From patchwork Mon Nov  6 18:15:30 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Brijesh Singh <brijesh.singh@amd.com>
X-Patchwork-Id: 10044051
Return-Path: <kvm-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	0933060247 for <patchwork-kvm@patchwork.kernel.org>;
	Mon,  6 Nov 2017 18:17:01 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 008E329E2A
	for <patchwork-kvm@patchwork.kernel.org>;
	Mon,  6 Nov 2017 18:17:01 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id E97BF29F0C; Mon,  6 Nov 2017 18:17:00 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DCDB029E2A
	for <patchwork-kvm@patchwork.kernel.org>;
	Mon,  6 Nov 2017 18:16:59 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932939AbdKFSQa (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Mon, 6 Nov 2017 13:16:30 -0500
Received: from mail-co1nam03on0077.outbound.protection.outlook.com
	([104.47.40.77]:18934
	"EHLO NAM03-CO1-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1754242AbdKFSPw (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 6 Nov 2017 13:15:52 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=amdcloud.onmicrosoft.com; s=selector1-amd-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
	bh=VkJw6r8Fszd9Vv/he1gwLJh5/0ODMuBR3fc0aN3qSh8=;
	b=BwH5lE6YLqGZiwovEitmgm/GzKIPhktT33GaduV63DBqcWh6hRgcXgeKAZi69XXwuvhAg8xi3qGEQqf/gs0wRYnuvf3ustAPWV2CFK5aNbbZQYyL/8PIPtG8taNgxLUnM95BRpHNaNNzuy3PzBltEQLK+g0agDNIrOwk/zAyufc=
Authentication-Results: spf=none (sender IP is )
	smtp.mailfrom=brijesh.singh@amd.com;
Received: from wsp141597wss.amd.com (165.204.78.1) by
	SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) with Microsoft
	SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
	15.20.197.13; Mon, 6 Nov 2017 18:15:45 +0000
From: Brijesh Singh <brijesh.singh@amd.com>
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: bp@alien8.de, Brijesh Singh <brijesh.singh@amd.com>,
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H. Peter Anvin" <hpa@zytor.com>, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Joerg Roedel <joro@8bytes.org>, Borislav Petkov <bp@suse.de>,
	Tom Lendacky <thomas.lendacky@amd.com>, x86@kernel.org
Subject: [Part2 PATCH v8 38/38] KVM: X86: Restart the guest when insn_len is
	zero and SEV is enabled
Date: Mon,  6 Nov 2017 12:15:30 -0600
Message-Id: <20171106181530.68894-9-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.9.5
In-Reply-To: <20171106181530.68894-1-brijesh.singh@amd.com>
References: <20171106181530.68894-1-brijesh.singh@amd.com>
MIME-Version: 1.0
X-Originating-IP: [165.204.78.1]
X-ClientProxiedBy: SN4PR0601CA0012.namprd06.prod.outlook.com (10.162.115.150)
	To SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: e7ad3f3d-0b5b-468f-f4e3-08d525426616
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0;
	RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603249);
	SRVR:SN1PR12MB0157;
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	3:9nePakOaL4/HJFLohTLqhKpK17rh6dQRirDuPrbFVzQPqkq2r0RafpZJf47yoTGKnjvRXrN+Fm/SrEa2rLErepkuKEytPMNVwQGPbQZK+6CY+nMWZtXJXdlA/hKKifh7NicDGCpoqDno2qt+6RsFOs5VAn0L0xQI7HSv8Orayxm+aVk2MmwvQ7cczvoc/nHUlvBN18GtPBSMJVj+RuVKZHJSWhOXZUwQyJ1hqoo329keWpu+7xSQxn4nyjWQvt4P;
