Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp1863648rwb; Fri, 19 Aug 2022 10:38:37 -0700 (PDT) X-Google-Smtp-Source: AA6agR4AIMZqfVDvvoDSqQX2xJRB6TGVY84wbIStBBVO1kmj7G9MouIeJ7LpDWALqc7cmn0V2NJy X-Received: by 2002:a63:2cc2:0:b0:41c:681d:60d2 with SMTP id s185-20020a632cc2000000b0041c681d60d2mr6889953pgs.502.1660930717137; Fri, 19 Aug 2022 10:38:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660930717; cv=none; d=google.com; s=arc-20160816; b=nTzjRBPwod6+6Ib3znzhVutlcxYmX+f/wzokjN9lvO6enL1ajPjpiOPediEKGZj6Ry kyo1jAZxr7403JLr8Sp4ydLBRB6VBHURp5Ss0mAW+IYcscBj3PYpMduPxPw2en4FQDAB DAMHyyLjLuzhoIVFPabMe0bvKO9mPKR/Yx9IGvkUHPyBP8hQlVQM1vN4ri6NPrV1DMDA 2M4of3CHWE8eMqjulCJezGAUDJTKUMt9SO5dpWT6zjNaT+UTliIHGxudJyV29UKIhKOX f2K1uF4RYvdmMixOfh7bYg2Bvc7zefWxuWrn3i8atwLNTs4M81DkTE0TB6/1LdsY17j7 5O2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=NQOimbOcrNZKHxl0cDM+QTSEsAJEoMhx6bhRBrcI874=; b=ZE+I0Xc9finMA7Jfui3S6uEYJe65CVJgTC/jdKQHVvvQoIXk2UOW4f3WcbUAnlKDHS 9AV926AFjPpZFectABEsGebOatasmqwyJbUbj6zs1lpAJ9owvY2aCOwM0DtBKCwKmE3Q spAAmhkls8TGCW+tovDml1JrdfURcuKj4kNPgaKe/PZRSUVAOZqDmgXLfYb1dtC4akm4 g5QZx/T+5uxCUVHmL5Qx2hjylFhpqEmMU3stppWCoZVzoS+e9EautmscV7KBWRNDEM+R vMTAICxzKyOqpMzwMfLSRPn0XNOQUH8VjIFU6ceWqo34aEqswl0XPwhTLmZ/UAoPPqzU fEOg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=WyteRz5S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g13-20020a17090adb0d00b001f0fb79b75csi4464556pjv.81.2022.08.19.10.38.26; Fri, 19 Aug 2022 10:38:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=WyteRz5S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1350422AbiHSPv7 (ORCPT + 99 others); Fri, 19 Aug 2022 11:51:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50644 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1350511AbiHSPun (ORCPT ); Fri, 19 Aug 2022 11:50:43 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DC8375F22B; Fri, 19 Aug 2022 08:48:23 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4854EB8277D; Fri, 19 Aug 2022 15:48:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id AEBF4C433D6; Fri, 19 Aug 2022 15:48:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1660924100; bh=MrywLzRZvepvLgWbMrScU8mz/BbTMxY7quaYMOQt09s=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WyteRz5SkKWXtDsR6tVcg2n5GZguit8HnjKtJvW2NkdDQnsrMFDUG/iIxbOv+6hIb vIUMuz92lQzSqLwtQJ3d/a0+ikpZwzxtzv608trnOzaS+8jHZKjcys4XoNs2w+yw5a lnPcMJLg0ARUNMkubqumBPcUTg07v/IBs9AVIYNs= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Sean Christopherson , Paolo Bonzini Subject: [PATCH 5.10 015/545] KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case Date: Fri, 19 Aug 2022 17:36:25 +0200 Message-Id: <20220819153829.850639819@linuxfoundation.org> X-Mailer: git-send-email 2.37.2 In-Reply-To: <20220819153829.135562864@linuxfoundation.org> References: <20220819153829.135562864@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sean Christopherson commit 764643a6be07445308e492a528197044c801b3ba upstream. If a nested run isn't pending, snapshot vmcs01.GUEST_IA32_DEBUGCTL irrespective of whether or not VM_ENTRY_LOAD_DEBUG_CONTROLS is set in vmcs12. When restoring nested state, e.g. after migration, without a nested run pending, prepare_vmcs02() will propagate nested.vmcs01_debugctl to vmcs02, i.e. will load garbage/zeros into vmcs02.GUEST_IA32_DEBUGCTL. If userspace restores nested state before MSRs, then loading garbage is a non-issue as loading DEBUGCTL will also update vmcs02. But if usersepace restores MSRs first, then KVM is responsible for propagating L2's value, which is actually thrown into vmcs01, into vmcs02. Restoring L2 MSRs into vmcs01, i.e. loading all MSRs before nested state is all kinds of bizarre and ideally would not be supported. Sadly, some VMMs do exactly that and rely on KVM to make things work. Note, there's still a lurking SMM bug, as propagating vmcs01's DEBUGCTL to vmcs02 across RSM may corrupt L2's DEBUGCTL. But KVM's entire VMX+SMM emulation is flawed as SMI+RSM should not toouch _any_ VMCS when use the "default treatment of SMIs", i.e. when not using an SMI Transfer Monitor. Link: https://lore.kernel.org/all/Yobt1XwOfb5M6Dfa@google.com Fixes: 8fcc4b5923af ("kvm: nVMX: Introduce KVM_CAP_NESTED_STATE") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Message-Id: <20220614215831.3762138-3-seanjc@google.com> Signed-off-by: Paolo Bonzini Signed-off-by: Greg Kroah-Hartman --- arch/x86/kvm/vmx/nested.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -3337,7 +3337,8 @@ enum nvmx_vmentry_status nested_vmx_ente if (likely(!evaluate_pending_interrupts) && kvm_vcpu_apicv_active(vcpu)) evaluate_pending_interrupts |= vmx_has_apicv_interrupt(vcpu); - if (!(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) + if (!vmx->nested.nested_run_pending || + !(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) vmx->nested.vmcs01_debugctl = vmcs_read64(GUEST_IA32_DEBUGCTL); if (kvm_mpx_supported() && (!vmx->nested.nested_run_pending ||