Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp3451777rwb; Fri, 30 Sep 2022 03:56:56 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5/e1cRTMC05M9UuvgR3Do7i4XdfE/R3jP2qUk8XoR6lwRsV12giVtQeFpLxxJB5419PSLK X-Received: by 2002:a05:6a00:15c4:b0:54a:13f1:1118 with SMTP id o4-20020a056a0015c400b0054a13f11118mr8704937pfu.52.1664535416603; Fri, 30 Sep 2022 03:56:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664535416; cv=none; d=google.com; s=arc-20160816; b=eq2Y7d7M8CTbY29v9D433avTf0LPFoNMfkCB4HMDClyDCnVux98znf3wliLUm8cLj6 jWFG0owulEQI3fGLqJIO8lfWFA4DvsMmj7mR2wpXTiOx6DCwRbq3iSQsE91B/o+aFlY9 IVN6OfzJnizIBo1Ga9XdC/X35/7i6bOzxO/WmjB5Z21CEn/b7I76gPxFOSTyQq2Mfy5n 8w2VvKQhaiiN7zWZKBE2ZNmfIbKhgOsc+6w+xC1b7WUHiv+F4I2DlBraPzhlOjECJRoc a02BsBd+ktdabgk5cBgeUl4y0akcjYj/TP1FfQD4L24CdGn2IfHvLzc7No5XcdylwarB Zt7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=7n1oeP+bz031dFey7nCRS8tBnE4m22Wb5M/r83itdbM=; b=EXS5h7ii4r9lxTZDVt45BhHwAWGlgf2myt1qevCZqrexxXgz58d0VDCTXsXDc4gxr2 Os2qkmjpxSVfcaFlM540zHQvV/MEfWOvYCUBAzHXdLLuq7F0CVGC67Mr+7gG2kcLHFLe 2l8N3i4y/p4+ZBtU4Q4loibOy69WNJiLdykTBKyfuD/ES22h9nq6XEy6ySz73r/OY5a3 lteVVfWbLfYj2pWRM7K618zLIiURpm+LIW9zKznZW/S0VdGZluJ2ZoUNOZ0VFUHqCKu3 rZW4sT8qPcz/rjpgrBL0NBoOX88nJRtfTNRnoiJPYzxuh60R8F6icM36LtNSG1s0WrKw WRaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=JoiqR4mk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j18-20020a170902da9200b0016da8773b7bsi1305819plx.503.2022.09.30.03.56.45; Fri, 30 Sep 2022 03:56:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=JoiqR4mk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232471AbiI3KZJ (ORCPT + 99 others); Fri, 30 Sep 2022 06:25:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35210 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231721AbiI3KTk (ORCPT ); Fri, 30 Sep 2022 06:19:40 -0400 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DF2DA15348B; Fri, 30 Sep 2022 03:19:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1664533150; x=1696069150; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=qkZramoz10/5E5ufIDgmW7yfcrdAsX2nd+p6+wTO/Y4=; b=JoiqR4mkibpXhNhILaDRLQQp2BV35ZUJ5Fbv0EM2A5NrigmMQX+SPPWg FDZzSxTwM9MT9/ABxEWNKy1UJzVzmbyKC39rrbHIQ+TkjMTOFQREgFziw zyOheZag27mk3rkZTtriwYh68DRttcpgmHQyYgkmxmv1Khjh+mpLRkzF8 AdRktMQghRKaFuEI8SvwzodplGkQvXTMv8/SHU/luTxeiYU7pYptr69ob bGxW151VsfPlwkoIMre+58eBDdFzBPhV60g6m57PsKWASTi7DImOXiw+n eq+Vj/OOYIcVeUWwV9LUKwKtPtaAeG+7kEapEc35vvejzOnb32HX+kKJ3 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10485"; a="289320479" X-IronPort-AV: E=Sophos;i="5.93,358,1654585200"; d="scan'208";a="289320479" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Sep 2022 03:19:04 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10485"; a="726807743" X-IronPort-AV: E=Sophos;i="5.93,358,1654585200"; d="scan'208";a="726807743" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Sep 2022 03:19:03 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , Xiaoyao Li , Sean Christopherson , Chao Gao Subject: [PATCH v9 074/105] KVM: x86: Add a switch_db_regs flag to handle TDX's auto-switched behavior