Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
From:   Wei Huang <wei.huang2@amd.com>
To:     kvm@vger.kernel.org
Cc:     linux-kernel@vger.kernel.org, pbonzini@redhat.com,
        vkuznets@redhat.com, mlevitsk@redhat.com, seanjc@google.com,
        joro@8bytes.org, bp@alien8.de, tglx@linutronix.de,
        mingo@redhat.com, x86@kernel.org, jmattson@google.com,
        wanpengli@tencent.com, bsd@redhat.com, dgilbert@redhat.com,
        luto@amacapital.net, wei.huang2@amd.com
Subject: [PATCH v2 3/4] KVM: SVM: Add support for VMCB address check change
Date:   Thu, 21 Jan 2021 01:55:07 -0500
Message-Id: <20210121065508.1169585-4-wei.huang2@amd.com>
In-Reply-To: <20210121065508.1169585-1-wei.huang2@amd.com>
References: <20210121065508.1169585-1-wei.huang2@amd.com>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from amd-daytona-06.khw1.lab.eng.bos.redhat.com (66.187.233.206) by SG2PR0601CA0017.apcprd06.prod.outlook.com (2603:1096:3::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.12 via Frontend Transport; Thu, 21 Jan 2021 06:57:00 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 14a80c13-2932-4a41-1064-08d8bdd9c52b
X-MS-TrafficTypeDiagnostic: MW3PR12MB4441:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: <MW3PR12MB4441ED40210358F1ECC0B9AFCFA19@MW3PR12MB4441.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:326;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: COVmcjyt9Q8J2rJHiPaqhgeq3Na1GVk0tVrwmmTSDuXs+KnVseCTpnDg/ODvxrCIu+NOM6C3e9MdImrzH1BhkApcPqLvyjjhbochGt/uz98SjY5oZ+zfcRvUAR8pBAZMvzz2u3fJuZBZdXeX85Tw4ds/2w9rXlsrw6dhaOHyjsOTY+man/sMvXNm624KTKY87+zT/2LnkThIL7f6ygLfEHXnXSseBXwRcbtSCUNUXcbC9KBlw8HActC2/S5zsyfj0ZgCKWkWNzF5nYiKetIB468txlV4l+37LzS0usMd6C7Mw4xG1tuZtzTFr5CWZ+HF55opp9jtS2QtCccixJz7BB3xqbobJJWs1vdDdMgKJ7WINZ3tp0C+yoEy4LpWCcveRf0vsElQ5PlutFcYo6iZ8Q==
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR12MB1502.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(396003)(366004)(136003)(376002)(346002)(83380400001)(52116002)(8936002)(86362001)(6506007)(66476007)(6512007)(6916009)(2906002)(186003)(478600001)(4326008)(6486002)(16526019)(956004)(26005)(2616005)(36756003)(8676002)(1076003)(316002)(7416002)(5660300002)(66946007)(66556008);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?o1C76GElcHMhJ6DImL0KdO2RayDomKJYurm3QtFX9WMa9UOFQWec3mKOm8Az?=
 =?us-ascii?Q?WrPcSmDfgBWWAzsL0/9eOnAff6PIqFPu31b2Wqn+TCcDfZxDW++ne0vSfwzO?=
 =?us-ascii?Q?rZ9qbmVrH+qUnEoNzTxO16GPya944+ruzPGysbIxel7ikUxq3/I03c/2pHCA?=
 =?us-ascii?Q?8ic7hcFYlHNJpAAG5DKcVZFoOPB1OHSMusj6SWqPvbOwdGs1ABdLYZBqYqC3?=
 =?us-ascii?Q?NMthO5mnmxBs1OISezTTFU4JBT719P6iVKe5YsPdkLePCYrfPKJ9yzuipy0s?=
 =?us-ascii?Q?ZecMFP0tUK6GnwrZboIVbxgK8CadlK5rVnxdBBZAGEPXTbzxcLGr6hHdmDbt?=
 =?us-ascii?Q?HGow87fEkvWVApEEA/TlXYHJfH6qIA/c7RF2esbNxQgWq5gWK154wEw1j57R?=
 =?us-ascii?Q?JF4uAplUhF/m4t8YBpAT6V9sHKWusTy8YbxMY2w7Cig2AMJRMZ39HpwFqL/6?=
 =?us-ascii?Q?0UxICXJbGfg5J/2mYBkq/Gv91QsdWdOPcNDA5CkHgN8uq/4RwljzKiOxifcb?=
 =?us-ascii?Q?JtEex3S5FFXkciWDfnn+lc2hNO6JwwGGEcJPZliog7p1Xka8AxMGKfC5mAnC?=
 =?us-ascii?Q?R6OTUvwF+VJhpZ2O5uV/1ON0ywp29Cc/5RFZKXBi7ojBjDorliPS+aeJnHgl?=
 =?us-ascii?Q?A5WQEYwrvwaFW6Z+p9JA2N1bijpLHNHy8wrH8U9m3BIIhnG/+81zC3sOb25N?=
 =?us-ascii?Q?lsnkVo29YatJjGcEKuhP1PZuYX7zuB15epY6j+7/27RNJmpPNnlJoRVzyT1Z?=
 =?us-ascii?Q?DOS4K3yIg2RLW1Hx76dUYFZNcaBkCOeIRX9aAcu9yTgjchlnIQp7ozkD1Ysj?=
 =?us-ascii?Q?+G4djx5ZF+hC67ZQSEjNNlpGrQpAddYjs6WjcaTAoKlGynjF07jSdhR6R+zG?=
 =?us-ascii?Q?UuRFoXRwsX+Z5hwaJGhRm/LolMCOvnn99DxdPHM0Ia4XHwCpgAyayIoYREGz?=
 =?us-ascii?Q?v95fatyV2vm8jcvVV3v1HOgde4ZFXTRoN+E6gGTWZlcsadougAbhXwjPQJd1?=
 =?us-ascii?Q?IWEc?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 14a80c13-2932-4a41-1064-08d8bdd9c52b
X-MS-Exchange-CrossTenant-AuthSource: MWHPR12MB1502.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jan 2021 06:57:09.1069
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 9QqwhRh+WXe1hLxIxarT1x0lo1reVpdAKVPMVdF2xeSlYPuPweYCWChmR6JTkujW
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4441
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

