| Message ID | 20240223204233.3337324-1-seanjc@google.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | KVM: SVM: Clean up VMRUN=>#VMEXIT assembly | expand |
On 2/23/24 14:42, Sean Christopherson wrote: > Clean up SVM's enter/exit assembly code so that it can be compiled > without OBJECT_FILES_NON_STANDARD. The "standard" __svm_vcpu_run() can't > be made 100% bulletproof, as RBP isn't restored on #VMEXIT, but that's > also the case for __vmx_vcpu_run(), and getting "close enough" is better > than not even trying. > > As for SEV-ES, after yet another refresher on swap types, I realized KVM > can simply let the hardware restore registers after #VMEXIT, all that's > missing is storing the current values to the host save area (I learned the > hard way that they are swap Type B, *sigh*). Unless I'm missing something, > this provides 100% accuracy when using stack frames for unwinding, and > requires less assembly (though probably not fewer code bytes; I didn't check). > > In between, build the SEV-ES code iff CONFIG_KVM_AMD_SEV=y, and yank out > "support" for 32-bit kernels, which was unncessarily polluting the code. > > I'm pretty sure I actually managed to test all of this, thanks to the SEV-ES > smoke selftests, and a bit of hacking to disable V_SPEC_CTRL, passthrough > SPEC_CTRL unconditionally, and have the selftests W/R SPEC_CTRL from its > guest. > > Sean Christopherson (8): > KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding > KVM: SVM: Wrap __svm_sev_es_vcpu_run() with #ifdef CONFIG_KVM_AMD_SEV > KVM: SVM: Drop 32-bit "support" from __svm_sev_es_vcpu_run() > KVM: SVM: Clobber RAX instead of RBX when discarding > spec_ctrl_intercepted > KVM: SVM: Save/restore non-volatile GPRs in SEV-ES VMRUN via host save > area > KVM: SVM: Save/restore args across SEV-ES VMRUN via host save area > KVM: SVM: Create a stack frame in __svm_sev_es_vcpu_run() > KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD > > arch/x86/kvm/Makefile | 4 -- > arch/x86/kvm/svm/svm.c | 17 ++++--- > arch/x86/kvm/svm/svm.h | 3 +- > arch/x86/kvm/svm/vmenter.S | 97 +++++++++++++++++--------------------- > 4 files changed, 56 insertions(+), 65 deletions(-) Nice cleanup, thanks! For the series: Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com> > > > base-commit: ec1e3d33557babed2c2c2c7da6e84293c2f56f58
On Fri, 23 Feb 2024 12:42:25 -0800, Sean Christopherson wrote: > Clean up SVM's enter/exit assembly code so that it can be compiled > without OBJECT_FILES_NON_STANDARD. The "standard" __svm_vcpu_run() can't > be made 100% bulletproof, as RBP isn't restored on #VMEXIT, but that's > also the case for __vmx_vcpu_run(), and getting "close enough" is better > than not even trying. > > As for SEV-ES, after yet another refresher on swap types, I realized KVM > can simply let the hardware restore registers after #VMEXIT, all that's > missing is storing the current values to the host save area (I learned the > hard way that they are swap Type B, *sigh*). Unless I'm missing something, > this provides 100% accuracy when using stack frames for unwinding, and > requires less assembly (though probably not fewer code bytes; I didn't check). > > [...] Applied to kvm-x86 svm, thanks! [1/8] KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding https://github.com/kvm-x86/linux/commit/19597a71a0c8 [2/8] KVM: SVM: Wrap __svm_sev_es_vcpu_run() with #ifdef CONFIG_KVM_AMD_SEV https://github.com/kvm-x86/linux/commit/7774c8f32e99 [3/8] KVM: SVM: Drop 32-bit "support" from __svm_sev_es_vcpu_run() https://github.com/kvm-x86/linux/commit/331282fdb15e [4/8] KVM: SVM: Clobber RAX instead of RBX when discarding spec_ctrl_intercepted https://github.com/kvm-x86/linux/commit/87e8e360a05f [5/8] KVM: SVM: Save/restore non-volatile GPRs in SEV-ES VMRUN via host save area https://github.com/kvm-x86/linux/commit/c92be2fd8edf [6/8] KVM: SVM: Save/restore args across SEV-ES VMRUN via host save area https://github.com/kvm-x86/linux/commit/adac42bf42c1 [7/8] KVM: SVM: Create a stack frame in __svm_sev_es_vcpu_run() https://github.com/kvm-x86/linux/commit/4367a75887ec [8/8] KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD https://github.com/kvm-x86/linux/commit/27ca867042af -- https://github.com/kvm-x86/linux/tree/next
