Received: by 2002:a05:7208:9594:b0:7e:5202:c8b4 with SMTP id gs20csp1355694rbb; Mon, 26 Feb 2024 06:56:18 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWJ1aD9GZwWDeR1qcHswGKw47hG2vxIUmJWvBgZiDRhDOUjtipCjYVPGb4rSQ7M6BnXg/2taLHdenVu0x5GeiiDbDBeEz0h7s6RSzr6Lw== X-Google-Smtp-Source: AGHT+IFHfvtTVTlsPoCytHcboUT2JEidyjkJ4hrzm5Gj5qZt3/3mqHrDl1ConcO4UayM++EUitoL X-Received: by 2002:a17:902:650c:b0:1dc:7bc:d025 with SMTP id b12-20020a170902650c00b001dc07bcd025mr7525738plk.4.1708959378293; Mon, 26 Feb 2024 06:56:18 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708959378; cv=pass; d=google.com; s=arc-20160816; b=BKkgP881nEYD+5zF6cLU0dRQy+XhsBasCrcolgJVYic/fQxb7ezcMgmgliPlJs9Wf8 CEp9hfryu5KnnZkD4t7C8eyF5e2qXvPK8hdoGzy6OPwCL9+iSC3Q+Gqllmp2PzlkaLmo BAMlHWu+uscVwzx9E7NJJUz90T6TKzdsVXjXeZ3Tl9cB6nFD29KTryE1kO6LiGQmAf+7 z7V9L9kdZJ466cDvq+xJpf0ZarnqEa5IM5KoMOC2QbVbWdXl1cfXxgT7NqZBXbDwWZC+ ZkNo0h/qYlakT7k/etvEyrflfwCVzM+1EFaCcdOZ8mrhwAJv41NQ1WxOdeOlphw1NSus EDQw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=DkYvm4imcF9izb+MCYYTd7W/K0PihGpy1Nsmpgapn0o=; fh=Q6abmG+Wig1VnAHPo6oruZFzGPl8HMh+TsheODzbMSQ=; b=PWQDAFzX+9k8tT284Yj+kF+gAQjwd52qaIqClcvbAGm4NtVUqnW4DpoZO7/2rO7ql/ tpgxmHPXs2lMkTjsl629lLlHWj3CTmYYfE5n5U2rNujTXArBnj2r4GaHUgDrZxlQR+2Z ht49udlShIMotWQgaMF9gGGGXMJpCg0qYzO3aFYHiY3C5YvCX/AFtjijH6MFFnF4gUjF YyEV5m1i0ukwXIEZ4s3bKvssg6GZIFP0nLJRP8qsuQFHg6ZBZ4ja9Hy2oQsYcBP5Q44k hbZbTkrPQzRBVaE1UH0UzkVl2scDtxeTk7oY7otUTyWKNCz3NhaD8eKotF3PXy8NnpUL vTdg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=NT6QslRW; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-81685-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-81685-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id m15-20020a170902f64f00b001dc84ab0941si3858803plg.436.2024.02.26.06.56.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Feb 2024 06:56:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-81685-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=NT6QslRW; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-81685-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-81685-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 62E30292F57 for ; Mon, 26 Feb 2024 14:51:33 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 09FDA12C55F; Mon, 26 Feb 2024 14:36:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="NT6QslRW" Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC0D013957D; Mon, 26 Feb 2024 14:36:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.181 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708958207; cv=none; b=b/7STdHRXFy652//vztELCH3Qw6jsI9hECkMwqQbn08JoukQinEoXj1soY2/X3/gx4POJsKjDtjjHtOIHCz5ZEfIAGtQFVgLzaEjIJC7OKKdY/2UwBBJ8b4irTYCfDqQM8gT4S975vZ4TkJ99xXGBeTRTDTjQ9U3iS2EjE7Q/ec= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708958207; c=relaxed/simple; bh=2EvDgfFMmHJpG+Kyi4MXHgiwVk6T3MZMRKHRe3Ga2WY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=WDorP+ey4u5aQH85A8Jd6ey6kiWRmI2mBbLzDbW1R9RT+G3hf4KBmHYVNQAJHsvZJpYEz9wS4vSNtEnBN7ep8wm7sL5wGyfZfz/VTmLhY1lJFiYSqGlWnypkHvT+F5rOubzJ3naY6WnRezuMMTgjQKenyo6gC0jYbH1Lg+IO00g= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=NT6QslRW; arc=none smtp.client-ip=209.85.210.