Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp1279087rwl; Fri, 31 Mar 2023 08:59:31 -0700 (PDT) X-Google-Smtp-Source: AKy350Zl+ermXEx82ElX0YMflHsVr8DEjli9b4LYJ4910d998TwyAP+8Ha4PQVgdubI9hTnrn+Ce X-Received: by 2002:a17:903:110c:b0:1a2:1e96:600d with SMTP id n12-20020a170903110c00b001a21e96600dmr6816775plh.2.1680278371522; Fri, 31 Mar 2023 08:59:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680278371; cv=none; d=google.com; s=arc-20160816; b=dal58t6HmqwEdOTe3wVLq06nCs0IUaygaRItGJ/cuaiThJ/Ha1mumftOphLywbX2jy +zLMREnpSozGWEXZvguYKMYVl/pGMNmeTGd+drn1Y1k0XSmAurA7PNBddsIYdqmMWI7v bnScdAv8khKii2ywweu+NYpts3lpVat/nJ0oTGE88hCI4MnbSIIoKq5dk4NZFbDFQkUH HpPGxzVBqaBlT9pO7VWyTDyuIvA7QO2YIiEx1R+5qJQDpVUqBdWxMCj9mIvgVEdfk/fx pElM4d04ymVUyc5BN7PAK2faJ+GxxOFDgDm4qUHZ/i3hsnxY3os04ZvtGU2jw4xDIrY2 f+tQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=0rD3I7pDpzoNaSFC4TdHBq3s3XmiqLHEPo2QS3bW4YQ=; b=EePnBzpSDUdTJ9Q4AqrTS0w8eHmhMA5ab7QzdXYjVCu4SJOvRQFy9srDfbdg49oypO 67pY0ZZFuf4TO40QJ2BFiP7P1+xEFjX9C4f6qZ26s3hWmBa6VGq0Swt1l1iKQ7fMe8R7 aN0Tl3SzhP/OTvdHcTq0VlwUZfkAHqKWIu938q/mDNu+ycz9vuJD6sdyiYq8HZWjLVvc YA1GrOA3NSzwcA+7G6cRfRZTjeUiApB7hG/AMmGxwvVwEAg2IwtpT6V6LD7aKxuNxj4R OJPvaAfOs2/2e6jZmI8YCogDx7jrVsyqKtQ1ZrNQU/1d/TcexwMBjs/Kkfbgkff55RB1 5+ZQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=nZHaTl+2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kh12-20020a170903064c00b0019a96125cd7si2320456plb.332.2023.03.31.08.59.20; Fri, 31 Mar 2023 08:59:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=nZHaTl+2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233080AbjCaP5d (ORCPT + 99 others); Fri, 31 Mar 2023 11:57:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51440 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233036AbjCaP53 (ORCPT ); Fri, 31 Mar 2023 11:57:29 -0400 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 27EB4D51A; Fri, 31 Mar 2023 08:57:19 -0700 (PDT) Received: from zn.tnic (p5de8e687.dip0.t-ipconnect.de [93.232.230.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 2C1F91EC063A; Fri, 31 Mar 2023 17:57:18 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1680278238; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=0rD3I7pDpzoNaSFC4TdHBq3s3XmiqLHEPo2QS3bW4YQ=; b=nZHaTl+2ItWGRQjk4Mi0AMnoMOfozXzlwllzqzhmqYQrDKcl1umRlwGNz90hJxrZOwPiIH edhamtvG6EZeSHa5v/SlFdtMiOwLFI5MH7UKUwjou+THlsPgNPu9UM2LacfWOotC8PVyAb PnyiUejhtkO3TkYtzCYAAhH8NA8Q6Cg= Date: Fri, 31 Mar 2023 17:57:14 +0200 From: Borislav Petkov To: Tianyu Lan Cc: luto@kernel.org, tglx@linutronix.de, mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, seanjc@google.com, pbonzini@redhat.com, jgross@suse.com, tiala@microsoft.com, kirill@shutemov.name, jiangshan.ljs@antgroup.com, peterz@infradead.org, ashish.kalra@amd.com, srutherford@google.com, akpm@linux-foundation.org, anshuman.khandual@arm.com, pawan.kumar.gupta@linux.intel.com, adrian.hunter@intel.com, daniel.sneddon@linux.intel.com, alexander.shishkin@linux.intel.com, sandipan.das@amd.com, ray.huang@amd.com, brijesh.singh@amd.com, michael.roth@amd.com, thomas.lendacky@amd.com, venu.busireddy@oracle.com, sterritt@google.com, tony.luck@intel.com, samitolvanen@google.com, fenghua.yu@intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-arch@vger.kernel.org Subject: Re: [RFC PATCH V3 12/16] x86/sev: Add a #HV exception handler Message-ID: <20230331155714.GCZCcC2pHVZgIHr8k8@fat_crate.local> References: <20230122024607.788454-1-ltykernel@gmail.com> <20230122024607.788454-13-ltykernel@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20230122024607.788454-13-ltykernel@gmail.com> X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Jan 21, 2023 at 09:46:02PM -0500, Tianyu Lan wrote: > From: Tianyu Lan > > Add a #HV exception handler that uses IST stack. > > Signed-off-by: Tianyu Lan > --- > Change since RFC V2: > * Remove unnecessary line in the change