Received: by 2002:a05:6359:322:b0:b3:69d0:12d8 with SMTP id ef34csp99223rwb; Wed, 10 Aug 2022 05:34:15 -0700 (PDT) X-Google-Smtp-Source: AA6agR4e9bAmNz2CwILmSs8dwJpHvInyIQ2J3hFlBeNWyPbuocOUqyziBMM9qRpNizr5o2E13ojs X-Received: by 2002:a17:907:7292:b0:733:1965:3176 with SMTP id dt18-20020a170907729200b0073319653176mr714792ejc.318.1660134855341; Wed, 10 Aug 2022 05:34:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660134855; cv=none; d=google.com; s=arc-20160816; b=ipwR6uLTknWQ/QDiRedhq7UbG9MneeM3aDYwy7HiIAhrUPfLocWtE/kEYnBOAx8JHD ohGcEaco40LtkZP3uMauiTLKxcijWCdb8mHq7gSsoJZxiijhhQrZetccJvmlyY9QOqcI JzWKKMk0u7nocJh7QjxJggha0ZzzxLe3D2ISQRiBVo1uNP7aBaputFRcOJZhjI4gmDj6 v9n5VjCZodoG90mj6w6H4873cIzRjPZgN9YyhLehiDCHJnw68RQ4/YGnJrdR2zDRkkSE Gw1rk3dq8QJV3+HXJifGMJL8EmHAsjKkqn5KDEMgVF38perXz38EtivSG0KVcG6ILePJ dVeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id; bh=QM79WN1m1+7BtPpcOGiJ5OJgrn2fskOZJG/s2+b21bc=; b=u24fCSUNJzYmKFl3C06gh+59bhD4cXFOT/TlfkkBSHPlHRcDhFQwsIhLsqgmLzeqcA 2s+ToijEQ3DR9LGbD6ZtjZf0aBACbupqVaQRRvDBEJ2kW+aweCW1bxCtrSDO36KpZeTC w8aEFNPyR9A6i95y3JxFqMKIGN/57VFrZky/O0x8qPsVpdQnQcO7NaawFxyByIzQ6aCZ qCJkCLf36E0L82A+phZeZdDrGsAm6j8Bodqs6dctOzYDzVzmU7Ue7Kwj2Fg/9qUqYGkv fJnpEND1Dhu4jQt9CeBjqH+PePt+sILPfA5Ug2O2LEG6bnAm/jzeB6FXM5fIwAdO2gSn WJog== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g20-20020a50d5d4000000b0043c77b9ca58si11069642edj.82.2022.08.10.05.33.49; Wed, 10 Aug 2022 05:34:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232138AbiHJMGs (ORCPT + 99 others); Wed, 10 Aug 2022 08:06:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36928 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232135AbiHJMGr (ORCPT ); Wed, 10 Aug 2022 08:06:47 -0400 X-Greylist: delayed 376 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Wed, 10 Aug 2022 05:06:44 PDT Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D508D13D59; Wed, 10 Aug 2022 05:06:44 -0700 (PDT) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 19E5A43DAD; Wed, 10 Aug 2022 14:00:26 +0200 (CEST) Message-ID: <96e0749a-6036-c728-d224-b812caadcd1b@proxmox.com> Date: Wed, 10 Aug 2022 14:00:23 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:104.0) Gecko/20100101 Thunderbird/104.0 Subject: Re: [PATCH v3 00/13] SMM emulation and interrupt shadow fixes Content-Language: en-GB To: Maxim Levitsky , kvm@vger.kernel.org Cc: Borislav Petkov , Dave Hansen , linux-kernel@vger.kernel.org, Wanpeng Li , Ingo Molnar , Sean Christopherson , x86@kernel.org, Jim Mattson , Kees Cook , Thomas Gleixner , "H. Peter Anvin" , Joerg Roedel , Vitaly Kuznetsov , Paolo Bonzini References: <20220803155011.43721-1-mlevitsk@redhat.com> From: Thomas Lamprecht In-Reply-To: <20220803155011.43721-1-mlevitsk@redhat.