[v10,64/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN

Message ID	20201125093600.2766-65-alazar@bitdefender.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@kernel.org> From: =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com> To: kvm@vger.kernel.org Cc: virtualization@lists.linux-foundation.org, Paolo Bonzini <pbonzini@redhat.com>, =?utf-8?q?=C8=98tefan_=C8=98icleru?= <ssicleru@bitdefender.com>, =?utf-8?b?TmljdciZb3IgQ8OuyJt1?= <nicu.citu@icloud.com>, =?utf-8?q?Adalbert?= =?utf-8?q?_Laz=C4=83r?= <alazar@bitdefender.com> Subject: [PATCH v10 64/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN Date: Wed, 25 Nov 2020 11:35:43 +0200 Message-Id: <20201125093600.2766-65-alazar@bitdefender.com> In-Reply-To: <20201125093600.2766-1-alazar@bitdefender.com> References: <20201125093600.2766-1-alazar@bitdefender.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	VM introspection \| expand [v10,00/81] VM introspection [v10,01/81] KVM: UAPI: add error codes used by the VM introspection code [v10,02/81] KVM: add kvm_vcpu_kick_and_wait() [v10,03/81] KVM: add kvm_get_max_gfn() [v10,04/81] KVM: doc: fix the hypercalls numbering [v10,05/81] KVM: x86: add kvm_arch_vcpu_get_regs() and kvm_arch_vcpu_get_sregs() [v10,06/81] KVM: x86: add kvm_arch_vcpu_set_regs() [v10,07/81] KVM: x86: avoid injecting #PF when emulate the VMCALL instruction [v10,08/81] KVM: x86: add kvm_x86_ops.bp_intercepted() [v10,09/81] KVM: x86: add kvm_x86_ops.control_cr3_intercept() [v10,10/81] KVM: x86: add kvm_x86_ops.cr3_write_intercepted() [v10,11/81] KVM: x86: add kvm_x86_ops.desc_ctrl_supported() [v10,12/81] KVM: svm: add support for descriptor-table VM-exits [v10,13/81] KVM: x86: add kvm_x86_ops.control_desc_intercept() [v10,14/81] KVM: x86: add kvm_x86_ops.desc_intercepted() [v10,15/81] KVM: x86: add kvm_x86_ops.msr_write_intercepted() [v10,16/81] KVM: x86: svm: use the vmx convention to control the MSR interception [v10,17/81] KVM: x86: add kvm_x86_ops.control_msr_intercept() [v10,18/81] KVM: x86: vmx: use a symbolic constant when checking the exit qualifications [v10,19/81] KVM: x86: save the error code during EPT/NPF exits handling [v10,20/81] KVM: x86: add kvm_x86_ops.fault_gla() [v10,21/81] KVM: x86: add kvm_x86_ops.control_singlestep() [v10,22/81] KVM: x86: export kvm_arch_vcpu_set_guest_debug() [v10,23/81] KVM: x86: extend kvm_mmu_gva_to_gpa_system() with the 'access' parameter [v10,24/81] KVM: x86: export kvm_inject_pending_exception() [v10,25/81] KVM: x86: export kvm_vcpu_ioctl_x86_get_xsave() [v10,26/81] KVM: x86: export kvm_vcpu_ioctl_x86_set_xsave() [v10,27/81] KVM: x86: page track: provide all callbacks with the guest virtual address [v10,28/81] KVM: x86: page track: add track_create_slot() callback [v10,29/81] KVM: x86: page_track: add support for preread, prewrite and preexec [v10,30/81] KVM: x86: wire in the preread/prewrite/preexec page trackers [v10,31/81] KVM: x86: disable gpa_available optimization for fetch and page-walk SPT violations [v10,32/81] KVM: introduce VM introspection [v10,33/81] KVM: introspection: add hook/unhook ioctls [v10,34/81] KVM: introspection: add permission