From patchwork Tue Dec  5 01:06:16 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Brijesh Singh <brijesh.singh@amd.com>
X-Patchwork-Id: 10091837
Return-Path: <kvm-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	7245E60327 for <patchwork-kvm@patchwork.kernel.org>;
	Tue,  5 Dec 2017 01:07:42 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 661F229426
	for <patchwork-kvm@patchwork.kernel.org>;
	Tue,  5 Dec 2017 01:07:42 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 577AA294D9; Tue,  5 Dec 2017 01:07:42 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D133A29426
	for <patchwork-kvm@patchwork.kernel.org>;
	Tue,  5 Dec 2017 01:07:41 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752768AbdLEBHI (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Mon, 4 Dec 2017 20:07:08 -0500
Received: from mail-by2nam01on0087.outbound.protection.outlook.com
	([104.47.34.87]:63748
	"EHLO NAM01-BY2-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1752681AbdLEBGt (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 4 Dec 2017 20:06:49 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=amdcloud.onmicrosoft.com; s=selector1-amd-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
	bh=+a51k5ijPL8n0zC1OwDlKItf2TEJ0iDT5WlOyCTLDQE=;
	b=jF7tvT9PG4yIeZBR7iHdUiOH/LFu1xsgRS6bTXleTQdP9xpYTOR/eAKAcaAvZvc/TYdYEutdsPt2PK/Ez5fRLbgi59OHf4KZ9W0sY5NMkRfDEXr40lzD1+Z48jZ2JYIKt50Jh80CgHoZyWNf0QcNw1lxdUf8zkBLhesQJiJ5AoE=
Authentication-Results: spf=none (sender IP is )
	smtp.mailfrom=brijesh.singh@amd.com;
Received: from wsp141597wss.amd.com (165.204.78.1) by
	DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5;
	Tue, 5 Dec 2017 01:06:44 +0000
From: Brijesh Singh <brijesh.singh@amd.com>
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org
Cc: bp@alien8.de, Brijesh Singh <brijesh.singh@amd.com>,
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H. Peter Anvin" <hpa@zytor.com>, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Joerg Roedel <joro@8bytes.org>, Borislav Petkov <bp@suse.de>,
	Tom Lendacky <thomas.lendacky@amd.com>
Subject: [Part2 PATCH v9 38/38] KVM: X86: Restart the guest when insn_len is
	zero and SEV is enabled
Date: Mon,  4 Dec 2017 19:06:16 -0600
Message-Id: <20171205010616.5958-9-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.9.5
In-Reply-To: <20171205010616.5958-1-brijesh.singh@amd.com>
References: <20171205010616.5958-1-brijesh.singh@amd.com>
MIME-Version: 1.0
X-Originating-IP: [165.204.78.1]
X-ClientProxiedBy: BN6PR04CA0055.namprd04.prod.outlook.com
	(2603:10b6:405:3b::44) To DM2PR12MB0156.namprd12.prod.outlook.com
	(2a01:111:e400:50ce::19)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: df24aa0f-72c3-4948-2dc7-08d53b7c7433
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0;
	RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286);
	SRVR:DM2PR12MB0156;
X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156;
	3:MHqrGeP61E7phJwxq1A4KLEdhJpQo8iAL4uQ8Skv3k6bZcyy0B79/0+nfEizGJNWYfUxQdYsm9kv+4Hx7TBycHZpdlgZdLBmWyOu6RKIwympqeBusf5GJymPdDByKclgyR2gSgZRoEB3ZN24QyTCKcdHRlK7+DvPLUd4TCpmSvXcF61PBEginjMx2ytdtO+vDXHmWCj8DPSdjSrt9EHWUEtgTSkYyDXScri/jF09v62UFudmra/oalV/JYL+n+mM;