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 03/08/2022 17:49, Maxim Levitsky wrote: > This patch series is a result of long debug work to find out why > sometimes guests with win11 secure boot > were failing during boot. > > During writing a unit test I found another bug, turns out > that on rsm emulation, if the rsm instruction was done in real > or 32 bit mode, KVM would truncate the restored RIP to 32 bit. > > I also refactored the way we write SMRAM so it is easier > now to understand what is going on. > > The main bug in this series which I fixed is that we > allowed #SMI to happen during the STI interrupt shadow, > and we did nothing to both reset it on #SMI handler > entry and restore it on RSM. > > V3: addressed most of the review feedback from Sean (thanks!) > > Best regards, > Maxim Levitsky > > Maxim Levitsky (13): > bug: introduce ASSERT_STRUCT_OFFSET > KVM: x86: emulator: em_sysexit should update ctxt->mode > KVM: x86: emulator: introduce emulator_recalc_and_set_mode > KVM: x86: emulator: update the emulation mode after rsm > KVM: x86: emulator: update the emulation mode after CR0 write > KVM: x86: emulator/smm: number of GPRs in the SMRAM image depends on > the image format > KVM: x86: emulator/smm: add structs for KVM's smram layout > KVM: x86: emulator/smm: use smram structs in the common code > KVM: x86: emulator/smm: use smram struct for 32 bit smram load/restore > KVM: x86: emulator/smm: use smram struct for 64 bit smram load/restore > KVM: x86: SVM: use smram structs > KVM: x86: SVM: don't save SVM state to SMRAM when VM is not long mode > capable > KVM: x86: emulator/smm: preserve interrupt shadow in SMRAM > > arch/x86/include/asm/kvm_host.h | 11 +- > arch/x86/kvm/emulate.c | 305 +++++++++++++++++--------------- > arch/x86/kvm/kvm_emulate.h | 223 ++++++++++++++++++++++- > arch/x86/kvm/svm/svm.c | 30 ++-- > arch/x86/kvm/vmx/vmcs12.h | 5 +- > arch/x86/kvm/vmx/vmx.c | 4 +- > arch/x86/kvm/x86.c | 175 +++++++++--------- > include/linux/build_bug.h | 9 + > 8 files changed, 497 insertions(+), 265 deletions(-) > FWIW, we tested the v2 on 5.19 and backported it to 5.15 with minimal adaption required (mostly unrelated context change) and now also updated that backport to the v3 of this patch series. Our reproducer got fixed with either, but v3 now also avoids triggering logs like: Jul 29 04:59:18 mits4 QEMU[2775]: kvm: Could not update PFLASH: Stale file handle Jul 29 04:59:18 mits4 QEMU[2775]: kvm: Could not update PFLASH: Stale file handle Jul 29 07:15:46 mits4 kernel: kvm: vcpu 1: requested 191999 ns lapic timer period limited to 200000 ns Jul 29 11:06:31 mits4 kernel: kvm: vcpu 1: requested 105786 ns lapic timer period limited to 200000 ns which happened earlier (not sure how deep that correlates with the v2 vs. v3, but it stuck out, so mentioning for sake of completeness). For the backport to 5.15 we skipped "KVM: x86: emulator/smm: number of GPRs in the SMRAM image depends on the image format", as that constant was there yet and the actual values stayed the same for our case FWICT and adapted to slight context changes for the others. So, the approach seems to fix our issue and we are already rolling out a kernel to users for testing and got positive feedback there too. With above in mind: Tested-by: Thomas Lamprecht It would be also great to see this backported to still supported upstream stable kernels from 5.15 onwards, as there the TDP MMU got by default enabled, and that is at least increasing the chance of our reproducer to trigger dramatically. thx & cheers Thomas