Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp1270471pxb; Thu, 21 Oct 2021 20:02:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzfANAABXX250cVDmMLEizmv3cb9ceB+vF7P9PCVLwDMJuyaCm9/3UQJ87qgwV5EGGVcMbm X-Received: by 2002:a17:902:d718:b0:13d:e2ec:1741 with SMTP id w24-20020a170902d71800b0013de2ec1741mr8874894ply.38.1634871761821; Thu, 21 Oct 2021 20:02:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634871761; cv=none; d=google.com; s=arc-20160816; b=kol5yclzouVRBr0+bJAVOsLIyOFEx7jUtc8ID6BQrk10dKC2Y1y8UrPxuYs1I4/2x6 Ri8YXuMPcRfyv6Z/xmJ0Y8W24Hu8YzXRFv4kwpxKqVQa9BFV5+68amC/qLVXpKuMU5Ej oUJOAtGCLqQw3AVGjSfY8/23hwRVbo+LQAZDfpjbx+VZQ4DfBMCp9NXrMN1Zfqk94Mwr vUnMOV37+GYuUm0TQBJv8k6QFcLslqXTpoXD7mqz/cPyyVL9jXaytMJkLBKz7shQ6l8i RtPHB0dji6ZzCaBdtNYArQtJHOm74Om755J/282ao/9BFEvzQIUEJwEcsH3S+AhKjs5D XTKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=8UK5bv8kX2f5Hkj5Gh1eH/fP/dwT8vZgr2LaqPmCdvs=; b=obh+PWpNY9QuUR+lExPApeJ7ThsfNXZHPrEnlZVPc/6+KtRG4q8e+EqBeW1CBmEJTz gHDCeNjJKmnpOLFOXMvyajzPUq4UfU/74xVNCELkS48V4NVTdN9O/akl9Co5x9xTi1XV RbXn1cw/8lasQsGxK9LIhtJmPbgtercmnPA1zvx0Umcw5gD4D/oV1CM9+4hu9pjHtCSN cSb9nQeOg6XcXOPx4vNV0U1ys7Exqx5IXCGnp04H5JCA9nX0JmHVX+bp4v/T9QSR5Kxm NHwULGPylbCOzP7G1VdIKvEEDPSZhzeX174Stz5NMKE39ZBJLmDKpeZM36CDI8tfKSWr u1kg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k1si11965431plk.15.2021.10.21.20.02.27; Thu, 21 Oct 2021 20:02:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232774AbhJVDCS (ORCPT + 99 others); Thu, 21 Oct 2021 23:02:18 -0400 Received: from out30-130.freemail.mail.aliyun.com ([115.124.30.130]:51354 "EHLO out30-130.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232627AbhJVDCS (ORCPT ); Thu, 21 Oct 2021 23:02:18 -0400 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R121e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e04407;MF=houwenlong93@linux.alibaba.com;NM=1;PH=DS;RN=13;SR=0;TI=SMTPD_---0UtCHuz3_1634871598; Received: from localhost(mailfrom:houwenlong93@linux.alibaba.com fp:SMTPD_---0UtCHuz3_1634871598) by smtp.aliyun-inc.com(127.0.0.1); Fri, 22 Oct 2021 10:59:58 +0800 From: Hou Wenlong To: kvm@vger.kernel.org Cc: Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H. Peter Anvin" , linux-kernel@vger.kernel.org Subject: [PATCH 1/2] KVM: VMX: fix instruction skipping when handling UD exception Date: Fri, 22 Oct 2021 10:59:56 +0800 Message-Id: <8ad4de9dae77ee3690ee9bd3c5a51d235d619eb6.1634870747.git.houwenlong93@linux.alibaba.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When kvm.force_emulation_prefix is enabled, instruction with kvm prefix would trigger an UD exception and do instruction emulation. The emulation may need to exit to userspace due to userspace io, and the complete_userspace_io callback may skip instruction, i.e. MSR accesses emulation would exit to userspace if userspace wanted to know about the MSR fault. However, VM_EXIT_INSTRUCTION_LEN in vmcs is invalid now, it should use kvm_emulate_instruction() to skip instruction. Signed-off-by: Hou Wenlong --- arch/x86/kvm/vmx/vmx.c | 4 ++-- arch/x86/kvm/vmx/vmx.h | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 1c8b2b6e7ed9..01049d65da26 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1501,8 +1501,8 @@ static int skip_emulated_instruction(struct kvm_vcpu *vcpu) * (namely Hyper-V) don't set it due to it being undefined behavior, * i.e. we end up advancing IP with some random value. */ - if (!static_cpu_has(X86_FEATURE_HYPERVISOR) || - exit_reason.basic != EXIT_REASON_EPT_MISCONFIG) { + if (!is_ud_exit(vcpu) && (!static_cpu_has(X86_FEATURE_HYPERVISOR) || + exit_reason.basic != EXIT_REASON_EPT_MISCONFIG)) { instr_len = vmcs_read32(VM_EXIT_INSTRUCTION_LEN); /* diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 592217fd7d92..e7a7f580acd1 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -481,6 +481,15 @@ static inline u32 vmx_get_intr_info(struct kvm_vcpu *vcpu) return vmx->exit_intr_info; } +static inline bool is_ud_exit(struct kvm_vcpu *vcpu) +{ + union vmx_exit_reason exit_reason = to_vmx(vcpu)->exit_reason; + u32 intr_info = vmx_get_intr_info(vcpu); + + return exit_reason.basic == EXIT_REASON_EXCEPTION_NMI && + is_invalid_opcode(intr_info); +} + struct vmcs *alloc_vmcs_cpu(bool shadow, int cpu, gfp_t flags); void free_vmcs(struct vmcs *vmcs); int alloc_loaded_vmcs(struct loaded_vmcs *loaded_vmcs); -- 2.31.1