New AMD CPUs have a change that checks VMEXIT intercept on special SVM
instructions before checking their EAX against reserved memory region.
This change is indicated by CPUID_0x8000000A_EDX[28]. If it is 1, #VMEXIT
is triggered before #GP. KVM doesn't need to intercept and emulate #GP
faults as #GP is supposed to be triggered.

Co-developed-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Wei Huang <wei.huang2@amd.com>
---
 arch/x86/include/asm/cpufeatures.h | 1 +
 arch/x86/kvm/svm/svm.c             | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
index 84b887825f12..ea89d6fdd79a 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86/include/asm/cpufeatures.h
@@ -337,6 +337,7 @@
 #define X86_FEATURE_AVIC		(15*32+13) /* Virtual Interrupt Controller */
 #define X86_FEATURE_V_VMSAVE_VMLOAD	(15*32+15) /* Virtual VMSAVE VMLOAD */
 #define X86_FEATURE_VGIF		(15*32+16) /* Virtual GIF */
+#define X86_FEATURE_SVME_ADDR_CHK	(15*32+28) /* "" SVME addr check */
 
 /* Intel-defined CPU features, CPUID level 0x00000007:0 (ECX), word 16 */
 #define X86_FEATURE_AVX512VBMI		(16*32+ 1) /* AVX512 Vector Bit Manipulation instructions*/
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 6ed523cab068..2a12870ac71a 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -313,7 +313,8 @@ int svm_set_efer(struct kvm_vcpu *vcpu, u64 efer)
 	svm->vmcb->save.efer = efer | EFER_SVME;
 	vmcb_mark_dirty(svm->vmcb, VMCB_CR);
 	/* Enable #GP interception for SVM instructions */
-	set_exception_intercept(svm, GP_VECTOR);
+	if (!kvm_cpu_cap_has(X86_FEATURE_SVME_ADDR_CHK))
+		set_exception_intercept(svm, GP_VECTOR);
 
 	return 0;
 }
@@ -933,6 +934,9 @@ static __init void svm_set_cpu_caps(void)
 	    boot_cpu_has(X86_FEATURE_AMD_SSBD))
 		kvm_cpu_cap_set(X86_FEATURE_VIRT_SSBD);
 
+	if (boot_cpu_has(X86_FEATURE_SVME_ADDR_CHK))
+		kvm_cpu_cap_set(X86_FEATURE_SVME_ADDR_CHK);
+
 	/* Enable INVPCID feature */
 	kvm_cpu_cap_check_and_set(X86_FEATURE_INVPCID);
 }
-- 
2.27.0