Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp23419rdb;
        Thu, 21 Dec 2023 01:26:00 -0800 (PST)
X-Google-Smtp-Source: AGHT+IHjnTh4MaVK7X2fJNe20QGEOk1ot/W8euwYt0LX57SMVIVKJiNZip7n6eFpOj6XEPpx9Nu/
X-Received: by 2002:a17:902:b195:b0:1d0:75d8:6ce2 with SMTP id s21-20020a170902b19500b001d075d86ce2mr9583848plr.82.1703150759731;
        Thu, 21 Dec 2023 01:25:59 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1703150759; cv=none;
        d=google.com; s=arc-20160816;
        b=GErSxrWOx1IcjGlUVJ/tOOvgKgkXZYfr4n5owobbSBqHrjKZkrV8aqd/5s01Lj3CHg
         W7hq6CTYO/zFTdGKKX79JpVnalvKXkBiAu0bGPEZAkG+IbvbO67IYqS+0LQ1H0cN0ycf
         haOGsJH7E+M9QD3VRNWxdiw+hVnqvurmoCdaSiYRTJjq3rs+HxHikma7C+BYPeHPAEms
         dCu4QLhf2iTipM01BH5x1Cx/ySbnZ71WJRJ69d47WodLs3KesdZht23QaJ/FKFnE6qO5
         8iqY2Qo7KdZEfrhxW3NAwbT90mpPP84ReOxyjJGeWE2Zo4NF7Be0z1YrrIGGMDRSqCFH
         ITyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from:dkim-signature;
        bh=rcWaR+yiGdoTGspD+NvygDz+Rk8ahPn5psAm2Get8vo=;
        fh=uy0EBGgYIm8+MgsxUvKHUXUo3s9z4H9hdLwRv8YoeJU=;
        b=BCcUCgUNTS61KtinzOH/k1Ae15vR5hWhrBS//PgO/L+973OTzCxdVRnLSDBUAjGK8F
         QfUsx4QzfHF2SlUmok91YegXC6zZdcPklO8d/ubheNRlbJOxlPw/hkFn0JixQSndzTxx
         RdoQQWZXOpcoM6mDloxzIt1HAngKUfAtEMVMREoPJp1CA1O8hSFTxGR66nO//loTzzCY
         9OC1CZJi5MiYGZSRrnWuBD2H5oQ2S6WzAuv05JB1vhb1fmfq5gIAlAO73+vy+lDKG7Sf
         3nolJtxexdG88mNqWMK+lcw17HMRNLZUfUm8uuyPOm+t6xpNQ2115fCi4n1+OpaVvXow
         DgPw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=HP4bYwHe;
       spf=pass (google.com: domain of linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1])
        by mx.google.com with ESMTPS id w5-20020a170902d3c500b001d3c478e1e3si1191541plb.195.2023.12.21.01.25.59
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 21 Dec 2023 01:25:59 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=HP4bYwHe;
       spf=pass (google.com: domain of linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-8076-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id D7960B25D96
	for <linux.lists.archive@gmail.com>; Thu, 21 Dec 2023 09:17:16 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id DEBE45787A;
	Thu, 21 Dec 2023 09:03:55 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="HP4bYwHe"
X-Original-To: linux-kernel@vger.kernel.org
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.24])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8C3C756390;
	Thu, 21 Dec 2023 09:03:53 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1703149433; x=1734685433;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=ky/X9OZtJn3bDUIMsiZj6Q/CKpBiasfn5wmoF4H7EIQ=;
  b=HP4bYwHeBsjZ0gFZQPOzJiXiszsrxhfub4hIcBJhAcyyWceq6G399mrf
   WjSdr0Q1dCj1VcjPsyKNATO7j+BTcQgzjJBFjAl2R30XkW5+5aBMWtUJY
   I4RGhEtkVlKKLIxJTnpCE8NOgN9TbEefgG80O1AiBDob4+oofRYnrsr+c
   bDyrRBHHNz4WMbl7OpTCUeLQDOdlf1Wv+UB2/xA2Ex2JEl7jhGHiGPKvp
   fujF11srDAGUSSYyV6IrHhIeXOhvI1KbLF3IZjS7k46+iS+bUqPUMklFh
   TmzxNRg1lnIW3dFrk4q2+KmXTlpPRar1aR8YdP85FTr8Y4HU/RfaVeCxZ
   g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10930"; a="398729689"
X-IronPort-AV: E=Sophos;i="6.04,293,1695711600"; 
   d="scan'208";a="398729689"
Received: from orsmga004.jf.intel.com ([10.7.209.38])
  by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Dec 2023 01:03:45 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10930"; a="900028612"
X-IronPort-AV: E=Sophos;i="6.04,293,1695711600"; 
   d="scan'208";a="900028612"
Received: from 984fee00a5ca.jf.intel.com (HELO embargo.jf.intel.com) ([10.165.9.183])
  by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Dec 2023 01:03:11 -0800
From: Yang Weijiang <weijiang.yang@intel.com>
To: seanjc@google.com,
	pbonzini@redhat.com,
	dave.hansen@intel.com,
	kvm@vger.kernel.org,
	linux-kernel@vger.kernel.org
Cc: peterz@infradead.org,
	chao.gao@intel.com,
	rick.p.edgecombe@intel.com,
	mlevitsk@redhat.com,
	john.allen@amd.com,
	weijiang.yang@intel.com
Subject: [PATCH v8 16/26] KVM: x86: Add fault checks for guest CR4.CET setting
Date: Thu, 21 Dec 2023 09:02:29 -0500
Message-Id: <20231221140239.4349-17-weijiang.yang@intel.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <20231221140239.4349-1-weijiang.yang@intel.com>
References: <20231221140239.4349-1-weijiang.yang@intel.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Check potential faults for CR4.CET setting per Intel SDM requirements.
CET can be enabled if and only if CR0.WP == 1, i.e. setting CR4.CET ==
1 faults if CR0.WP == 0 and setting CR0.WP == 0 fails if CR4.CET == 1.

Co-developed-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
Reviewed-by: Chao Gao <chao.gao@intel.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
---
 arch/x86/kvm/x86.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index bde780ae69bf..b418e4f5277b 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -1006,6 +1006,9 @@ int kvm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)
 	    (is_64_bit_mode(vcpu) || kvm_is_cr4_bit_set(vcpu, X86_CR4_PCIDE)))
 		return 1;
 
+	if (!(cr0 & X86_CR0_WP) && kvm_is_cr4_bit_set(vcpu, X86_CR4_CET))
+		return 1;
+
 	static_call(kvm_x86_set_cr0)(vcpu, cr0);
 
 	kvm_post_set_cr0(vcpu, old_cr0, cr0);
@@ -1217,6 +1220,9 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
 			return 1;
 	}
 
+	if ((cr4 & X86_CR4_CET) && !kvm_is_cr0_bit_set(vcpu, X86_CR0_WP))
+		return 1;
+
 	static_call(kvm_x86_set_cr4)(vcpu, cr4);
 
 	kvm_post_set_cr4(vcpu, old_cr4, cr4);
-- 
2.39.3