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-6e4c359e48aso1843557b3a.1; Mon, 26 Feb 2024 06:36:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708958205; x=1709563005; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=DkYvm4imcF9izb+MCYYTd7W/K0PihGpy1Nsmpgapn0o=; b=NT6QslRWtANR2d4Ug4ofmXD5nRqzASuXvikBU1TIpT2OpKX6UWg9EiYVVjL5PbbD5C TmDjfFRCi9ihAiQz0yQjgWoB5O8ZsWSKfEE8DLPrrRI2BBzyZ44fkQ1i6V0naBhtDRQk XI8cZWYbYccN21jAocswxBqj7P6WRFoOrEgg4apn4XGavX7/Qiv48rRizzyD4KC7WVf3 a7eHw+hYUqHMgjw4mlKL4dDOMyXmMX3iV75zWU8qdhshTLt3751Z4dGSlq1YHFcb1nzB b/vttIIBM1TcRiWRbuUEmMpXbgKqwc6lbWpn/bX7JZqiTwGHMr1rYzK6eaDYJiPpADf6 KcnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708958205; x=1709563005; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DkYvm4imcF9izb+MCYYTd7W/K0PihGpy1Nsmpgapn0o=; b=SM0XOtLqaTy9zRyiMZieLvhZxb3TwajhG33Ukng6jDN18slGQP/7qa2BlAW9DSMnIU kmrDKAUraeLSfGRqrZBb06yPYEE6MFgQij6TMmYy+GFJI3jE0Upgaq0aMVnXu3RzKseE mgp3909Y24qsMzWtCYqSU4rVobTRXgnkw/wrM8nM8FeEjGsr0CU3cheQtufW01Qv3zYj JgrzkL2F4k9j8T6D3lh3RV3Tgle0XPT5BaJuaBzf2nxXF+TiqjfWGkZpfITyRSvg17gZ 1V3ddRMMw+2fT2nj8HLitv9uiZFWz3ixAiGNV9EIZZftT/ZJzgdKILsCft8sT4m72IPR qpvg== X-Forwarded-Encrypted: i=1; AJvYcCXPgUcagAo/w1WfEhvtN0NyhoyCwivUduOkJ6LZkRkLYX21xTMJfTFw67XDORRpBB+ep0Fpama2QZru/P10GOgHPaXf X-Gm-Message-State: AOJu0YyjWBePJ+n776zMwA57o7a0UmGshCvXvUXg95Hbk+8bEgGHZ1ku opF4g5Knga6khk6ZM7KVw/yx/55/R3qTkuPn4XUjDW7kHsILJ+aBGoUawmjL X-Received: by 2002:a05:6a20:2114:b0:1a0:e4a6:2d86 with SMTP id y20-20020a056a20211400b001a0e4a62d86mr6549874pzy.59.1708958204920; Mon, 26 Feb 2024 06:36:44 -0800 (PST) Received: from localhost ([47.89.225.180]) by smtp.gmail.com with ESMTPSA id n7-20020aa78a47000000b006e50bbf4e71sm2634040pfa.9.2024.02.26.06.36.44 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 26 Feb 2024 06:36:44 -0800 (PST) From: Lai Jiangshan To: linux-kernel@vger.kernel.org Cc: Lai Jiangshan , Hou Wenlong , Linus Torvalds , Peter Zijlstra , Sean Christopherson , Thomas Gleixner , Borislav Petkov , Ingo Molnar , kvm@vger.kernel.org, Paolo Bonzini , x86@kernel.org, Kees Cook , Juergen Gross , Dave Hansen , "H. Peter Anvin" Subject: [RFC PATCH 39/73] KVM: x86/PVM: Handle hypercall for CR3 switching Date: Mon, 26 Feb 2024 22:35:56 +0800 Message-Id: <20240226143630.33643-40-jiangshanlai@gmail.com> X-Mailer: git-send-email 2.19.1.6.gb485710b In-Reply-To: <20240226143630.33643-1-jiangshanlai@gmail.com> References: <20240226143630.33643-1-jiangshanlai@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Lai Jiangshan If