From patchwork Mon Nov 6 18:15:29 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10044037 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id BAA5C603FF for ; Mon, 6 Nov 2017 18:16:11 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B147B29E2E for ; Mon, 6 Nov 2017 18:16:11 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A62B529F54; Mon, 6 Nov 2017 18:16:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1B30A29E2E for ; Mon, 6 Nov 2017 18:16:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932924AbdKFSP4 (ORCPT ); Mon, 6 Nov 2017 13:15:56 -0500 Received: from mail-by2nam01on0082.outbound.protection.outlook.com ([104.47.34.82]:58805 "EHLO NAM01-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1754223AbdKFSPv (ORCPT ); Mon, 6 Nov 2017 13:15:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=0NkGQ3KuH/fHwkR7s5C7iFAw0FQfBo+x2YAR5UHuahU=; b=XSZWFPiaR8cgVSGyE4djqu1Z14uUgijljARKSVhTviGzXFV0ivoSQ8KIc497kQkGqt91ZSIGgAvRlUWsHzyrC68QJjs8Wuvu6+ANdh8IP13fHsk8Ik3e1KGBh8tKSw0BgpjUvVEEqjBahjbqxkMYv9aq58id4EumptGT51cTVqQ= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Mon, 6 Nov 2017 18:15:44 +0000 From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky , x86@kernel.org Subject: [Part2 PATCH v8 37/38] KVM: SVM: Do not install #UD intercept when SEV is enabled Date: Mon, 6 Nov 2017 12:15:29 -0600 Message-Id: <20171106181530.68894-8-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171106181530.68894-1-brijesh.singh@amd.com> References: <20171106181530.68894-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0601CA0012.namprd06.prod.outlook.com (10.162.115.150) To SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 5f041dd8-216f-4b0b-bd92-08d5254265be X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603249); SRVR:SN1PR12MB0157; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 3:iSciYcSmHAnzqMRLUF+JtMPZnlTyQlBcDGbFDXksnyNSoQ06Kn/5cZTN9TsRDyNbNlwX8gfeV2rKqyQRVmM24hya+MPOXMcMEzBqzRHTeHChfKUOKF/enQVG06Qc5bR34YfHAGnEhWxFSRTXq71aP3U3yP9Js0EJMt9V775Pc47XwocJUvpT3BXeDxAJoTDDBYVykM0XKkQ5ANquqLRSFgDr0AQo6xY/7i7yAI1z4BqpD+Km8DaQeCWf1TK77rXu; 25:1Kpob7VTEWtjIuxBUsW52L8MbuhcNA58RBO7QQb7n+X6ZO6jd7XxwuAckVtmuod6Jk+u/ZTG8ytuEmyeok1O4inGsYPUX8YNq2dDTSvqIimoFjPR9nwNsJ/0m1datnnnYWPZzchUA0g5/ObBYQuCnh0WbxN0vzWHnXkVW60Y81s7EVex/vCTPy6/ITmJHbp8CbT1iNX17VGXfxeUPXbBKTVvM1eOufqCokBrYzfQacPKAY5OglWTqjHSS2ZgTGWsJK09BUjglwksqPY1TAuGWGkwZKHluexE7u6Jy6LZ/m+opvGxrf8AHx5DdzT+Nu4CroBKE5QHPKtLA+HC+BdVaA==; 31:MyvU0WICp+NzPScls+uoq95ZrZqsfrvw7uNC+3UJ6wAzzMDArgFjYlmYaE6uZPjxDH2AvHTjhVrr53UE931Jn3jPQZxNY2dNyH7ep3Jno72UfzGozUuKFaEU+jZDSAWCkogxN5OY63SlcX46DJztDFJnfdZtf5uLWBaGW3hCalEkpjE9r94aE7BwYfRsCAqPxcnQa/cBcsFfZktdpg0ly7v98mHzfkIZcSr0klOtG8I= X-MS-TrafficTypeDiagnostic: SN1PR12MB0157: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:giTIFact+uNJjIDS7vF9A3YXPIUw8jItIc5OPYX1wL3hTNo8qUqQjzfQPGxWE1p6rwcqMZwxcCzZqloVvcy1aqUdYaCwTE4va2LITM36rrGPLf2LyohZkonQSTRkrdmW0CNfYwwgfxQgmsiBTS4VqTSTqwZYny+vwsed81iV25weDR8flMyC2uIFk+8jHj/c/1Qm+jN+E/BXLCos0rJLFkQuQ2qzrW7s2EQ5p0btVAfyKZliIYKYfRyt8+EGUCc8KY5wkbYUDwDc8hBf0AzLcWwy4imxoD9JKG4nMugGIZ3Rx4rJdme2/g/9WrYQ41Au7h5lI5eBzKzMFp2JU02IvP52JtUNk0d6eLxtciS3P0KkI8wIx8d85SWhYI9YscTQpJreb06iJx1rExF25bIvn2mpYgchxRIsBuL5iD+nw5pVYjuVyB4Dp8ZApsxNqh+6iCKTK427hAt+XEgGLL9C6dKpWeZk68hkQNFRUA+6vxYgj8Hy11VnvAZDmEq6PiD1; 4:9+/zeX6pbbdDCfz8vo3toGnjkKS30FNnX44Fmev5MEbFZbUH4UReVme8MJ0IlEs+eq+ES+WsSy5MaXvqvW2cCN+3b+ava1+d1pRzM3sqvhbAV6thhZ++Pqxm81b0MLIDoYbjddLmjvv+loLyl65zoA/p8RCRZaSSoNS+m3r8F3yYkTlXXKbAW4985drElIUSLRw64huvbLVVQnHwRXiKUx01iac8bTZvAV8UVzvMIBCnketx8WUSUbb89JTFzibVZQz60Jqx+mlWTdp7X9gIx1FmgUkzsHNySl3kWw76R/MdQHzC8uxNoc25VgFUHC7sM/xSTV1X1yZSfPCivWPNPw== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(93006095)(93001095)(3231021)(10201501046)(3002001)(6055026)(6041248)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:SN1PR12MB0157; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:SN1PR12MB0157; X-Forefront-PRVS: 048396AFA0 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(39860400002)(199003)(189002)(25786009)(1076002)(3846002)(6116002)(316002)(305945005)(50466002)(2870700001)(86362001)(50226002)(4326008)(23676003)(575784001)(54906003)(50986999)(2906002)(76176999)(97736004)(53416004)(101416001)(7736002)(68736007)(16526018)(478600001)(53936002)(8936002)(5660300001)(6486002)(33646002)(106356001)(105586002)(7416002)(6666003)(36756003)(189998001)(2950100002)(81166006)(66066001)(47776003)(8676002)(81156014); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0157; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTU3OzIzOm1zQ0RVdFRkdm1IbzFmV0sxU2NTQWJZV3pX?= =?utf-8?B?ZkNPWE1oZkZFaHAycDljdHI3TStvR1hnclYvMlpXWVkvZjg5UXhGQW9Gc0xS?= =?utf-8?B?RTFSdzlmYjUvZlZxL2FyQ0ozNSs3WVNlNmFVRTdoVG9Ub08reU1YRWd3dWgy?= =?utf-8?B?MzJyVll3L2lNUE9WSGEzdjZUaGFZN01CYndtdFljcHh4L01oS1praGdWK2VB?= =?utf-8?B?RjREZVFkdVVvUkVFRXdHNUlyS2JZL1pnMzFPdVluWXQ4OXk2WE9QTUEyL3Yw?= =?utf-8?B?RFlvYlVCL0FFUlFKYUdrUThkbFlOejA5RkZRR1ZvZ09Lc0I1dmo1QU9ZZTdV?= =?utf-8?B?RUxvRDYySTVUNEp1TmduUVFPRXJoYlIwTWNyR1VtR1pudmNlVzkxZHJUaS9s?= =?utf-8?B?SWlRazM1SVFjSUJjSThXT2JkT1h5MWF0RExia1dKektOV2I4bGg2UFowMjk2?= =?utf-8?B?dVhrZGFadGx1aXRMYXplZ1BSb2MyckJnZ3NuUlI0c3BlM1AvT3pUME5iQlF1?= =?utf-8?B?SkdaUGhvV3RGbEJJL1JlaTRvMFFON1NHaWtMUko1TmlMRHluaUR6V1NRT042?= =?utf-8?B?cE9YbVFGbk4zY2xXS1h1aGZyQUd4VG10V2pxTXJYOWYzKzRoaGxzdFhjdlJW?= =?utf-8?B?a3BpTjNCeDltMmhLN3JUV0MzWThwRWszMGorOFdQMmJNa1NJdHY3U2RMd0lF?= =?utf-8?B?eHA0SnNJMEMxTVFsRDFFdW5XL2ppdFo5L1A1dEQ2WUkvTGxvbUxmaDN1SW9w?= =?utf-8?B?U1VvRk1ORXdjazVhQzBadFNpRDBxMitFdWxGVWRzWDhwelhBZ1F6L043VFZL?= =?utf-8?B?cFI5S09yMEpwdnFwR3dPUlA2QXNiZUtvTmdMM1RGZjFaeGNEYmM3VWgzdnJl?= =?utf-8?B?YlpJUFdDYnBwWjYxdTNmK2xBMTg2TXBzNEVNMzlpZHJHR3ZQQWt3cWxBbXJj?= =?utf-8?B?a1EvWDVNQWJuVnYxYktqRStoT3pxTzh0QUNWNnRXd01tVElxMXh5WENTbHpL?= =?utf-8?B?NjU1a0RtaDlxazVrRk4wcEhmR0dJaUYwOWFkQVQ4RE55Zk9mOWl0RHdySWhK?= =?utf-8?B?TERGNDNIakVPNmtvMjdSTjdsVUxPSExWcXdrbEJjaVB3N0k1Y0RNa0ZIMDJk?= =?utf-8?B?UGk1N0x4dnZ4aXY0dktwaFlYVU1SOTl6UFJ6cWpGNnByWTFUOTdqSUtRZFcz?= =?utf-8?B?c3RYTE43bGU3cWY3SmpaUytSL1dLS0lDMHVpNG9RK1AyNnk4ZWtlQ0NEN2pQ?= =?utf-8?B?UkJ2L0JldXE4WlUrZjlneW5vZy9FQkxkZks1U0N2ZWV0dlNkalNvV3QvSGhF?= =?utf-8?B?VlduVUlwZkpkREdwL3h0dGhOYVJsR2VQdHMzVTBaSlZVcDZjbmc0UnJ1bkpR?= =?utf-8?B?ZUJBcGRvZ0hGR3h5aFY0T1dGSHZhNFl3S1V6V2psaEYwRGhyZVJNaU1iVDFS?= =?utf-8?B?M2RTaGV1VGZmYlExODVLMlRPMXBRV2JCcUFQQzZnSjlVdHVMS2ZVZDU5Vyt1?= =?utf-8?Q?gN0FVsMA520Ebxx/B9f0uo0ss=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 6:cDVrT3W+PuB1dcYEWNPXQepr05ykzDc409bncC5k4ORe25L20k62JsnS7XgzJ0EVb/3G/xikOG+QNoaEYK6ZBY2WGr9FKlYszIXNpS15dVM/bMf7HinWaFWDCZW+sDtKnyGksBYwUjh7Dg7uBtGeIkKJhqYoXUl3WUxDMSun8ckxyR7mNLVCi7EnpgtaopYB0BFNRKmo6UOhw8sD80cfKAuLM+jQKPwfzsaqYbeFtG1kaSOgv1Cbw8CJ1CbbUMZG3npAi8DJxb+ys9PASSt0sWEzzMFISQySw3oxRBolJsRVFotEUrJ1ZvX+lriapMpSLuGMLkDhLa5V9E3KMOU7+ScH4gDMS+BytbtmyTT1trg=; 5:b6A4+H+qWh7IuvtyFiECe7w0dWoDStrrKrD3cnS4CV5FgG/DuQ3yUb2GxwkCQshTB8TR1IBRwrbe8DFkJIw0Mxlbn3jpwzvTDUDXmeUtIqtA9Py3RSGbFUtcjSoVoz2l+mj33LVBBOFz+IFLkbgoEcBF39ZyCLyUNaOmxZWfivQ=; 24:ANe8KZ39oPtC/S2T6Mpl/jEuXw1gqcNUIEGDC9ezxiDPyEXYGrW7UgkdVkRsyf6kceAbk8Gr8HhqO84sLnyL6/R22G8YhRK22YMhof8eEIM=; 7:vWV3iTVMSf952hyw8q0fjHAnto+T2raxZZ8fmHnvjzBvRRNF8qiCV3SE7OnZEExo0ZdrbGpQr6DI/f1Fvi/K4tda8zNNRc3EAmkxcdcMxpkXZP1CEsxiQqvHy+GzAwzTXFoXTDOm6YpZ+wpoMUm7i2WvS2A7kDNJqx3LFhMmOaspFVtwOWUeFgOE6Hm9RweFBMZA/08Ki5wb5jfLgXVE0mKl43bW3xC773BepauCz8Gri2tGtDUVJe9/055C1Aar SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:LrVWjop4PP5CWTrgjIFhKtWkI7xhkOIY8EKVBMbML5EY0qpn30xIizyKRKQk9d+GJctP3H9GnZe4HwFZdhYqiszsHbvD+ZUwafNzxfoubUG/FvklhEOWaZbNILlcLop7hFP+9EEOstqN0sZZPT6rbbEgggcxKT8Uc4nHrqrMYZQ1OnZgR+unXbucvr4yMY7rvh6IasgAUueDrefX+B0TB7Y+rSaIkO0N4FUTGKWBxVaH0BSoRTQyrPt5Gr1v7Yra X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Nov 2017 18:15:44.4424 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5f041dd8-216f-4b0b-bd92-08d5254265be X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0157 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP On #UD, x86_emulate_instruction() fetches the data from guest memory and decodes the instruction bytes to assist further. When SEV is enabled, the instruction bytes will be encrypted using the guest-specific key and the hypervisor will no longer able to fetch the instruction bytes to assist UD handling. By not installing intercept we let the guest receive and handle #UD. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Reviewed-by: Borislav Petkov Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 388dc0f6d9e2..c4b7f2120e96 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -1413,8 +1413,10 @@ static void init_vmcb(struct vcpu_svm *svm) svm->vmcb->control.int_ctl |= V_GIF_ENABLE_MASK; } - if (sev_guest(svm->vcpu.kvm)) + if (sev_guest(svm->vcpu.kvm)) { svm->vmcb->control.nested_ctl |= SVM_NESTED_CTL_SEV_ENABLE; + clr_exception_intercept(svm, UD_VECTOR); + } mark_all_dirty(svm->vmcb);