From patchwork Tue Sep 19 20:46:26 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9960215 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 2A6026056D for ; Tue, 19 Sep 2017 20:48:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1CCAF28EF0 for ; Tue, 19 Sep 2017 20:48:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 10BDD28EFA; Tue, 19 Sep 2017 20:48:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 78C1728EF0 for ; Tue, 19 Sep 2017 20:48:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751995AbdISUrf (ORCPT ); Tue, 19 Sep 2017 16:47:35 -0400 Received: from mail-by2nam01on0052.outbound.protection.outlook.com ([104.47.34.52]:32170 "EHLO NAM01-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751884AbdISUr0 (ORCPT ); Tue, 19 Sep 2017 16:47:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=V2hnCLHxNFveknnPRRex5j01jQRNi0GqfAEjjr8i600=; b=FCgCNSXc5tV9R0G+Ff1TObZ2U+Hn9KRvznQEbYaqtJRE/cnphlGUAnlPUwgcAfNZ41OcohMzskBdTliUbNTvZmubbCd2wuTHD/uzKs/YXH2fv5gVpBAuQgxdXoiw4xEBs/PA9ip4T3lr8UR0sG48f9Av6HNe21Hnb4FTdH8oY8Q= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from ubuntu-010236106000.amd.com (165.204.78.1) by SN1PR12MB0158.namprd12.prod.outlook.com (10.162.3.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.56.11; Tue, 19 Sep 2017 20:47:19 +0000 From: Brijesh Singh To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky , x86@kernel.org Subject: [Part2 PATCH v4 28/29] KVM: X86: Restart the guest when insn_len is zero and SEV is enabled Date: Tue, 19 Sep 2017 15:46:26 -0500 Message-Id: <20170919204627.3875-29-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20170919204627.3875-1-brijesh.singh@amd.com> References: <20170919204627.3875-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR04CA0071.namprd04.prod.outlook.com (10.171.243.164) To SN1PR12MB0158.namprd12.prod.outlook.com (10.162.3.145) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c81c544b-c297-4cd0-1662-08d4ff9f9f75 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(48565401081)(300000503095)(300135400095)(2017052603199)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:SN1PR12MB0158; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 3:KgOpc4zwYyc9eYko7sCOA6raOhklXNx1wJOMfRXOVxCbk1qE0tC0c/hzHehLorAkWhM7AUYUEKjbiNoyUYzN1W+hQw+aJezwaOttGQkELt2RecAmYy7It4yjXgRPe6mKuECwJufrP14NqbpCukJFQ64BT4t8CVIyLH39EZ/rky4NSKEEcdMxEVlHITeACXOUAjfvW0n/uEuxhiFtrQlKAH0ABUaq53GKN6JIltYKog/2M699jLDu3Bia7YXymq61; 25:s+MvBD7aUL/X6nhRW+zv7HY7PwxB6eqjSb2iU2x6fcdUm+A2P93IJ8VzuzODi8RJA3KKC7Mb1fXoEnoS9F4u8jVxALm1FEqwKrpmijM++Th7Q+7q1onbM1dLDcwhI/K6PgW5APzKtIspF2QWkKj2I3Fj6kA+PXnITPzdtgH/23YsZF1XThMAmdMrIahgzYWyA9BdIKvQj16/sCMnhiGEg5FvssrtxzJWUpsMd58arIS4fjQLXTD490NUpJap9n4QjCHBrcaBg/piCTbq2jiwCRmjE3nQndhYuCwwoclOq2Jo3MI6/DHuzvLR6CljZAFinIxJnluNw7z2CHzaFN1+iw==; 31:+ri5wPlDuFB6JBzeZZ1rTBmQik5Z0wQCAvKiYmaf4JzGlH/qv2XrgJgwlo3ACiS9atgOxDV+g9chGnCE02EKWuqUP1ZMYyXoPRhjvMoj3ocRfU8lX6IEWEhU1/29PWvHUbrPxlN38IZ1m26k2a7I4ip1eDIx5IkwXi78VDTs6clcEEJ0h/U3VRvrQKLKWEzBHWWqRNWtfMEaLZFiqWSDYj1wTiGuO5QfN+9shYLZyZ0= X-MS-TrafficTypeDiagnostic: SN1PR12MB0158: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:+UZmf01fSvpaNpQ9BkWtdREu6HiU89XUt8lL5GiF5eoH4rt0K9X1FmgZgCGDQDE3n+W2iYirZ2LX5DwlzBwb2zP3SKT7WSamYA2tCf50g2Eafn7+H5O+fxgKTCMuPQjq6wNJJaeGskjsSbFMZvFF1jZfczfb8Z2gw5KkHfcc7ZEH+oJLJtbBHNQmXABmf9qdYyiETeSR1WcTlscgl8LVXtyDkz9hEK5R28u12iZul0NnnoWuVRsjdqkpJLvZ5Cysh4htewEoLsMfIkVCHZUDPZZvgPfgBj5kMabIL/4Auw2UTdI15a46OlPGIRuw5lWGSTBIFCv7YwW8zi9k8xd3gV1VFTW5Nzbi6zFXURTp6r4Yf026Bs6iK1oNVqS7hvlzurIQmzXcY6S52QS6e/JwIZMXz9NJUHmiBtMCbUkdD/4E+aMwAlRebIrfGU8/qdrcsxqz1QZvPhpsSMXWoDcfha9Ije93GHtWoGXc8abAC65Qb3nvUCS7nIioZ67Ql8XK; 4:Q+feNxfs41Y1cXLcW2GcuB1wSEboUVN+uDSTZT8q8COocWt+2CzXxd2bOJZgC/oFeM1WYwWO1Rer4dpMoQP0c9WjJJkpjUjgIOKY2ujT1/JLnOQOgMoQS3g79W9AdmgeVnDXKAYYQJSSHtgHB5QDmqJ3emi8hbHBlcYGLLrC0ostOTydixPEmHjRqCG+ttNqU1u0Y518t81Hp4VLBapn+udyweW894yVVAPF65DOKlhkhf39WxlPYhq6YDr7JDiH53x1WcyPz+LZRUf2E/SMxGPxjxiMPYOMhv+TDhb35w06ljfyPNZy7laVOUT35LuHJ+yBlEtpExxoRyis6N9ofJ9mb8O7PJKxtv0pIOQH6kY= X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110)(17755550239193); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(93006095)(93001095)(100000703101)(100105400095)(3002001)(10201501046)(6055026)(6041248)(20161123560025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123562025)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN1PR12MB0158; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN1PR12MB0158; X-Forefront-PRVS: 04359FAD81 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(346002)(376002)(39860400002)(199003)(189002)(86362001)(50466002)(8936002)(97736004)(6116002)(3846002)(7416002)(81156014)(8676002)(50226002)(2950100002)(575784001)(81166006)(316002)(478600001)(16526017)(6666003)(7736002)(66066001)(305945005)(47776003)(6486002)(189998001)(53416004)(25786009)(101416001)(2870700001)(50986999)(76176999)(53936002)(2906002)(68736007)(36756003)(106356001)(1076002)(4326008)(5660300001)(105586002)(33646002)(23676002)(54906003); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0158; H:ubuntu-010236106000.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTU4OzIzOkJ0enA3VGpGWDRaU2lBT0tBSUc3VzdRTGw4?= =?utf-8?B?S0QzcHNMeXdGaXNZR3FuN2RGQ0I0RTBEV1RQUlJXOGswNHhsQU9pMTRiR1VG?= =?utf-8?B?QXZPSVljc3NlRElxOXl6VyttZm5xYVpYTUhwNGlOeGlYVHdkbzIycVZvVnlR?= =?utf-8?B?UmMxRlVzT1ZpQXNKWXA2bWhqMWFlVzBtMVRmazVSZmVaamFpSnJLRFZsLzdW?= =?utf-8?B?cll6WkZvb1VBTVVxYytzQ3pjQ0VSYytoK0VsS3pMbkJ3ZGpvVmlkWW1IMlhx?= =?utf-8?B?Y0VYWXJhTTM0STZDMEFkWmtKbk10dlRtWVdlajVVa014RSt0aWlOVjNZa3pY?= =?utf-8?B?eWhucUlDdzh1dmtlSkllTDFrbWo1MmJNNDBLM1JPTjZPVWlkaDhQZU5SQUVY?= =?utf-8?B?OE1FbnpPVVVScEd4S0NNWlB6NUVidTExc0hyZFlXTE8xcTgxSkpTU0F4ak5h?= =?utf-8?B?NmtITU1JalIxZWhna2ZVUEhDMWM3TXppTExyN2M4d3c5RU1jT0hVc2ZBK2M5?= =?utf-8?B?K2NSNzZRUG95NDI4TGk5aTBSMDN6dEI4eWcyWnJTMXIxRW96Q05ldVlSNVUz?= =?utf-8?B?OGE5UUE2YlNZbzZIT3dRSzBIbGNqbGI5cEJRRkYvWTBtUHRQdk5PeGdqdEVY?= =?utf-8?B?STUyZHJSdGJ0RzFtMUpWV2VKcW9jWWVZS0gzU2g3N29XVmcvU0g2Q3hlN1Qz?= =?utf-8?B?TFFkdlNSYlNVcTE2U2NBTmpOOUM5cDNuTXVlNWUxT0ZwTldrVU1Oc0pSNm5x?= =?utf-8?B?UlJsVjRvb0piSUNzaElncHhld0EzcS82VERJdFlTelV3d2ZYanlkc25SRFZp?= =?utf-8?B?dFFoRzN0bmFWaGdBVmRTUUhjV1RrMHhMTE05aXBycUtzUFdmVDVNUjJ2Wisw?= =?utf-8?B?bkZBWENZSGJyMlpJcGoxRUxtL1FxcUYyS1NWM2IzNmNpL0JOTHRUd0xMTlRz?= =?utf-8?B?cmJkdDJ2R0xYU0dUaXZRS3dQNTlxM1RWK213cGtsbW8xdkR4aE9QSEtJelM5?= =?utf-8?B?bS9jWUkwU054YkRmYVZQV2IvNVNlMFdTalExd2c4MGFNbVNRSE0ySk1DT0Uw?= =?utf-8?B?K1ZueUJJK1NReXkzMStRT1VrdzVvMkVNMnIzQUJPN3Z2SHJKN05aeHpnWnh3?= =?utf-8?B?TzUrNVpTMTVvNHZEVm8vdlFZNFpLb0FmRnp5KzdFbHNUd0M5RzNBSjdYMnRF?= =?utf-8?B?NEg0Y3ZqUGJ4bkdxY21MeXgvcmFlN1BZeEFySXZkT3dLNEY0TDkxcmtiL2U4?= =?utf-8?B?Z0Zlby9qbmJPREdpWVBCS2p1cnNjMElpQnF0LzZmZzV5a2VmNDVYNFFUQUI1?= =?utf-8?B?eEpscVRjcGw2c1RicHB3OGlmU05QWWtJMEZncUo1cGlrM256VFB1RVBaM1VB?= =?utf-8?B?eGpSbDdXV0xSSEk2NHRZWmFYTWp2Qk45dWl3MnhSYXZObzIvRXloYVZLY1Bl?= =?utf-8?B?SUNEbEVFaGFwczk3LzczYjhxWkJtdGxENVFFME5SamZqamFGaHQzT1ZOaUY2?= =?utf-8?Q?Ll3VoTQLzBGmmbH7uVvgcD0nE=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 6:8SAJ/BxN0eAJ9bjftmDiKFCEUzt+iiLVCzWjOPc4Qo37hVc1AQytHsnT3OVzKNsKg2cpFOA60jFd2SI9RgL+XPs4+JQ97Uspi5Ua3f4mS0yhPLORHe6vrx7tNdl5zTZs+/i/eXtpnl9IgPqbVVSXcsr44HY9heWDlxqoAouooGK43gWMVC5n95uTk22rmbzUh6qdm1HrToGD90INRMhHgH28tt2rySXUg0vveSd9DDowjHQHZpBoOlJICkV5HVp5QyZn3cPelILu4UIPHHHj/8EDR6rRvLrcp/EG+TOGC6EB6Zr0QkwBLyvYYat8lWi/ScqHqFY6koejlHjvrL6PFA==; 5:pkVvmAjgglQezI5b4d3Gm81xnkW9KkC7vIOd5JzbG61I5AVjUVC1jbt8qk4DTagL48kCzdUSmQu22OveR3Jcu2jHIPvhKvSB5ywjo/0uPz1UzqZ4xTrD4ox5n68yuXns/FQQt8pMK0u7kDmBNhTMmg==; 24:cOkA3aDPZ4i6TsZaBqgZOcE9NbmiFiw1tefCQNFfOSx6kJHG09IQzwYzqoh/zFCpaa1XMvE7p8u7n/j/FwZkbG2aLX7XInXPCCaXY6xh5vA=; 