[v8,66/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN

Message ID	20200330101308.21702-67-alazar@bitdefender.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=cHma=5P=vger.kernel.org=kvm-owner@kernel.org> From: =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com> To: kvm@vger.kernel.org Cc: virtualization@lists.linux-foundation.org, Paolo Bonzini <pbonzini@redhat.com>, =?utf-8?q?=C8=98tefan_=C8=98icleru?= <ssicleru@bitdefender.com>, =?utf-8?b?TmljdciZb3IgQ8OuyJt1?= <ncitu@bitdefender.com>, =?utf-8?q?Adalber?= =?utf-8?q?t_Laz=C4=83r?= <alazar@bitdefender.com> Subject: [PATCH v8 66/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN Date: Mon, 30 Mar 2020 13:12:53 +0300 Message-Id: <20200330101308.21702-67-alazar@bitdefender.com> In-Reply-To: <20200330101308.21702-1-alazar@bitdefender.com> References: <20200330101308.21702-1-alazar@bitdefender.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: kvm-owner@vger.kernel.org Precedence: bulk
Series	VM introspection \| expand [v8,00/81] VM introspection [v8,01/81] sched/swait: add swait_event_killable_exclusive() [v8,02/81] export kill_pid_info() [v8,03/81] KVM: add new error codes for VM introspection [v8,04/81] KVM: add kvm_vcpu_kick_and_wait() [v8,05/81] KVM: add kvm_get_max_gfn() [v8,06/81] KVM: doc: fix the hypercall numbering [v8,07/81] KVM: x86: add kvm_arch_vcpu_get_regs() and kvm_arch_vcpu_get_sregs() [v8,08/81] KVM: x86: add kvm_arch_vcpu_set_regs() [v8,09/81] KVM: x86: avoid injecting #PF when emulate the VMCALL instruction [v8,10/81] KVM: x86: add .bp_intercepted() to struct kvm_x86_ops [v8,11/81] KVM: x86: add .control_cr3_intercept() to struct kvm_x86_ops [v8,12/81] KVM: x86: add .cr3_write_intercepted() [v8,13/81] KVM: x86: add .desc_ctrl_supported() [v8,14/81] KVM: svm: add support for descriptor-table exits [v8,15/81] KVM: x86: add .control_desc_intercept() [v8,16/81] KVM: x86: add .desc_intercepted() [v8,17/81] KVM: x86: export .msr_write_intercepted() [v8,18/81] KVM: x86: use MSR_TYPE_R, MSR_TYPE_W and MSR_TYPE_RW with AMD code too [v8,19/81] KVM: svm: pass struct kvm_vcpu to set_msr_interception() [v8,20/81] KVM: vmx: pass struct kvm_vcpu to the intercept msr related functions [v8,21/81] KVM: x86: add .control_msr_intercept() [v8,22/81] KVM: x86: vmx: use a symbolic constant when checking the exit qualifications [v8,23/81] KVM: x86: save the error code during EPT/NPF exits handling [v8,24/81] KVM: x86: add .fault_gla() [v8,25/81] KVM: x86: add .spt_fault() [v8,26/81] KVM: x86: add .gpt_translation_fault() [v8,27/81] KVM: x86: add .control_singlestep() [v8,28/81] KVM: x86: export kvm_arch_vcpu_set_guest_debug() [v8,29/81] KVM: x86: extend kvm_mmu_gva_to_gpa_system() with the 'access' parameter [v8,30/81] KVM: x86: export kvm_inject_pending_exception() [v8,31/81] KVM: x86: export kvm_vcpu_ioctl_x86_get_xsave() [v8,32/81] KVM: x86: page track: provide all page tracking hooks with the guest virtual address [v8,33/81] KVM: x86: page track: add track_create_slot() callback [v8,34/81] KVM: x86: page_track: add support for preread, prewrite and preexec [v8,35/81] KVM: x86: wire in the preread/prewrite/preexec page trackers [v8,36/81] KVM: x86: intercept the write access on sidt and other emulated instructions [v8,37/81] KVM: x86: disable gpa_available optimization for fetch and page-walk NPF/EPT violations [v8,38/81] KVM: introduce VM introspection [v8,39/81] KVM: introspection: add hook/unhook ioctls [v8,40/81] KVM: introspection: add permission access ioctls [v8,41/81] KVM: introspection: add the read/dispatch message function [v8,42/81] KVM: introspection: add KVMI_GET_VERSION [v8,43/81] KVM: introspection: add KVMI_VM_CHECK_COMMAND and KVMI_VM_CHECK_EVENT [v8,44/81] KVM: introspection: add KVMI_VM_GET_INFO [v8,45/81] KVM: introspection: add KVMI_EVENT_UNHOOK [v8,46/81] KVM: introspection: add KVMI_VM_CONTROL_EVENTS [v8,47/81] KVM: introspection: add KVMI_VM_READ_PHYSICAL/KVMI_VM_WRITE_PHYSICAL [v8,48/81] KVM: introspection: add vCPU related data [v8,49/81] KVM: introspection: add a jobs list to every introspected vCPU [v8,50/81] KVM: introspection: handle vCPU introspection requests [v8,51/81] KVM: introspection: handle vCPU commands [v8,52/81] KVM: introspection: add KVMI_VCPU_GET_INFO [v8,53/81] KVM: introspection: add KVMI_VCPU_PAUSE [v8,54/81] KVM: introspection: add KVMI_EVENT_PAUSE_VCPU [v8,55/81] KVM: introspection: add crash action handling on event reply [v8,56/81] KVM: introspection: add KVMI_VCPU_CONTROL_EVENTS [v8,57/81] KVM: introspection: add KVMI_VCPU_GET_REGISTERS [v8,58/81] KVM: introspection: add KVMI_VCPU_SET_REGISTERS [v8,59/81] KVM: introspection: add KVMI_VCPU_GET_CPUID [v8,60/81] KVM: introspection: add KVMI_EVENT_HYPERCALL [v8,61/81] KVM: introspection: add KVMI_EVENT_BREAKPOINT [v8,62/81] KVM: introspection: restore the state of #BP interception on unhook [v8,63/81] KVM: introspection: add KVMI_VCPU_CONTROL_CR and KVMI_EVENT_CR [v8,64/81] KVM: introspection: restore the state of CR3 interception on unhook [v8,65/81] KVM: introspection: add KVMI_VCPU_INJECT_EXCEPTION + KVMI_EVENT_TRAP [v8,66/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN [v8,67/81] KVM: introspection: add KVMI_EVENT_XSETBV [v8,68/81] KVM: introspection: add KVMI_VCPU_GET_XSAVE [v8,69/81] KVM: introspection: add KVMI_VCPU_GET_MTRR_TYPE [v8,70/81] KVM: introspection: add KVMI_EVENT_DESCRIPTOR [v8,71/81] KVM: introspection: restore the state of descriptor-table register interception on unhook [v8,72/81] KVM: introspection: add KVMI_VCPU_CONTROL_MSR and KVMI_EVENT_MSR [v8,73/81] KVM: introspection: restore the state of MSR interception on unhook [v8,74/81] KVM: introspection: add KVMI_VM_SET_PAGE_ACCESS [v8,75/81] KVM: introspection: add KVMI_EVENT_PF [v8,76/81] KVM: introspection: extend KVMI_GET_VERSION with struct kvmi_features [v8,77/81] KVM: introspection: add KVMI_VCPU_CONTROL_SINGLESTEP [v8,78/81] KVM: introspection: add KVMI_EVENT_SINGLESTEP [v8,79/81] KVM: introspection: add KVMI_VCPU_TRANSLATE_GVA [v8,80/81] KVM: introspection: emulate a guest page table walk on SPT violations due to A/D bit upd… [v8,81/81] KVM: x86: call the page tracking code on emulation failure

