Received: by 2002:a25:ef43:0:0:0:0:0 with SMTP id w3csp127204ybm; Tue, 26 May 2020 12:27:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxjYgifhwBNmXwSBweXaUoXlC1CYJNrG6zDrUASIHeS6YOmNjJCCi/70wG+9HMuQ35jzHGI X-Received: by 2002:a17:906:404c:: with SMTP id y12mr2633896ejj.9.1590521228910; Tue, 26 May 2020 12:27:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590521228; cv=none; d=google.com; s=arc-20160816; b=vHOlLsCAOwArIOpx6q/LMYN3/9fcJUHunOtLRnO6mbLWUomPxBP7GaniqNXywEFjKC N/AAjQh/PSRPVOwCskVW5Fv8VY3033WQH2osYmPjchYV/fq/yjlRTnHTJI9Rnjw4IdF7 GOjcY67C4OmqIhNr6/5nufywqQwFskZ4JCVZhL9rRFLZ8vGP3LlEFSUhFdZu3q4f36vi HxK9zWCy/9EoHAgf/xrg42NoW6XzwhM23CBTWbYmcmbXH76ka3xivvmVyY7upvLQlC2C aAOPZbNvAw1nyqXNfZkbKw00gNw0OOqvzd88acPZQaRfhUfLrMfjBOnfUwIwMM7SwOxv TxIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=8Cib96gTjkBQwSqcAf1JRw1MvqYZHLXmzVTN83SYsWQ=; b=kR7gnTXssYX+BCFl0M75kINU3VrYoq40/LGfZMZdXyNImK4Jy6PRv9HTYfB0h2Cbvh jYDOll7MZHstezitbBlDSe9mZz7gL0l/aDWowRCMeGhclvia/zobHofiWbnzMwl9382f 3Q438B0EERUwGxpqWZwS7IoXbUbvgVz892pzJkT0Z+6g1kmk/VYV2WXdJsqIxk6kOkJo 8mDujlAVb9DqpwdOwnLiLIhVjdpvL39I95PGD56U4tHk39KUlzymXecsyfv2+L8Yacrr p0+sYGrkBP4Auo9gMrTERCADmuBIou4cGvOA7Z4QuiPrdFS6ee6BxQ1aRG+H4aj5GYZb nXuA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="CUw8/DYH"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p20si406291ejf.49.2020.05.26.12.26.45; Tue, 26 May 2020 12:27:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="CUw8/DYH"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391422AbgEZTI0 (ORCPT + 99 others); Tue, 26 May 2020 15:08:26 -0400 Received: from mail.kernel.org ([198.145.29.99]:37202 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2391772AbgEZTIR (ORCPT ); Tue, 26 May 2020 15:08:17 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 2203720873; Tue, 26 May 2020 19:08:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1590520096; bh=ojTa6PyRzyTqOkqh7CqgyBIbIUw+O6XKOpmVdqSXPtY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=CUw8/DYHQHdYiaolNJ7WBKtZRAj906aYgYQJX0W39sTpGVlTNV8eCXRn3PI6TzmkK o5nTlAleCQu8rjGVdBx1gssOYv8LrnDUV3GdnIl+pfaTnPjTckAFtuFIUctd+D06IM kDr1M0Zx8Lunc79Z5QLFb7L/MXqMQSC9KsDDRxpw= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jim Mattson , Babu Moger , Paolo Bonzini Subject: [PATCH 5.4 057/111] KVM: x86: Fix pkru save/restore when guest CR4.PKE=0, move it to x86.c Date: Tue, 26 May 2020 20:53:15 +0200 Message-Id: <20200526183938.252763486@linuxfoundation.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200526183932.245016380@linuxfoundation.org> References: <20200526183932.245016380@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Babu Moger commit 37486135d3a7b03acc7755b63627a130437f066a upstream. Though rdpkru and wrpkru are contingent upon CR4.PKE, the PKRU resource isn't. It can be read with XSAVE and written with XRSTOR. So, if we don't set the guest PKRU value here(kvm_load_guest_xsave_state), the guest can read the host value. In case of kvm_load_host_xsave_state, guest with CR4.PKE clear could potentially use XRSTOR to change the host PKRU value. While at it, move pkru state save/restore to common code and the host_pkru field to kvm_vcpu_arch. This will let SVM support protection keys. Cc: stable@vger.kernel.org Reported-by: Jim Mattson Signed-off-by: Babu Moger Message-Id: <158932794619.44260.14508381096663848853.stgit@naples-babu.amd.