Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp5651553imw; Wed, 20 Jul 2022 09:41:04 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tZc+xLGeSDjDvKHQQZqp1uxCXguDq6jZRuAGrYvpp1Gq6unikUSmpSbY8OrjcpiZ/kEQOr X-Received: by 2002:a05:6808:209d:b0:33a:8b99:f7a3 with SMTP id s29-20020a056808209d00b0033a8b99f7a3mr2738991oiw.119.1658335264605; Wed, 20 Jul 2022 09:41:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658335264; cv=none; d=google.com; s=arc-20160816; b=NVQWo9HR5VHIaX05A23aWPinRE5TFS8fgfPh92/7/I3BJZ586yZI5Zfi0PEijOkOcW vy+MteRmXncZEnMejF5vL2QlV2OTKxX2QKVLCozrFJoeRKKRltQb2fUT6CXA5hARJGKy 50nv5DvFToaHDX66Xj0hFT4bTNdoctCUE/NSN7l3/Whs22rgnDkTj7RUo1wQ3oitsXcG R8t3oWmt9T4CnwkXmaop0goN5H/djXp3YYwvGv4oz1B00vRzwXWqmrhDvC+W4bXXGoPB inewnlRapOfrizokA19Z/dGhA5scNKpRNp4doIxT72lRpYgEw6tFYKZABEq7K+VDn83U A+iA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:subject :from:references:cc:to:content-language:user-agent:mime-version:date :message-id; bh=HBrTTNG07EVFBjJWATMYMltM5NnZU+kJd0t01oO8fy0=; b=L/JwsF0DTlYqoEWnASvt1cbmofYnuDl+D2DjQ9QVzvF6zS3lONuViR0YbNTATtyVHq Z6Nd1lRw8PGvAOE076TdmqXmnpBAsB0xeL5eFiLkfiafp7vJ79kC/fTVlYgsjm8cB3CD bfgPZeiqS2rN7upjnUpdMudG1Qw0dIWRMmf4xx2kxFQ5Pi2iL6yiDWjKd0892a9zt29U 3IRUqMMgIJ6a3LVEIyTOXsAHnRulVP9KwgPQT9+jGqdUx8FzHufhWRMWlNliRhs0okrg LsGt/R3ONUiKu4TUl9CqWwumDq1JWizXaa3tjJqTBGeUqEFGhyUKYFKjRauQS6AkNGXu 2hpQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v23-20020a056808005700b00339e86089b6si15471275oic.152.2022.07.20.09.40.50; Wed, 20 Jul 2022 09:41:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230491AbiGTQId (ORCPT + 99 others); Wed, 20 Jul 2022 12:08:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40946 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229469AbiGTQIb (ORCPT ); Wed, 20 Jul 2022 12:08:31 -0400 Received: from vps-vb.mhejs.net (vps-vb.mhejs.net [37.28.154.113]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 191F33FA28; Wed, 20 Jul 2022 09:08:26 -0700 (PDT) Received: from MUA by vps-vb.mhejs.net with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1oECEy-0003q2-KT; Wed, 20 Jul 2022 18:08:00 +0200 Message-ID: Date: Wed, 20 Jul 2022 18:07:52 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0 Content-Language: en-US To: Maxim Levitsky Cc: Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini , Sean Christopherson References: <4caa0f67589ae3c22c311ee0e6139496902f2edc.1658159083.git.maciej.szmigiero@oracle.com> <7458497a8694ba0fbabee28eabf557e6e4406fbe.camel@redhat.com> From: "Maciej S. Szmigiero" Subject: Re: [PATCH] KVM: nSVM: Pull CS.Base from actual VMCB12 for soft int/ex re-injection In-Reply-To: <7458497a8694ba0fbabee28eabf557e6e4406fbe.camel@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 20.07.2022 10:43, Maxim Levitsky wrote: > On Mon, 2022-07-18 at 17:47 +0200, Maciej S. Szmigiero wrote: >> From: "Maciej S. Szmigiero" >> >> enter_svm_guest_mode() first calls nested_vmcb02_prepare_control() to copy >> control fields from VMCB12 to the current VMCB, then >> nested_vmcb02_prepare_save() to perform a similar copy of the save area. >> >> This means that nested_vmcb02_prepare_control() still runs with the >> previous save area values in the current VMCB so it shouldn't take the L2 >> guest CS.Base from this area. >> >> Explicitly pull CS.Base from the actual VMCB12 instead in >> enter_svm_guest_mode(). >> >> Granted, having a non-zero CS.Base is a very rare thing (and even >> impossible in 64-bit mode), having it change between nested VMRUNs is >> probably even rarer, but if it happens it would create a really subtle bug >> so it's better to fix it upfront. >> >> Fixes: 6ef88d6e36c2 ("KVM: SVM: Re-inject INT3/INTO instead of retrying the instruction") >> Signed-off-by: Maciej S. Szmigiero >> --- >>  arch/x86/kvm/svm/nested.c | 9 +++++---- >>  1 file changed, 5 insertions(+), 4 deletions(-) >> >> diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c >> index adf4120b05d90..23252ab821941 100644 >> --- a/arch/x86/kvm/svm/nested.c >> +++ b/arch/x86/kvm/svm/nested.c >> @@ -639,7 +639,8 @@ static bool is_evtinj_nmi(u32 evtinj) >>  } >> >>  static void nested_vmcb02_prepare_control(struct vcpu_svm *svm, >> -                                         unsigned long vmcb12_rip) >> +                                         unsigned long vmcb12_rip, >> +                                         unsigned long vmcb12_csbase) > > Honestly I don't like that nested_vmcb02_prepare_control starts to grow its parameter list, > because it kind of defeats the purpose of vmcb12 cache we added back then. > > I think that it is better to add csbase/rip to vmcb_save_area_cached, > but I am not 100% sure. What do you think? This function has only 3 parameters now, so they fit well into registers without taking any extra memory (even assuming it won't get inlined). If in the future more parameters need to be added to this function (which may or may not happen) then they all can be moved to, for example, vmcb_ctrl_area_cached. > Best regards, > Maxim Levitsky > > Thanks, Maciej