Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp895753rdh; Fri, 24 Nov 2023 00:02:20 -0800 (PST) X-Google-Smtp-Source: AGHT+IFAe0v267qKlMJGKmOE3cBB6M/dHVysn2UxB0nTJTIZdki8WheiUijiAjQPCWWuVC0IRZkx X-Received: by 2002:a17:90b:3907:b0:26b:4a9e:3c7e with SMTP id ob7-20020a17090b390700b0026b4a9e3c7emr2336187pjb.4.1700812940099; Fri, 24 Nov 2023 00:02:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700812940; cv=none; d=google.com; s=arc-20160816; b=EXo9u1MGgTVqVKz9ioYQFJ62n+gjELqO/PgOxX7KUY6titfQqjljhjDkNOs4bhwy7B uAkBAjtl4OU7QbF5NDQBI3dLZap/G1UpBwEvxqIL+CCVHCR5p5r+8Z7qN+/Yhegk3fBP MEEE+sjkuq7sevjcd8IV9h66XneUXAiWqDC4P6fq79QMCgiSv6in0vpyxEhx4Sugq4vf cmlYe8+qc6K5KiotfU0Cqv+CrJcJ4eyyoJX0OoemVNdH7EeMdoBkoXkMVu/YndCSF3AW fRL0puqH1xYq6XoQHEJnGttLBEdLvT4xDrGI0UVncddA89/gUK5jiR/AyauJPBAXm92e vlDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=oATWuqZfaoQasNlX/+LxRJXKogmfQ7JNjIPWZP7VUQk=; fh=uy0EBGgYIm8+MgsxUvKHUXUo3s9z4H9hdLwRv8YoeJU=; b=BGSJh2rJmfeZF8wqIEiYKFWhdXA3m3roeaXp1uJfHBMpIKOVCglYJtaTHHPKUMWQEn ZK+ZXgHvrIXIF9SS+BFZshfNKRt1Jbq0M1G22ekWcigOk+zEwSISX8pBZeyiy850eZjW bwCPEOkn6axLSamK3yW4d3yqE97BhbGmhdnhMiRqJDlEqsh7SUxE7vzxwg7MvMXUxcTa X4zv34GY4yOBTUeOdRJMEfOiBhFO0FQogfouttcAI2lUJsx9F72V0/n0QXodc0epaLUO 7IZMlsHU/k+Rjd8Vj63saQ6ifXYgrPsTDrhMR1DRg19M3WwfSl126byJov5HiyazJ81t tSlQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=WM6mOB4F; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id ck19-20020a17090afe1300b00276b35bc424si3003746pjb.26.2023.11.24.00.02.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Nov 2023 00:02:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=WM6mOB4F; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 3C794808EF42; Fri, 24 Nov 2023 00:02:01 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345274AbjKXIAg (ORCPT + 99 others); Fri, 24 Nov 2023 03:00:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59178 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235206AbjKXH6m (ORCPT ); Fri, 24 Nov 2023 02:58:42 -0500 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 314A710F5; Thu, 23 Nov 2023 23:58:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1700812729; x=1732348729; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tGGe9HesOYY7ph95a2MeWYdCMfXcHc5B1OvAMO395wQ=; b=WM6mOB4FSQf89uxkF7Kl9IkfNTb5YSJWVFOXdDay8b9d8aZ0p7+b1A1Q 53NNtK3TXsk4LvuvxFsUUgYWmjOU9zEL8NBEjqvrLxyR4p8lwpCAMBAPU +MUYCtXisSv4wkPNpWM4tbnZpQ+HLnVBVxlL2GLUULpjeEBzSs/kED94Y NpT80mm2aWzfM8utG/IWl81NBMmtUFa+9YrsyGcvBCf4dtbe68kHWvdi5 epIITCWbuzfE7srPH4b6cZK9tPC1vhJ4QTaPQeXmXBINArqdAcumteebl c/6VlFSTrEv1hnox1ayfOleXZXrwS0k+8xaua26/j5omUHTnTng7q791j w==; X-IronPort-AV: E=McAfee;i="6600,9927,10902"; a="458872392" X-IronPort-AV: E=Sophos;i="6.04,223,1695711600"; d="scan'208";a="458872392" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Nov 2023 23:58:43 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10902"; a="833629856" X-IronPort-AV: E=Sophos;i="6.04,223,1695711600"; d="scan'208";a="833629856" Received: from unknown (HELO embargo.jf.intel.com) ([10.165.9.183]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Nov 2023 23:58:42 -0800 From: Yang Weijiang To: seanjc@google.com, pbonzini@redhat.com, dave.hansen@intel.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: peterz@infradead.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, mlevitsk@redhat.com, john.allen@amd.com, weijiang.yang@intel.com Subject: [PATCH v7 21/26] KVM: x86: Save and reload SSP to/from SMRAM Date: Fri, 24 Nov 2023 00:53:25 -0500 Message-Id: <20231124055330.138870-22-weijiang.yang@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20231124055330.138870-1-weijiang.yang@intel.com> References: <20231124055330.138870-1-weijiang.yang@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Fri, 24 Nov 2023 00:02:01 -0800 (PST) Save CET SSP to SMRAM on SMI and reload it on RSM. KVM emulates HW arch behavior when guest enters/leaves SMM mode,i.e., save registers to SMRAM at the entry of SMM and reload them at the exit to SMM. Per SDM, SSP is one of such registers on 64bit Arch, so add the support for SSP. Suggested-by: Sean Christopherson Signed-off-by: Yang Weijiang --- arch/x86/kvm/smm.c | 8 ++++++++ arch/x86/kvm/smm.h | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/smm.c b/arch/x86/kvm/smm.c index 45c855389ea7..7aac9c54c353 100644 --- a/arch/x86/kvm/smm.c +++ b/arch/x86/kvm/smm.c @@ -275,6 +275,10 @@ static void enter_smm_save_state_64(struct kvm_vcpu *vcpu, enter_smm_save_seg_64(vcpu, &smram->gs, VCPU_SREG_GS); smram->int_shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu); + + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) + KVM_BUG_ON(kvm_msr_read(vcpu, MSR_KVM_SSP, &smram->ssp), + vcpu->kvm); } #endif @@ -564,6 +568,10 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt, static_call(kvm_x86_set_interrupt_shadow)(vcpu, 0); ctxt->interruptibility = (u8)smstate->int_shadow; + if (guest_can_use(vcpu, X86_FEATURE_SHSTK)) + KVM_BUG_ON(kvm_msr_write(vcpu, MSR_KVM_SSP, smstate->ssp), + vcpu->kvm); + return X86EMUL_CONTINUE; } #endif diff --git a/arch/x86/kvm/smm.h b/arch/x86/kvm/smm.h index a1cf2ac5bd78..1e2a3e18207f 100644 --- a/arch/x86/kvm/smm.h +++ b/arch/x86/kvm/smm.h @@ -116,8 +116,8 @@ struct kvm_smram_state_64 { u32 smbase; u32 reserved4[5]; - /* ssp and svm_* fields below are not implemented by KVM */ u64 ssp; + /* svm_* fields below are not implemented by KVM */ u64 svm_guest_pat; u64 svm_host_efer; u64 svm_host_cr4; -- 2.27.0