Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp2520254pxb; Sun, 3 Apr 2022 09:47:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw/XL10mXhaPz6UAhKqzNu1+bIXt+AEJKkvvcmgg3ia00h9q8yM4cbolrDJE60n9aRc0oea X-Received: by 2002:a17:902:e743:b0:153:a902:8d8c with SMTP id p3-20020a170902e74300b00153a9028d8cmr19564026plf.150.1649004426265; Sun, 03 Apr 2022 09:47:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649004426; cv=none; d=google.com; s=arc-20160816; b=u2Kgp1Ck/C7OmcIRZkxpuboDXdUaUDslWstkFb2xwkZRm5eP0lSy4J0MQsipp22QDh LGi+ShgzFIZcAOtbwM03BcHMnBqS6iYo7V3eiaJSGqHN+zi90W/p2Cq5+4HcEvfzqKrD MjimMxC/pJ8SuOvWayb29kznIX2A7amr2SUiSd9bL/q8QMlNRy3olXHFtSUu5IFy4hc3 tHisuHtdW7fS7Lu6QFALYCTihncSfrGixGJwbKmVqvdJfhPME852xBTGWuk3dYzohyTR ZGPJyTu979YHGOyCN+gapBrYj2PpvMqDBrKBQvP8JUCi2FY3/uchdiO2ex0jWzMbdrLe JSDw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=tGJBlLkmgZTxVHoFIKbZU2QoQ1f35loIsBzJHpfAMdY=; b=klu2ptcXX4wSagmDJ5rf9bXjDaHYtw4wA1gOPVcekyHsRBiC0FxxDYiqoOBzP45oa/ M4JffmEKPNkN4dbXhm/vwrx6fEUnKzeShKeHOVYK4MgFE3dvg4XsWePdnxoLxEcrG5E8 SZs2TK2jZsGXHb5KHMPQjNtIG8RnaoJZut55xHU7kT1RnaUjFu0rekJjxJ6FsLvYV6SL 02NkG0qCvHoeWhtCnWC4Hl5QF+gUbsghEaf42ESZ0fBQ89d6WMkuWbUQ0SvPvVB6PGjj vUPB8xmZc+kr+t1qabQtgPoQ6at23vcm1ncnPxPMOKgZz6CXGsSq3cL9E7mcBWGmsWCl 8ZrA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=IRuzE1kO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y21-20020a62b515000000b004fb2d266facsi7571910pfe.287.2022.04.03.09.46.46; Sun, 03 Apr 2022 09:47:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=IRuzE1kO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1351155AbiDAVx0 (ORCPT + 99 others); Fri, 1 Apr 2022 17:53:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54292 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1348063AbiDAVxZ (ORCPT ); Fri, 1 Apr 2022 17:53:25 -0400 Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 77EE620169F for ; Fri, 1 Apr 2022 14:51:33 -0700 (PDT) Received: by mail-pj1-x1030.google.com with SMTP id h23-20020a17090a051700b001c9c1dd3acbso3691853pjh.3 for ; Fri, 01 Apr 2022 14:51:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=tGJBlLkmgZTxVHoFIKbZU2QoQ1f35loIsBzJHpfAMdY=; b=IRuzE1kOG1hxaxxmTzAYMb3FDbCSi+yGguqeIEEkb6PgEkoj8OJw0Wbp1eIB/2Me3p xuGdoi2lhxv9CVVqjbuzF613Zeln3iPfWQbpeqsqnIjocqNg67KqieyA7dgqBsr6SPWw 6wrS6Bcn1dzQKZfr8jGNVSlBrpiQex5k5ZZVGbSMbGIQL9BBIVc8t4DjWPryYQMsaDT7 sBa+1gGJFgMAJ67j3nixa//B/dzXUciEMBXRawWskMuQq0oEDW6nhlEHbFTTT2BDgxot fiB+GkBX8L5o3ipdqqKD5S9ccxL7FPl6wgCEKzdtwvCa6iUBtuWv0DJ6dsXGF6WD5sFu Jqwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=tGJBlLkmgZTxVHoFIKbZU2QoQ1f35loIsBzJHpfAMdY=; b=xLlUNFxZfcj5ukdSN/OET1IdJOdT+vHjSjnOnnebIdXncU/43sy5jxEqPlzFH3CUIm 1+xjMXL0jBliUR7QWVl0cLkD1Whs/fQ+kQKIHKSytWQyd6WYD/a4sqlW2h8smWz3ociP XSxfcrUbEBPFm8Pt0dGXGqhd7GQAWuT22szqAjQ7QAQMeCUHcRGzz9EqNlxlQCUghEWc 1N9EEE+O3wvFYsSF7Urjbj0xAZgd0juHFfZA0vhI+0uPVzrujZ/vG5UKb4eMNO4I9pnk WSZ6P8PZ2pQsVDb/B9vdVHje4atmx7eGeJ0Ux1TSmoVZcms8rb7P0rHqXFALtx6n5nHa +QjQ== X-Gm-Message-State: AOAM531vxN81eW4Z2VPT/R3czdIRFpydtPQ+ec29+7/KwbWwil5nTsul Yeo5NP+RyRX9S+sSM5a2l1qPlA== X-Received: by 2002:a17:90a:4981:b0:1c6:b6dd:d7a9 with SMTP id d1-20020a17090a498100b001c6b6ddd7a9mr13855937pjh.22.1648849892251; Fri, 01 Apr 2022 14:51:32 -0700 (PDT) Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157]) by smtp.gmail.com with ESMTPSA id e10-20020a17090a630a00b001c685cfd9d1sm3392861pjj.20.2022.04.01.14.51.