[0/7,v7] KVM: nSVM: Check addresses of MSR bitmap and IO bitmap tables on vmrun of nested guests

Message ID	20210412215611.110095-1-krish.sadhukhan@oracle.com (mailing list archive)
Headers	show Return-Path: <kvm-owner@kernel.org> From: Krish Sadhukhan <krish.sadhukhan@oracle.com> To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, jmattson@google.com, seanjc@google.com Subject: [PATCH 0/7 v7] KVM: nSVM: Check addresses of MSR bitmap and IO bitmap tables on vmrun of nested guests Date: Mon, 12 Apr 2021 17:56:04 -0400 Message-Id: <20210412215611.110095-1-krish.sadhukhan@oracle.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Precedence: bulk
Series	KVM: nSVM: Check addresses of MSR bitmap and IO bitmap tables on vmrun of nested guests \| expand [0/7,v7] KVM: nSVM: Check addresses of MSR bitmap and IO bitmap tables on vmrun of nested guests [1/7,v7] KVM: SVM: Define actual size of IOPM and MSRPM tables [2/7,v7] KVM: nSVM: Define an exit code to reflect consistency check failure [3/7,v7] KVM: nSVM: No need to set bits 11:0 in MSRPM and IOPM bitmaps [4/7,v7] nSVM: Check addresses of MSR and IO permission maps [5/7,v7] SVM: Use ALIGN macro when aligning 'io_bitmap_area' [6/7,v7] nSVM: Define an exit code to reflect consistency check failure [7/7,v7] nSVM: Test addresses of MSR and IO permissions maps

Message ID

20210412215611.110095-1-krish.sadhukhan@oracle.com (mailing list archive)

