Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp1347158pxb;
        Wed, 6 Apr 2022 15:51:58 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxdfKgKfdQCVMdqI67+0it0KIBlWDDzyveK7Qg/2en0aFgT0BjQ1d3FeZavwdbjdDmxxCLu
X-Received: by 2002:a65:48c6:0:b0:398:b858:e332 with SMTP id o6-20020a6548c6000000b00398b858e332mr8784849pgs.291.1649285518582;
        Wed, 06 Apr 2022 15:51:58 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1649285518; cv=none;
        d=google.com; s=arc-20160816;
        b=MPVFMBdJByc/HuYIt5Xjhzs9A9XK5yZkF80QMn5RXMiWfElGFVMfyeyXHN91Q55M3g
         uKya/UPXHdtl/+vJmjJl9zD4Kn/iFvHAyubYN564TW4oWebvgVvvWZe6hyYkchcEoonI
         B75k1clNanJFBtP20MXQQ0fUCHyFC5vBnLHI/QsT2GhMZrTcr1C2Bot88XNT2VIJlnCC
         jFrx5gq0f7gb+duIeQJAh348KCg5J9v+aN1KLT/Q2oLVIGh38EOEBGS1tox57sTxAqOE
         rjEOLWaEtkyUK1l1UuxmMv9EjX2spD8Cm76FF8TjNlJizNrmgWj6BuPU2aj61G2wohYa
         QThQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=sFI0AJVTPwPw0LmwssqZcXake7SjDusjEH1aLxnOGrI=;
        b=py8ExxDyU3n5a6hf03CMIFs8wdJ6JIapZEMy3yWAo0XGQTMgvepMVh1ooI/u0em2gb
         yTtRTzOmo3r2AwKmaCNYyc5iDoncVBMao5mE3fpEPcqAvIt0wVsb9vPXsCUcu61zJy45
         EgdK7M0hB1JHMY+cq1/sXWDfugFwIAR9J0LLLy85FipsbzVlru99Uzsrome47HGWVQlo
         R8ufPtdObgMxTckDTMPS3SwS3eGGwdbQgA+DyjbiqnJjlL+Sn9HZ1On+ekJlz5Z40Z3M
         ys2Xb6LvQFGoNZJFwzYhhE2jcwbQ0AKUL+W7VZwWJoWJsIwX0Lt0hoEoDWhlgis1gawX
         YL2Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=VBxmrMVP;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id r1-20020a63a541000000b003816043f09fsi16825488pgu.660.2022.04.06.15.51.44;
        Wed, 06 Apr 2022 15:51:58 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=VBxmrMVP;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236101AbiDFVhD (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Wed, 6 Apr 2022 17:37:03 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44152 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S235578AbiDFVgv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Apr 2022 17:36:51 -0400
Received: from mail-yb1-xb2a.google.com (mail-yb1-xb2a.google.com [IPv6:2607:f8b0:4864:20::b2a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7B2CDDB2E3
        for <linux-kernel@vger.kernel.org>; Wed,  6 Apr 2022 13:50:18 -0700 (PDT)
Received: by mail-yb1-xb2a.google.com with SMTP id w134so6120267ybe.10
        for <linux-kernel@vger.kernel.org>; Wed, 06 Apr 2022 13:50:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=sFI0AJVTPwPw0LmwssqZcXake7SjDusjEH1aLxnOGrI=;
        b=VBxmrMVPtydbsfRqsorjhKDoEdFwlfvFfHl7Qizy+qjuks/24gknLBbySdud//aBSz
         /VIp99eQYHZthbGrg6IS/L7Tki5m7OmrvgsElS/LSuGKc8EW9EsTts4q2TrjGvC1kpLS
         F6dWxsYSnhINwB7LUT7IScIlJE9XmXK+MEU/2bVJlTuyTLLNvfleTh9oQatKRCiOFMUC
         JqeiuHH5nGVcXRsINrzUHb55PX5pAWTat0ZJLO5AZ3CTZTHy3rdXGWy8ZzLhFC6UZ7Uk
         VxkYet4qNF6XpHSXucb4zSnR++/Ft6GeHGr1qW2JjZGgo8EhW+Ja6XVCIIQfcCCduf0J
         K4AA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=sFI0AJVTPwPw0LmwssqZcXake7SjDusjEH1aLxnOGrI=;
        b=FYq9SbV2hOq2jY+XY1o9RDhjgdR4PF5lD3EYaEx2g5NtGV3dH8DeSulIEdED5rjikt
         yeIxqxiCuWryr+r97lDIY6P+MUtA0PhSQMm32hhGl6vOorzPWJwcUv/FlZ7Ze5XMqjxD
         N0NN91+IpeoVxbz3BNjHLt/HnKG5+ircfl4d6osidvjDfnGXq5avqQnaUeCZAcoiJuYE
         nSuFkWAK928MR6/MpZ3gbhdhke/XE2dHjQznidvAeZWkPkmuTaYeAAjOwy8/ocwq+UN1
         OZacyBIlfDgKFTDnOLd3So00d9X82O8y9W960vrnrKCw8IyT8zGYleKYUdVwCb8DgJoF
         cjQQ==
X-Gm-Message-State: AOAM533IPRQa+aBxzCbbN4Ky9+qvuCC/n5regNT67RGLGVEpwnelNarx
        Pwg+6QaVzWCcXJVovvDEdEvw2WROMMJnHApS1U7qOw==
X-Received: by 2002:a25:d913:0:b0:634:23a5:7f68 with SMTP id
 q19-20020a25d913000000b0063423a57f68mr8044255ybg.40.1649278217564; Wed, 06
 Apr 2022 13:50:17 -0700 (PDT)
MIME-Version: 1.0
References: <cover.1646422845.git.isaku.yamahata@intel.com> <1df5271baa641d9d189edb86f9ee0921ea3a83e0.1646422845.git.isaku.yamahata@intel.com>
In-Reply-To: <1df5271baa641d9d189edb86f9ee0921ea3a83e0.1646422845.git.isaku.yamahata@intel.com>
From:   Sagi Shahar <sagis@google.com>
Date:   Wed, 6 Apr 2022 13:50:06 -0700
Message-ID: <CAAhR5DEb+jRfGxK0nv4A_XEEnY4yrw1CzCcXU8HNw=CnHW27Gw@mail.gmail.com>
Subject: Re: [RFC PATCH v5 086/104] KVM: TDX: handle ept violation/misconfig exit
To:     "Yamahata, Isaku" <isaku.yamahata@intel.com>
Cc:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
        isaku.yamahata@gmail.com, Paolo Bonzini <pbonzini@redhat.com>,
        Jim Mattson <jmattson@google.com>,
        Erdem Aktas <erdemaktas@google.com>,
        Connor Kuehl <ckuehl@redhat.com>,
        Sean Christopherson <seanjc@google.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL
        autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Mar 4, 2022 at 12:23 PM <isaku.yamahata@intel.com> wrote:
>
> From: Isaku Yamahata <isaku.yamahata@intel.com>
>
> On EPT violation, call a common function, __vmx_handle_ept_violation() to
> trigger x86 MMU code.  On EPT misconfiguration, exit to ring 3 with
> KVM_EXIT_UNKNOWN.  because EPT misconfiguration can't happen as MMIO is
> trigged by TDG.VP.VMCALL. No point to set a misconfiguration value for the
> fast path.
>
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> ---
>  arch/x86/kvm/vmx/tdx.c | 40 ++++++++++++++++++++++++++++++++++++++--
>  1 file changed, 38 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
> index 6fbe89bcfe1e..2c35dcad077e 100644
> --- a/arch/x86/kvm/vmx/tdx.c
> +++ b/arch/x86/kvm/vmx/tdx.c
> @@ -1081,6 +1081,40 @@ void tdx_deliver_interrupt(struct kvm_lapic *apic, int delivery_mode,
>         __vmx_deliver_posted_interrupt(vcpu, &tdx->pi_desc, vector);
>  }
>
> +#define TDX_SEPT_PFERR (PFERR_WRITE_MASK | PFERR_USER_MASK)