the guest uses the same page table for supervisor mode and user mode, then the user mode can access the supervisor mode address space. Therefore, for safety, the guest needs to provide two different page tables for one process, which is similar to KPTI. When switching CR3 during the process switching, the guest uses the hypercall to provide the two page tables for the hypervisor, and then the hypervisor can switch CR3 during the mode switch automatically. Additionally, an extra flag is introduced to perform TLB flushing at the same time. Signed-off-by: Lai Jiangshan Signed-off-by: Hou Wenlong --- arch/x86/kvm/pvm/pvm.c | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/pvm/pvm.c b/arch/x86/kvm/pvm/pvm.c index 8d8c783c72b5..ad08643c098a 100644 --- a/arch/x86/kvm/pvm/pvm.c +++ b/arch/x86/kvm/pvm/pvm.c @@ -1459,6 +1459,42 @@ static void pvm_flush_tlb_guest_current_kernel_user(struct kvm_vcpu *vcpu) kvm_make_request(KVM_REQ_TLB_FLUSH_GUEST, vcpu); } +/* + * Hypercall: PVM_HC_LOAD_PGTBL + * Load two PGDs into the current CR3 and MSR_PVM_SWITCH_CR3. + * + * Arguments: + * flags: bit0: flush the TLBs tagged with @pgd and @user_pgd. + * bit1: 4 (bit1=0) or 5 (bit1=1 && cpuid_has(LA57)) level paging. + * pgd: to be loaded into CR3. + * user_pgd: to be loaded into MSR_PVM_SWITCH_CR3. + */ +static int handle_hc_load_pagetables(struct kvm_vcpu *vcpu, unsigned long flags, + unsigned long pgd, unsigned long user_pgd) +{ + struct vcpu_pvm *pvm = to_pvm(vcpu); + unsigned long cr4 = vcpu->arch.cr4; + + if (!(flags & 2)) + cr4 &= ~X86_CR4_LA57; + else if (guest_cpuid_has(vcpu, X86_FEATURE_LA57)) + cr4 |= X86_CR4_LA57; + + if (cr4 != vcpu->arch.cr4) { + vcpu->arch.cr4 = cr4; + kvm_mmu_reset_context(vcpu); + } + + kvm_mmu_new_pgd(vcpu, pgd); + vcpu->arch.cr3 = pgd; + pvm->msr_switch_cr3 = user_pgd; + + if (flags & 1) + pvm_flush_tlb_guest_current_kernel_user(vcpu); + + return 1; +} + /* * Hypercall: PVM_HC_TLB_FLUSH * Flush all TLBs. @@ -1540,7 +1576,7 @@ static int handle_exit_syscall(struct kvm_vcpu *vcpu) { struct vcpu_pvm *pvm = to_pvm(vcpu); unsigned long rip = kvm_rip_read(vcpu); - unsigned long a0, a1; + unsigned long a0, a1, a2; if (!is_smod(pvm)) return do_pvm_user_event(vcpu, PVM_SYSCALL_VECTOR, false, 0); @@ -1552,6 +1588,7 @@ static int handle_exit_syscall(struct kvm_vcpu *vcpu) a0 = kvm_rbx_read(vcpu); a1 = kvm_r10_read(vcpu); + a2 = kvm_rdx_read(vcpu); // handle hypercall, check it for pvm hypercall and then kvm hypercall switch (kvm_rax_read(vcpu)) { @@ -1559,6 +1596,8 @@ static int handle_exit_syscall(struct kvm_vcpu *vcpu) return handle_hc_interrupt_window(vcpu); case PVM_HC_IRQ_HALT: return handle_hc_irq_halt(vcpu); + case PVM_HC_LOAD_PGTBL: + return handle_hc_load_pagetables(vcpu, a0, a1, a2); case PVM_HC_TLB_FLUSH: return handle_hc_flush_tlb_all(vcpu); case PVM_HC_TLB_FLUSH_CURRENT: -- 2.19.1.6.gb485710b