Message ID | 9a45667060dd2f8634bf1ecba23b89567c7e46e7.1651774251.git.isaku.yamahata@intel.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | KVM TDX basic feature support | expand |
On Thu, May 5, 2022 at 11:16 AM <isaku.yamahata@intel.com> wrote: > > From: Isaku Yamahata <isaku.yamahata@intel.com> > > Wire up TDX PV rdmsr/wrmsr hypercall to the KVM backend function. > > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> > --- > arch/x86/kvm/vmx/tdx.c | 37 +++++++++++++++++++++++++++++++++++++ > 1 file changed, 37 insertions(+) > > diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c > index f46825843a8b..1518a8c310d6 100644 > --- a/arch/x86/kvm/vmx/tdx.c > +++ b/arch/x86/kvm/vmx/tdx.c > @@ -1169,6 +1169,39 @@ static int tdx_emulate_mmio(struct kvm_vcpu *vcpu) > return 1; > } > > +static int tdx_emulate_rdmsr(struct kvm_vcpu *vcpu) > +{ > + u32 index = tdvmcall_a0_read(vcpu); > + u64 data; > + > + if (kvm_get_msr(vcpu, index, &data)) { kvm_get_msr and kvm_set_msr used to check the MSR permissions using kvm_msr_allowed but that behaviour changed in "KVM: x86: Only do MSR filtering when access MSR by rdmsr/wrmsr". Now kvm_get_msr and kvm_set_msr skip these checks and will allow access regardless of the permissions in the msr_filter. These should be changed to kvm_get_msr_with_filter and kvm_set_msr_with_filter or something similar that checks permissions for MSR access. > + trace_kvm_msr_read_ex(index); > + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND); > + return 1; > + } > + trace_kvm_msr_read(index, data); > + > + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS); > + tdvmcall_set_return_val(vcpu, data); > + return 1; > +} > + > +static int tdx_emulate_wrmsr(struct kvm_vcpu *vcpu) > +{ > + u32 index = tdvmcall_a0_read(vcpu); > + u64 data = tdvmcall_a1_read(vcpu); > + > + if (kvm_set_msr(vcpu, index, data)) { > + trace_kvm_msr_write_ex(index, data); > + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND); > + return 1; > + } > + > + trace_kvm_msr_write(index, data); > + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS); > + return 1; > +} > + > static int handle_tdvmcall(struct kvm_vcpu *vcpu) > { > if (tdvmcall_exit_type(vcpu)) > @@ -1183,6 +1216,10 @@ static int handle_tdvmcall(struct kvm_vcpu *vcpu) > return tdx_emulate_io(vcpu); > case EXIT_REASON_EPT_VIOLATION: > return tdx_emulate_mmio(vcpu); > + case EXIT_REASON_MSR_READ: > + return tdx_emulate_rdmsr(vcpu); > + case EXIT_REASON_MSR_WRITE: > + return tdx_emulate_wrmsr(vcpu); > default: > break; > } > -- > 2.25.1 > Sagi
On Fri, Jun 10, 2022 at 02:04:49PM -0700, Sagi Shahar <sagis@google.com> wrote: > On Thu, May 5, 2022 at 11:16 AM <isaku.yamahata@intel.com> wrote: > > > > From: Isaku Yamahata <isaku.yamahata@intel.com> > > > > Wire up TDX PV rdmsr/wrmsr hypercall to the KVM backend function. > > > > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > > Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> > > --- > > arch/x86/kvm/vmx/tdx.c | 37 +++++++++++++++++++++++++++++++++++++ > > 1 file changed, 37 insertions(+) > > > > diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c > > index f46825843a8b..1518a8c310d6 100644 > > --- a/arch/x86/kvm/vmx/tdx.c > > +++ b/arch/x86/kvm/vmx/tdx.c > > @@ -1169,6 +1169,39 @@ static int tdx_emulate_mmio(struct kvm_vcpu *vcpu) > > return 1; > > } > > > > +static int tdx_emulate_rdmsr(struct kvm_vcpu *vcpu) > > +{ > > + u32 index = tdvmcall_a0_read(vcpu); > > + u64 data; > > + > > + if (kvm_get_msr(vcpu, index, &data)) { > > kvm_get_msr and kvm_set_msr used to check the MSR permissions using > kvm_msr_allowed but that behaviour changed in "KVM: x86: Only do MSR > filtering when access MSR by rdmsr/wrmsr". > > Now kvm_get_msr and kvm_set_msr skip these checks and will allow > access regardless of the permissions in the msr_filter. > > These should be changed to kvm_get_msr_with_filter and > kvm_set_msr_with_filter or something similar that checks permissions > for MSR access. Thanks for pointing it out. I fixed it as adding kvm_msr_allowed()
diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index f46825843a8b..1518a8c310d6 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1169,6 +1169,39 @@ static int tdx_emulate_mmio(struct kvm_vcpu *vcpu) return 1; } +static int tdx_emulate_rdmsr(struct kvm_vcpu *vcpu) +{ + u32 index = tdvmcall_a0_read(vcpu); + u64 data; + + if (kvm_get_msr(vcpu, index, &data)) { + trace_kvm_msr_read_ex(index); + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND); + return 1; + } + trace_kvm_msr_read(index, data); + + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS); + tdvmcall_set_return_val(vcpu, data); + return 1; +} + +static int tdx_emulate_wrmsr(struct kvm_vcpu *vcpu) +{ + u32 index = tdvmcall_a0_read(vcpu); + u64 data = tdvmcall_a1_read(vcpu); + + if (kvm_set_msr(vcpu, index, data)) { + trace_kvm_msr_write_ex(index, data); + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND); + return 1; + } + + trace_kvm_msr_write(index, data); + tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS); + return 1; +} + static int handle_tdvmcall(struct kvm_vcpu *vcpu) { if (tdvmcall_exit_type(vcpu)) @@ -1183,6 +1216,10 @@ static int handle_tdvmcall(struct kvm_vcpu *vcpu) return tdx_emulate_io(vcpu); case EXIT_REASON_EPT_VIOLATION: return tdx_emulate_mmio(vcpu); + case EXIT_REASON_MSR_READ: + return tdx_emulate_rdmsr(vcpu); + case EXIT_REASON_MSR_WRITE: + return tdx_emulate_wrmsr(vcpu); default: break; }