7:yw0e2f+qm3605jrF2nRaezljRoL7en0Hu/UysjanmZmAdbU0I9hYNRTG7V5oGkvSbDucnagE5ZSNah7R0nYWHYzhB6VWlRCUCeEYe/2MX/loaPD10z8vpnKmtl8qybonm0SppHmSrhesR+0w0a2AYdddfh/PbFDs69EtCd8Hc9P0w1AO507DrLr3BRs3ZP1lYyWZtrqaASXQiRnz2KenJ8c58P8RAqo1fVZ94/sh02E= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:zuDdWQ+vIWk61J4+L//6Asa46c307OBE7WDqF9+T64KasUSkqjGezmMjUOzrTdP35v0tcIjB7gX0p2oiD8zQ0uTJFna1nEH5NJU4WOKiAcmKU4GizH43Pj/UXRSKR5l9xYqqzbrmHB8AlFuX5AflpeMLJ0DuSi+dGou+axPCgWZvZAW68w+B2zRQex3h1b8FZgp3zkKS1BhisVmpMDaAAIckH61dYLntQgaaEdlJ1iEEDx3p3UYih3f/lTFZ9fWd X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Sep 2017 20:47:19.7311 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0158 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On AMD platforms, under certain conditions insn_len may be zero on #NPF. This can happen if a guest gets a page-fault on data access but the HW table walker is not able to read the instruction page (e.g instruction page is not present in memory). Typically, when insn_len is zero, x86_emulate_instruction() walks the guest page table and fetches the instruction bytes from guest memory. When SEV is enabled, the guest memory is encrypted with guest-specific key hence hypervisor will not able to fetch the instruction bytes. In those cases we simply restart the guest. I have encountered this issue when running kernbench inside the guest. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh --- arch/x86/kvm/mmu.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index eca30c1eb1d9..2bc0fe84aca2 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -4953,6 +4953,23 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code, if (mmio_info_in_cache(vcpu, cr2, direct)) emulation_type = 0; emulate: + /* + * On AMD platforms, under certain conditions insn_len may be zero on #NPF. + * This can happen if a guest gets a page-fault on data access but the HW + * table walker is not able to read the instruction page (e.g instruction + * page is not present in memory). + * + * Typically, when insn_len is zero, x86_emulate_instruction() walks the + * guest page table and fetches the instruction bytes from guest memory. + * When SEV is enabled, the guest memory is encrypted with guest-specific + * key hence hypervisor will not able to fetch the instruction bytes. + * In those cases we simply restart the guest. + */ + if (unlikely(!insn_len) && + kvm_x86_ops->mem_enc_enabled && + kvm_x86_ops->mem_enc_enabled(vcpu)) + return 1; + er = x86_emulate_instruction(vcpu, cr2, emulation_type, insn, insn_len); switch (er) {