Message ID

20200330101308.21702-67-alazar@bitdefender.com (mailing list archive)

State

New, archived

Headers

From: =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com>
To: kvm@vger.kernel.org
Cc: virtualization@lists.linux-foundation.org,
 Paolo Bonzini <pbonzini@redhat.com>,
 =?utf-8?q?=C8=98tefan_=C8=98icleru?= <ssicleru@bitdefender.com>,
	=?utf-8?b?TmljdciZb3IgQ8OuyJt1?= <ncitu@bitdefender.com>, =?utf-8?q?Adalber?=
	=?utf-8?q?t_Laz=C4=83r?= <alazar@bitdefender.com>
Subject: [PATCH v8 66/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN
Date: Mon, 30 Mar 2020 13:12:53 +0300
Message-Id: <20200330101308.21702-67-alazar@bitdefender.com>
In-Reply-To: <20200330101308.21702-1-alazar@bitdefender.com>
References: <20200330101308.21702-1-alazar@bitdefender.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: kvm-owner@vger.kernel.org
Precedence: bulk

Series

VM introspection | expand

Commit Message

Adalbert Lazăr March 30, 2020, 10:12 a.m. UTC

From: Ștefan Șicleru <ssicleru@bitdefender.com>

The introspection tool will use this command to get the address range
for which it can set access restrictions.

Signed-off-by: Ștefan Șicleru <ssicleru@bitdefender.com>
Co-developed-by: Nicușor Cîțu <ncitu@bitdefender.com>
Signed-off-by: Nicușor Cîțu <ncitu@bitdefender.com>
Signed-off-by: Adalbert Lazăr <alazar@bitdefender.com>
---
 Documentation/virt/kvm/kvmi.rst               | 20 +++++++++++++++++++
 include/uapi/linux/kvmi.h                     |  6 ++++++
 .../testing/selftests/kvm/x86_64/kvmi_test.c  | 12 +++++++++++
 virt/kvm/introspection/kvmi_msg.c             | 14 +++++++++++++
 4 files changed, 52 insertions(+)

diff --git a/Documentation/virt/kvm/kvmi.rst b/Documentation/virt/kvm/kvmi.rst
index d6a09fac4f52..1c5e256975fe 100644
--- a/Documentation/virt/kvm/kvmi.rst
+++ b/Documentation/virt/kvm/kvmi.rst
@@ -756,6 +756,26 @@  The *KVMI_EVENT_TRAP* event will be sent with the effective injected expection.
 * -KVM_EBUSY - another *KVMI_VCPU_INJECT_EXCEPTION*-*KVMI_EVENT_TRAP* pair
                is in progress
 
+16. KVMI_VM_GET_MAX_GFN
+-----------------------
+
+:Architecture: all
+:Versions: >= 1
+:Parameters: none
+:Returns:
+
+::
+
+        struct kvmi_error_code;
+        struct kvmi_vm_get_max_gfn_reply {
+                __u64 gfn;
+        };
+
+Provides the maximum GFN allocated to the VM by walking through all
+memory slots allocated by KVM, considering all address spaces indicated
+by KVM_ADDRESS_SPACE_NUM. Stricly speaking, the returned value refers
+to the first inaccessible GFN, next to the maximum accessible GFN.
+
 Events
 ======
 
diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h
index 2603fa72154b..d33e8dae0084 100644
--- a/include/uapi/linux/kvmi.h
+++ b/include/uapi/linux/kvmi.h
@@ -34,6 +34,8 @@  enum {
 	KVMI_VCPU_CONTROL_CR       = 15,
 	KVMI_VCPU_INJECT_EXCEPTION = 16,
 
+	KVMI_VM_GET_MAX_GFN = 17,
+
 	KVMI_NUM_MESSAGES
 };
 
@@ -140,6 +142,10 @@  struct kvmi_vcpu_control_events {
 	__u32 padding2;
 };
 
