From patchwork Mon Dec 18 19:06:36 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Adalbert_Laz=C4=83r?=
 <alazar@bitdefender.com>
X-Patchwork-Id: 10121709
Return-Path: <kvm-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	9043760390 for <patchwork-kvm@patchwork.kernel.org>;
	Mon, 18 Dec 2017 19:07:18 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7F39E28C56
	for <patchwork-kvm@patchwork.kernel.org>;
	Mon, 18 Dec 2017 19:07:18 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 746D028C6C; Mon, 18 Dec 2017 19:07:18 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-7.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU,
	RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1677828C56
	for <patchwork-kvm@patchwork.kernel.org>;
	Mon, 18 Dec 2017 19:07:18 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S933978AbdLRTHQ (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Mon, 18 Dec 2017 14:07:16 -0500
Received: from mx02.bbu.dsd.mx.bitdefender.com ([91.199.104.133]:54674 "EHLO
	mx02.buh.bitdefender.com" rhost-flags-OK-OK-OK-OK) by
	vger.kernel.org
	with ESMTP id S1760289AbdLRTHI (ORCPT <rfc822; kvm@vger.kernel.org>);
	Mon, 18 Dec 2017 14:07:08 -0500
Comment: DomainKeys? See http://domainkeys.sourceforge.net/
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=default; d=bitdefender.com;
	b=sqVbAH+BZ1zTmz17yP2B2cGEv5qUV8BlZqCYJOF9NVyZtPLdZLio8g2HXmNlqQln3sU8/oaPRZzLtSEGcgPL4BYtmselgjTaqkgpB8wm65fV4tmmxPiPnVeqKwsirSKgEtFFS9OLW8aabB/gMWZwXzFm5OBLz0eeSnRuuqoSxny41IV8BkVWk0fTDNuqUu+kOcR5NbH1xUfF8KVaaBzB6YvKf+AFg++yYYzaeutCLcedUGJf98iJ/L1Eb+wB9Ybm1TOMI18D/fsLsLuMcfmqrpBaWYRTrXA4vXv6BlhFhjSaltRlYx2qc2nI6vkOe8KXob9P6fmtQIGhe80A4NXKmQ==;
	h=Received:Received:Received:Received:From:To:Cc:Subject:Date:Message-Id:X-Mailer:In-Reply-To:References:MIME-Version:Content-Type:Content-Transfer-Encoding;
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=bitdefender.com; h=from:to
	:cc:subject:date:message-id:in-reply-to:references:mime-version
	:content-type:content-transfer-encoding; s=default; bh=3UKcd5wxl
	xcbRYjwVrsWJh7sn58=; b=Lkjoe25CfEPZXS3Qy1gQfAhmI3rQQv7HLjN64Zwzj
	Lniy9OiSBb9CyvAQtBfLm6siUjHsyVCxzu4viAh7Ej5F7vQ5rnR/vv/P6Pjk2nj/
	h/Jr0YXeKYPsmhBcCVE8C9wXxaIxKraKnRU6Poy7bCoAC+9JNErxO0fw5EiWnLXN
	292VggtYsedJWmyxUeq/4gHepYy39eWrfgBukSzA9aK5u6BAEXR2gga5FCI76A/p
	xa4Nv/QZJwesJZbJYhwbtghI6KcQOrZLiQcHG2T16tcZ1jFcwdHbylznPVxANsae
	YeGo2EpfDnxzZwsvqjku8bB18dWFcYUim7O1sDcDGO56w==
Received: (qmail 30862 invoked from network); 18 Dec 2017 21:06:57 +0200
Received: from mx01robo.bbu.dsd.mx.bitdefender.com (10.17.80.60)
	by mx02.buh.bitdefender.com with AES128-GCM-SHA256 encrypted SMTP;
	18 Dec 2017 21:06:57 +0200
Received: (qmail 31407 invoked from network); 18 Dec 2017 21:06:57 +0200
Received: from unknown (HELO host.bbu.bitdefender.biz) (10.10.193.111)
	by mx01robo.bbu.dsd.mx.bitdefender.com with SMTP;
	18 Dec 2017 21:06:57 +0200
From: =?UTF-8?q?Adalber=20Laz=C4=83r?= <alazar@bitdefender.com>
To: kvm@vger.kernel.org
Cc: linux-mm@kvack.org, Paolo Bonzini <pbonzini@redhat.com>,
	=?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@redhat.com>,
	Xiao Guangrong <guangrong.xiao@linux.intel.com>,
	=?UTF-8?q?Mihai=20Don=C8=9Bu?= <mdontu@bitdefender.com>,
	Adalbert Lazar <alazar@bitdefender.com>
Subject: [RFC PATCH v4 12/18] kvm: x86: hook in kvmi_breakpoint_event()
Date: Mon, 18 Dec 2017 21:06:36 +0200
Message-Id: <20171218190642.7790-13-alazar@bitdefender.com>
X-Mailer: git-send-email 2.14.2
In-Reply-To: <20171218190642.7790-1-alazar@bitdefender.com>
References: <20171218190642.7790-1-alazar@bitdefender.com>
MIME-Version: 1.0
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Adalbert Lazar <alazar@bitdefender.com>

