o7GGx2wWFNcZSByWePwsB/qxiG3QjcpOOOzfatDjP8gbc4ULH2RMuo+lRCTa+OMJaCbFsUcYuymGroc7DStoI3VkVf5V8Tifr07Jh929irEGwKTOtonJlmr5jnLRAl3Q4eHy0nC0vJHRp/tzxFkiIHejbGOKSHZXX8JZ5zySVriB323Fdjb2jkAvE6hBF19Tmn2WWQIZh4Z+wHiPvRULf X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: ad600a2b-c3fa-4b0a-029d-08d78ae595a6 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Dec 2019 15:58:16.0702 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rE9L9PCzYfP9EGfAK67ALR2LuJF/hgjhU+Z9ycgqe1eFC2gDPtGpyx4LQn6YcTCD3G8yMUH9j/wxqmiGnoGsrA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3737 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The KVM MMIO support uses bit 51 as the reserved bit to cause nested page faults when a guest performs MMIO. The AMD memory encryption support uses a CPUID function to define the encryption bit position. Given this, it is possible that these bits can conflict. Use svm_hardware_setup() to override the MMIO mask if memory encryption support is enabled. When memory encryption support is enabled the physical address width is reduced and the first bit after the last valid reduced physical address bit will always be reserved. Use this bit as the MMIO mask. Fixes: 28a1f3ac1d0c ("kvm: x86: Set highest physical address bits in non-present/reserved SPTEs") Suggested-by: Sean Christopherson Signed-off-by: Tom Lendacky --- arch/x86/kvm/svm.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 122d4ce3b1ab..2cb834b5982a 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -1361,6 +1361,32 @@ static __init int svm_hardware_setup(void) } } + /* + * The default MMIO mask is a single bit (excluding the present bit), + * which could conflict with the memory encryption bit. Check for + * memory encryption support and override the default MMIO masks if + * it is enabled. + */ + if (cpuid_eax(0x80000000) >= 0x8000001f) { + u64 msr, mask; + + rdmsrl(MSR_K8_SYSCFG, msr); + if (msr & MSR_K8_SYSCFG_MEM_ENCRYPT) { + /* + * The physical addressing width is reduced. The first + * bit above the new physical addressing limit will + * always be reserved. Use this bit and the present bit + * to generate a page fault with PFER.RSV = 1. + */ + mask = BIT_ULL(boot_cpu_data.x86_phys_bits); + mask |= BIT_ULL(0); + + kvm_mmu_set_mmio_spte_mask(mask, mask, + PT_WRITABLE_MASK | + PT_USER_MASK); + } + } + for_each_possible_cpu(cpu) { r = svm_cpu_init(cpu); if (r) -- 2.17.1