Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp4422699rdb; Fri, 15 Sep 2023 01:23:34 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG/jScGM1tfR+oZabrLl2OD4GCbCMOgBhZrLSeuAJj6YA0OdzwQqip7B1pOzu8obhjG4oK6 X-Received: by 2002:a17:902:e552:b0:1c4:1392:e4b4 with SMTP id n18-20020a170902e55200b001c41392e4b4mr1435077plf.20.1694766213698; Fri, 15 Sep 2023 01:23:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694766213; cv=none; d=google.com; s=arc-20160816; b=lheEMWy3ArmPmUDn0E0qk4q5cC7/EX1AsyK0DTtDlNTOfJdNEniLoL9Qh3MjO8xTwQ HP86mTxKdTdXX+eDBiScigldOEurRfHg1meojn2+Lg5yDbemjRQ55q8bZuMqayHEmDTJ MpEbBsq0Tzcak8wth7Kpt6l+tFNRBhEJGDPzC/A/UAZ4v2nlh4D4l7eJnlnD+1Bl1Prf EqEV/WIOsM6xH+AQDiiBwDSpFfxdGYzdpf0qLEoYDLXLoXcd9Ykirlllz25xHfpfMmW4 hj+6QKiSsFYSLhgphlVJl51hOXry9GvtpWPa6ApAvbEMwnkkItJT+UYRTmT5Km7GmJps 4qlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LaX4g9w6bHIibhMo4jfzqZMuy6qdFWYH9ItwO86BChU=; fh=jQqUhNQZPAXcZ44u72Wu3jv2pQizzn2Be2T8mkd1RwU=; b=ZLGfZ2Y+ad5af/gvHzMiFaG0As0Bi/oRGTNEht+3g3sVXQayiDM9Nt973bR7o5FrlG /WipI0YLrAvDyAcObVYIpkFmsjIpVK6BA9z6wvBCBBdN1jNyPNoe9v0WVqLPVV6p+UPw TrpymAIv1HecpSHQwEwNLzOyxWbNTiKfjHZ27EMV2D1ASRNoRa/qq4aF/6FdgAkG8/4L eIdpKDkp1QFLiRJ9VbgYo2IEzAQ0oR+KqNtK8P6rjEFjyZ6mo2tLRaDmYat+5nFIxOCi dr9BPlhdoz/NzpJbN1LiRQehJiZy7TB5Q2B4LCL3ZSMf0Is0EzDo90KQU13/zvD3oOTP zgRg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=fJbI0Wz1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id iz11-20020a170902ef8b00b001aff514a8f0si2894405plb.534.2023.09.15.01.23.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 Sep 2023 01:23:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=fJbI0Wz1; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 78B2B8269F0D; Thu, 14 Sep 2023 02:40:43 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237844AbjINJjl (ORCPT + 99 others); Thu, 14 Sep 2023 05:39:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49836 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237446AbjINJia (ORCPT ); Thu, 14 Sep 2023 05:38:30 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B97201FC0; Thu, 14 Sep 2023 02:38:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1694684304; x=1726220304; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Z0ux6e/uG0dkaGdbqkAWPBXX8t5ysVuvO2txMAe3nKQ=; b=fJbI0Wz17iRogtXpnj1IJ+15nQVIs9/iNezsmhKdvKeV/5lyZq15n04I s7/pnWNFUEHfrU6SKwXo4avuFxROW0BG8I2FTDBHFZIzPDbmWZP9eaFHb eMZe8ly6+gBxuNcXOJiJLpHGfCC6lCr0ZDnauaUnrCIOKZpqKgVLXgzWb jYkyU6UEkZz70mZKBOATwzNHSvn8Q8M/WmDFhcB9uVT7sBCbeSfDto5iB To560UoYchTdUbcYK7oNAM64yddj5G7MUOT4gXD+g5srOZTYgoPVUxfib qKqOeIExWM9ndwvl1aHi/oNBpN9OAnaeckWQN4spnVz3Ur5NnjuOBFYFd Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="409857441" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="409857441" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:24 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10832"; a="747656306" X-IronPort-AV: E=Sophos;i="6.02,145,1688454000"; d="scan'208";a="747656306" Received: from embargo.jf.intel.com ([10.165.9.183]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2023 02:38:24 -0700 From: Yang Weijiang To: seanjc@google.com, pbonzini@redhat.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: dave.hansen@intel.com, peterz@infradead.