Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp311968pxx; Wed, 28 Oct 2020 05:40:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy10EriMCaGtT5/NzLGR4atLGCLuSiYFTP7hNTcKGZaprMohiGfzkaK6z4bpmZU8cmWzG8u X-Received: by 2002:a17:906:a38d:: with SMTP id k13mr7236128ejz.524.1603888805338; Wed, 28 Oct 2020 05:40:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603888805; cv=none; d=google.com; s=arc-20160816; b=byRBqZQHXjavFXwrtujwByFhCrHbV2ZlXKMHsgpKfW5SOKX5hOCv1k+3KfWotUUTCH VuVuJT55PDZmO3Tu9wsBvBZMVAoimbjeW1bhDILrKXF21TV82+9i44rg5q1SGrrjf6es 4lYjZoK+xsDQcAbbTbx59r0iDC8sQW9UcOoIax9V4gGyb/9R1gpt+sS5Rf9lM3nwaa5u IknQ30SRRsR4PJlh1nCRKDp9U8X2BzZNPaXCm3t/Qy5U6bPRu3xhDJkLaYmfPF1sf2Qt 6t7BVRlss5HP8OYiToxXqDPyAz/7MIt7nlKlP5Dp52UQ9hnJOa/XRAL84DquNPNNUcH+ u8+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=UhqGMIGA8cBbp4bsKlCke2zMJTgNiouJrEW8RxGmj2g=; b=viWpyE2QG74VBBOxAEIj8wpehBCVHEXhn+wjTetsw5DevlSxQ106SJLkO9HVJMH+nh MWmt5+W7Fax1miqcldkRs56OMKjWXJHeFkvVeV4rOlYGOJz6LR9LR1knl6XWOVMM3Eiu SHn3KHdHEMYRdildwNdRbWCxS7F4d1UY0q++8sEdkctdOG0IP2dOhHxAfdqD30vjhv95 CT9VIWizTF8+BGC/KjrxpO+8CUAnBKnJDTGJShqKPpTHw9hxDSlDtnlezHncLhFQOrjI eychT0VCUxdWDfg9k9z97p5ILR143vWsVXn7d6Lsm4n/cHNVCDQGsvTtxvdZQWvitrs4 xVoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=bl7OLhBY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y19si2789537ejd.730.2020.10.28.05.39.43; Wed, 28 Oct 2020 05:40:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=bl7OLhBY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1797539AbgJ0PYK (ORCPT + 99 others); Tue, 27 Oct 2020 11:24:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:37292 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1797249AbgJ0PW1 (ORCPT ); Tue, 27 Oct 2020 11:22:27 -0400 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 181792076D; Tue, 27 Oct 2020 15:22:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1603812146; bh=o3A/QP+JhTRVXqTuhUe+dQVjo8H50XxqktlF/fWyxw0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bl7OLhBYiS1Ah3XjMmPNQFDJ7B9wAQpsk6brTVxUbTupbNTViJlpS88WB+C2a0PuI 3uL2kt6ep233I3rBui7JFVwoLiccL7zHS6S6ld4DEAtZ6Cm9SddgQOu6GFnmvfKB/J sIIHwpswhR59qYjEtvAlbmDS1R/umko+DvOCGuVo= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Lai Jiangshan , Lai Jiangshan , Sean Christopherson , Paolo Bonzini Subject: [PATCH 5.9 077/757] KVM: x86: Intercept LA57 to inject #GP fault when its reserved Date: Tue, 27 Oct 2020 14:45:27 +0100 Message-Id: <20201027135454.153781272@linuxfoundation.org> X-Mailer: git-send-email 2.29.1 In-Reply-To: <20201027135450.497324313@linuxfoundation.org> References: <20201027135450.497324313@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Lai Jiangshan commit 6e1d849fa3296526e64b75fa227b6377cd0fd3da upstream. Unconditionally intercept changes to CR4.LA57 so that KVM correctly injects a #GP fault if the guest attempts to set CR4.LA57 when it's supported in hardware but not exposed to the guest. Long term, KVM needs to properly handle CR4 bits that can be under guest control but also may be reserved from the guest's perspective. But, KVM currently sets the CR4 guest/host mask only during vCPU creation, and reworking flows to change that will take a bit of elbow grease. Even if/when generic support for intercepting reserved bits exists, it's probably not worth letting the guest set CR4.LA57 directly. LA57 can't be toggled while long mode is enabled, thus it's all but guaranteed to be set once (maybe twice, e.g. by BIOS and kernel) during boot and never touched again. On the flip side, letting the guest own CR4.LA57 may incur extra VMREADs. In other words, this temporary "hack" is probably also the right long term fix. Fixes: fd8cb433734e ("KVM: MMU: Expose the LA57 feature to VM.") Cc: stable@vger.kernel.org Cc: Lai Jiangshan Signed-off-by: Lai Jiangshan [sean: rewrote changelog] Signed-off-by: Sean Christopherson Message-Id: <20200930041659.28181-2-sean.j.christopherson@intel.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/kvm_cache_regs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/arch/x86/kvm/kvm_cache_regs.h +++ b/arch/x86/kvm/kvm_cache_regs.h @@ -7,7 +7,7 @@ #define KVM_POSSIBLE_CR0_GUEST_BITS X86_CR0_TS #define KVM_POSSIBLE_CR4_GUEST_BITS \ (X86_CR4_PVI | X86_CR4_DE | X86_CR4_PCE | X86_CR4_OSFXSR \ - | X86_CR4_OSXMMEXCPT | X86_CR4_LA57 | X86_CR4_PGE | X86_CR4_TSD) + | X86_CR4_OSXMMEXCPT | X86_CR4_PGE | X86_CR4_TSD) #define BUILD_KVM_GPR_ACCESSORS(lname, uname) \ static __always_inline unsigned long kvm_##lname##_read(struct kvm_vcpu *vcpu)\