TDX_SEPT_PFERR is defined using PFERR_.* bitmask but
__vmx_handle_ept_violation is accepting an EPT_VIOLATION_.* bitmask.
so (PFERR_WRITE_MASK | PFERR_USER_MASK) will get interpreted as
(EPT_VIOLATION_ACC_WRITE | EPT_VIOLATION_ACC_INSTR) which will get
translated to (PFERR_WRITE_MASK | PFERR_FETCH_MASK). Was that the
intention of this code?

> +
> +static int tdx_handle_ept_violation(struct kvm_vcpu *vcpu)
> +{
> +       unsigned long exit_qual;
> +
> +       if (kvm_is_private_gpa(vcpu->kvm, tdexit_gpa(vcpu)))
> +               exit_qual = TDX_SEPT_PFERR;
> +       else {
> +               exit_qual = tdexit_exit_qual(vcpu);
> +               if (exit_qual & EPT_VIOLATION_ACC_INSTR) {
> +                       pr_warn("kvm: TDX instr fetch to shared GPA = 0x%lx @ RIP = 0x%lx\n",
> +                               tdexit_gpa(vcpu), kvm_rip_read(vcpu));
> +                       vcpu->run->exit_reason = KVM_EXIT_EXCEPTION;
> +                       vcpu->run->ex.exception = PF_VECTOR;
> +                       vcpu->run->ex.error_code = exit_qual;
> +                       return 0;
> +               }
> +       }
> +
> +       trace_kvm_page_fault(tdexit_gpa(vcpu), exit_qual);
> +       return __vmx_handle_ept_violation(vcpu, tdexit_gpa(vcpu), exit_qual);
> +}
> +
> +static int tdx_handle_ept_misconfig(struct kvm_vcpu *vcpu)
> +{
> +       WARN_ON(1);
> +
> +       vcpu->run->exit_reason = KVM_EXIT_UNKNOWN;
> +       vcpu->run->hw.hardware_exit_reason = EXIT_REASON_EPT_MISCONFIG;
> +
> +       return 0;
> +}
> +
>  int tdx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t fastpath)
>  {
>         union tdx_exit_reason exit_reason = to_tdx(vcpu)->exit_reason;
> @@ -1097,6 +1131,10 @@ int tdx_handle_exit(struct kvm_vcpu *vcpu, fastpath_t fastpath)
>         WARN_ON_ONCE(fastpath != EXIT_FASTPATH_NONE);
>
>         switch (exit_reason.basic) {
> +       case EXIT_REASON_EPT_VIOLATION:
> +               return tdx_handle_ept_violation(vcpu);
> +       case EXIT_REASON_EPT_MISCONFIG:
> +               return tdx_handle_ept_misconfig(vcpu);
>         case EXIT_REASON_OTHER_SMI:
>                 /*
>                  * If reach here, it's not a MSMI.
> @@ -1378,8 +1416,6 @@ void tdx_flush_tlb(struct kvm_vcpu *vcpu)
>                 cpu_relax();
>  }
>
> -#define TDX_SEPT_PFERR (PFERR_WRITE_MASK | PFERR_USER_MASK)
> -
>  static int tdx_init_mem_region(struct kvm *kvm, struct kvm_tdx_cmd *cmd)
>  {
>         struct kvm_tdx *kvm_tdx = to_kvm_tdx(kvm);
> --
> 2.25.1
>

Sagi