Received: by 2002:ac0:da4c:0:0:0:0:0 with SMTP id a12csp1127692imi; Fri, 22 Jul 2022 18:16:55 -0700 (PDT) X-Google-Smtp-Source: AGRyM1voNMR2vHWClwx5ySOsoE+FRJB1ULNmaZifYmDQJQwwjttdvGuzzfL5iibhG2VuSLqJ8N6j X-Received: by 2002:a17:906:8a71:b0:72b:11d6:29fc with SMTP id hy17-20020a1709068a7100b0072b11d629fcmr1856484ejc.494.1658539015640; Fri, 22 Jul 2022 18:16:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658539015; cv=none; d=google.com; s=arc-20160816; b=QeDZum5NDP3vmtLc2lAlq8ks+xYB79XMZrwlWTiTo0Zm9uMkpqc3BISh3VWR/pQK97 MidUm1M64BuCvciLl3qADaguxCl+8jnJa6PPjv1aNH2XUc2IJSPFkMPHj13ydccKPcoQ vgB7Z1l4YxCOIbKXpGmXobMetW23S1+lQSd+q5n8gsbJuoB97UtHulQf9gDBQ03KxHMH bps2ta3xlgfar1ld50BXLsaI8BODn/AmhrrwgVw1zc4NZmbgsih374+rATIwfgHk7xu+ wxSMNlJi9ba5vAUVBXxLAW4ZM+K9JZjO0DbR8b1cYOkzt2GxksAI1kGjd530Z4QyK1iE y9bg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:references:mime-version :message-id:in-reply-to:date:reply-to:dkim-signature; bh=CRV49EpunAiwzO7EUQf5uuxbCrNu29jLzCse2H7RuXc=; b=eoLoC9ifvKF/x+sc2QdzmlVO/YkFG5raiMq8eGtlz3J5FKhTcJz5tsarMWMXZSrBDE McwIQPhMo5mo0Jn2Rjm4TkariYk9hLOyKoVSNBI+jna4xKqhmEEN4atSWXtrhg20C9Ha K77vr3M/Wkfd0qaA7UwoMd3FM79atoRFxrP0ZsbOmjEiEQ4sEit9b5HO9OULxdfQwf17 qyOzQV8S4+C9C3qwbDw0abneJ//eiJPiqAAQ6s5JxcoK+YfUquw+zDxuAIsoW34b15sY 3mULkGAp6kfrQ/J8nuni6Qbot6ivYM9JyvW1UNIcBAw7LP2+VN6HUj4XWyNh+CMLsvuY ltsQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=c4OhMoRd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o11-20020a056402038b00b0043bbb2e5d3fsi4110379edv.343.2022.07.22.18.16.29; Fri, 22 Jul 2022 18:16:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=c4OhMoRd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236506AbiGWAwE (ORCPT + 99 others); Fri, 22 Jul 2022 20:52:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57568 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236514AbiGWAv5 (ORCPT ); Fri, 22 Jul 2022 20:51:57 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C5D528AEE8 for ; Fri, 22 Jul 2022 17:51:52 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id n192-20020a2540c9000000b0066fca45513eso4806144yba.0 for ; Fri, 22 Jul 2022 17:51:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=CRV49EpunAiwzO7EUQf5uuxbCrNu29jLzCse2H7RuXc=; b=c4OhMoRdJJpj8Re9fEOkPZtmzB/dBJ4KFgrGtN3LWRpkWFBvNcpeCZBSL4aAWcYCki Qb6HSQ6WlUba6RIm/3e1UASfPJC/8qojnfgyNJP9KmikUVumKKNenZr/WzD9hCcaz37+ gQzL0XjuNZh0gdojlMcl4VoDcQvE9bM99Zaxckc9m3aUQitP6RQ+veZOltTqHhZU+7zb tOZD3DgnOzvc9He0UpgCBz91rH0vkzt1WOOMHstLoRkCsfEdre8wXI13KPJJCYxYTHFD rtj2qjZSAmxccJJ3hruDF5+KTBhvT8mkXb3Ymr+DUJ2ZOonaMlnlqvtl47uZXs6boHAd +Vbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=CRV49EpunAiwzO7EUQf5uuxbCrNu29jLzCse2H7RuXc=; b=C7bURou7YcG8qkW2IpYOaCM5sH5pkVEtUIAXTfvJcTCTUFx1JimJkbV6OYqPvneU6O D1zLatwPiirpAdfFqzwGrdlq1i8kv+meDSA84/ChMi7AYnDEWSBgcH0AvtD43KxGUa+G vZOk9RhsGKrCZvKsACfzYMzFePL4iHEqy7J+PNBlAHa6hh0rRtD2HSmV6Ni9egntTV6D ZASfRAAsngsQ3R9EDO/DW6OShMqjihQSIOBgX/eTDsa7ntXLgHSO17nXqPL4YqjxHJgr Ms/2n7i6PbtqtwUpsYC3daubBSTswt7RvuEaV6V5eG78KWcdMC1qW5I7aLSiZvdKy9iG kDTQ== X-Gm-Message-State: AJIora83W3kcu2d+XH5xyLw7CjD02F6pg9y6xNY1nvoL2gJ0vuSvq7Vo bti4l+J9Hq7Xsr3qYt3y+b3t10CIz3M= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a0d:d909:0:b0:31e:6adb:95f4 with SMTP id b9-20020a0dd909000000b0031e6adb95f4mr2072072ywe.355.1658537511856; Fri, 22 Jul 2022 17:51:51 -0700 (PDT) Reply-To: Sean Christopherson Date: Sat, 23 Jul 2022 00:51:19 +0000 In-Reply-To: <20220723005137.1649592-1-seanjc@google.com> Message-Id: <20220723005137.1649592-7-seanjc@google.com> Mime-Version: 1.0 References: <20220723005137.1649592-1-seanjc@google.com> X-Mailer: git-send-email 2.37.1.359.gd136c6c3e2-goog Subject: [PATCH v4 06/24] KVM: x86: Treat #DBs from the emulator as fault-like (code and DR7.GD=1) From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Jim Mattson , Maxim Levitsky , Oliver Upton , Peter Shier Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add a dedicated "exception type" for #DBs, as #DBs can be fault-like or trap-like depending the sub-type of #DB, and effectively defer the decision of what to do with the #DB to the caller. For the emulator's two calls to exception_type(), treat the #DB as fault-like, as the emulator handles only code breakpoint and general detect #DBs, both of which are fault-like. For event injection, which uses exception_type() to determine whether to set EFLAGS.RF=1 on the stack, keep the current behavior of not setting RF=1 for #DBs. Intel and AMD explicitly state RF isn't set on code #DBs, so exempting by failing the "== EXCPT_FAULT" check is correct. The only other fault-like #DB is General Detect, and despite Intel and AMD both strongly implying (through omission) that General Detect #DBs should set RF=1, hardware (multiple generations of both Intel and AMD), in fact does not. Through insider knowledge, extreme foresight, sheer dumb luck, or some combination thereof, KVM correctly handled RF for General Detect #DBs. Fixes: 38827dbd3fb8 ("KVM: x86: Do not update EFLAGS on faulting emulation") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Reviewed-by: Maxim Levitsky --- arch/x86/kvm/x86.c | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 566f9512b4a3..68fb6393c96f 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -529,6 +529,7 @@ static int exception_class(int vector) #define EXCPT_TRAP 1 #define EXCPT_ABORT 2 #define EXCPT_INTERRUPT 3 +#define EXCPT_DB 4 static int exception_type(int vector) { @@ -539,8 +540,14 @@ static int exception_type(int vector) mask = 1 << vector; - /* #DB is trap, as instruction watchpoints are handled elsewhere */ - if (mask & ((1 << DB_VECTOR) | (1 << BP_VECTOR) | (1 << OF_VECTOR))) + /* + * #DBs can be trap-like or fault-like, the caller must check other CPU + * state, e.g. DR6, to determine whether a #DB is a trap or fault. + */ + if (mask & (1 << DB_VECTOR)) + return EXCPT_DB; + + if (mask & ((1 << BP_VECTOR) | (1 << OF_VECTOR))) return EXCPT_TRAP; if (mask & ((1 << DF_VECTOR) | (1 << MC_VECTOR))) @@ -8791,6 +8798,12 @@ int x86_emulate_instruction(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, unsigned long rflags = static_call(kvm_x86_get_rflags)(vcpu); toggle_interruptibility(vcpu, ctxt->interruptibility); vcpu->arch.emulate_regs_need_sync_to_vcpu = false; + + /* + * Note, EXCPT_DB is assumed to be fault-like as the emulator + * only supports code breakpoints and general detect #DB, both + * of which are fault-like. + */ if (!ctxt->have_exception || exception_type(ctxt->exception.vector) == EXCPT_TRAP) { kvm_pmu_trigger_event(vcpu, PERF_COUNT_HW_INSTRUCTIONS); @@ -9714,6 +9727,16 @@ static int inject_pending_event(struct kvm_vcpu *vcpu, bool *req_immediate_exit) /* try to inject new event if pending */ if (vcpu->arch.exception.pending) { + /* + * Fault-class exceptions, except #DBs, set RF=1 in the RFLAGS + * value pushed on the stack. Trap-like exception and all #DBs + * leave RF as-is (KVM follows Intel's behavior in this regard; + * AMD states that code breakpoint #DBs excplitly clear RF=0). + * + * Note, most versions of Intel's SDM and AMD's APM incorrectly + * describe the behavior of General Detect #DBs, which are + * fault-like. They do _not_ set RF, a la code breakpoints. + */ if (exception_type(vcpu->arch.exception.nr) == EXCPT_FAULT) __kvm_set_rflags(vcpu, kvm_get_rflags(vcpu) | X86_EFLAGS_RF); -- 2.37.1.359.gd136c6c3e2-goog