Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp155002ybh; Tue, 14 Jul 2020 21:20:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy9BYtCDZNessQSLk1H4cMivoAKhFTOs8rqFXW0YLSyft1R0pB9H6dzk3rhX+J8S84l7pyu X-Received: by 2002:a17:906:6004:: with SMTP id o4mr7698677ejj.411.1594786822515; Tue, 14 Jul 2020 21:20:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594786822; cv=none; d=google.com; s=arc-20160816; b=kd6ftObJ9cAjCpPTWnnMrjGA8UuyOT59b5816/qnwOtHYXdrVZ3XZV2VHxHOeoX3Mz HasCgAwyA5eu6zkG6sBHDM6rdgaDeZb2kF7eT0jivbCNekptUWm3KW1SyplE9aQUelDP NOXACnNu2XC7YXtjAw6gjzs7OBEQanyGvalNoBIh5lM7QYbPZhW7eRhranPXZygRG4qm ULxu6rSpU6+uu6cYVQlTKUTlre7bJKbNDEpHEAXJUoB1OERMp6DI0HCV+6xTNenqRA6k iksOIWTEa1YNYHep0jZHFPuHMYD93+/1ZvQAF3EibvvQttpT1ahtaQ2fSa09ywW5u875 g0/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=zPX58wPEPKd5h4VsY7+SedcuJL2Gipf+XUymZ7QdfWg=; b=NQ5+uDR48w4W7WjvOgrRKYGP/ZST9sjkXZQy0vIzy96/wPVcxnGxavC2yYChIJz7qj 1Y4+9pYQEFi2perCSXX1e53KRmpgmxDMSSVEQghUdc2e+k23HbYxt537f6aMKVtgeoSn SoOwzIyeR31PgrGjffcJ6C/QSsOph7CGa+klKpCCFOqNEJ8Z3dv+TDLsaDlRzcWqO/qd ounn/rg8i1mlHGbPwt1Vl/LgLylNgtDyP/lEb3zRBVfM4KW2hHLwHCNZq2dkkTOlWzyd +llDLiJb5NEpGyuHzYW4iKiDnTKNjjfJpviEMUcj63VRpDBBdYVT8jHBzwyM7c9UoHtv pG5A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bd20si504446edb.136.2020.07.14.21.19.59; Tue, 14 Jul 2020 21:20:22 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726396AbgGOEGF (ORCPT + 99 others); Wed, 15 Jul 2020 00:06:05 -0400 Received: from mga17.intel.com ([192.55.52.151]:16670 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725909AbgGOEGC (ORCPT ); Wed, 15 Jul 2020 00:06:02 -0400 IronPort-SDR: WEP/xs9huEb771/CYLVstow7nnrwcI0V19U3EW98Z/MNIfRIrqXwWsY0NWyReTYHSOA9BQWvcW 9SDzAToH5y2Q== X-IronPort-AV: E=McAfee;i="6000,8403,9682"; a="129167482" X-IronPort-AV: E=Sophos;i="5.75,353,1589266800"; d="scan'208";a="129167482" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Jul 2020 21:06:02 -0700 IronPort-SDR: dwTjIZzEyrANaCF4WHn26lOxGI30xrCnmKWGWEUKv6bulHMuQf6Yls6GZl/jMWMBE9tvOecMbO 1UT/2EgXjPag== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,353,1589266800"; d="scan'208";a="485587016" Received: from sjchrist-coffee.jf.intel.com ([10.54.74.152]) by fmsmga006.fm.intel.com with ESMTP; 14 Jul 2020 21:06:01 -0700 From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Dan Cross , Peter Shier Subject: [PATCH 3/7] KVM: nVMX: Explicitly check for valid guest state for !unrestricted guest Date: Tue, 14 Jul 2020 21:05:53 -0700 Message-Id: <20200715040557.5889-4-sean.j.christopherson@intel.com> X-Mailer: git-send-email 2.26.0 In-Reply-To: <20200715040557.5889-1-sean.j.christopherson@intel.com> References: <20200715040557.5889-1-sean.j.christopherson@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Call guest_state_valid() directly instead of querying emulation_required when checking if L1 is attempting VM-Enter with invalid guest state. If emulate_invalid_guest_state is false, KVM will fixup segment regs to avoid emulation and will never set emulation_required, i.e. KVM will incorrectly miss the associated consistency checks because the nested path stuffs segments directly into vmcs02. Opportunsitically add Consistency Check tracing to make future debug suck a little less. Fixes: 2bb8cafea80bf ("KVM: vVMX: signal failure for nested VMEntry if emulation_required") Fixes: 3184a995f782c ("KVM: nVMX: fix vmentry failure code when L2 state would require emulation") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 2 +- arch/x86/kvm/vmx/vmx.c | 8 ++------ arch/x86/kvm/vmx/vmx.h | 10 ++++++++++ 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 8cbf7bd3a7aa3..7d4457aaab2ef 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2572,7 +2572,7 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12, * which means L1 attempted VMEntry to L2 with invalid state. * Fail the VMEntry. */ - if (vmx->emulation_required) { + if (CC(!vmx_guest_state_valid(vcpu))) { *entry_failure_code = ENTRY_FAIL_DEFAULT; return -EINVAL; } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 1bb59ae5016dc..92c5f7cbf2389 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -340,7 +340,6 @@ static const struct kernel_param_ops vmentry_l1d_flush_ops = { }; module_param_cb(vmentry_l1d_flush, &vmentry_l1d_flush_ops, NULL, 0644); -static bool guest_state_valid(struct kvm_vcpu *vcpu); static u32 vmx_segment_access_rights(struct kvm_segment *var); static __always_inline void vmx_disable_intercept_for_msr(unsigned long *msr_bitmap, u32 msr, int type); @@ -1414,7 +1413,7 @@ static void vmx_vcpu_put(struct kvm_vcpu *vcpu) static bool emulation_required(struct kvm_vcpu *vcpu) { - return emulate_invalid_guest_state && !guest_state_valid(vcpu); + return emulate_invalid_guest_state && !vmx_guest_state_valid(vcpu); } unsigned long vmx_get_rflags(struct kvm_vcpu *vcpu) @@ -3501,11 +3500,8 @@ static bool cs_ss_rpl_check(struct kvm_vcpu *vcpu) * not. * We assume that registers are always usable */ -static bool guest_state_valid(struct kvm_vcpu *vcpu) +bool __vmx_guest_state_valid(struct kvm_vcpu *vcpu) { - if (enable_unrestricted_guest) - return true; - /* real mode guest state checks */ if (!is_protmode(vcpu) || (vmx_get_rflags(vcpu) & X86_EFLAGS_VM)) { if (!rmode_segment_valid(vcpu, VCPU_SREG_CS)) diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 0d06951e607ce..467716e61292d 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -342,6 +342,16 @@ void vmx_load_mmu_pgd(struct kvm_vcpu *vcpu, unsigned long cr3); void ept_save_pdptrs(struct kvm_vcpu *vcpu); void vmx_get_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int seg); void vmx_set_segment(struct kvm_vcpu *vcpu, struct kvm_segment *var, int seg); + +bool __vmx_guest_state_valid(struct kvm_vcpu *vcpu); +static inline bool vmx_guest_state_valid(struct kvm_vcpu *vcpu) +{ + if (enable_unrestricted_guest) + return true; + + return __vmx_guest_state_valid(vcpu); +} + u64 construct_eptp(struct kvm_vcpu *vcpu, unsigned long root_hpa); void update_exception_bitmap(struct kvm_vcpu *vcpu); void vmx_update_msr_bitmap(struct kvm_vcpu *vcpu); -- 2.26.0