log. > --- > arch/x86/entry/entry_64.S | 58 +++++++++++++++++++++++++++ > arch/x86/include/asm/cpu_entry_area.h | 6 +++ > arch/x86/include/asm/idtentry.h | 39 +++++++++++++++++- > arch/x86/include/asm/page_64_types.h | 1 + > arch/x86/include/asm/trapnr.h | 1 + > arch/x86/include/asm/traps.h | 1 + > arch/x86/kernel/cpu/common.c | 1 + > arch/x86/kernel/dumpstack_64.c | 9 ++++- > arch/x86/kernel/idt.c | 1 + > arch/x86/kernel/sev.c | 53 ++++++++++++++++++++++++ > arch/x86/kernel/traps.c | 40 ++++++++++++++++++ > arch/x86/mm/cpu_entry_area.c | 2 + > 12 files changed, 209 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S > index 15739a2c0983..6baec7653f19 100644 > --- a/arch/x86/entry/entry_64.S > +++ b/arch/x86/entry/entry_64.S > @@ -563,6 +563,64 @@ SYM_CODE_START(\asmsym) > .Lfrom_usermode_switch_stack_\@: > idtentry_body user_\cfunc, has_error_code=1 > > +_ASM_NOKPROBE(\asmsym) > +SYM_CODE_END(\asmsym) > +.endm > +/* > + * idtentry_hv - Macro to generate entry stub for #HV > + * @vector: Vector number > + * @asmsym: ASM symbol for the entry point > + * @cfunc: C function to be called > + * > + * The macro emits code to set up the kernel context for #HV. The #HV handler > + * runs on an IST stack and needs to be able to support nested #HV exceptions. > + * > + * To make this work the #HV entry code tries its best to pretend it doesn't use > + * an IST stack by switching to the task stack if coming from user-space (which > + * includes early SYSCALL entry path) or back to the stack in the IRET frame if > + * entered from kernel-mode. > + * > + * If entered from kernel-mode the return stack is validated first, and if it is > + * not safe to use (e.g. because it points to the entry stack) the #HV handler > + * will switch to a fall-back stack (HV2) and call a special handler function. > + * > + * The macro is only used for one vector, but it is planned to be extended in > + * the future for the #HV exception. > + */ > +.macro idtentry_hv vector asmsym cfunc > +SYM_CODE_START(\asmsym) ... why is this so much duplicated code instead of sharing it with idtentry_vc and all the facilities it does? > + UNWIND_HINT_IRET_REGS > + ASM_CLAC > + pushq $-1 /* ORIG_RAX: no syscall to restart */ > + > + testb $3, CS-ORIG_RAX(%rsp) > + jnz .Lfrom_usermode_switch_stack_\@ > + > + call paranoid_entry > + > + UNWIND_HINT_REGS > + > + /* > + * Switch off the IST stack to make it free for nested exceptions. > + */ > + movq %rsp, %rdi /* pt_regs pointer */ > + call hv_switch_off_ist > + movq %rax, %rsp /* Switch to new stack */ > + > + UNWIND_HINT_REGS > + > + /* Update pt_regs */ > + movq ORIG_RAX(%rsp), %rsi /* get error code into 2nd argument*/ > + movq $-1, ORIG_RAX(%rsp) /* no syscall to restart */ > + > + movq %rsp, %rdi /* pt_regs pointer */ > + call kernel_\cfunc > + > + jmp paranoid_exit > + > +.Lfrom_usermode_switch_stack_\@: > + idtentry_body user_\cfunc, has_error_code=1 > + > _ASM_NOKPROBE(\asmsym) > SYM_CODE_END(\asmsym) > .endm > diff --git a/arch/x86/include/asm/cpu_entry_area.h b/arch/x86/include/asm/cpu_entry_area.h > index 462fc34f1317..2186ed601b4a 100644 > --- a/arch/x86/include/asm/cpu_entry_area.h > +++ b/arch/x86/include/asm/cpu_entry_area.h > @@ -30,6 +30,10 @@ > char VC_stack[optional_stack_size]; \ > char VC2_stack_guard[guardsize]; \ > char VC2_stack[optional_stack_size]; \ > + char HV_stack_guard[guardsize]; \ > + char HV_stack[optional_stack_size]; \ > + char HV2_stack_guard[guardsize]; \ > + char HV2_stack[optional_stack_size]; \ > char IST_top_guard[guardsize]; \ > > /* The exception stacks' physical storage. No guard pages required */ > @@ -52,6 +56,8 @@ enum exception_stack_ordering { > ESTACK_MCE, > ESTACK_VC, > ESTACK_VC2, > + ESTACK_HV, > + ESTACK_HV2, > N_EXCEPTION_STACKS Ditto. And so on... Please share code - not duplicate. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette