Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp2483738pxk; Mon, 14 Sep 2020 14:55:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzNrV2pvPCY8NVxAVdQONyRG0b2YqPWwIMyWVBZkHiNgNsh3yKlcxTIcvYonlnq+ol4uEkW X-Received: by 2002:a50:e44b:: with SMTP id e11mr19704031edm.73.1600120520300; Mon, 14 Sep 2020 14:55:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600120520; cv=none; d=google.com; s=arc-20160816; b=T48kXs2Hl6dVEx39dQf5wW61LEq625M+Hk8EgL06AKXU5DwkcjbfMUJiNBmI8X2wuR BqSVhee2lna7aAy1zPljSn29+oFnFfkdvYctBvSfP2jtEAYlQS1DLR/zAJg9jWtCFjMD yTo0b7SibiAlENvyVCqpFCsh+sy58cWxKqKp0OCKsPtaA6BEmTUYf0Sw08NRhMxzUoLY YQR1mBxkIJojaAMwe1sLg+6gJkiB1UdJBl5gSdewDoOzjU5FdhdXS17Xd/0X2zelxNcW T8ZWL4KPY0H7xzW0AGZkhYZp/bQ77DJRGMJ3lOJY/gGfqhNP2tvlZD/RkVemCnJ/PJqx p02w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:ironport-sdr:ironport-sdr; bh=A57xMuaMzWNhCR27uJifkk38Sq+hL96RESCm1pJccHo=; b=hNAcfLYm7byRzKgZC+uFU5uQsVMTt/nViXYTGVu1IQX3viC3f/bI7x/5nGhWJYR/Ak TGdoBMpM49gHvCnsvqqD7vhnRqdBwWZJEaUpxtwpWAPku4Ac2nwEaq7SHc3s66VMOTKh 4M23Q7UyzLAJHw1u+7u5CDYTfWNJK8ki1Kyifja6fQPGJ+Q+6rtxyXU4+zRdB0ITrf10 Nq+7riZ8INAI3HY157xrR3T9FfSpMQ+kQjy12rj8P2gynO/ZUQNUsyiS7Y23Kj0BgkCt MRwaGJ/Xhb9pD7oAScAvwLop0YeKL6LYOqSqiOWhzgeFeyPpgXW6jWwS7SOxdurokbIa kVSA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id pg3si8289285ejb.138.2020.09.14.14.54.57; Mon, 14 Sep 2020 14:55:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726149AbgINVvt (ORCPT + 99 others); Mon, 14 Sep 2020 17:51:49 -0400 Received: from mga04.intel.com ([192.55.52.120]:31453 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726136AbgINVvr (ORCPT ); Mon, 14 Sep 2020 17:51:47 -0400 IronPort-SDR: G0qi4DcXulCQCE6zZu89m7dmCPC9SrP9qaowDvOdtfZ6SuvatCAgzUHgf1e3t9NrToUSlJhp1t tR764kI1FuCw== X-IronPort-AV: E=McAfee;i="6000,8403,9744"; a="156558708" X-IronPort-AV: E=Sophos;i="5.76,427,1592895600"; d="scan'208";a="156558708" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2020 14:51:46 -0700 IronPort-SDR: LcBOudzkE4g59yt4ncCQ1nyyWKogchU/1XtnSx1ua06AycBa7pdmDhhdmo6il05NMUQg1ZUxEI PhWALHWpYGrg== X-IronPort-AV: E=Sophos;i="5.76,427,1592895600"; d="scan'208";a="451045487" Received: from sjchrist-ice.jf.intel.com (HELO sjchrist-ice) ([10.54.31.34]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2020 14:51:46 -0700 Date: Mon, 14 Sep 2020 14:51:45 -0700 From: Sean Christopherson To: Tom Lendacky Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, Paolo Bonzini , Jim Mattson , Joerg Roedel , Vitaly Kuznetsov , Wanpeng Li , Borislav Petkov , Ingo Molnar , Thomas Gleixner , Brijesh Singh Subject: Re: [RFC PATCH 28/35] KVM: X86: Update kvm_skip_emulated_instruction() for an SEV-ES guest Message-ID: <20200914215144.GE7192@sjchrist-ice> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 14, 2020 at 03:15:42PM -0500, Tom Lendacky wrote: > From: Tom Lendacky > > The register state for an SEV-ES guest is encrypted so the value of the > RIP cannot be updated. For an automatic exit, the RIP will be advanced > as necessary. For a non-automatic exit, it is up to the #VC handler in > the guest to advance the RIP. > > Add support to skip any RIP updates in kvm_skip_emulated_instruction() > for an SEV-ES guest. Is there a reason this can't be handled in svm? E.g. can KVM be reworked to effectively split the emulation logic so that it's a bug for KVM to end up trying to modify RIP? Also, patch 06 modifies SVM's skip_emulated_instruction() to skip the RIP update, but keeps the "svm_set_interrupt_shadow(vcpu, 0)" logic. Seems like either that change or this one is wrong. > Signed-off-by: Tom Lendacky > --- > arch/x86/kvm/x86.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index 23564d02d158..1dbdca607511 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -6874,13 +6874,17 @@ static int kvm_vcpu_do_singlestep(struct kvm_vcpu *vcpu) > > int kvm_skip_emulated_instruction(struct kvm_vcpu *vcpu) > { > - unsigned long rflags = kvm_x86_ops.get_rflags(vcpu); > + unsigned long rflags; > int r; > > r = kvm_x86_ops.skip_emulated_instruction(vcpu); > if (unlikely(!r)) > return 0; > > + if (vcpu->arch.vmsa_encrypted) > + return 1; > + > + rflags = kvm_x86_ops.get_rflags(vcpu); > /* > * rflags is the old, "raw" value of the flags. The new value has > * not been saved yet. > -- > 2.28.0 >