From patchwork Sat May 18 00:04:22 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667445
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4893D63B
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990680; cv=none;
 b=uidCGleGbQ2I45Mey8rxoqQKq4aBO7/2Tbo3DDiA/DGBjnipDGMeT3nH9y/eXGxVbcjJ7DXgTKhfqswuCk2QqBmK/Ni38J1WDxPGDCjKSdDia/0qqz3ZkMR0wXl9058NASDDLQceOot0NlSXxGssUDZF2E4QjokLHdCdTJznUqA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990680; c=relaxed/simple;
	bh=rvIusehJzyfZSU3DUGfZk3ycQpyzGMDHRsg3jAj+Fmc=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=DfX+smz6ftCNW/AB+2ab2Z7ahBs4hfczQFyzrd9r/yiqK/sySEmuUdqMfAPTq2VE9HguJgXB4mrZEJXS47AWy7Bf5tDFjHcdyoLkaNdtDfeYw6oEVV+UmIbxM04PYIT8f3P8gLYB+Rh6zX8v70Gp3VAnhplnxNtuU5lNngcF2fs=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=Evs33zy7; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="Evs33zy7"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-2b5cb8686c9so9236059a91.2
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990677; x=1716595477;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=lj20UPkGYyPVSIzMYtQicJyMaFFHUkTnXbi2b/YJs04=;
        b=Evs33zy7rS9tKW6zWsgeD6fwSsJy5yVUeQMorSYou/bVEFHs7fC71O1KyAvgOUD/Cs
         D7W3UqdauEvezPDstiPYmK5GyrgykeKXFRVCdtbCtpt+hUV6BfAEDZHG/w5FvmIRLdot
         B7XezgmiCp3/eteM+IUcXmuf667vrgJasr8DjdM18iwTs6uAWth86iKLSVBSrWm04M85
         YWtYc2i0V4wCJyDS+XHpCHPfZAQXpoZvSUM5uooK0DTIMIpMyLfvdxvdMmrcqnNpvbJg
         s0SvW9wpmKvQWBiSY+851mY02Hj/3OhUmDm7Z/B7vHLc2YDin01V7nKwscsThwTWOxgk
         PT8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990677; x=1716595477;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=lj20UPkGYyPVSIzMYtQicJyMaFFHUkTnXbi2b/YJs04=;
        b=KlRMRBcHcZHyqxn2Bgk+oZZP5ZAycXab21OZC0eYT0xhT4tBOAsOEQMqvY3DRhlkiy
         09BxAbQIUHnV0UfSyuAN4F5NqNTM6TpRo5OXKeYhNmdc4cSHrVlxyAFJxdF1XATc/rAc
         xO/knzBFbsBScLZurUC2LooN6ZYysv2Kswm1G+Gxqy6Sd3YYzToTD4OYn+EOmQ8zu6Zx
         C7W4XXMUdcpv0XvuyF7UV7HSz6udL0Nq8CxsoJOKzQm3lupKu4p7luxhoZez4n5NkpB5
         pEr11Iq3QPNLD3vVh83zOWkh8ql+9ZCcfQRD1h4Fl6SUsCqWS26dVA7ReR+pJLikBCMo
         ewWQ==
X-Gm-Message-State: AOJu0Yyrm8WsZA+a/7+QuSOaV6CFjCvmh3Wim6298b46FUYGhcga1WLl
	QJ/R/PDQKQppTifGAqyQNFmLtO6+nBZDqc5v/u9dfgrdwK4IioXRE7T7xaKQea8Vbi9qizxN/3J
	fLw==
X-Google-Smtp-Source: 
 AGHT+IGpdxtM8Gr2Cby17gotkm6Me/GjSzJCCJjzc+9CZGnGeexqUy7HUOGADG/0D9GVxcMlmsZaUfGAvLs=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a17:90a:8809:b0:2ad:df73:31c4 with SMTP id
 98e67ed59e1d1-2b6cd20f995mr63818a91.9.1715990677507; Fri, 17 May 2024
 17:04:37 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:22 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-2-seanjc@google.com>
Subject: [PATCH 1/9] KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap
 in TDP MMU
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

From: Isaku Yamahata <isaku.yamahata@intel.com>

Use SHADOW_NONPRESENT_VALUE when zapping TDP MMU SPTEs with mmu_lock held
for read, tdp_mmu_zap_spte_atomic() was simply missed during the initial
development.