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/vmx/vmx.c | 18 ------------------ arch/x86/kvm/x86.c | 17 +++++++++++++++++ 3 files changed, 18 insertions(+), 18 deletions(-) --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -550,6 +550,7 @@ struct kvm_vcpu_arch { unsigned long cr4; unsigned long cr4_guest_owned_bits; unsigned long cr8; + u32 host_pkru; u32 pkru; u32 hflags; u64 efer; --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1360,7 +1360,6 @@ void vmx_vcpu_load(struct kvm_vcpu *vcpu vmx_vcpu_pi_load(vcpu, cpu); - vmx->host_pkru = read_pkru(); vmx->host_debugctlmsr = get_debugctlmsr(); } @@ -6521,11 +6520,6 @@ static void vmx_vcpu_run(struct kvm_vcpu kvm_load_guest_xcr0(vcpu); - if (static_cpu_has(X86_FEATURE_PKU) && - kvm_read_cr4_bits(vcpu, X86_CR4_PKE) && - vcpu->arch.pkru != vmx->host_pkru) - __write_pkru(vcpu->arch.pkru); - pt_guest_enter(vmx); atomic_switch_perf_msrs(vmx); @@ -6614,18 +6608,6 @@ static void vmx_vcpu_run(struct kvm_vcpu pt_guest_exit(vmx); - /* - * eager fpu is enabled if PKEY is supported and CR4 is switched - * back on host, so it is safe to read guest PKRU from current - * XSAVE. - */ - if (static_cpu_has(X86_FEATURE_PKU) && - kvm_read_cr4_bits(vcpu, X86_CR4_PKE)) { - vcpu->arch.pkru = rdpkru(); - if (vcpu->arch.pkru != vmx->host_pkru) - __write_pkru(vmx->host_pkru); - } - kvm_put_guest_xcr0(vcpu); vmx->nested.nested_run_pending = 0; --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -832,11 +832,25 @@ void kvm_load_guest_xcr0(struct kvm_vcpu xsetbv(XCR_XFEATURE_ENABLED_MASK, vcpu->arch.xcr0); vcpu->guest_xcr0_loaded = 1; } + + if (static_cpu_has(X86_FEATURE_PKU) && + (kvm_read_cr4_bits(vcpu, X86_CR4_PKE) || + (vcpu->arch.xcr0 & XFEATURE_MASK_PKRU)) && + vcpu->arch.pkru != vcpu->arch.host_pkru) + __write_pkru(vcpu->arch.pkru); } EXPORT_SYMBOL_GPL(kvm_load_guest_xcr0); void kvm_put_guest_xcr0(struct kvm_vcpu *vcpu) { + if (static_cpu_has(X86_FEATURE_PKU) && + (kvm_read_cr4_bits(vcpu, X86_CR4_PKE) || + (vcpu->arch.xcr0 & XFEATURE_MASK_PKRU))) { + vcpu->arch.pkru = rdpkru(); + if (vcpu->arch.pkru != vcpu->arch.host_pkru) + __write_pkru(vcpu->arch.host_pkru); + } + if (vcpu->guest_xcr0_loaded) { if (vcpu->arch.xcr0 != host_xcr0) xsetbv(XCR_XFEATURE_ENABLED_MASK, host_xcr0); @@ -8222,6 +8236,9 @@ static int vcpu_enter_guest(struct kvm_v trace_kvm_entry(vcpu->vcpu_id); guest_enter_irqoff(); + /* Save host pkru register if supported */ + vcpu->arch.host_pkru = read_pkru(); + fpregs_assert_state_consistent(); if (test_thread_flag(TIF_NEED_FPU_LOAD)) switch_fpu_return();