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Apr 2022 14:51:31 -0700 (PDT) Date: Fri, 1 Apr 2022 21:51:28 +0000 From: Sean Christopherson To: "Maciej S. Szmigiero" Cc: Paolo Bonzini , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Tom Lendacky , Brijesh Singh , Jon Grimm , David Kaplan , Boris Ostrovsky , Liam Merwick , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 1/5] KVM: nSVM: Sync next_rip field from vmcb12 to vmcb02 Message-ID: References: <19c757487eeeff5344ff3684fe9c090235b07d05.1646944472.git.maciej.szmigiero@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Apr 01, 2022, Maciej S. Szmigiero wrote: > On 1.04.2022 20:32, Sean Christopherson wrote: > > On Thu, Mar 10, 2022, Maciej S. Szmigiero wrote: > > > + /* The return address pushed on stack by the CPU for some injected events */ > > > + svm->vmcb->control.next_rip = svm->nested.ctl.next_rip; > > > > This needs to be gated by nrips being enabled _and_ exposed to L1, i.e. > > > > if (svm->nrips_enabled) > > vmcb02->control.next_rip = svm->nested.ctl.next_rip; > > It can be done, however what if we run on a nrips-capable CPU, > but don't expose this capability to the L1? Oh, right, because the field will be populated by the CPU on VM-Exit. Ah, the correct behavior is to grab RIP from vmcb12 to emulate nrips=0 hardware simply not updating RIP. E.g. zeroing it out would send L2 into the weeds on IRET due the CPU pushing '0' on the stack when vectoring the injected event. if (svm->nrips_enabled) vmcb02->control.next_rip = svm->nested.ctl.next_rip; else if (boot_cpu_has(X86_FEATURE_NRIPS)) vmcb02->control.next_rip = vmcb12_rip; > The CPU will then push whatever value was left in this field as > the return address for some L1 injected events. > > Although without nrips feature the L1 shouldn't even attempt event > injection, copying this field anyway will make it work if L1 just > expects this capability based on the current CPU model rather than > by checking specific CPUID feature bits. L1 may still inject the exception, it just advances the RIP manually. As above, the really messy thing is that, because there's no flag to say "don't use NextRIP!", the CPU will still consume NextRIP and push '0' on the stack for the return RIP from the INTn/INT3/INTO. Yay. I found that out the hard way (patch in-progress). The way to handle event injection if KVM is loaded with nrips=0 but nrips is supported in hardware is to stuff NextRIP on event injection even if nrips=0, otherwise the guest is hosed. > > > + u64 next_rip; > > > u64 nested_cr3; > > > u64 virt_ext; > > > u32 clean; > > > > I don't know why this struct has > > > > u8 reserved_sw[32]; > > > > but presumably it's for padding, i.e. probably should be reduced to 24 bytes. > > Apparently the "reserved_sw" field stores Hyper-V enlightenments state - > see commit 66c03a926f18 ("KVM: nSVM: Implement Enlightened MSR-Bitmap feature") > and nested_svm_vmrun_msrpm() in nested.c. Argh, that's a terrible name. Thanks for doing the homework, I was being lazy.