Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp849481imw; Fri, 15 Jul 2022 14:10:42 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uljGvcTmqlJPTr1aQ2PFEEcK+WjwkcT5LH7YObvk/DEOQXQm/TPmwxMeckfZau44MiGg2x X-Received: by 2002:a65:6e96:0:b0:415:5973:b4f4 with SMTP id bm22-20020a656e96000000b004155973b4f4mr13557313pgb.568.1657919441818; Fri, 15 Jul 2022 14:10:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657919441; cv=none; d=google.com; s=arc-20160816; b=qn1/qwJzN52OGLc9Y/oJgfkNvhFTs1Eq9zLljYwDcbQzJqB/s6yRI62JYHNdeVcvYc uSGwCyblNcAgpvkSEAzyImmDb0FiU9xRf1/f5f56xpoqXQSDY/H+eTfgwzbEhc969s/L NpGda8c7ALBBn4pOIeCMgOz81Lfr4RuOJ+UqLo++GwSScRxtyNOrTG0mQrCpnzuilYhX mL0jdC/a0cVTQOc5wCASkqJL0YPQB3q5FuZ8C0AjqGW5y/F82aQ16TvXhZNq0lyI3gOq Kf9eR+Ymi+mV280BD0mI9XuEOId6J1jqji56PwcWF7HTEqILB2iNNpN2Ue5VGr1M7qKx pAnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:dkim-signature; bh=iNAk41tsUidTro9q8ZhzpvrmhAAQBQ9Auq7TykB2O7k=; b=xvwaqVYAaM9mfemdbXPhtUGAac8kd+e8UoSvw3AHNfdz9vDq3NYV/2gC8H+NgNz1dn nNAOblL6lu5ppAZ09H/ORnAfW1iecfK8inuF3EY0uRh4st1xTaMmtyPM+mfFKsemhj9D HD1r/6jOlebhUfc5bj6mb8Fi0jeF1nw0RQs9SPPmV0x5PW3a/I00FzpKzX+lzUdAApWh 9iyQysJkMbFI61bC24DyDUFvr5mDQPp0VpwPyJOriU8VAP6O/L+FytKuYi5ciouYthMb 6NuP9krJv7HN1Mp/rhGndq2m7F19TrBlGsczU/H3sw/ssFDWDb4aN1TLs03L+cqpfn4b RRKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=AOqLpJxV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id jz21-20020a17090b14d500b001f06deff0afsi9433536pjb.82.2022.07.15.14.10.26; Fri, 15 Jul 2022 14:10:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=AOqLpJxV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231573AbiGOUnG (ORCPT + 99 others); Fri, 15 Jul 2022 16:43:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58408 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231566AbiGOUmt (ORCPT ); Fri, 15 Jul 2022 16:42:49 -0400 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 973F987F63 for ; Fri, 15 Jul 2022 13:42:45 -0700 (PDT) Received: by mail-pl1-x64a.google.com with SMTP id d10-20020a170902ceca00b0016bea2dc145so2576682plg.7 for ; Fri, 15 Jul 2022 13:42:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=iNAk41tsUidTro9q8ZhzpvrmhAAQBQ9Auq7TykB2O7k=; b=AOqLpJxVuh5bfFX7HjNUVWHjX8WUmZZlVreIDVpmWFszzrEKn/6Q5oMYVsR0iD56lL 8OavSYfIbOdtxLPsSxTqk0+js2AaonIwXPDXa6EW2lMdTCz/rYO14U5Ge7WWEGlQOpyh F1F5AcMoVLXj+dUrKpfA/4HgiPrwqGEUhS7Jr+k6pJFxuRgONJeXOk6YUcMc5eS/hbfn 7O/LbWWJZTS62LTiNoQAFCL4vUUzXBcZaeT1MAWPL/LtkT3DpVxfxiqUiaU7k3zugKou KH7UKG7G9+Lea/xH0QVLEEHY21Vlkodd31qv1K+2ktEFpr+9+5IwBZxLmyVQYSXWzY9w dUUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=iNAk41tsUidTro9q8ZhzpvrmhAAQBQ9Auq7TykB2O7k=; b=i8AMGOwu0TB0n4DltoSO+YQCyhhOu85KaVBIwGK7VaYqsxniAci6+fZ0QI9d+tMgtL yeyDm9XPW9E/s6xmAgem4CzICI4c1fB/kT4YaH13SS5mFnPjx2TCizGqo+ymn8F8CLp7 kbX097Vu3yO3olyzdqqxv5Y3gSFRkO68wreBLU3i4SecvNCJpFa8EASzLS0GuoB/peRS j4jDnAGl8T888km1Piri7SQaLnN7t8ucNxuoF3d9RntTRIoN59kcJWjMWHsWI2DZZcY7 uBzcfmg5laiI56p/YYvvRYNcO+oZINr6X4CZdqiDWiWDLGER6fk7QK9/M/BilN4H2wPr SK0A== X-Gm-Message-State: AJIora9x2icJ1u2/O+hCHuKVuVSO0zSg+ZKPFi/za6U6qaQo7Mtq6BlE TALt1PDQPJNh6WLp5K10bd/1ESAtgqo= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:d191:b0:16b:ea2d:60f2 with SMTP id m17-20020a170902d19100b0016bea2d60f2mr15049037plb.24.1657917764585; Fri, 15 Jul 2022 13:42:44 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 15 Jul 2022 20:42:08 +0000 In-Reply-To: <20220715204226.3655170-1-seanjc@google.com> Message-Id: <20220715204226.3655170-7-seanjc@google.com> Mime-Version: 1.0 References: <20220715204226.3655170-1-seanjc@google.com> X-Mailer: git-send-email 2.37.0.170.g444d1eabd0-goog