	25:vyh05qTHsR2Z6TnBiQfCo1YPxB4eLrDvhcbmgdYzS8M10+WHqu3/T7QVjUAGGszlcfle8f4zkpVoeeSYgLvJy+DO1oj2RZ/ZXeIwSX9cUf1Xaf5pq5ZvPqc3H7Ox5I8rMKn5Ww/CZvIpwszB3pF1hQ5QuOVu8J6UHAj0UfOz5499ILM0luICCQbGsGkl1/zT2vWyoUw4GRviOWzXXYWTwsTr12OJpJaeuOlQs6+i/gHoF1x6cjOsmoFMLi6AmevfqfQ2DqKza8svW1MvtVY4SDKnw3B/IVOD82uKYLdAc0qMXISV6P2Oz9AORf0NXLk0Zp/sWc7vOouC+s06+uU/Fg==;
	31:b9ZxzaU8TQt3GLqY5RRtQDXwYD1eF9pCtpJ9+2xG0nu7G+8Gr0K+SAUKOJDd8Z015hBrbs7GeuKtFamiXQNQ6uKr9Ge6KV32QuLRn7fppORQV8dvTbEy8wcMkL7gnw8yOHGzv6lwsT1TmyCKSwpXNFr7Vj8Kk7SKBjGFcNLsUzJMlktzRr6K9D4a7sGBuiqWE72vwx+ijHtU3VdkR7Ir5BJYGuFwYy1jjhJGudtcSho=
X-MS-TrafficTypeDiagnostic: SN1PR12MB0157:
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	20:LCI/S+ABzJoeKjpQkOjRbaqS81zacKPvF6btmfbAntohhPN66Fu14vHpXw5lEyMlXl0IGgRV2OX90ojVn/XqTq0XcWGilziSHWooc0GB+l+uY9Vpruioh2e5Xwj67HHpocTreokTDtaVE6s7QF0igkSSbjH4iUb2UxSWt4NuRBcKz02Hd/78lm/zgvCSkHfEUcKfb4jcawWBUKi6LjV+JpZbpNprN0cC+dGa2Rx6D+MokjVd7RrACHWuG07Jbu5SykZmE6jBn9w0w7N+bChLtqWgw9neJXrSl7Tfk64YH/Uz96Y+AJJFYEnqgDBUMlRIisFsxMbyjlwKfdhA5oDf7bfZJCBC8ym2CwTJcuvwYD30pYic1dZkZdM58JjzqN6Db5TeXop0DCGDkf/DuSqmcSJZTcpStlFNL3ktRjUr9fCVn1G/zd2DNGyZMr84ZOdlO/p1ZyizaGAegB4TLji+IyGVPyRf6QURga+O7HZesSTA6L2bb8i3gZNknGZV6mmd;
	4:64EJwWLIuBDg/R0L6TaxvYmoxpAYZc6gkndky1WZWnkQN5bSgKravOeBTT5/SczX8LEVqXbXsiKGYaV5HPZYsEcAxeVnl0UGHMntdH+rl/x5A8TGEIIks5GXAtoI1pIUimMPEdik9ChlPgL7b8qYc7x4Tl4QWat1KW85rxnY6vM3w17FIHwoSG/m3Z5+qNwoMPXyIsLDneWxH9GJN02MuuvJurhNwNqLTWlBerFv2iRIM/QsjLqZ5xPbuVHOk0RmxH6IpaVgVsnaa7AsVppPa9OjDkZ2qwt7YCty00AA2ODZZN/t13sqklUXUkBcMhNws+RrQBb2VvEYDOGNvlBC492HWkKftK9zNs6aX72Ckh9A2q/xUOUTV8WGSGCyBZms
X-Exchange-Antispam-Report-Test: 
 UriScan:(9452136761055)(767451399110)(17755550239193); 
X-Microsoft-Antispam-PRVS: 
 <SN1PR12MB0157682011C48FC799A3A5D6E5500@SN1PR12MB0157.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
	RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(93006095)(93001095)(3231021)(10201501046)(3002001)(6055026)(6041248)(20161123564025)(20161123560025)(20161123555025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);
	SRVR:SN1PR12MB0157; BCL:0; PCL:0;
	RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);
	SRVR:SN1PR12MB0157;
X-Forefront-PRVS: 048396AFA0
X-Forefront-Antispam-Report: SFV:NSPM;
	SFS:(10009020)(6009001)(376002)(346002)(39860400002)(199003)(189002)(25786009)(1076002)(3846002)(6116002)(316002)(305945005)(50466002)(2870700001)(86362001)(50226002)(4326008)(23676003)(54906003)(50986999)(2906002)(76176999)(97736004)(53416004)(101416001)(7736002)(68736007)(16526018)(478600001)(53936002)(8936002)(5660300001)(6486002)(33646002)(106356001)(105586002)(7416002)(6666003)(36756003)(189998001)(2950100002)(81166006)(66066001)(47776003)(8676002)(81156014);
	DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0157;
	H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1;
	MX:1; LANG:en;
Received-SPF: None (protection.outlook.com: amd.com does not designate
	permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 
 =?utf-8?B?MTtTTjFQUjEyTUIwMTU3OzIzOlUvVVp6MTMvYWhpamhDQ0R3WHhlYUdNYTc1?=
	=?utf-8?B?d2tBMEQ4dVpOanJuem1vWDE5MmsvL3djZmxRT0RvOTJsaGY4NUh5THZRNElq?=
	=?utf-8?B?VHJuRXlPRU1QRWdLUDM4QWEySkxBRkRhQXVzMWRrOUo5cG5VUmlaRnhwc0FX?=
