From patchwork Sat Aug 29 00:48:22 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Krish Sadhukhan X-Patchwork-Id: 11743845 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 66C04109B for ; Sat, 29 Aug 2020 00:48:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3A6F02098B for ; Sat, 29 Aug 2020 00:48:45 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="DGdiCPA4" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726912AbgH2Asn (ORCPT ); Fri, 28 Aug 2020 20:48:43 -0400 Received: from aserp2120.oracle.com ([141.146.126.78]:57574 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726858AbgH2Asj (ORCPT ); Fri, 28 Aug 2020 20:48:39 -0400 Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 07T0U0uD071603; Sat, 29 Aug 2020 00:48:34 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2020-01-29; bh=708udkJmuvBzBN+G7FJxjGzlQoGjWc2P1e/kMUoa7m0=; b=DGdiCPA4JJ72UfgHPVEKkb6wiS9zi4T2Qu0+jSbCy35LZ1qa7mjCcKGgyKnqNc/EdVEf iG3a5FVXmusP6MdHguHGi9eoTyE3ZigotTRBTkhHph/zbEmhivU3okKVz/Xr6PQbIGD0 6leIhh5aOfIF/IsqHIy4vCJMIgSRET4U4FtsQ0GMN3Tu5iBUI71V7b5c7Ot7Mt/1tf/c 0jWJNJCNKiP6E7UsEWPJsR3S1oO9CZRkCZd/RWZyuQytXzDI3kZG+acsZd3jnPwH1N6A DzJE02iqU1vbzSN4O9KTJvJ6qGSXv36BDmMfkh6LejsHNx09wa8dRyxgY5jXoMgYtl0g Lw== Received: from aserp3030.oracle.com (aserp3030.oracle.com [141.146.126.71]) by aserp2120.oracle.com with ESMTP id 333dbsemft-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Sat, 29 Aug 2020 00:48:34 +0000 Received: from pps.filterd (aserp3030.oracle.com [127.0.0.1]) by aserp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 07T0V0DB139422; Sat, 29 Aug 2020 00:48:34 GMT Received: from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75]) by aserp3030.oracle.com with ESMTP id 333r9q8ae3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 29 Aug 2020 00:48:34 +0000 Received: from abhmp0020.oracle.com (abhmp0020.oracle.com [141.146.116.26]) by userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id 07T0mXAl030899; Sat, 29 Aug 2020 00:48:33 GMT Received: from nsvm-sadhukhan-1.osdevelopmeniad.oraclevcn.com (/100.100.230.216) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 28 Aug 2020 17:48:33 -0700 From: Krish Sadhukhan To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, jmattson@google.com Subject: [PATCH 1/3] KVM: nSVM: CR3 MBZ bits are only 63:52 Date: Sat, 29 Aug 2020 00:48:22 +0000 Message-Id: <20200829004824.4577-2-krish.sadhukhan@oracle.com> X-Mailer: git-send-email 2.18.4 In-Reply-To: <20200829004824.4577-1-krish.sadhukhan@oracle.com> References: <20200829004824.4577-1-krish.sadhukhan@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9727 signatures=668679 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 malwarescore=0 mlxscore=0 bulkscore=0 adultscore=0 spamscore=0 mlxlogscore=999 phishscore=0 suspectscore=1 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2008290000 X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9727 signatures=668679 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 clxscore=1015 priorityscore=1501 impostorscore=0 phishscore=0 malwarescore=0 mlxlogscore=999 spamscore=0 mlxscore=0 lowpriorityscore=0 suspectscore=1 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2008290000 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Commit 