	25:RycZY8zOhauBCAQEUvc287KdBNqNsCHnRd+sQ/g7i+vmjDR719ze/HuqVbdfUlTJMpJE7xUdc/yNFnvVAXyKIUeex93XsLMFc3uLNZ48KQp9cDQ60LGAd5U6GErUKVtPpJinGxRKSzjRw3CKDJWDcZ6xT3yQjeLswJqWRCtUxuibaTzG+Ry7zhFQ9v4G+EPo73OVdyNMwyhjxnQaZSfEMnDDE1QoVh+hQFp/u3aixzv9BcSht2a9FjOZW37zV/MjHOV/f2TkLhF+sc6Ekfys2lPUxTu1DvroIohLciNlV2nuO5LlFadW7FjevIRfojbC+TIjHoDdFuRUbEwUhN/t/w==;
	31:17FHENs+WcLO16iDHNzGf2K7yEdgd2FYgyrVpj8NDdl+rGCjsGpB4MZ55376DLhAc6QbkMkM3N7hQG3tSXA0xMN6OJyAOjLTH2K2uEusRLxxti5Fdcszg7nn0T8WW8n+M7bdjMsWPIOD6lIIddpcLDlmyALPZwoUP51AQzGNlIDLebSs/bIKhidre9WWyByi5JGZIu035RMyTrsGwz5aSP6TRWUMwBfgt5k0SY0Dcro=
X-MS-TrafficTypeDiagnostic: DM2PR12MB0156:
X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156;
	20:gA9fkTA+jZUII3939QGXu5+N6r8elxdX5GThe73+GKfYN+CNxpTNn/WShWJ15jvPw+OeQ/V64yj4fl+GpRBdU/ZnPzDmx01zwivbBtAb1Iq+IVe0I5vsRlazgQ93nsToWOjnhQBqCm/Mz/1osUp/H0UCd9gBvxbrYnEoLYkArdDNXOiNy4OvaAIQVsTmPpcb9rKzMFFQmD/pPc5ulf4mdDUbXQABHBqSri/J69cL6fDt+UloloCyvoWNc+WmOyNwLOKrtZXPY6gd4LeqCmdIqcqVK0rTO0eFTT4l55U+JBiDncyeW89ts9S0V+E180yY86Hd3+yc78qTBOAKJ+CmtvKS1QVHVE1tYB8lNEBq4/+yYrwMRhy8RqOBaITx4l8r8c632VqqO70aSRxp8DiPj6MruO5O1I1elrhRryK7PwkWnsI9qxKjnwAO3g9CNS5ZN9nU0Gj0hLqH7hj+VzknmQSB9/tS0n9OihfUVnvVSGK7YOvvwtlrqcZdM0CTv3kh;
	4:hR0/qi5HY8bQY9VflgVncm+qXW7UHzJhOH6uqGiBIav0gZVQtJSKrmmDAjyy0CSENFj5U8/J29a4GdrukTQK8pbhIItnJd2syOO2+uKZEAESQbnJLlVXh3m6AHm3yn8JchrUCFUqCg8/F2f0bbkXI4BnfFjsWB9kDXKR1zmGCOLZRnCF0YCgBei8HBdAxadOizus0Wkq76ATw7WHFPOXl0sqcuMViDrEtvWCe2lsQ/IPrQtD1YHAjlbf2LHf/lPq+fqV007cGz2X+iJt2AqQSkvbqS/joSgjkb3auuJeoobGZMaNpoN+HN7n4qcmgaayYBAO+KQOSNR7v02o9+TMvMT6Qp4B14p9o1cl6oFRVZXkbYyu2tZylTLvNjFfoz0p
X-Microsoft-Antispam-PRVS: 
 <DM2PR12MB0156F8D0B2F48CCE699199A4E53D0@DM2PR12MB0156.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-Test: 
 UriScan:(9452136761055)(767451399110)(17755550239193); 
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
	RULEID:(6040450)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231022)(6055026)(6041248)(20161123562025)(20161123560025)(20161123558100)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(6072148)(201708071742011);
	SRVR:DM2PR12MB0156; BCL:0; PCL:0;
	RULEID:(100000803101)(100110400095); SRVR:DM2PR12MB0156;
X-Forefront-PRVS: 0512CC5201
X-Forefront-Antispam-Report: SFV:NSPM;
	SFS:(10009020)(6009001)(376002)(346002)(39860400002)(366004)(189002)(199003)(316002)(66066001)(50466002)(23676004)(47776003)(25786009)(54906003)(86362001)(53416004)(7696005)(76176011)(16526018)(36756003)(575784001)(8936002)(81166006)(6486002)(81156014)(305945005)(50226002)(7736002)(53936002)(5660300001)(52116002)(2950100002)(6666003)(33646002)(4326008)(101416001)(8676002)(478600001)(2906002)(7416002)(2870700001)(1076002)(189998001)(106356001)(6116002)(3846002)(68736007)(97736004)(105586002);
	DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0156;
	H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords;
	MX:1; A:1; LANG:en;
Received-SPF: None (protection.outlook.com: amd.com does not designate
	permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: 
 =?utf-8?B?MTtETTJQUjEyTUIwMTU2OzIzOmxqTUNGczMrMXV2NHlPaVFqK2FFZzJac1p4?=
	=?utf-8?B?WDhleGUrbk9oMlZOQm1lTmJrVlhTQnBTR1ZPbDMzcDlPMnhFdUxIRFptUGov?=
	=?utf-8?B?R1NpWTYxVjBCQUdUUlJ6VzJSa3djcWRVdW4zN1drbmVsVlczcXlOMGdOVGxG?=