	=?utf-8?B?WTd6YVl6ZGFsRS9GK0RodHJEQkRScWVvcFRvd0JFRWpiYzUrWHY5NUdDWVBV?=
	=?utf-8?B?SmluWUYvRStQUktSLzNRK2NrdzZXbXhOWHVSMDQzRzBuS1BzdC9ZTmJqZ0NC?=
	=?utf-8?B?NFVSSFZJeFQ2T281bElKbUFmS1JNdGtuY2tSanBhQUR5ZjFhRXFIUnlRb3BQ?=
	=?utf-8?B?T0IrVUVqMkVHclNjNFhWNWROb25XWFVQbi9aa3MxK2R0a0JXNVhCZVgxMmpD?=
	=?utf-8?B?UnBwRjg0Wi8yQlcvVDBKeC9QUFozanRQQ0RBQkRGK1NSOWdoT0tIM1R3MUJU?=
	=?utf-8?B?WSsreitrSndjbDB6MGtIYWJmTVZEcys2WFY3YmdsSVZkbzlwTDhQK2RuMU1D?=
	=?utf-8?B?d1g3bk9LVWZOaXN0a0dnRWlYZTd5NVYyOFFqcktMTEFnZU5obnhHNExoVHBu?=
	=?utf-8?B?aWNibFB0VFJDSDJSRVhHR2hQY1Qyd2VhcXZZNjZhc2dremViRFBUWnpYenFE?=
	=?utf-8?B?cC9kRGlCUGRNOVRRS3UyQm1Kc3hqYWRmOTJFbC9vWUpuY0s3b2dzMjN1QjZ4?=
	=?utf-8?B?V1gyMUtUczl4aXI1TEJjdUdrRWdESzh4Rnh3ajZ2NDBrZGhEUTdsd1BzaWMz?=
	=?utf-8?B?djlPNURINkUrRUlsemNteGYva3RnSnBEYisvUTdJVFJlOXZzWk04bjNqb2tx?=
	=?utf-8?B?ZFYrMmp4OGNTUzN0UmlZT2p6TWtVNmFOaVkvZUxudEVqK0dUQnlXY1hNWU93?=
	=?utf-8?B?SG5zYTFqQjgvOGRwdk1MbEo1bjhDLzlYMDFOL1hVNDVQb3NFZHBuU09Za3pj?=
	=?utf-8?B?VUUzb2NYS3AvbXA5TGdFNjhDd0lJdU1KMTZIdG9vY0trVjIwWi8zcCtpU2Np?=
	=?utf-8?B?TEFQSDZLWStrMG1JSTJqaHBHOEUvSnZDb1RQaW10WVlwU1E2RTBXSFZRRXZ5?=
	=?utf-8?B?akMzaVQwRVovWVNsQ08vMVZ5UHFpeGVxZVM5bEVtQzYxL3lMM3Q0ZFJST3o1?=
	=?utf-8?B?SkhsdDlHUGhnaFpYUmtYbUs0TlZ6alZ3QjVjL3hlaU9MQVNIejY5TlhRVEkw?=
	=?utf-8?B?andaVU16ci9WY1NWRzRXcVk0YUt6QmNKTTJjNmRUQ0haWVQrYlcrRzlBRDZT?=
	=?utf-8?B?bEcwdEhXclhZcHY5ODc0d2hNSDNEblJzNjREWmlSd25OVU9zbGQ4U3RTRVR1?=
	=?utf-8?B?bWswSCtVai9wODNlUktWWUJGZWNtamNObGMxVW1ZNEZlKzdWODZFUEZnZ0s4?=
	=?utf-8?B?MkVmcFhFSlN1WWJ0YVl3NVVuNVRoZEhoTXdGa1BDV1piNjZBQzRDWld0R016?=
	=?utf-8?Q?N81AdzhCCs2iYtE3Isv2r+8xOrI?=
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	6:OS0TIw/ru34rZh8GIOfwqFZMBo3PTQgir0hZfHV8+FMLphlKIIl8HQKKj3T4LsxHS7lO7HAlYxeWQG8cNAWzHez3EZwsI8D89XpNxwZd0yhw+113X2I70egPB+4+JKCxhohHVafDTvmJFErN1bThmwiRuOp/wjoRb5JWCrH0rDDpclIhWs0p35/XSbjRnOALbdEL4sCyWsyd9s8lhYSk+uYqzosMl/GYBD4rXh6YyK2RGLXCXX5291aPnVDEaaK1Wql9BdXo05+ZT9eNp3NNHr/xB8YWAJKcfIg0kVsSPDcjk5o3yb6xszT0YsyHvaKYARc0PYSIXWzhS0rdq1PIUyi+/cy+o54IWfYUS2O+esg=;
	5:g3O5a4tw8RUdd/MoYb+RCNKY0JFk2rtWgMNERw+9117Vm9bBXNE+fzpKve09W4JotHnAp74tVm/wTMo+It6ODJYY2WmgyLpnscBeu8FdSChnnJd8D5BeuT6yKL9RpV4SbYjZjue40ovNZhoCaYfd7O8/C9F3NfKDxNbl/rSFmBY=;
	24:TqOASgYFfFIC0H9/9E8UKENK+wscdLheH9YtLOqXOMCr7JXma/Ljn1DJ84/3V9Rfn8u1Dgp0QpsvMN8g4kNfYJVamfTfXF5EfUrOQLWPCdw=;
	7:YaODd3P55/lXlqf0gAVe28JbeGmirdeBi4fRR5FhHdlArT+TSVW5Jc4CiZsSRuyUSf5yWBJ3CqXcQ6ArXN8HBxN8bBqoiYqYWJ7iiOYIUEttRSKTbTDJICy73iZeP6RECbEx7RqzzHzx+I1vXP9Z2kXN4NEHl/6Ffn4wBqeBPUYxS3Akyq2qhWMNp78fMiy0C/n9W8z+r7M5v2yd+BcZX7oMujTvOhdD9u+khAFNs4hx6LNTsz1QmoeJRZ0u2WBm
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157;
	20:wtcpR+V08KFaDDPxvOTlirxMwqBn7StqIFHpRia9fXI7Fr+tcIywalyY3lxvs8K3/vHnLy4bZkTKN/mbPWN7AkAt9c6t/SDUMNKDxDFixiA4lhA5dhbG4f29vFsogqEdLWnxRjkrGBET1uA68PRDpN85ermXDlDUnknNsUJx1YV4dytzfEwUXttyD7atpXcjZGcsCY/b3PMMcAglPmlvsVwLFqTWvHpixioozT8agAIwkHoI2tbg8zt7Ak1cAxjg
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Nov 2017 18:15:45.0517
	(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 e7ad3f3d-0b5b-468f-f4e3-08d525426616
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0157
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