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, weijiang.yang@intel.com, john.allen@amd.com Subject: [PATCH v6 24/25] KVM: nVMX: Introduce new VMX_BASIC bit for event error_code delivery to L1 Date: Thu, 14 Sep 2023 02:33:24 -0400 Message-Id: <20230914063325.85503-25-weijiang.yang@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20230914063325.85503-1-weijiang.yang@intel.com> References: <20230914063325.85503-1-weijiang.yang@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Thu, 14 Sep 2023 02:40:43 -0700 (PDT) X-Spam-Status: No, score=0.2 required=5.0 tests=DATE_IN_PAST_03_06, DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Per SDM description(Vol.3D, Appendix A.1): "If bit 56 is read as 1, software can use VM entry to deliver a hardware exception with or without an error code, regardless of vector" Modify has_error_code check before inject events to nested guest. Only enforce the check when guest is in real mode, the exception is not hard exception and the platform doesn't enumerate bit56 in VMX_BASIC, in all other case ignore the check to make the logic consistent with SDM. Signed-off-by: Yang Weijiang --- arch/x86/kvm/vmx/nested.c | 22 ++++++++++++++-------- arch/x86/kvm/vmx/nested.h | 5 +++++ 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index c5ec0ef51ff7..78a3be394d00 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -1205,9 +1205,9 @@ static int vmx_restore_vmx_basic(struct vcpu_vmx *vmx, u64 data) { const u64 feature_and_reserved = /* feature (except bit 48; see below) */ - BIT_ULL(49) | BIT_ULL(54) | BIT_ULL(55) | + BIT_ULL(49) | BIT_ULL(54) | BIT_ULL(55) | BIT_ULL(56) | /* reserved */ - BIT_ULL(31) | GENMASK_ULL(47, 45) | GENMASK_ULL(63, 56); + BIT_ULL(31) | GENMASK_ULL(47, 45) | GENMASK_ULL(63, 57); u64 vmx_basic = vmcs_config.nested.basic; if (!is_bitwise_subset(vmx_basic, data, feature_and_reserved)) @@ -2846,12 +2846,16 @@ static int nested_check_vm_entry_controls(struct kvm_vcpu *vcpu, CC(intr_type == INTR_TYPE_OTHER_EVENT && vector != 0)) return -EINVAL; - /* VM-entry interruption-info field: deliver error code */ - should_have_error_code = - intr_type == INTR_TYPE_HARD_EXCEPTION && prot_mode && - x86_exception_has_error_code(vector); - if (CC(has_error_code != should_have_error_code)) - return -EINVAL; + if (!prot_mode || intr_type != INTR_TYPE_HARD_EXCEPTION || + !nested_cpu_has_no_hw_errcode_cc(vcpu)) { + /* VM-entry interruption-info field: deliver error code */ + should_have_error_code = + intr_type == INTR_TYPE_HARD_EXCEPTION && + prot_mode && + x86_exception_has_error_code(vector); + if (CC(has_error_code != should_have_error_code)) + return -EINVAL; + } /* VM-entry exception error code */ if (CC(has_error_code && @@ -6968,6 +6972,8 @@ static void nested_vmx_setup_basic(struct nested_vmx_msrs *msrs) if (cpu_has_vmx_basic_inout()) msrs->basic |= VMX_BASIC_INOUT; + if (cpu_has_vmx_basic_no_hw_errcode()) + msrs->basic |= VMX_BASIC_NO_HW_ERROR_CODE_CC; } static void nested_vmx_setup_cr_fixed(struct nested_vmx_msrs *msrs) diff --git a/arch/x86/kvm/vmx/nested.h b/arch/x86/kvm/vmx/nested.h index b4b9d51438c6..26842da6857d 100644 --- a/arch/x86/kvm/vmx/nested.h +++ b/arch/x86/kvm/vmx/nested.h @@ -284,6 +284,11 @@ static inline bool nested_cr4_valid(struct kvm_vcpu *vcpu, unsigned long val) __kvm_is_valid_cr4(vcpu, val); } +static inline bool nested_cpu_has_no_hw_errcode_cc(struct kvm_vcpu *vcpu) +{ + return to_vmx(vcpu)->nested.msrs.basic & VMX_BASIC_NO_HW_ERROR_CODE_CC; +} + /* No difference in the restrictions on guest and host CR4 in VMX operation. */ #define nested_guest_cr4_valid nested_cr4_valid #define nested_host_cr4_valid nested_cr4_valid -- 2.27.0