761e4169346553c180bbd4a383aedd72f905bc9a created a wrong mask for the CR3 MBZ bits. According to APM vol 2, only the upper 12 bits are MBZ. (Fixes 761e4169346553c180bbd4a383aedd72f905bc9a) Signed-off-by: Krish Sadhukhan --- arch/x86/kvm/svm/svm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index a798e1731709..c0d75b1e0664 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -345,7 +345,7 @@ static inline bool gif_set(struct vcpu_svm *svm) /* svm.c */ #define MSR_CR3_LEGACY_RESERVED_MASK 0xfe7U #define MSR_CR3_LEGACY_PAE_RESERVED_MASK 0x7U -#define MSR_CR3_LONG_RESERVED_MASK 0xfff0000000000fe7U +#define MSR_CR3_LONG_MBZ_MASK 0xfff0000000000000U #define MSR_INVALID 0xffffffffU u32 svm_msrpm_offset(u32 msr); From patchwork Sat Aug 29 00:48:23 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Krish Sadhukhan X-Patchwork-Id: 11743847 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2E5E21667 for ; Sat, 29 Aug 2020 00:48:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 16B532098B for ; Sat, 29 Aug 2020 00:48:46 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="GjmdBY+J" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726938AbgH2Asp (ORCPT ); Fri, 28 Aug 2020 20:48:45 -0400 Received: from userp2120.oracle.com ([156.151.31.85]:33212 "EHLO userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726878AbgH2Asj (ORCPT ); Fri, 28 Aug 2020 20:48:39 -0400 Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 07T0U3aE134209; Sat, 29 Aug 2020 00:48:34 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2020-01-29; bh=AK3ceaMS2xLAiJtKedx0lh6pZWWXLH/6q1MB2rK8Bvo=; b=GjmdBY+JP58tWETrkJyk5/LMdIW1nONNtrk9CinNd5a4ytOE/ePu7KBq/9U2C/EaF/R6 6jUpxjbcDTMYXSyDeMMGNyeglvQGLOKgNlZNRWWHjx3tBRTzj652W0QBkwlHgpNKE3QS qOqVf1Q5kbLwGrh+jcRFD1JdzDJ9MffxuLvZXt6W5dCoIXy5Kvf7SF+nOpfQA85IrdZ+ Pw+cpgtKrVTacaU9L/Y0f9ADOtoIIddlpmhL4Y+o5dqWZ8NbGD3IRscCZzw0Z4iWFFCC e/506m9CrucrFgq5OY7lniv5AQI0Xon2Wzav7R7/fXPyeT4N9RzHTHH+Axtpwv1J5jLx mg== Received: from userp3020.oracle.com (userp3020.oracle.com [156.151.31.79]) by userp2120.oracle.com with ESMTP id 333w6ud754-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Sat, 29 Aug 2020 00:48:34 +0000 Received: from pps.filterd (userp3020.oracle.com [127.0.0.1]) by userp3020.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 07T0Un41113603; Sat, 29 Aug 2020 00:48:34 GMT Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by userp3020.oracle.com with ESMTP id 333ru3dgvw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 29 Aug 2020 00:48:34 +0000 Received: from abhmp0020.oracle.com (abhmp0020.oracle.com [141.146.116.26]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id 07T0mXrs032682; Sat, 29 Aug 2020 00:48:33 GMT Received: from nsvm-sadhukhan-1.osdevelopmeniad.oraclevcn.com (/100.100.230.216) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 28 Aug 2020 17:48:33 -0700 From: Krish Sadhukhan To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, jmattson@google.com Subject: [PATCH 2/3] KVM: nSVM: Add check for CR3 and CR4 reserved bits to svm_set_nested_state() Date: Sat, 29 Aug 2020 00:48:23 +0000 Message-Id: <20200829004824.4577-3-krish.sadhukhan@oracle.com> X-Mailer: git-send-email 2.18.4 In-Reply-To: <20200829004824.4577-1-krish.sadhukhan@oracle.com> References: <20200829004824.4577-1-krish.sadhukhan@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9727 signatures=668679 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=1 adultscore=0 phishscore=0 spamscore=0 bulkscore=0 mlxlogscore=999 malwarescore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2008290000 X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9727 signatures=668679 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 impostorscore=0 mlxlogscore=999 suspectscore=1 phishscore=0 malwarescore=0 spamscore=0 priorityscore=1501 clxscore=1015 mlxscore=0 lowpriorityscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2008290000 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Signed-off-by: Krish Sadhukhan --- arch/x86/kvm/svm/nested.c | 51 ++++++++++++++++++++++----------------- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index fb68467e6049..7a51ce465f3e 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -215,9 +215,35 @@ static bool nested_vmcb_check_controls(struct vmcb_control_area *control) return true; } +static bool nested_vmcb_check_cr3_cr4(struct vcpu_svm *svm, + struct vmcb_save_area *save) +{ + bool nested_vmcb_lma = + (save->efer & EFER_LME) && + (save->cr0 & X86_CR0_PG); + + if (!nested_vmcb_lma) { + if (save->cr4 & X86_CR4_PAE) { + if (save->cr3 & MSR_CR3_LEGACY_PAE_RESERVED_MASK) + return false; + } else { + if (save->cr3 & MSR_CR3_LEGACY_RESERVED_MASK) + return false; + } + } else { + if (!(save->cr4 & X86_CR4_PAE) || + !(save->cr0 & X86_CR0_PE) || + (save->cr3 & MSR_CR3_LONG_MBZ_MASK)) + return false; + } + if (kvm_valid_cr4(&svm->vcpu, save->cr4)) + return false; + + return true; +} + static bool nested_vmcb_checks(struct vcpu_svm *svm, struct vmcb *vmcb) { - bool nested_vmcb_lma; if ((vmcb->save.efer & EFER_SVME) == 0) return false; @@ -228,25 +254,7 @@ static bool nested_vmcb_checks(struct vcpu_svm *svm, struct vmcb *vmcb) if (!kvm_dr6_valid(vmcb->save.dr6) || !kvm_dr7_valid(vmcb->save.dr7)) return false; - nested_vmcb_lma = - (vmcb->save.efer & EFER_LME) && - (vmcb->save.cr0 & X86_CR0_PG); - - if (!nested_vmcb_lma) { - if (vmcb->save.cr4 & X86_CR4_PAE) { - if (vmcb->save.cr3 & MSR_CR3_LEGACY_PAE_RESERVED_MASK) - return false; - } else { - if (vmcb->save.cr3 & MSR_CR3_LEGACY_RESERVED_MASK) - return false; - } - } else { - if (!(vmcb->save.cr4 & X86_CR4_PAE) || - !(vmcb->save.cr0 & X86_CR0_PE) || - (vmcb->save.cr3 & MSR_CR3_LONG_RESERVED_MASK)) - return false; - } - if (kvm_valid_cr4(&svm->vcpu, vmcb->save.cr4)) + if (!nested_vmcb_check_cr3_cr4(svm, &(vmcb->save))) return false; return nested_vmcb_check_controls(&vmcb->control); @@ -1114,9 +1122,8 @@ static int svm_set_nested_state(struct kvm_vcpu *vcpu, /* * Validate host state saved from before VMRUN (see * nested_svm_check_permissions). - * TODO: validate reserved bits for all saved state. */ - if (!