Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp23419rdb; Thu, 21 Dec 2023 01:26:00 -0800 (PST) X-Google-Smtp-Source: AGHT+IHjnTh4MaVK7X2fJNe20QGEOk1ot/W8euwYt0LX57SMVIVKJiNZip7n6eFpOj6XEPpx9Nu/ X-Received: by 2002:a17:902:b195:b0:1d0:75d8:6ce2 with SMTP id s21-20020a170902b19500b001d075d86ce2mr9583848plr.82.1703150759731; Thu, 21 Dec 2023 01:25:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703150759; cv=none; d=google.com; s=arc-20160816; b=GErSxrWOx1IcjGlUVJ/tOOvgKgkXZYfr4n5owobbSBqHrjKZkrV8aqd/5s01Lj3CHg W7hq6CTYO/zFTdGKKX79JpVnalvKXkBiAu0bGPEZAkG+IbvbO67IYqS+0LQ1H0cN0ycf haOGsJH7E+M9QD3VRNWxdiw+hVnqvurmoCdaSiYRTJjq3rs+HxHikma7C+BYPeHPAEms dCu4QLhf2iTipM01BH5x1Cx/ySbnZ71WJRJ69d47WodLs3KesdZht23QaJ/FKFnE6qO5 8iqY2Qo7KdZEfrhxW3NAwbT90mpPP84ReOxyjJGeWE2Zo4NF7Be0z1YrrIGGMDRSqCFH ITyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=rcWaR+yiGdoTGspD+NvygDz+Rk8ahPn5psAm2Get8vo=; fh=uy0EBGgYIm8+MgsxUvKHUXUo3s9z4H9hdLwRv8YoeJU=; b=BCcUCgUNTS61KtinzOH/k1Ae15vR5hWhrBS//PgO/L+973OTzCxdVRnLSDBUAjGK8F QfUsx4QzfHF2SlUmok91YegXC6zZdcPklO8d/ubheNRlbJOxlPw/hkFn0JixQSndzTxx RdoQQWZXOpcoM6mDloxzIt1HAngKUfAtEMVMREoPJp1CA1O8hSFTxGR66nO//loTzzCY 9OC1CZJi5MiYGZSRrnWuBD2H5oQ2S6WzAuv05JB1vhb1fmfq5gIAlAO73+vy+lDKG7Sf 3nolJtxexdG88mNqWMK+lcw17HMRNLZUfUm8uuyPOm+t6xpNQ2115fCi4n1+OpaVvXow DgPw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=HP4bYwHe; spf=pass (google.com: domain of linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id w5-20020a170902d3c500b001d3c478e1e3si1191541plb.195.2023.12.21.01.25.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Dec 2023 01:25:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=HP4bYwHe; spf=pass (google.com: domain of linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id D7960B25D96 for ; Thu, 21 Dec 2023 09:17:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DEBE45787A; Thu, 21 Dec 2023 09:03:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="HP4bYwHe" X-Original-To: linux-kernel@vger.kernel.org Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8C3C756390; Thu, 21 Dec 2023 09:03:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1703149433; x=1734685433; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ky/X9OZtJn3bDUIMsiZj6Q/CKpBiasfn5wmoF4H7EIQ=; b=HP4bYwHeBsjZ0gFZQPOzJiXiszsrxhfub4hIcBJhAcyyWceq6G399mrf WjSdr0Q1dCj1VcjPsyKNATO7j+BTcQgzjJBFjAl2R30XkW5+5aBMWtUJY I4RGhEtkVlKKLIxJTnpCE8NOgN9TbEefgG80O1AiBDob4+oofRYnrsr+c bDyrRBHHNz4WMbl7OpTCUeLQDOdlf1Wv+UB2/xA2Ex2JEl7jhGHiGPKvp fujF11srDAGUSSYyV6IrHhIeXOhvI1KbLF3IZjS7k46+iS+bUqPUMklFh TmzxNRg1lnIW3dFrk4q2+KmXTlpPRar1aR8YdP85FTr8Y4HU/RfaVeCxZ g==; X-IronPort-AV: E=McAfee;i="6600,9927,10930"; a="398729689" X-IronPort-AV: E=Sophos;i="6.04,293,1695711600"; d="scan'208";a="398729689" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Dec 2023 01:03:45 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10930"; a="900028612" X-IronPort-AV: E=Sophos;i="6.04,293,1695711600"; d="scan'208";a="900028612" Received: from 984fee00a5ca.jf.intel.com (HELO embargo.jf.intel.com) ([10.165.9.183]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Dec 2023 01:03:11 -0800 From: Yang Weijiang To: seanjc@google.com, pbonzini@redhat.com, dave.hansen@intel.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: peterz@infradead.org, chao.gao@intel.com, rick.p.edgecombe@intel.com, mlevitsk@redhat.com, john.allen@amd.com, weijiang.yang@intel.com Subject: [PATCH v8 16/26] KVM: x86: Add fault checks for guest CR4.CET setting Date: Thu, 21 Dec 2023 09:02:29 -0500 Message-Id: <20231221140239.4349-17-weijiang.yang@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20231221140239.4349-1-weijiang.yang@intel.com> References: <20231221140239.4349-1-weijiang.yang@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Check potential faults for CR4.CET setting per Intel SDM requirements. CET can be enabled if and only if CR0.WP == 1, i.e. setting CR4.CET == 1 faults if CR0.WP == 0 and setting CR0.WP == 0 fails if CR4.CET == 1. Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Yang Weijiang Reviewed-by: Chao Gao Reviewed-by: Maxim Levitsky --- arch/x86/kvm/x86.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index bde780ae69bf..b418e4f5277b 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1006,6 +1006,9 @@ int kvm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0) (is_64_bit_mode(vcpu) || kvm_is_cr4_bit_set(vcpu, X86_CR4_PCIDE))) return 1; + if (!(cr0 & X86_CR0_WP) && kvm_is_cr4_bit_set(vcpu, X86_CR4_CET)) + return 1; + static_call(kvm_x86_set_cr0)(vcpu, cr0); kvm_post_set_cr0(vcpu, old_cr0, cr0); @@ -1217,6 +1220,9 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) return 1; } + if ((cr4 & X86_CR4_CET) && !kvm_is_cr0_bit_set(vcpu, X86_CR0_WP)) + return 1; + static_call(kvm_x86_set_cr4)(vcpu, cr4); kvm_post_set_cr4(vcpu, old_cr4, cr4); -- 2.39.3