Fixes: 7f01cab84928 ("KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE")
Not-yet-signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
[sean: write changelog]
Signed-off-by: Sean Christopherson <seanjc@google.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
 arch/x86/kvm/mmu/tdp_mmu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c
index 1259dd63defc..36539c1b36cd 100644
--- a/arch/x86/kvm/mmu/tdp_mmu.c
+++ b/arch/x86/kvm/mmu/tdp_mmu.c
@@ -626,7 +626,7 @@ static inline int tdp_mmu_zap_spte_atomic(struct kvm *kvm,
 	 * SPTEs.
 	 */
 	handle_changed_spte(kvm, iter->as_id, iter->gfn, iter->old_spte,
-			    0, iter->level, true);
+			    SHADOW_NONPRESENT_VALUE, iter->level, true);
 
 	return 0;
 }

From patchwork Sat May 18 00:04:23 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667446
Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com
 [209.85.128.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 59BC96AA7
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:40 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.128.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990681; cv=none;
 b=DTQJ7yY43xzHAsjw5QCI/BxXEuQtDdJGrTr304RO9t7hw4EtO09N13luqRqjzx7RlwNcvM2SuXUiZUBVHbMRONlKaATY9Sc71fXwiCXkHdhPWtQshJl/qSdCB+BKTWU8LgJOV2I5AJnENSSGZ9irDN2P+QGJa2AsDOgkjsLCSSc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990681; c=relaxed/simple;
	bh=ZZiN6+e15dQN6MMssxaWW8K/IugjsD8kYnxv2JER8Sw=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=en18kTSYJL/8kyimLB/HXRPP1UG8ibnRciUc7W2Lxz82QDCfHDwy2o8tg9mfOEMB4IB6cMbGYRPoMqWnWETjVjIFDbuTb6BZGq7zuRsB5BXjY+mi3UZPEhy7s/gncdc5VoI0tQABCbX/AxkQFTILObCsrI1/HFFQG3qtRZQISmM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=102onJoX; arc=none smtp.client-ip=209.85.128.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="102onJoX"
Received: by mail-yw1-f201.google.com with SMTP id
 00721157ae682-61c9e368833so185864897b3.3
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990679; x=1716595479;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=55Fpx2MIulH1TJ9s55duhi3yhB4vtlMWdhuL3vC3xBQ=;
        b=102onJoXcHKtnZIhIvcFD1NxbGYQaWUDYwUBOb5zjT1Twet3+CU98Ozq1ygilfSclm
         jQDpux1E4rmrG/gGDfrDilnBq5eKZIDze3qjoEl+DhEWMVCMcDAr10IIwIyF8GF9qnym
         kNZ282emV3bX/dsjxsY8mg0QcuSBfpl+gYKVMa9igy1P6WiOCqfeiL5UoDcZ8JGvLnk5
         2grc237SlimHtbE4VJtygDVbWF72+4G3rx83003OVjI5XVwe1xPBIZ27hgTNwacnWW+p
         j9fGSgJBc9fXyvQb+6Sd7T2q3LHl7CaxlJKCXjDEtshat1K96p1gHRb5j34y0zSGYE8c
         juJA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990679; x=1716595479;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=55Fpx2MIulH1TJ9s55duhi3yhB4vtlMWdhuL3vC3xBQ=;
        b=FihH6R5mfE3btHkYyywSeMByqKpAVUfoLBqF7Uqo1QrzSxOCKSva6P/U6+2djKwXkt
         sC0HLBrLYTFB5ZY2dKok7X/jL3rmgHA/giI30FXO5MpGCRKvEH2i4KouWCS86sWhCgR/
         S7tepS96lGb4S89uIfwOY6Kyew7IQ4iOuAGqenwTKRpbKy5u30hjPji72Kwwkoh2tKr7
         UxEahq3jTILddlW5i7w1+DMhqri1Zm8OYwkOweLsLJ5YP3SUQJczeBQhYCVE7sGdUXb0
         2/UxfXruJlIDbnaigSSWSb3JgRTXPA19qkBLg13A0LfHLT3Pgup2BiGZU8l8tSbY6xT0
         snqg==
X-Gm-Message-State: AOJu0Yx0VQpObSHl68r0DE8T2KK37ey6LAGiGJMAgI0/2DE7q94Y87o8
	LwgmeQ/hUuQgjTKnKi7kiC/O4gP1kjK1gjQiC2VUQ8GAeIZZprZAPE/PynjmdVcgbuAQWzukz3q
	yYA==
X-Google-Smtp-Source: 
 AGHT+IFiVlGymQzpow3h8j4sNOJKTfw4H5KxXwAelQPEmYeQwtXrj3JO1q9+VPmJJ7oNI5OfSrZMzmiPyrA=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a05:690c:338c:b0:61b:ea08:111f with SMTP id
 00721157ae682-622aff9d4cdmr58113437b3.6.1715990679473; Fri, 17 May 2024
 17:04:39 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:23 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-3-seanjc@google.com>
Subject: [PATCH 2/9] KVM: nVMX: Initialize #VE info page for vmcs02 when
 proving #VE support
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Point vmcs02.VE_INFORMATION_ADDRESS at the vCPU's #VE info page when
initializing vmcs02, otherwise KVM will run L2 with EPT Violation #VE
enabled and a VE info address pointing at pfn 0.