Headers

From: Krish Sadhukhan <krish.sadhukhan@oracle.com>
To: kvm@vger.kernel.org
Cc: pbonzini@redhat.com, jmattson@google.com, seanjc@google.com
Subject: [PATCH 0/7 v7] KVM: nSVM: Check addresses of MSR bitmap and IO bitmap
 tables on vmrun of nested guests
Date: Mon, 12 Apr 2021 17:56:04 -0400
Message-Id: <20210412215611.110095-1-krish.sadhukhan@oracle.com>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from ban25x6uut29.us.oracle.com (138.3.201.29) by
 BYAPR06CA0058.namprd06.prod.outlook.com (2603:10b6:a03:14b::35) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.17 via Frontend
 Transport; Mon, 12 Apr 2021 22:44:57 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 63802c67-863e-445a-558c-08d8fe0499b7
X-MS-TrafficTypeDiagnostic: SN6PR10MB3022:
X-Microsoft-Antispam-PRVS: 
 <SN6PR10MB30220956799411B1F8E0737A81709@SN6PR10MB3022.namprd10.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
 egJHEC4aIQAzjODUdGq1nVYuJ2O6uFi1ZYdaTxjgVizFzNakkQqy6xX9NGCBA3ISz2sYCo+wqVVl0Hs6h7D8SN7sulyWMlhQxqaY5cTqQUXkw/dmqjELjWcSeIepbPuZuKDsnWev99Qq5oeo6tMnGG+0Sc2kcxaUlWWwR06Jh16V1T0o36+L1KRgZHfQR1jBFNic0GKppczhxBPc9B4/OVNU7DLhdeyVwrNmhGSPha7BUOKuJhH4xjHqz3tiPuGVGEV+V9ZKYb67opAhMilA2hEpI8dv+RFbX6SEANxBSDfj3DxiURBeiXVR99AelvI9Eiu8yi3Wb1FkIKjiazIyLd1lbHTSTez0H853+z4L0hWrEy7aYssQpDhSPy4poOZ1YI0/wdSWVagLauIpkWM5fOb6fEoAdWPGBUIxvSxyq1BywjbljAtAy2Qs9Jjo2rbvgvHW6a7s8NzS2Tzd8lD287mxlitSty1VHVGcb+zRMfVWxU3TuGXlRgXDC9btD81ua7LzEalXDOPvdTwksCTxyRSbDHP/ULyim3EGe8fm5wRIn+AyKqmMv0uqdqQQbOcq/wDwdtnKcbeAgFiFE0T8L65EIbvzrJqpDT+zhYmt9CQNjqXo+X7UNf5LSr1Jvf8yhWyIzT6OMseXvGokwUdzyw==
X-Forefront-Antispam-Report: 
 CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR10MB3021.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(346002)(396003)(376002)(39860400002)(136003)(66476007)(478600001)(66556008)(83380400001)(2616005)(66946007)(36756003)(86362001)(8936002)(1076003)(44832011)(6916009)(316002)(4326008)(956004)(2906002)(7696005)(6486002)(52116002)(38350700002)(6666004)(8676002)(16526019)(5660300002)(26005)(38100700002)(186003);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
 uRkMB7iko7e5DyEmzzNsHxX0V5F+gvQzBiODFmC7DG8dp38KlplSYjXzlyefqxi/XwmtEl/Omk/kctc5SNcolpvdxtI/Bma9J+h3PbnVwJVB4FRmOCInTPEVDO9REeC2VYIkTLLkbJovrPRKMwHKYVhRlqAE3++mtf0LtjEraSHUikyV8AxCh4pxd18VS275oM+OxR0wStdRiL2C2EjOjYwYEAI5sSfxdA8kA5mV4mYutPAnxCuwZqCs+U4+lpGAGHuVraFQs6xtYRBr30iWkZzzN2Xt6oL3fOi6ObB7DLqR+VMvocY1LUScDgkfw/O49sJ1yh2o4bSSdeXOcXbqxGgFLRcM2cVHD9GKifJlqSkjok4hgyLW3ZGbVZsD2kOuIniPk4QGgFRAiMGkaygjapCVhmxOYzsL5SHqMRnDpwoPd74OuiT+SrCz68m7E30fpPLlX10iTH4viOJe3KKarvvfePBR11Z4vQyF9d0M59sVEgQZF8/8/Od/bkFbHYVtzzGCBklgKXdOmG0ZcT0VaPf3asyNACGphfZRfZ2Ii7unfKB0orrdUSpUJTCW0+zR5o/N/44ztxpEgVuFnWQVoxDNpDi+Uj6Zk8zZ3BSg5NxtIue01L2m4JDYcJJWWiLuG6qwGXBPOvE4T41EXRmlMCWiiJWrvyAB70AgeOaQWHcQwf/b99zyFKgQlDWKJBKHCYKdRuWHUv1ZVBBKYbGd/HiPs99xB3IQ/45seYHEWZg9tbbOda9Pq81LOAgee561Y/Y7LK8pZk5DifX1YoOZyDPeK676Fjj5sbbjKbrJHy1e/4Yee2VHpo52bC1hukc5NMNMS3W4zuOskOHEUDgwh/Z4hrRvFj5aNSRKOb41hxKt+TG1LHWhoMHV8bJcgRKjapPkO/it4yGK1YEvq7aaurlTnBEJM9f7CDogomddPBTRYwsQH65pjL3Edk3zpgKYMPn4LR/77pW9cG+Zo6YnXa6U1ojgBMvbbKUXJGZ0nTVZW+BNESAnYmu2CElMKR5c/1zlmTr9oNKYn5YswmM+JAQvz0PX9xpqyUXT10H5kyz1ONIkeufYnXyrdVIBBNlQV8Nkl+PSpLGn/nDEcyY6QPSWQ2xJ8ag+9xC2ljQQHGcIbR4bn9jMzfbCvvEF2uO+QGXb+kSpkNxB17VcCpxawG5WCUjAhENeCblL8YQKehkAGHVem+yHIMthccDWskox0dgD5E1p6HHVKGq7AEOrRm8GzqUzKvDL+wTmzy4Qy6uzvv/tSjDHWIwExTw54S7tMWSVysZ4FuPtQp0/L2gY3AvG+klgF+EQaXfPEijbZ7WDFQp+O/qPHtfCtNwBVEXe
X-OriginatorOrg: oracle.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 63802c67-863e-445a-558c-08d8fe0499b7
X-MS-Exchange-CrossTenant-AuthSource: SN6PR10MB3021.namprd10.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Apr 2021 22:44:58.7317
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 465Q9BRZScDM5mNpYDVJqIVu25Z7CacVIp6b91Jh5Fs1eGWOZ4a71Vkg4WUpaV/V8gzC9SLfUuUvLLlxdCqOnTUbXlGEFlhW8eJyTC8PglE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR10MB3022
X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9952
 signatures=668683
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0
 bulkscore=0 malwarescore=0
 spamscore=0 adultscore=0 phishscore=0 mlxlogscore=999 suspectscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104060000
 definitions=main-2104120146
X-Proofpoint-GUID: zKy70qTvd-4xENiApMx_B_onl_LScGId
X-Proofpoint-ORIG-GUID: zKy70qTvd-4xENiApMx_B_onl_LScGId
X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9952
 signatures=668683
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0
 priorityscore=1501
 clxscore=1015 adultscore=0 mlxlogscore=999 impostorscore=0 malwarescore=0
 lowpriorityscore=0 spamscore=0 phishscore=0 bulkscore=0 suspectscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104060000
 definitions=main-2104120146
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

Series

KVM: nSVM: Check addresses of MSR bitmap and IO bitmap tables on vmrun of nested guests | expand

Message

Krish Sadhukhan April 12, 2021, 9:56 p.m. UTC

v6 -> v7:
	1. In patch# 4, the logic in nested_svm_check_bitmap_pa() has been
	   fixed. The size of IOPM passed to nested_svm_check_bitmap_pa() has
	   also been corrected. Indentation has been improved.
	2. In patch# 1, the names of the #defines have been changed.
	3. In patch# 2, a new exit code is defined to differentiate between
	   consistency failures and failures after switching to guest mode,
	   because tests need to know the exact failure instead of
	   SVM_EXIT_ERR. This exit code is similar to what nVMX does and
	   appears to be the best solution to differentiate the above-mentioned
	   error scenarios.
	4. In patch# 3, code that unset bit 11:0 of the MSRPm and IOPM tables,
	   has been removed because hardware doesn't care about the value
	   these bits. Also, tests need to verify hardware behavior. So if
	   these bits are unset, the checks in nested_svm_check_bitmap_pa()
	   do not work as expected.
	5. In patch# 7, additional test cases have been added.