Date: Fri, 30 Sep 2022 03:18:08 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Isaku Yamahata Add a flag, KVM_DEBUGREG_AUTO_SWITCHED_GUEST, to skip saving/restoring DRs irrespective of any other flags. TDX-SEAM unconditionally saves and restores guest DRs and reset to architectural INIT state on TD exit. So, KVM needs to save host DRs before TD enter without restoring guest DRs and restore host DRs after TD exit. Opportunistically convert the KVM_DEBUGREG_* definitions to use BIT(). Reported-by: Xiaoyao Li Signed-off-by: Sean Christopherson Co-developed-by: Chao Gao Signed-off-by: Chao Gao Signed-off-by: Isaku Yamahata --- arch/x86/include/asm/kvm_host.h | 9 +++++++-- arch/x86/kvm/vmx/tdx.c | 1 + arch/x86/kvm/x86.c | 11 ++++++++--- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index e772798684ae..e29a93973ad8 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -584,8 +584,13 @@ struct kvm_pmu { struct kvm_pmu_ops; enum { - KVM_DEBUGREG_BP_ENABLED = 1, - KVM_DEBUGREG_WONT_EXIT = 2, + KVM_DEBUGREG_BP_ENABLED = BIT(0), + KVM_DEBUGREG_WONT_EXIT = BIT(1), + /* + * Guest debug registers are saved/restored by hardware on exit from + * or enter guest. KVM needn't switch them. + */ + KVM_DEBUGREG_AUTO_SWITCH = BIT(2), }; struct kvm_mtrr_range { diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 51de41fbe098..78322bd6037e 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -421,6 +421,7 @@ int tdx_vcpu_create(struct kvm_vcpu *vcpu) vcpu->arch.efer = EFER_SCE | EFER_LME | EFER_LMA | EFER_NX; + vcpu->arch.switch_db_regs = KVM_DEBUGREG_AUTO_SWITCH; vcpu->arch.cr0_guest_owned_bits = -1ul; vcpu->arch.cr4_guest_owned_bits = -1ul; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 8160f51bbb92..fda72bef6c90 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10540,7 +10540,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) if (vcpu->arch.guest_fpu.xfd_err) wrmsrl(MSR_IA32_XFD_ERR, vcpu->arch.guest_fpu.xfd_err); - if (unlikely(vcpu->arch.switch_db_regs)) { + if (unlikely(vcpu->arch.switch_db_regs & ~KVM_DEBUGREG_AUTO_SWITCH)) { set_debugreg(0, 7); set_debugreg(vcpu->arch.eff_db[0], 0); set_debugreg(vcpu->arch.eff_db[1], 1); @@ -10583,6 +10583,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) */ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)) { WARN_ON(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP); + WARN_ON(vcpu->arch.switch_db_regs & KVM_DEBUGREG_AUTO_SWITCH); static_call(kvm_x86_sync_dirty_debug_regs)(vcpu); kvm_update_dr0123(vcpu); kvm_update_dr7(vcpu); @@ -10595,8 +10596,12 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) * care about the messed up debug address registers. But if * we have some of them active, restore the old state. */ - if (hw_breakpoint_active()) - hw_breakpoint_restore(); + if (hw_breakpoint_active()) { + if (!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_AUTO_SWITCH)) + hw_breakpoint_restore(); + else + set_debugreg(__this_cpu_read(cpu_dr7), 7); + } vcpu->arch.last_vmentry_cpu = vcpu->cpu; vcpu->arch.last_guest_tsc = kvm_read_l1_tsc(vcpu, rdtsc()); -- 2.25.1