Fixes: 8131cf5b4fd8 ("KVM: VMX: Introduce test mode related to EPT violation VE")
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/nested.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index d5b832126e34..6798fadaa335 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -2242,6 +2242,9 @@ static void prepare_vmcs02_constant_state(struct vcpu_vmx *vmx)
 		vmcs_write64(EPT_POINTER,
 			     construct_eptp(&vmx->vcpu, 0, PT64_ROOT_4LEVEL));
 
+	if (vmx->ve_info)
+		vmcs_write64(VE_INFORMATION_ADDRESS, __pa(vmx->ve_info));
+
 	/* All VMFUNCs are currently emulated through L0 vmexits.  */
 	if (cpu_has_vmx_vmfunc())
 		vmcs_write64(VM_FUNCTION_CONTROL, 0);

From patchwork Sat May 18 00:04:24 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667447
Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com
 [209.85.128.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54CE1C8FF
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.128.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990683; cv=none;
 b=gliTvNpvcl3ni0KXdfHPD78CKQPoBdoZo1ipZJXzRpKqjq8uRoTkKEgjnMX2xtDupYls44WIrvD+WKR3SV/MrZvbgJwcaSbO1DaGlZDwHV9hPho8lRFdkMEm84/M/sn5OIZNS61IfJivgBzJtNAO31zoEtur6+83i4JVnJIirSg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990683; c=relaxed/simple;
	bh=KJtLDlzQg0wy9e57GzodTPJt6UlMTvdQZUilMOrGkZg=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=ufjo+3yHO+ic4Ptia1CVxKBkod2JAnPNQiePGQkqy2q5GQfZ+qOgaXA1LOFGSZD9H75XEaJEsg6CwDiAX/Yxe6sdWuZbjGIa/QpgVRHssQQOAEG3CaN7Tax2Brn8xTsmJAxvvICPszVEDTnHlGczUJHSROqjF9geerFEe5Ozoss=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=NhbH19bc; arc=none smtp.client-ip=209.85.128.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="NhbH19bc"
Received: by mail-yw1-f202.google.com with SMTP id
 00721157ae682-61be530d024so173400407b3.2
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990681; x=1716595481;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=GM5SO5v27GV7rdeXp4FaIGBag6GhBo/t/KPBUjUr/dw=;
        b=NhbH19bcmfe4ldcoAO3NE9GVpwtCA6D9eAfUCFgbuyxwEH2yeq/TwObXqgo/sL8Znp
         7gx9NdSpsG8F7vCFm1kGnzLl104nxADxXwzF4pfn83qTffGUicz8cpG1inMABCQ7EtCE
         sFS/0mGym5xAIup5YYUqdLtrjqmJQ7FMN/ynlBT/u/RdxShDwKqfNc59BWKWo1ZU7AHj
         n3O859kUxlvtmZFB7T56pqERplAGe8F73As0/dfJO+aBL5ZMeaibla46nC/swC5NTf6I
         q74w3wOGfgqr+UMM/8rCW2lt85mfphBemUrvjMcdGIZ+71iGbDBD3pVNKCE1BxFdw3oy
         tE7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990681; x=1716595481;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=GM5SO5v27GV7rdeXp4FaIGBag6GhBo/t/KPBUjUr/dw=;
        b=AuPE8vQvKGMxBa0Ip0bqCR5HFCgV58zUtlFwv/k0gZfKuZSZCCdyPlVh56/rd3Qw0L
         GRQ9NA/xEkzY+35bzUv4SimO7ZizBhJQmuvStWyJ+BhQTcFcp3ERw0HGyfccKPcPMQs/
         anCMcOMhxnYwZYLSOX6Ap6ZUziq1gdCtBy9cdhfWiou7xfwY8Yy4moT6JJJ0YLobo4qy
         2muA4FSToFgstvNckx8zTSIQ/b9ej1zOtfJ3q9UDpffjNZUaB7c0mkoA1pyBNVSKfjwn
         e8YcPXmPIsXdXMe86z2OVmAts7fx3a3yddEK6d5OYbCDVvuiyKOjpRMYsttnpvLtlZ9Z
         0k8Q==
X-Gm-Message-State: AOJu0YxfWUGnmCOC/HGimMTKMgyl0Bl8oPHKQTEoodue6xzO1lMo3+7P
	Qo8cOoGO9jYfGrvP+/pryxd5D7aFNBN//JbY/tUSb4mtm/i2p9HwWqEKGN45uCmOBfTu5s7RSrq
	Onw==
X-Google-Smtp-Source: 
 AGHT+IFuoSzVp7PcfFD1Q1RorBxgwCQkq06IFSmtCXpMTO3G31frkl5Q+wTnbphKiOylmI+xCkIbpuIbE84=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a0d:dd85:0:b0:627:7563:95b1 with SMTP id
 00721157ae682-6277563967cmr14645877b3.5.1715990681328; Fri, 17 May 2024
 17:04:41 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:24 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-4-seanjc@google.com>
Subject: [PATCH 3/9] KVM: nVMX: Always handle #VEs in L0 (never forward #VEs
 from L2 to L1)
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Always handle #VEs, e.g. due to prove EPT Violation #VE failures, in L0,
as KVM does not expose any #VE capabilities to L1, i.e. any and all #VEs
are KVM's responsibility.