On AMD platforms, under certain conditions insn_len may be zero on #NPF.
This can happen if a guest gets a page-fault on data access but the HW
table walker is not able to read the instruction page (e.g instruction
page is not present in memory).

Typically, when insn_len is zero, x86_emulate_instruction() walks the
guest page table and fetches the instruction bytes from guest memory.
When SEV is enabled, the guest memory is encrypted with guest-specific
key hence hypervisor will not able to fetch the instruction bytes.
In those cases we simply restart the guest.

I have encountered this issue when running kernbench inside the guest.

Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Borislav Petkov <bp@suse.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: x86@kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 arch/x86/kvm/mmu.c | 10 ++++++++++
 arch/x86/kvm/svm.c |  6 ++++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index 0b481cc9c725..ee81685da05f 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -4950,6 +4950,16 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code,
 	if (mmio_info_in_cache(vcpu, cr2, direct))
 		emulation_type = 0;
 emulate:
+	/*
+	 * On AMD platforms, under certain conditions insn_len may be zero on #NPF.
+	 * This can happen if a guest gets a page-fault on data access but the HW
+	 * table walker is not able to read the instruction page (e.g instruction
+	 * page is not present in memory). In those cases we simply restart the
+	 * guest.
+	 */
+	if (unlikely(insn && !insn_len))
+		return 1;
+
 	er = x86_emulate_instruction(vcpu, cr2, emulation_type, insn, insn_len);
 
 	switch (er) {
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index c4b7f2120e96..3321e95936a0 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -2406,7 +2406,8 @@ static int pf_interception(struct vcpu_svm *svm)
 	u64 error_code = svm->vmcb->control.exit_info_1;
 
 	return kvm_handle_page_fault(&svm->vcpu, error_code, fault_address,
-			svm->vmcb->control.insn_bytes,
+			static_cpu_has(X86_FEATURE_DECODEASSISTS) ?
+			svm->vmcb->control.insn_bytes : NULL,
 			svm->vmcb->control.insn_len);
 }
 
@@ -2417,7 +2418,8 @@ static int npf_interception(struct vcpu_svm *svm)
 
 	trace_kvm_page_fault(fault_address, error_code);
 	return kvm_mmu_page_fault(&svm->vcpu, fault_address, error_code,
-			svm->vmcb->control.insn_bytes,
+			static_cpu_has(X86_FEATURE_DECODEASSISTS) ?
+			svm->vmcb->control.insn_bytes : NULL,
 			svm->vmcb->control.insn_len);
 }