access ioctls [v10,35/81] KVM: introspection: add the read/dispatch message function [v10,36/81] KVM: introspection: add KVMI_GET_VERSION [v10,37/81] KVM: introspection: add KVMI_VM_CHECK_COMMAND and KVMI_VM_CHECK_EVENT [v10,38/81] KVM: introspection: add KVMI_VM_GET_INFO [v10,39/81] KVM: introspection: add KVM_INTROSPECTION_PREUNHOOK [v10,40/81] KVM: introspection: add KVMI_VM_EVENT_UNHOOK [v10,41/81] KVM: introspection: add KVMI_VM_CONTROL_EVENTS [v10,42/81] KVM: introspection: add KVMI_VM_READ_PHYSICAL/KVMI_VM_WRITE_PHYSICAL [v10,43/81] KVM: introspection: add vCPU related data [v10,44/81] KVM: introspection: add a jobs list to every introspected vCPU [v10,45/81] KVM: introspection: handle vCPU introspection requests [v10,46/81] KVM: introspection: handle vCPU commands [v10,47/81] KVM: introspection: add KVMI_VCPU_GET_INFO [v10,48/81] KVM: introspection: add KVMI_VM_PAUSE_VCPU [v10,49/81] KVM: introspection: add support for vCPU events [v10,50/81] KVM: introspection: add KVMI_VCPU_EVENT_PAUSE [v10,51/81] KVM: introspection: add the crash action handling on the event reply [v10,52/81] KVM: introspection: add KVMI_VCPU_CONTROL_EVENTS [v10,53/81] KVM: introspection: add KVMI_VCPU_GET_REGISTERS [v10,54/81] KVM: introspection: add KVMI_VCPU_SET_REGISTERS [v10,55/81] KVM: introspection: add KVMI_VCPU_GET_CPUID [v10,56/81] KVM: introspection: add KVMI_VCPU_EVENT_HYPERCALL [v10,57/81] KVM: introspection: add KVMI_VCPU_EVENT_BREAKPOINT [v10,58/81] KVM: introspection: add cleanup support for vCPUs [v10,59/81] KVM: introspection: restore the state of #BP interception on unhook [v10,60/81] KVM: introspection: add KVMI_VM_CONTROL_CLEANUP [v10,61/81] KVM: introspection: add KVMI_VCPU_CONTROL_CR and KVMI_VCPU_EVENT_CR [v10,62/81] KVM: introspection: restore the state of CR3 interception on unhook [v10,63/81] KVM: introspection: add KVMI_VCPU_INJECT_EXCEPTION + KVMI_VCPU_EVENT_TRAP [v10,64/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN [v10,65/81] KVM: introspection: add KVMI_VCPU_EVENT_XSETBV [v10,66/81] KVM: introspection: add KVMI_VCPU_GET_XCR [v10,67/81] KVM: introspection: add KVMI_VCPU_GET_XSAVE [v10,68/81] KVM: introspection: add KVMI_VCPU_SET_XSAVE [v10,69/81] KVM: introspection: add KVMI_VCPU_GET_MTRR_TYPE [v10,70/81] KVM: introspection: add KVMI_VCPU_EVENT_DESCRIPTOR [v10,71/81] KVM: introspection: restore the state of descriptor-table register interception on unho… [v10,72/81] KVM: introspection: add KVMI_VCPU_CONTROL_MSR and KVMI_VCPU_EVENT_MSR [v10,73/81] KVM: introspection: restore the state of MSR interception on unhook [v10,74/81] KVM: introspection: add KVMI_VM_SET_PAGE_ACCESS [v10,75/81] KVM: introspection: add KVMI_VCPU_EVENT_PF [v10,76/81] KVM: introspection: extend KVMI_GET_VERSION with struct kvmi_features [v10,77/81] KVM: introspection: add KVMI_VCPU_CONTROL_SINGLESTEP [v10,78/81] KVM: introspection: add KVMI_VCPU_EVENT_SINGLESTEP [v10,79/81] KVM: introspection: add KVMI_VCPU_TRANSLATE_GVA [v10,80/81] KVM: introspection: emulate a guest page table walk on SPT violations due to A/D bit up… [v10,81/81] KVM: x86: call the page tracking code on emulation failure