Fixes: 8131cf5b4fd8 ("KVM: VMX: Introduce test mode related to EPT violation VE")
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/nested.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 6798fadaa335..643935a0f70a 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -6233,6 +6233,8 @@ static bool nested_vmx_l0_wants_exit(struct kvm_vcpu *vcpu,
 		else if (is_alignment_check(intr_info) &&
 			 !vmx_guest_inject_ac(vcpu))
 			return true;
+		else if (is_ve_fault(intr_info))
+			return true;
 		return false;
 	case EXIT_REASON_EXTERNAL_INTERRUPT:
 		return true;

From patchwork Sat May 18 00:04:25 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667448
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0977B10A1E
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:44 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990687; cv=none;
 b=Fx/TjCgsEdzWmLD1n7SDvEJNOeJ0EY1WFMbGYVaTLQ2z0sT73FAAXfhEBaHZgW+hlpg+UZUtC3RFS15eDu3fTs0oZnj/ZkWtjKSgCtdu6nItCx2gaeJ+I8HBJNNwP74MrlvKtEzuEQ+GfoMwpZYYQLDCSDTTNaK+dW/5/KnROGA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990687; c=relaxed/simple;
	bh=4/2HLzcusjSlO0rsq/T4/YEv0mk4XS4XnM4Qi5lbYss=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=VBr9oMPhPokpOyyR+4l0L9TnAFB3/oLGIvPJEDoukrW1Hb31u9L8Jmy6lKCj9IaO6/XAGevoT6XZfbMwaot9rLKfIPuPDj6BQcmy0NfbjJdoVOrBgQeendDbGq5U9gCLVLIJA7F0MhUrxhByM5A1pGRx7Au4uktUEFMQW2teLyc=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=LYQ9wfKF; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="LYQ9wfKF"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-6f454878580so9580879b3a.3
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990684; x=1716595484;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=QlWrNPMcBNIRjZ1oRUuV/rtUWiyhfC1iM9WcCPk5B74=;
        b=LYQ9wfKF3VBD8azfAFN5KBqS0dei6FaLHfqbNkwe+RREVRBklz1ONbLp0/F9vFB0Bw
         RiZUvJr92W0HSqwzD01xHqbOe+wiPocIIpqvPE6gJl/kYp2dQxFChzWlI7Cpp8cV+pWD
         XHB8V5RMx7hkpDtJOEnofk1m46Ghp7Xwno06HwbkVL+hDcwcnDPhnzylCuwomDikEUcX
         cVJmWr8HC0QYzZ51QnzYGrSwuSZy1K/c33VfwPW5ACGsjyS38TUEpc4UCRtECPavCB6i
         4uRRvzEJ0eBtyFt7xUTjfghs4HhW6fepnOI3QRafWBlaUnGONr0TnACLF2CFYI3g7d9U
         L2Lw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990684; x=1716595484;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=QlWrNPMcBNIRjZ1oRUuV/rtUWiyhfC1iM9WcCPk5B74=;
        b=o1qc+R1j/qO6Jq3HqP6yhCA/eWoa8rBJjASqBEwhUuKwbEerL4DwbNvv1Vum1GPHiq
         QthilB6HAz1Nq1tBDxLBprVNcdGZ+KxyY90qjhsqJ2XU682M8Hw3+/dtg9lb7snidpy2
         TnaDkjmxUVoge+UNNEHVyn/yDJpp3+SUgikj+AWIes3Wg77X3VcuB5Vy2VdEQriKbXlG
         SmPp2qWXFPpm1uoOBRuQ2smt8rmBqhauyLMhrRX69Bdsq6no2xSXj9w4ePP4EJ197cjH
         bafu2gHw26NUcXbnhC6ggYnGoTJ76dJSh+6dyvoVFvGcA6W915L2XhiAd8J5Blq60Kt7
         FhMg==
X-Gm-Message-State: AOJu0YxgC3h5S7bMSJN0EyY3rgtQkDbd+r0AV2fTOsNk162PK6C2Pkly
	LQ32vrcehN/fXRwAHN6p/1qAd4A8N9/m3Ih6mXwAA2I1qBEM4WM59jWDKxdJ7wOFjYBcbaf1QVR
	GFw==
X-Google-Smtp-Source: 
 AGHT+IGXTb5HJ+lESm2mn7d52eb+nyx9ads/DAkFTkEN0ck3hpsE/NtPnquqJPYm3p9JzsWWbbm5Xh2kiJg=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a05:6a00:3a0f:b0:6ea:88cd:67e9 with SMTP id
 d2e1a72fcca58-6f4e0376006mr1193202b3a.4.1715990684360; Fri, 17 May 2024
 17:04:44 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:25 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-5-seanjc@google.com>
Subject: [PATCH 4/9] KVM: x86/mmu: Add sanity checks that KVM doesn't create
 EPT #VE SPTEs
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Assert that KVM doesn't set a SPTE to a value that could trigger an EPT
Violation #VE on a non-MMIO SPTE, e.g. to help detect bugs even without
KVM_INTEL_PROVE_VE enabled, and to help debug actual #VE failures.

