From patchwork Fri Nov 1 17:33:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Babu Moger X-Patchwork-Id: 11223465 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B233A913 for ; Fri, 1 Nov 2019 17:33:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 86F95217F9 for ; Fri, 1 Nov 2019 17:33:54 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=amdcloud.onmicrosoft.com header.i=@amdcloud.onmicrosoft.com header.b="ih5k7aoS" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729106AbfKARdu (ORCPT ); Fri, 1 Nov 2019 13:33:50 -0400 Received: from mail-eopbgr730084.outbound.protection.outlook.com ([40.107.73.84]:41494 "EHLO NAM05-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1729146AbfKARdu (ORCPT ); Fri, 1 Nov 2019 13:33:50 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jShUnzUZ2W1yw8Z25LNDq3qGAufwK8GTT/yEVEW456SjSWGwKNgUjQ2Ti8oGtpKq5JQbVgWBQ0Rd1VlihysX5feIT4AGxqavpu3HFduE5F0Rna1k0RUfcEymv2cYjzYaA0uuyHQ4WhO8lDqeg15trQZUBCHCo+bIYwLh1QhGNKTQhGsHwiwKB2lQ97VHIG1Hndkiq1N6buZnpFbvRIXFMMono+eFoJxIWPf8KdQgFT9UxccqzccGebT+buPjEzl2vsuAtxcAUdtSWxejK8bSaCpvYvoszZ6rhIjFttGUc7IJnQrCGYOclQhfD71hoJHnWuHQdnAfJ+ooq7E+ypUmtg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9tCmomhi/PfVh9rUgfnfPxKe5a6xYRN7rs1aZWH9Doo=; b=h1SWCCMLG4m8r+P6sFiLiVdyfeM7KZJb8rf+ZlZUKd7LsWuSD1ePs87HCHvOAoNLp3d6PAz0i3kxHqGKmi3XPt18sAgWkxslbLoH79LRUBqbS/jNBv7fC7EIaF5jCnj3dIIDq4Dlig4e7MRxCPZyF7G44wrkdHptN09YcIuVJeA070h8b41X/bD7K5SGvdnYrgmLXqFND3iRgdn2ktzMZR/JgZaflPm4MUtIW+z/K8MIrTTsAqOMBsRN4m9apYTMLCKV42LSnVrPyAAPcGg+AjZt9Ndz/K6gN9d31+kUyoBjmjKdyq1lcCyaaiSUogVUM02U8R/YtlNpATDG9C+LQw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9tCmomhi/PfVh9rUgfnfPxKe5a6xYRN7rs1aZWH9Doo=; b=ih5k7aoSULQ4IvKqXg1nUuQLXFFnGQ9fUDua7tA/oLm+L4ZrLMubyaIIUU2Yep2sElOuDVZlvQQfdSrRszTMk+w2ldiOqcXO6DadsPfmUabPkh64cgNxWJZxyYG8xOLCWXZPPURsFIpDs4S4m2RRJ3ZaH9hTvi3dasLlH5WcSiY= Received: from BL0PR12MB2468.namprd12.prod.outlook.com (52.132.30.157) by BL0PR12MB2516.namprd12.prod.outlook.com (52.132.11.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2408.24; Fri, 1 Nov 2019 17:33:45 +0000 Received: from BL0PR12MB2468.namprd12.prod.outlook.com ([fe80::748c:1f32:1a4d:acca]) by BL0PR12MB2468.namprd12.prod.outlook.com ([fe80::748c:1f32:1a4d:acca%7]) with mapi id 15.20.2387.028; Fri, 1 Nov 2019 17:33:45 +0000 From: "Moger, Babu" To: "tglx@linutronix.de" , "mingo@redhat.com" , "bp@alien8.de" , "hpa@zytor.com" , "pbonzini@redhat.com" , "rkrcmar@redhat.com" , "sean.j.christopherson@intel.com" , "vkuznets@redhat.com" , "wanpengli@tencent.com" , "jmattson@google.com" CC: "x86@kernel.org" , "joro@8bytes.org" , "Moger, Babu" , "luto@kernel.org" , "zohar@linux.ibm.com" , "yamada.masahiro@socionext.com" , "nayna@linux.ibm.com" , "linux-kernel@vger.kernel.org" , "kvm@vger.kernel.org" Subject: [PATCH 2/4] kvm: svm: Enable UMIP feature on AMD Thread-Topic: [PATCH 2/4] kvm: svm: Enable UMIP feature on AMD Thread-Index: AQHVkNqD+3M/4HqTrkKsDppH5BsZ1g== Date: Fri, 1 Nov 2019 17:33:45 +0000 Message-ID: <157262962352.2838.15656190309312238595.stgit@naples-babu.amd.com> References: <157262960837.2838.17520432516398899751.stgit@naples-babu.amd.com> In-Reply-To: <157262960837.2838.17520432516398899751.stgit@naples-babu.amd.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: SN4PR0501CA0009.namprd05.prod.outlook.com (2603:10b6:803:40::22) To BL0PR12MB2468.namprd12.prod.outlook.com (2603:10b6:207:44::29) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Babu.Moger@amd.