+struct kvmi_vm_get_max_gfn_reply {
+	__u64 gfn;
+};
+
 struct kvmi_event {
 	__u16 size;
 	__u16 vcpu;
diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c
index 6a6ad736db36..66766d112006 100644
--- a/tools/testing/selftests/kvm/x86_64/kvmi_test.c
+++ b/tools/testing/selftests/kvm/x86_64/kvmi_test.c
@@ -1232,6 +1232,17 @@  static void test_cmd_vcpu_inject_exception(struct kvm_vm *vm)
 	disable_vcpu_event(vm, KVMI_EVENT_BREAKPOINT);
 }
 
+static void test_cmd_vm_get_max_gfn(void)
+{
+	struct kvmi_vm_get_max_gfn_reply rpl;
+	struct kvmi_msg_hdr req;
+
+	test_vm_command(KVMI_VM_GET_MAX_GFN, &req, sizeof(req),
+			&rpl, sizeof(rpl));
+
+	DEBUG("max_gfn: 0x%llx\n", rpl.gfn);
+}
+
 static void test_introspection(struct kvm_vm *vm)
 {
 	srandom(time(0));
@@ -1256,6 +1267,7 @@  static void test_introspection(struct kvm_vm *vm)
 	test_event_breakpoint(vm);
 	test_cmd_vcpu_control_cr(vm);
 	test_cmd_vcpu_inject_exception(vm);
+	test_cmd_vm_get_max_gfn();
 
 	unhook_introspection(vm);
 }
diff --git a/virt/kvm/introspection/kvmi_msg.c b/virt/kvm/introspection/kvmi_msg.c
index 830430777556..8ae57c87256f 100644
--- a/virt/kvm/introspection/kvmi_msg.c
+++ b/virt/kvm/introspection/kvmi_msg.c
@@ -26,6 +26,7 @@  static const char *const msg_IDs[] = {
 	[KVMI_VM_CHECK_EVENT]        = "KVMI_VM_CHECK_EVENT",
 	[KVMI_VM_CONTROL_EVENTS]     = "KVMI_VM_CONTROL_EVENTS",
 	[KVMI_VM_GET_INFO]           = "KVMI_VM_GET_INFO",
+	[KVMI_VM_GET_MAX_GFN]        = "KVMI_VM_GET_MAX_GFN",
 	[KVMI_VM_READ_PHYSICAL]      = "KVMI_VM_READ_PHYSICAL",
 	[KVMI_VM_WRITE_PHYSICAL]     = "KVMI_VM_WRITE_PHYSICAL",
 	[KVMI_VCPU_CONTROL_CR]       = "KVMI_VCPU_CONTROL_CR",
@@ -348,6 +349,18 @@  static int handle_pause_vcpu(struct kvm_introspection *kvmi,
 	return kvmi_msg_vm_reply(kvmi, msg, err, NULL, 0);
 }
 
+static int handle_vm_get_max_gfn(struct kvm_introspection *kvmi,
+				 const struct kvmi_msg_hdr *msg,
+				 const void *req)
+{
+	struct kvmi_vm_get_max_gfn_reply rpl;
+
+	memset(&rpl, 0, sizeof(rpl));
+	rpl.gfn = kvm_get_max_gfn(kvmi->kvm);
+
+	return kvmi_msg_vm_reply(kvmi, msg, 0, &rpl, sizeof(rpl));
+}
+
 /*
  * These commands are executed by the receiving thread/worker.
  */
@@ -358,6 +371,7 @@  static int(*const msg_vm[])(struct kvm_introspection *,
 	[KVMI_VM_CHECK_EVENT]    = handle_check_event,
 	[KVMI_VM_CONTROL_EVENTS] = handle_vm_control_events,
 	[KVMI_VM_GET_INFO]       = handle_get_info,
+	[KVMI_VM_GET_MAX_GFN]    = handle_vm_get_max_gfn,
 	[KVMI_VM_READ_PHYSICAL]  = handle_read_physical,
 	[KVMI_VM_WRITE_PHYSICAL] = handle_write_physical,
 	[KVMI_VCPU_PAUSE]        = handle_pause_vcpu,

[v8,66/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN

Commit Message

Patch