Note, this will run afoul of TDX support, which needs to reflect emulated
MMIO accesses into the guest as #VEs (which was the whole point of adding
EPT Violation #VE support in KVM).  The obvious fix for that is to exempt
MMIO SPTEs, but that's annoyingly difficult now that is_mmio_spte() relies
on a per-VM value.  However, resolving that conundrum is a future problem,
whereas getting KVM_INTEL_PROVE_VE healthy is a current problem.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/mmu/mmu.c      | 3 +++
 arch/x86/kvm/mmu/spte.h     | 9 +++++++++
 arch/x86/kvm/mmu/tdp_iter.h | 2 ++
 3 files changed, 14 insertions(+)

diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index 5095fb46713e..d2af077d8b34 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -336,16 +336,19 @@ static int is_cpuid_PSE36(void)
 #ifdef CONFIG_X86_64
 static void __set_spte(u64 *sptep, u64 spte)
 {
+	KVM_MMU_WARN_ON(is_ept_ve_possible(spte));
 	WRITE_ONCE(*sptep, spte);
 }
 
 static void __update_clear_spte_fast(u64 *sptep, u64 spte)
 {
+	KVM_MMU_WARN_ON(is_ept_ve_possible(spte));
 	WRITE_ONCE(*sptep, spte);
 }
 
 static u64 __update_clear_spte_slow(u64 *sptep, u64 spte)
 {
+	KVM_MMU_WARN_ON(is_ept_ve_possible(spte));
 	return xchg(sptep, spte);
 }
 
diff --git a/arch/x86/kvm/mmu/spte.h b/arch/x86/kvm/mmu/spte.h
index 5dd5405fa07a..52fa004a1fbc 100644
--- a/arch/x86/kvm/mmu/spte.h
+++ b/arch/x86/kvm/mmu/spte.h
@@ -3,6 +3,8 @@
 #ifndef KVM_X86_MMU_SPTE_H
 #define KVM_X86_MMU_SPTE_H
 
+#include <asm/vmx.h>
+
 #include "mmu.h"
 #include "mmu_internal.h"
 
@@ -276,6 +278,13 @@ static inline bool is_shadow_present_pte(u64 pte)
 	return !!(pte & SPTE_MMU_PRESENT_MASK);
 }
 