(save.cr0 & X86_CR0_PG)) + if (!nested_vmcb_check_cr3_cr4(svm, &save)) return -EINVAL; /* From patchwork Sat Aug 29 00:48:24 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Krish Sadhukhan X-Patchwork-Id: 11743849 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CF38D913 for ; Sat, 29 Aug 2020 00:48:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B6A3A20CC7 for ; Sat, 29 Aug 2020 00:48:46 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=oracle.com header.i=@oracle.com header.b="fAsaUNZY" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726929AbgH2Asp (ORCPT ); Fri, 28 Aug 2020 20:48:45 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:34886 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726859AbgH2Asj (ORCPT ); Fri, 28 Aug 2020 20:48:39 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 07T0Vpqh089451; Sat, 29 Aug 2020 00:48:35 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=corp-2020-01-29; bh=CnEHzMOFKrVtrGYMzDdiDP0w+Wju5iodrzjRIhiHPX8=; b=fAsaUNZYR+fVkVRasuHiNMsqm9e0dj5TNhnqldDLlePrPP2/6/Ay1dqUBdCFSvi7eM+A 6VdFIMCNqwUHfYSZW+vyocVh+vhQSnnX3Ky3HjeFz2FjAXR/TJCUVOSG2I7ZKB9rj9zU wVUVp8xTS0rjM258aTdWLIgzeIH3etRRRdy/QByWjIZl+01o/TlD+peFPNEy9ikZtbiT EPJTqVsIa7fPExabodPPi6pPfxRJPQWs9rwFjb4oISMri+nHkeQjmC8g5ajHYToULet+ 90755ZTTsAY8o8QZ7fUZaWhGjsh/iobXq5J6MapOJ97+tCZHCUIxOIRYrRUtUDsv/UJW Sg== Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by userp2130.oracle.com with ESMTP id 336ht3pq4k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Sat, 29 Aug 2020 00:48:35 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 07T0VSDG078496; Sat, 29 Aug 2020 00:48:34 GMT Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by userp3030.oracle.com with ESMTP id 337c4s0rdu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sat, 29 Aug 2020 00:48:34 +0000 Received: from abhmp0020.oracle.com (abhmp0020.oracle.com [141.146.116.26]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id 07T0mXsO000428; Sat, 29 Aug 2020 00:48:33 GMT Received: from nsvm-sadhukhan-1.osdevelopmeniad.oraclevcn.com (/100.100.230.216) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 28 Aug 2020 17:48:33 -0700 From: Krish Sadhukhan To: kvm@vger.kernel.org Cc: pbonzini@redhat.com, jmattson@google.com Subject: [PATCH 3/3] nSVM: Test non-MBZ reserved bits in CR3 in long mode Date: Sat, 29 Aug 2020 00:48:24 +0000 Message-Id: <20200829004824.4577-4-krish.sadhukhan@oracle.com> X-Mailer: git-send-email 2.18.4 In-Reply-To: <20200829004824.4577-1-krish.sadhukhan@oracle.com> References: <20200829004824.4577-1-krish.sadhukhan@oracle.com> X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9727 signatures=668679 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 suspectscore=1 adultscore=0 mlxlogscore=999 bulkscore=0 phishscore=0 spamscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2008290000 X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9727 signatures=668679 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 adultscore=0 malwarescore=0 phishscore=0 priorityscore=1501 clxscore=1015 suspectscore=1 spamscore=0 impostorscore=0 mlxscore=0 mlxlogscore=999 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2008290000 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org According to section "CR3" in APM vol. 2, the non-MBZ reserved bits in CR3 need to be set by software as follows: "Reserved Bits. Reserved fields should be cleared to 0 by software when writing CR3." Signed-off-by: Krish Sadhukhan --- x86/svm.h | 3 ++- x86/svm_tests.c | 54 ++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 49 insertions(+), 8 deletions(-) diff --git a/x86/svm.h b/x86/svm.h index 15e0f18..465d794 100644 --- a/x86/svm.h +++ b/x86/svm.h @@ -325,7 +325,8 @@ struct __attribute__ ((__packed__)) vmcb { #define SVM_CR0_SELECTIVE_MASK (X86_CR0_TS | X86_CR0_MP) #define SVM_CR0_RESERVED_MASK 0xffffffff00000000U -#define SVM_CR3_LONG_RESERVED_MASK 0xfff0000000000000U +#define SVM_CR3_LONG_MBZ_MASK 0xfff0000000000000U +#define SVM_CR3_LONG_RESERVED_MASK 0x0000000000000fe7U #define SVM_CR4_LEGACY_RESERVED_MASK 0xff88f000U #define SVM_CR4_RESERVED_MASK 0xffffffffff88f000U #define SVM_DR6_RESERVED_MASK 0xffffffffffff1ff0U diff --git a/x86/svm_tests.c b/x86/svm_tests.c index 1908c7c..af8684b 100644 --- a/x86/svm_tests.c +++ b/x86/svm_tests.c @@ -1891,11 +1891,11 @@ static bool reg_corruption_check(struct svm_test *test) * v2 tests */ +int KRISH_step = 0; static void basic_guest_main(struct svm_test *test) { } - #define SVM_TEST_REG_RESERVED_BITS(start, end, inc, str_name, reg, val, \ resv_mask) \ { \ @@ -1913,7 +1913,8 @@ static void basic_guest_main(struct svm_test *test) } \ } -#define SVM_TEST_CR_RESERVED_BITS(start, end, inc, cr, val, resv_mask) \ +#define SVM_TEST_CR_RESERVED_BITS(start, end, inc, cr, val, resv_mask, \ + exit_code) \ { \ u64 tmp, mask; \ int i; \ @@ -1933,7 +1934,7 @@ static void basic_guest_main(struct svm_test *test) case 4: \ vmcb->save.cr4 = tmp; \ } \ - report(svm_vmrun() == SVM_EXIT_ERR, "Test CR%d %d:%d: %lx",\ + report(svm_vmrun() == exit_code, "Test CR%d %d:%d: %lx",\ cr, end, start, tmp); \ } \ } @@ -2012,9 +2013,48 @@ static void test_cr3(void) u64 cr3_saved = vmcb->save.cr3; SVM_TEST_CR_RESERVED_BITS(0, 63, 1, 3, cr3_saved, - SVM_CR3_LONG_RESERVED_MASK); + SVM_CR3_LONG_MBZ_MASK, SVM_EXIT_ERR); + + vmcb->save.cr3 = cr3_saved & ~SVM_CR3_LONG_MBZ_MASK; + report(svm_vmrun() == SVM_EXIT_VMMCALL, "Test CR3 63:0: %lx", + vmcb->save.cr3); + + /* + * CR3 non-MBZ reserved bits based on different modes: + * [11:5] [2:0] - long mode + */ + u64 cr4_saved = vmcb->save.cr4; + + /* + * Long mode + */ + if (this_cpu_has(X86_FEATURE_PCID)) { + vmcb->save.cr4 = cr4_saved | X86_CR4_PCIDE; + SVM_TEST_CR_RESERVED_BITS(0, 11, 1, 3, cr3_saved, + SVM_CR3_LONG_RESERVED_MASK, SVM_EXIT_VMMCALL); + + vmcb->save.cr3 = cr3_saved & ~SVM_CR3_LONG_RESERVED_MASK; + report(svm_vmrun() == SVM_EXIT_VMMCALL, "Test CR3 63:0: %lx", + vmcb->save.cr3); + } else { + u64 *pdpe = npt_get_pml4e(); + + vmcb->save.cr4 = cr4_saved & ~X86_CR4_PCIDE; + + /* Clear P (Present) bit in NPT in order to trigger #NPF */ + pdpe[0] &= ~1ULL; + + SVM_TEST_CR_RESERVED_BITS(0, 11, 1, 3, cr3_saved, + SVM_CR3_LONG_RESERVED_MASK, SVM_EXIT_NPF); + + pdpe[0] |= 1ULL; + vmcb->save.cr3 = cr3_saved & ~SVM_CR3_LONG_RESERVED_MASK; + report(svm_vmrun() == SVM_EXIT_VMMCALL, "Test CR3 63:0: %lx", + vmcb->save.cr3); + } vmcb->save.cr3 = cr3_saved; + vmcb->save.cr4 = cr4_saved; } static void test_cr4(void) @@ -2031,14 +2071,14 @@ static void test_cr4(void) efer &= ~EFER_LME; vmcb->save.efer = efer; SVM_TEST_CR_RESERVED_BITS(12, 31, 1, 4, cr4_saved, - SVM_CR4_LEGACY_RESERVED_MASK); + SVM_CR4_LEGACY_RESERVED_MASK, SVM_EXIT_ERR); efer |= EFER_LME; vmcb->save.efer = efer; SVM_TEST_CR_RESERVED_BITS(12, 31, 1, 4, cr4_saved, - SVM_CR4_RESERVED_MASK); + SVM_CR4_RESERVED_MASK, SVM_EXIT_ERR); SVM_TEST_CR_RESERVED_BITS(32, 63, 4, 4, cr4_saved, - SVM_CR4_RESERVED_MASK); + SVM_CR4_RESERVED_MASK, SVM_EXIT_ERR); vmcb->save.cr4 = cr4_saved; vmcb->save.efer = efer_saved;