Inform the guest introspection tool that a breakpoint instruction (INT3)
is being executed. These one-byte intructions are placed in the slack
space of various functions and used as notification for when the OS or
an application has reached a certain state or is trying to perform a
certain operation (like creating a process).

Signed-off-by: Mihai Donțu <mdontu@bitdefender.com>
---
 arch/x86/kvm/svm.c |  6 ++++++
 arch/x86/kvm/vmx.c | 15 +++++++++++----
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index f41e4d7008d7..8903e0c58609 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -18,6 +18,7 @@
 #define pr_fmt(fmt) "SVM: " fmt
 
 #include <linux/kvm_host.h>
+#include <linux/kvmi.h>
 
 #include "irq.h"
 #include "mmu.h"
@@ -45,6 +46,7 @@
 #include <asm/debugreg.h>
 #include <asm/kvm_para.h>
 #include <asm/irq_remapping.h>
+#include <asm/kvmi.h>
 
 #include <asm/virtext.h>
 #include "trace.h"
@@ -2194,6 +2196,10 @@ static int bp_interception(struct vcpu_svm *svm)
 {
 	struct kvm_run *kvm_run = svm->vcpu.run;
 
+	if (kvmi_breakpoint_event(&svm->vcpu,
+		svm->vmcb->save.cs.base + svm->vmcb->save.rip))
+		return 1;
+
 	kvm_run->exit_reason = KVM_EXIT_DEBUG;
 	kvm_run->debug.arch.pc = svm->vmcb->save.cs.base + svm->vmcb->save.rip;
 	kvm_run->debug.arch.exception = BP_VECTOR;
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index c03580abf9e8..fbdfa8507d4f 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -51,6 +51,7 @@
 #include <asm/apic.h>
 #include <asm/irq_remapping.h>
 #include <asm/mmu_context.h>
+#include <asm/kvmi.h>
 
 #include "trace.h"
 #include "pmu.h"
@@ -5904,7 +5905,7 @@ static int handle_exception(struct kvm_vcpu *vcpu)
 	struct vcpu_vmx *vmx = to_vmx(vcpu);
 	struct kvm_run *kvm_run = vcpu->run;
 	u32 intr_info, ex_no, error_code;
-	unsigned long cr2, rip, dr6;
+	unsigned long cr2, dr6;
 	u32 vect_info;
 	enum emulation_result er;
 
@@ -5978,7 +5979,13 @@ static int handle_exception(struct kvm_vcpu *vcpu)
 		kvm_run->debug.arch.dr6 = dr6 | DR6_FIXED_1;
 		kvm_run->debug.arch.dr7 = vmcs_readl(GUEST_DR7);
 		/* fall through */
-	case BP_VECTOR:
+	case BP_VECTOR: {
+		unsigned long gva = vmcs_readl(GUEST_CS_BASE) +
+			kvm_rip_read(vcpu);
+
+		if (kvmi_breakpoint_event(vcpu, gva))
+			return 1;
+
 		/*
 		 * Update instruction length as we may reinject #BP from
 		 * user space while in guest debugging mode. Reading it for
@@ -5987,10 +5994,10 @@ static int handle_exception(struct kvm_vcpu *vcpu)
 		vmx->vcpu.arch.event_exit_inst_len =
 			vmcs_read32(VM_EXIT_INSTRUCTION_LEN);
 		kvm_run->exit_reason = KVM_EXIT_DEBUG;
-		rip = kvm_rip_read(vcpu);
-		kvm_run->debug.arch.pc = vmcs_readl(GUEST_CS_BASE) + rip;
+		kvm_run->debug.arch.pc = gva;
 		kvm_run->debug.arch.exception = ex_no;
 		break;
+	}
 	default:
 		kvm_run->exit_reason = KVM_EXIT_EXCEPTION;
 		kvm_run->ex.exception = ex_no;