Message ID

20201125093600.2766-65-alazar@bitdefender.com (mailing list archive)

State

New, archived

Headers

From: =?utf-8?q?Adalbert_Laz=C4=83r?= <alazar@bitdefender.com>
To: kvm@vger.kernel.org
Cc: virtualization@lists.linux-foundation.org,
 Paolo Bonzini <pbonzini@redhat.com>,
 =?utf-8?q?=C8=98tefan_=C8=98icleru?= <ssicleru@bitdefender.com>,
	=?utf-8?b?TmljdciZb3IgQ8OuyJt1?= <nicu.citu@icloud.com>, =?utf-8?q?Adalbert?=
	=?utf-8?q?_Laz=C4=83r?= <alazar@bitdefender.com>
Subject: [PATCH v10 64/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN
Date: Wed, 25 Nov 2020 11:35:43 +0200
Message-Id: <20201125093600.2766-65-alazar@bitdefender.com>
In-Reply-To: <20201125093600.2766-1-alazar@bitdefender.com>
References: <20201125093600.2766-1-alazar@bitdefender.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

VM introspection | expand

Commit Message

Adalbert Lazăr Nov. 25, 2020, 9:35 a.m. UTC

From: Ștefan Șicleru <ssicleru@bitdefender.com>

The introspection tool will use this command to get the memory address
range for which it can set access restrictions.

Signed-off-by: Ștefan Șicleru <ssicleru@bitdefender.com>
Co-developed-by: Nicușor Cîțu <nicu.citu@icloud.com>
Signed-off-by: Nicușor Cîțu <nicu.citu@icloud.com>
Signed-off-by: Adalbert Lazăr <alazar@bitdefender.com>
---
 Documentation/virt/kvm/kvmi.rst               | 19 +++++++++++++++++++
 include/uapi/linux/kvmi.h                     |  5 +++++
 .../testing/selftests/kvm/x86_64/kvmi_test.c  | 12 ++++++++++++
 virt/kvm/introspection/kvmi_msg.c             | 13 +++++++++++++
 4 files changed, 49 insertions(+)

diff --git a/Documentation/virt/kvm/kvmi.rst b/Documentation/virt/kvm/kvmi.rst
index e688ac387faf..ecf4207b42d0 100644
--- a/Documentation/virt/kvm/kvmi.rst
+++ b/Documentation/virt/kvm/kvmi.rst
@@ -777,6 +777,25 @@  exception.
 * -KVM_EBUSY - another *KVMI_VCPU_INJECT_EXCEPTION*-*KVMI_VCPU_EVENT_TRAP*
                pair is in progress
 
+17. KVMI_VM_GET_MAX_GFN
+-----------------------
+
+:Architectures: all
+:Versions: >= 1
+:Parameters: none
+:Returns:
+
+::
+
+        struct kvmi_error_code;
+        struct kvmi_vm_get_max_gfn_reply {
+                __u64 gfn;
+        };
+
+Provides the maximum GFN allocated to the VM by walking through all
+memory slots. Stricly speaking, the returned value refers to the first
+inaccessible GFN, next to the maximum accessible GFN.
+
 Events
 ======
 
diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h
index 263d98a5903e..d0e06363c407 100644
--- a/include/uapi/linux/kvmi.h
+++ b/include/uapi/linux/kvmi.h
@@ -29,6 +29,7 @@  enum {
 	KVMI_VM_WRITE_PHYSICAL  = KVMI_VM_MESSAGE_ID(7),
 	KVMI_VM_PAUSE_VCPU      = KVMI_VM_MESSAGE_ID(8),
 	KVMI_VM_CONTROL_CLEANUP = KVMI_VM_MESSAGE_ID(9),
+	KVMI_VM_GET_MAX_GFN     = KVMI_VM_MESSAGE_ID(10),
 