[PATCH 1/7 v7] KVM: SVM: Define actual size of IOPM and MSRPM tables
[PATCH 2/7 v7] KVM: nSVM: Define an exit code to reflect consistency
[PATCH 3/7 v7] KVM: nSVM: No need to set bits 11:0 in MSRPM and IOPM
[PATCH 4/7 v7] nSVM: Check addresses of MSR and IO permission maps
[PATCH 5/7 v7] SVM: Use ALIGN macro when aligning 'io_bitmap_area'
[PATCH 6/7 v7] nSVM: Define an exit code to reflect consistency check
[PATCH 7/7 v7] nSVM: Test addresses of MSR and IO permissions maps

 arch/x86/include/uapi/asm/svm.h |  1 +
 arch/x86/kvm/svm/nested.c       | 29 +++++++++++++++++++++++------
 arch/x86/kvm/svm/svm.c          | 20 ++++++++++----------
 arch/x86/kvm/svm/svm.h          |  3 +++
 4 files changed, 37 insertions(+), 16 deletions(-)

Krish Sadhukhan (4):
      KVM: SVM: Define actual size of IOPM and MSRPM tables
      KVM: nSVM: Define an exit code to reflect consistency check failure
      KVM: nSVM: No need to set bits 11:0 in MSRPM and IOPM bitmaps
      nSVM: Check addresses of MSR and IO permission maps

 x86/svm.c       |  2 +-
 x86/svm.h       |  1 +
 x86/svm_tests.c | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 79 insertions(+), 2 deletions(-)

Krish Sadhukhan (3):
      SVM: Use ALIGN macro when aligning 'io_bitmap_area'
      nSVM: Define an exit code to reflect consistency check failure
      nSVM: Test addresses of MSR and IO permissions maps

Comments

Paolo Bonzini April 17, 2021, 2:35 p.m. UTC | #1

On 12/04/21 23:56, Krish Sadhukhan wrote:
> v6 -> v7:
> 	1. In patch# 4, the logic in nested_svm_check_bitmap_pa() has been
> 	   fixed. The size of IOPM passed to nested_svm_check_bitmap_pa() has
> 	   also been corrected. Indentation has been improved.
> 	2. In patch# 1, the names of the #defines have been changed.
> 	3. In patch# 2, a new exit code is defined to differentiate between
> 	   consistency failures and failures after switching to guest mode,
> 	   because tests need to know the exact failure instead of
> 	   SVM_EXIT_ERR. This exit code is similar to what nVMX does and
> 	   appears to be the best solution to differentiate the above-mentioned
> 	   error scenarios.
> 	4. In patch# 3, code that unset bit 11:0 of the MSRPm and IOPM tables,
> 	   has been removed because hardware doesn't care about the value
> 	   these bits. Also, tests need to verify hardware behavior. So if
> 	   these bits are unset, the checks in nested_svm_check_bitmap_pa()
> 	   do not work as expected.
> 	5. In patch# 7, additional test cases have been added.
> 
> 
> [PATCH 1/7 v7] KVM: SVM: Define actual size of IOPM and MSRPM tables
> [PATCH 2/7 v7] KVM: nSVM: Define an exit code to reflect consistency
> [PATCH 3/7 v7] KVM: nSVM: No need to set bits 11:0 in MSRPM and IOPM
> [PATCH 4/7 v7] nSVM: Check addresses of MSR and IO permission maps
> [PATCH 5/7 v7] SVM: Use ALIGN macro when aligning 'io_bitmap_area'
> [PATCH 6/7 v7] nSVM: Define an exit code to reflect consistency check
> [PATCH 7/7 v7] nSVM: Test addresses of MSR and IO permissions maps
> 
>   arch/x86/include/uapi/asm/svm.h |  1 +
>   arch/x86/kvm/svm/nested.c       | 29 +++++++++++++++++++++++------
>   arch/x86/kvm/svm/svm.c          | 20 ++++++++++----------
>   arch/x86/kvm/svm/svm.h          |  3 +++
>   4 files changed, 37 insertions(+), 16 deletions(-)
> 
> Krish Sadhukhan (4):
>        KVM: SVM: Define actual size of IOPM and MSRPM tables
>        KVM: nSVM: Define an exit code to reflect consistency check failure
>        KVM: nSVM: No need to set bits 11:0 in MSRPM and IOPM bitmaps
>        nSVM: Check addresses of MSR and IO permission maps
> 
>   x86/svm.c       |  2 +-
>   x86/svm.h       |  1 +
>   x86/svm_tests.c | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
>   3 files changed, 79 insertions(+), 2 deletions(-)
> 
> Krish Sadhukhan (3):
>        SVM: Use ALIGN macro when aligning 'io_bitmap_area'
>        nSVM: Define an exit code to reflect consistency check failure
>        nSVM: Test addresses of MSR and IO permissions maps
> 

Queued except for SVM_CONSISTENCY_ERR.

Paolo