On Wed, Apr 10, 2024 at 2:23 AM Sean Christopherson <seanjc@google.com> wrote: > Applied to kvm-x86 svm, thanks! > > [1/8] KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding > https://github.com/kvm-x86/linux/commit/19597a71a0c8 > [2/8] KVM: SVM: Wrap __svm_sev_es_vcpu_run() with #ifdef CONFIG_KVM_AMD_SEV > https://github.com/kvm-x86/linux/commit/7774c8f32e99 > [3/8] KVM: SVM: Drop 32-bit "support" from __svm_sev_es_vcpu_run() > https://github.com/kvm-x86/linux/commit/331282fdb15e > [4/8] KVM: SVM: Clobber RAX instead of RBX when discarding spec_ctrl_intercepted > https://github.com/kvm-x86/linux/commit/87e8e360a05f > [5/8] KVM: SVM: Save/restore non-volatile GPRs in SEV-ES VMRUN via host save area > https://github.com/kvm-x86/linux/commit/c92be2fd8edf > [6/8] KVM: SVM: Save/restore args across SEV-ES VMRUN via host save area > https://github.com/kvm-x86/linux/commit/adac42bf42c1 > [7/8] KVM: SVM: Create a stack frame in __svm_sev_es_vcpu_run() > https://github.com/kvm-x86/linux/commit/4367a75887ec > [8/8] KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD > https://github.com/kvm-x86/linux/commit/27ca867042af Do we perhaps want this in 6.9 because of the issues that was reported with objtool? Paolo
Clean up SVM's enter/exit assembly code so that it can be compiled without OBJECT_FILES_NON_STANDARD. The "standard" __svm_vcpu_run() can't be made 100% bulletproof, as RBP isn't restored on #VMEXIT, but that's also the case for __vmx_vcpu_run(), and getting "close enough" is better than not even trying. As for SEV-ES, after yet another refresher on swap types, I realized KVM can simply let the hardware restore registers after #VMEXIT, all that's missing is storing the current values to the host save area (I learned the hard way that they are swap Type B, *sigh*). Unless I'm missing something, this provides 100% accuracy when using stack frames for unwinding, and requires less assembly (though probably not fewer code bytes; I didn't check). In between, build the SEV-ES code iff CONFIG_KVM_AMD_SEV=y, and yank out "support" for 32-bit kernels, which was unncessarily polluting the code. I'm pretty sure I actually managed to test all of this, thanks to the SEV-ES smoke selftests, and a bit of hacking to disable V_SPEC_CTRL, passthrough SPEC_CTRL unconditionally, and have the selftests W/R SPEC_CTRL from its guest. Sean Christopherson (8): KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding KVM: SVM: Wrap __svm_sev_es_vcpu_run() with #ifdef CONFIG_KVM_AMD_SEV KVM: SVM: Drop 32-bit "support" from __svm_sev_es_vcpu_run() KVM: SVM: Clobber RAX instead of RBX when discarding spec_ctrl_intercepted KVM: SVM: Save/restore non-volatile GPRs in SEV-ES VMRUN via host save area KVM: SVM: Save/restore args across SEV-ES VMRUN via host save area KVM: SVM: Create a stack frame in __svm_sev_es_vcpu_run() KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD arch/x86/kvm/Makefile | 4 -- arch/x86/kvm/svm/svm.c | 17 ++++--- arch/x86/kvm/svm/svm.h | 3 +- arch/x86/kvm/svm/vmenter.S | 97 +++++++++++++++++--------------------- 4 files changed, 56 insertions(+), 65 deletions(-) base-commit: ec1e3d33557babed2c2c2c7da6e84293c2f56f58