 	KVMI_NEXT_VM_MESSAGE
 };
@@ -177,4 +178,8 @@  struct kvmi_vm_control_cleanup {
 	__u8 padding[7];
 };
 
+struct kvmi_vm_get_max_gfn_reply {
+	__u64 gfn;
+};
+
 #endif /* _UAPI__LINUX_KVMI_H */
diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c
index dc9f2f0d99e8..b4565802db22 100644
--- a/tools/testing/selftests/kvm/x86_64/kvmi_test.c
+++ b/tools/testing/selftests/kvm/x86_64/kvmi_test.c
@@ -1322,6 +1322,17 @@  static void test_cmd_vcpu_inject_exception(struct kvm_vm *vm)
 	disable_vcpu_event(vm, KVMI_VCPU_EVENT_BREAKPOINT);
 }
 
+static void test_cmd_vm_get_max_gfn(void)
+{
+	struct kvmi_vm_get_max_gfn_reply rpl;
+	struct kvmi_msg_hdr req;
+
+	test_vm_command(KVMI_VM_GET_MAX_GFN, &req, sizeof(req),
+			&rpl, sizeof(rpl), 0);
+
+	pr_debug("max_gfn: 0x%llx\n", rpl.gfn);
+}
+
 static void test_introspection(struct kvm_vm *vm)
 {
 	srandom(time(0));
@@ -1347,6 +1358,7 @@  static void test_introspection(struct kvm_vm *vm)
 	test_cmd_vm_control_cleanup(vm);
 	test_cmd_vcpu_control_cr(vm);
 	test_cmd_vcpu_inject_exception(vm);
+	test_cmd_vm_get_max_gfn();
 
 	unhook_introspection(vm);
 }
diff --git a/virt/kvm/introspection/kvmi_msg.c b/virt/kvm/introspection/kvmi_msg.c
index 762fb5227dd9..42d066e92ba2 100644
--- a/virt/kvm/introspection/kvmi_msg.c
+++ b/virt/kvm/introspection/kvmi_msg.c
@@ -290,6 +290,18 @@  static int handle_vm_control_cleanup(struct kvm_introspection *kvmi,
 	return kvmi_msg_vm_reply(kvmi, msg, ec, NULL, 0);
 }
 
+static int handle_vm_get_max_gfn(struct kvm_introspection *kvmi,
+				 const struct kvmi_msg_hdr *msg,
+				 const void *req)
+{
+	struct kvmi_vm_get_max_gfn_reply rpl;
+
+	memset(&rpl, 0, sizeof(rpl));
+	rpl.gfn = kvm_get_max_gfn(kvmi->kvm);
+
+	return kvmi_msg_vm_reply(kvmi, msg, 0, &rpl, sizeof(rpl));
+}
+
 /*
  * These commands are executed by the receiving thread.
  */
@@ -300,6 +312,7 @@  static kvmi_vm_msg_fct const msg_vm[] = {
 	[KVMI_VM_CONTROL_CLEANUP] = handle_vm_control_cleanup,
 	[KVMI_VM_CONTROL_EVENTS]  = handle_vm_control_events,
 	[KVMI_VM_GET_INFO]        = handle_vm_get_info,
+	[KVMI_VM_GET_MAX_GFN]     = handle_vm_get_max_gfn,
 	[KVMI_VM_PAUSE_VCPU]      = handle_vm_pause_vcpu,
 	[KVMI_VM_READ_PHYSICAL]   = handle_vm_read_physical,
 	[KVMI_VM_WRITE_PHYSICAL]  = handle_vm_write_physical,

[v10,64/81] KVM: introspection: add KVMI_VM_GET_MAX_GFN

Commit Message

Patch