Subject: [PATCH v2 06/24] KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Jim Mattson , Maxim Levitsky , Oliver Upton , Peter Shier Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add a dedicated "exception type" for #DBs, as #DBs can be fault-like or trap-like depending the sub-type of #DB, and effectively defer the decision of what to do with the #DB to the caller. For the emulator's two calls to exception_type(), treat the #DB as fault-like, as the emulator handles only code breakpoint and general detect #DBs, both of which are fault-like. For event injection, which uses exception_type() to determine whether to set EFLAGS.RF=1 on the stack, keep the current behavior of not setting RF=1 for #DBs. Intel and AMD explicitly state RF isn't set on code #DBs, so exempting by failing the "== EXCPT_FAULT" check is correct. The only other fault-like #DB is General Detect, and despite Intel and AMD both strongly implying (through omission) that General Detect #DBs should set RF=1, hardware (multiple generations of both Intel and AMD), in fact does not. Through insider knowledge, extreme foresight, sheer dumb luck, or some combination thereof, KVM correctly handled RF for General Detect #DBs. Fixes: 38827dbd3fb8 ("KVM: x86: Do not update EFLAGS on faulting emulation") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/x86.c | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 4efdb61e60ba..37d686dbb6aa 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -529,6 +529,7 @@ static int exception_class(int vector) #define EXCPT_TRAP 1 #define EXCPT_ABORT 2 #define EXCPT_INTERRUPT 3 +#define EXCPT_DB 4 static int exception_type(int vector) { @@ -539,8 +540,14 @@ static int exception_type(int vector) mask = 1 << vector; - /* #DB is trap, as instruction watchpoints are handled elsewhere */ - if (mask & ((1 << DB_VECTOR) | (1 << BP_VECTOR) | (1 << OF_VECTOR))) + /* + * #DBs can be trap-like or fault-like, the caller must check other CPU + * state, e.g. DR6, to determine whether a #DB is a trap or fault. + */ + if (mask & (1 << DB_VECTOR)) + return EXCPT_DB; + + if (mask & ((1 << BP_VECTOR) | (1 << OF_VECTOR))) return EXCPT_TRAP; if (mask & ((1 << DF_VECTOR) | (1 << MC_VECTOR))) @@ -8785,6 +8792,12 @@ int x86_emulate_instruction(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, unsigned long rflags = static_call(kvm_x86_get_rflags)(vcpu); toggle_interruptibility(vcpu, ctxt->interruptibility); vcpu->arch.emulate_regs_need_sync_to_vcpu = false; + + /* + * Note, EXCPT_DB is assumed to be fault-like as the emulator + * only supports code breakpoints and general detect #DB, both + * of which are fault-like. + */ if (!ctxt->have_exception || exception_type(ctxt->exception.vector) == EXCPT_TRAP) { kvm_pmu_trigger_event(vcpu, PERF_COUNT_HW_INSTRUCTIONS); @@ -9701,6 +9714,16 @@ static int inject_pending_event(struct kvm_vcpu *vcpu, bool *req_immediate_exit) /* try to inject new event if pending */ if (vcpu->arch.exception.pending) { + /* + * Fault-class exceptions, except #DBs, set RF=1 in the RFLAGS + * value pushed on the stack. Trap-like exception and all #DBs + * leave RF as-is (KVM follows Intel's behavior in this regard; + * AMD states that code breakpoint #DBs excplitly clear RF=0). + * + * Note, most versions of Intel's SDM and AMD's APM incorrectly + * describe the behavior of General Detect #DBs, which are + * fault-like. They do _not_ set RF, a la code breakpoints. + */ if (exception_type(vcpu->arch.exception.nr) == EXCPT_FAULT) __kvm_set_rflags(vcpu, kvm_get_rflags(vcpu) | X86_EFLAGS_RF); -- 2.37.0.170.g444d1eabd0-goog