	=?utf-8?B?L1g1d1pScXBuVXpYZUpneUN3MzVLd1NtZUtZUVc5bnFNZmc3eUlCQ3NIZUJR?=
	=?utf-8?B?NURKZEZCTURnOURhUTFrYjkrVkZqb3VmVUQzaTNSU0thK1J0QmI3aXVoNkdr?=
	=?utf-8?B?aG5hVnp2cXpWdDZ1TTRVS0VnMXdQejFVSXQyM2J3cURVYzJmUkhGU3lqbS9K?=
	=?utf-8?B?Q24yS2tQdzNxcDRTMlVnLzZRVm9XZHBYdG9kaEQ4aGdWcXZ3cHBnWGdPODE5?=
	=?utf-8?B?a21seU9lMVFaZnlIanF1TVE4eENkZEpiek1wQ1NsVy9mSWh1WGIwSGNyNTRQ?=
	=?utf-8?B?Tmwzcmh2aWpJMnErYk05clgxU3VmWVI2YTFXQmF0SXFmcFRSaVArSUFkQWhQ?=
	=?utf-8?B?TGZ6UmhmZjNGR0VmQjdRVTlHY3pnVTh6TVlQc3g0bDZEYjVTdnh3OVVrelds?=
	=?utf-8?B?UUMvMFVLMXZBczQxM1RxdDhrcmRwbEJNM0lLWmY2ank2Qjk5M2tOUjdReXMx?=
	=?utf-8?B?aTZWSDBOMmJhUnRlWjBLM1BxZlcrUCsyZG56cU9VSWYwSk1pUUxEUkJXeXVS?=
	=?utf-8?B?ZTRPaEhrV0hpWmNZR1pvQnhZU2FTSjlnTlF0alhWSmgya1lwV0RCRWdhNk56?=
	=?utf-8?B?ZmE1eEs4ek1raERCYVJqVmN5TjBQTHlidXZkd0lJVjVIQmVGSjdQVGhpTFhv?=
	=?utf-8?B?MDFvcnBySTBkRWZZU0EyaW1iUDlWY0NnbUpsKytVN3NvUEZjWHJsZXRuNWdV?=
	=?utf-8?B?WnNzc0w0bGFicFoyMHo1UnEvekhMdHBmZzJDcmpITE5QM2tLUEl6dHl4cHZj?=
	=?utf-8?B?R3BBVGpFT1l3UG90VE4ycFlMS1NIOElzajIyUWRlZ2FSN0wyVHBpSG9RZ3lX?=
	=?utf-8?B?MkRJZWl2NXZ4YXdiTDdRVWlaTXYrd0EvejhqUXhld1NCeWNqc3hjYzV3UXVH?=
	=?utf-8?B?VnRrVFp0bkUyZlhnbEh4SHIrNEh2N0k1V2xVUHpRNzZnVE9RN1dqR25oTTh6?=
	=?utf-8?B?c3FyekNXdnY2MGs0dnkzcEFZWTJJQ2lGZDhuNVRRaUVDYkVSRWtGZGd1dzUx?=
	=?utf-8?B?QnVGVE8vV01zY2wvdmNGSDM4dkFYY0hmWWxtdWZ0UyszWXpzMTY1M0FhbkMy?=
	=?utf-8?B?eVNhWTBMTVNJa3ZtdnpjK3dnQnczaG0xblBFZDB2YTZvdm5oVXErTS9FeVht?=
	=?utf-8?B?d1pjZTJteUhQV2FXNWNWZFB3ZFhIRkhBcXltU2gxZHVpeDVLTFB6V296b0Vw?=
	=?utf-8?B?OGVhRlBWMDlMWGFVb1RFSkZERk4wZVc2NmZIU0tyRFBFUkQ4VmwyY1R4UTUw?=
	=?utf-8?B?d204a2diVVN5SndSNm1HMkdaenh5M1NlWDZTb0Z0OHh2RkFrZWVRWkZtRzdT?=
	=?utf-8?Q?XLlKBaSgW3y4P6/tt46ex8cpfm6TTLQQUNPbuLNo06AEFf?=
X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156;
	6:sIkn7rIHNP11wujRnrjFAj7KIhCMwqPAhVYfHnjJrMos6TIXGTfDVzFkxU1D3oUqOU9daApgFtA1kxROb8RoKvX78B8VEdx1BYYBelq0cpEtLwYTtV9nNWFWL9gPNfd4TVQcigEhaVQlnKXxeaVTvTOha82a4CqoULGKtqFVIJUYhvW6wg2jol/sLDOFnlZ8qoXqSD8Tdl6nqtONrlVIY6pvn0wQdbc/lo9ASlT85C6DLNx/EBe0Y1hn9EhXasvCchVLCXWcuRN4lU5H3BlMtDfKiWYcuuNdVQ1sht3gJgYTdQ0TV1DrZeVNkpkVhEhcAKSjtE+kd+wdC8bWZzR1ORGCcFrqDx/MkIOnPhG6trU=;
	5:0n8oxNnlP9wGpmigYBZsEhmn41M2Zw4BY/OFoTBLO32dGhrsqMJEBgiK/mxASg2WI/rM2MqGcjsHzM8hxwlX50T+icREvLlaZcyHk8rS3wpGka4YGE9w1HXkR4Y3LG9FWjdEdezAbVPuoMf8E+/DYUqtl93ZjPEI0VCLvkNBbJA=;
	24:H9mIzWBVM506fC2JTNoauhWeOTA73fFnK7mcAuEu/3wzkaLktKCa93fsCg9I5snHYAvle6OEkD+b0+w3E4Hj3fNHDT+lPuMw2lMmhI3MuB4=;
	7:o8Iun7wDpeKUoif/n8OMtiyC1jlf4Tw4Q8UmanH52S0QhKtYs2gvc2164OL0fnZ7OgC8fwuefozGIhsEOOQhu80AbC5zegv75xUobpfCq2ng05ySqSIG+IflmwNtKhbCMC0XN8ir9VTBXimeVAHlaGqy+2KEG4iTr7BxqgNLk6g7K3S3TcYsHeSJ9DMqfpt66nwUMSZtuXrqjRrpSVGREQW2G+4yDX67mPmoUSVFLqx7bzveXpmUSB8o1ACgU1Qh
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156;
	20:cAIxco0+bcEYIxSQrvwCBdgyjkIslA+WrctocwIicZPe520RRAG/lJYYalUcwPrwjHEftOlvlF8CcbP2k1fsTcMbtkCp6E7KJC4cXrjXy28N539rpcCbiVoeSED/Wi/x/KqkJt0qJikly5/w5mQ0nj8XWfJqBePv8KDzVxyAN0SxCl/gIrJB78PurLGEiSKhjZEywRc9sWLBXL63+vTddFDv5lvi2IKkxpmWZDYQYGON2oD+ZUDsm5I7Ck2oqVuu
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:06:44.2881
	(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 df24aa0f-72c3-4948-2dc7-08d53b7c7433
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