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [165.204.78.2] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 1fd3ca34-0d30-40b2-ebfa-08d75ef1a595 x-ms-traffictypediagnostic: BL0PR12MB2516: x-ms-exchange-purlcount: 2 x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:7219; x-forefront-prvs: 020877E0CB x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(4636009)(376002)(136003)(366004)(39860400002)(396003)(346002)(189003)(199004)(7736002)(66066001)(6512007)(66446008)(71190400001)(2906002)(305945005)(2501003)(71200400001)(186003)(6116002)(11346002)(103116003)(3846002)(476003)(446003)(14444005)(256004)(2201001)(86362001)(486006)(5660300002)(7416002)(64756008)(14454004)(6486002)(25786009)(81156014)(8676002)(81166006)(6436002)(478600001)(966005)(110136005)(316002)(76176011)(386003)(6506007)(102836004)(52116002)(6306002)(8936002)(54906003)(26005)(4326008)(66946007)(66556008)(66476007)(99286004)(921003)(1121003);DIR:OUT;SFP:1101;SCL:1;SRVR:BL0PR12MB2516;H:BL0PR12MB2468.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; received-spf: None (protection.outlook.com: amd.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: JJq9BnV2F1sHY/YsN1ca67eXk1f1FnnXA0LgqPGzcMPGCfxitg4QE/hPajNtmG5semgHVatQWkNUJ+tAyHkvFsz329jSYMPM1utMkBB+9mJ/+rDofaC4KyYMdGxmV2jTU4qVAymvS9qFDMVC0e4FXvr0jyF2r0sebfjiSucCZrG8gzQxz0f67n2JQigs4Eo3k8emqcLKboVxbNgtCX2CIhHNy44UJXNSQ0Z1Uk6BK2rNrRP6VKQJB1ImlKxr7TkZ4gnPEihiv8cxHSqNSB/Q+BT63r8fL0PliQmrEIH4iXIIBFur1vNZpfBzlAstTl+bxyyf9tE0xJrG0ZXKeQwOqUT9G4htZ3NVzTV77ZYeMzttzAzWWu7Ibigc3VdcDRQp2dGUfVlKN1JHwTvaw9XVPQ4lTD7d2nFHhHXojCdJaUY9NjSSHtMxBQUSosIsG01TAHWM/pgzGXIKwWjFNt9lqX9dIP6vPz8y6IOeIfg4daA= Content-ID: <16B93B0400287747B4AF348D01BEB568@namprd12.prod.outlook.com> MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1fd3ca34-0d30-40b2-ebfa-08d75ef1a595 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Nov 2019 17:33:45.6198 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: /2FFKJDmW0A66Riy35j+l0qRJZg2HzXrB8+pxQbviKlTfYb200RsF0fdCDVF9qxO X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB2516 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org AMD 2nd generation EPYC processors support UMIP (User-Mode Instruction Prevention) feature. The UMIP feature prevents the execution of certain instructions if the Current Privilege Level (CPL) is greater than 0. If any of these instructions are executed with CPL > 0 and UMIP is enabled, then kernel reports a #GP exception. The idea is taken from articles: https://lwn.net/Articles/738209/ https://lwn.net/Articles/694385/ Enable the feature if supported on bare metal and emulate instructions to return dummy values for certain cases. Signed-off-by: Babu Moger --- arch/x86/kvm/svm.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 4153ca8cddb7..79abbdeca148 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -2533,6 +2533,11 @@ static void svm_decache_cr4_guest_bits(struct kvm_vcpu *vcpu) { } +static bool svm_umip_emulated(void) +{ + return boot_cpu_has(X86_FEATURE_UMIP); +} + static void update_cr0_intercept(struct vcpu_svm *svm) { ulong gcr0 = svm->vcpu.arch.cr0; @@ -4438,6 +4443,13 @@ static int interrupt_window_interception(struct vcpu_svm *svm) return 1; } +static int umip_interception(struct vcpu_svm *svm) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + + return kvm_emulate_instruction(vcpu, 0); +} + static int pause_interception(struct vcpu_svm *svm) { struct kvm_vcpu *vcpu = &svm->vcpu; @@ -4775,6 +4787,10 @@ static int (*const svm_exit_handlers[])(struct vcpu_svm *svm) = { [SVM_EXIT_SMI] = nop_on_interception, [SVM_EXIT_INIT] = nop_on_interception, [SVM_EXIT_VINTR] = interrupt_window_interception, + [SVM_EXIT_IDTR_READ] = umip_interception, + [SVM_EXIT_GDTR_READ] = umip_interception, + [SVM_EXIT_LDTR_READ] = umip_interception, + [SVM_EXIT_TR_READ] = umip_interception, [SVM_EXIT_RDPMC] = rdpmc_interception, [SVM_EXIT_CPUID] = cpuid_interception, [SVM_EXIT_IRET] = iret_interception, @@ -5976,11 +5992,6 @@ static bool svm_xsaves_supported(void) return boot_cpu_has(X86_FEATURE_XSAVES); } -static bool svm_umip_emulated(void) -{ - return false; -} - static bool svm_pt_supported(void) { return false;