On AMD platforms, under certain conditions insn_len may be zero on #NPF.
This can happen if a guest gets a page-fault on data access but the HW
table walker is not able to read the instruction page (e.g instruction
page is not present in memory).

Typically, when insn_len is zero, x86_emulate_instruction() walks the
guest page table and fetches the instruction bytes from guest memory.
When SEV is enabled, the guest memory is encrypted with guest-specific
key hence hypervisor will not able to fetch the instruction bytes.
In those cases we simply restart the guest.

I have encountered this issue when running kernbench inside the guest.

Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Borislav Petkov <bp@suse.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: x86@kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 arch/x86/kvm/mmu.c | 10 ++++++++++
 arch/x86/kvm/svm.c |  6 ++++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
index e5e66e5c6640..d5e5dbd0e5ad 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -4950,6 +4950,16 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code,
 	if (mmio_info_in_cache(vcpu, cr2, direct))
 		emulation_type = 0;
 emulate:
+	/*
+	 * On AMD platforms, under certain conditions insn_len may be zero on #NPF.
+	 * This can happen if a guest gets a page-fault on data access but the HW
+	 * table walker is not able to read the instruction page (e.g instruction
+	 * page is not present in memory). In those cases we simply restart the
+	 * guest.
+	 */
+	if (unlikely(insn && !insn_len))
+		return 1;
+
 	er = x86_emulate_instruction(vcpu, cr2, emulation_type, insn, insn_len);
 
 	switch (er) {
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 3e848f952b4f..ec5df5752995 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -2436,7 +2436,8 @@ static int pf_interception(struct vcpu_svm *svm)
 	u64 error_code = svm->vmcb->control.exit_info_1;
 
 	return kvm_handle_page_fault(&svm->vcpu, error_code, fault_address,
-			svm->vmcb->control.insn_bytes,
+			static_cpu_has(X86_FEATURE_DECODEASSISTS) ?
+			svm->vmcb->control.insn_bytes : NULL,
 			svm->vmcb->control.insn_len);
 }
 
@@ -2447,7 +2448,8 @@ static int npf_interception(struct vcpu_svm *svm)
 
 	trace_kvm_page_fault(fault_address, error_code);
 	return kvm_mmu_page_fault(&svm->vcpu, fault_address, error_code,
-			svm->vmcb->control.insn_bytes,
+			static_cpu_has(X86_FEATURE_DECODEASSISTS) ?
+			svm->vmcb->control.insn_bytes : NULL,
 			svm->vmcb->control.insn_len);
 }