+static inline bool is_ept_ve_possible(u64 spte)
+{
+	return (shadow_present_mask & VMX_EPT_SUPPRESS_VE_BIT) &&
+	       !(spte & VMX_EPT_SUPPRESS_VE_BIT) &&
+	       (spte & VMX_EPT_RWX_MASK) != VMX_EPT_MISCONFIG_WX_VALUE;
+}
+
 /*
  * Returns true if A/D bits are supported in hardware and are enabled by KVM.
  * When enabled, KVM uses A/D bits for all non-nested MMUs.  Because L1 can
diff --git a/arch/x86/kvm/mmu/tdp_iter.h b/arch/x86/kvm/mmu/tdp_iter.h
index fae559559a80..2880fd392e0c 100644
--- a/arch/x86/kvm/mmu/tdp_iter.h
+++ b/arch/x86/kvm/mmu/tdp_iter.h
@@ -21,11 +21,13 @@ static inline u64 kvm_tdp_mmu_read_spte(tdp_ptep_t sptep)
 
 static inline u64 kvm_tdp_mmu_write_spte_atomic(tdp_ptep_t sptep, u64 new_spte)
 {
+	KVM_MMU_WARN_ON(is_ept_ve_possible(new_spte));
 	return xchg(rcu_dereference(sptep), new_spte);
 }
 
 static inline void __kvm_tdp_mmu_write_spte(tdp_ptep_t sptep, u64 new_spte)
 {
+	KVM_MMU_WARN_ON(is_ept_ve_possible(new_spte));
 	WRITE_ONCE(*rcu_dereference(sptep), new_spte);
 }
 

From patchwork Sat May 18 00:04:26 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667449
Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com
 [209.85.128.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 203946AD7
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:46 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.128.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990688; cv=none;
 b=VSghOtfM724FUZwXsfW4ZmMdVtlQbFVc0+rdA2LLOXlegqvXPr9XG6WjwEaFOsTEy0HtYn/+WAhrKVU6WuOifHBosIM64jUrEeZuyrwrhwTx4Q1BqCFA5PVoiAwyQrXpX5LqMyGHB73rIWir0pDtQA1U3xvxdGdZ1Ec8EHLTKhc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990688; c=relaxed/simple;
	bh=UsxfZ2Znpr+evi/d9J5xPggQfQfWujjuBEirhapl2Io=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=WX5rRKPkF3sUiFKWEUDZlke1QNXAwp+zWn25yC5YjHqpm0x83QltRhoXqpodtVybKr/QhOgf2K8Hmt5PUbxKlW11o2xZnJlnHVswrO1NeF26A6mJjwgE4uVaQnTE5r2DbB9K8K/o6+2vBuUvMg3JkReeGqUcSn+2D3aE59SSwj8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=BIFBpc94; arc=none smtp.client-ip=209.85.128.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="BIFBpc94"
Received: by mail-yw1-f201.google.com with SMTP id
 00721157ae682-622cd439764so132930137b3.3
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990686; x=1716595486;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=GtLQWhneBIjQa9L0ZFgDjGejsgErZqZOjE88sPfbTko=;
        b=BIFBpc94IAroqArDyjMJmzGrALxbfTVAOO+80UJIqQD5ZTxcoMO0o1v9WGY5yYLb6v
         uUy0R7ehgeJZL8VHUbXGFJgOYOAsk3JHYiG4gxDsSl3QYFWPLI/jn9OHXvfeV8f+cS22
         Kfsx01G6pOFPQ+h/Fgk8J4GKjndd54gbITTqv7OlmWRzDfaJu8dOpCKy4Bi2i+5HuTmL
         Rct7qM3FgLSOu/e2aQoY31Bcd/bQZQmCaSfkhnp++McWIMk/LgbX8ycOYIGf/PV9WwlO
         ETAkix+hYcQfdgACe8wUhFOcPXyK1Io3T9OaqdQwFanSqoO5Lli0r266O18qJkT+meYf
         /fyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990686; x=1716595486;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=GtLQWhneBIjQa9L0ZFgDjGejsgErZqZOjE88sPfbTko=;
        b=YgQ8haN6oeSYlLAtncXbBW7PRr66tIoEs5Eb/zOjiPNRI6dajS2azeDquK1r1r0+EP
         WeM7U9M8lUgp0FZO1HTguQ51fofGaSOPhi3ulgNSC0Kc+DUICAOIDEouoGe9yUI5k4Pr
         MeBbePG1q2VQ799VyEL7bKaRDJFPeES1A0YCumCHPskdDTmX05EHnJxdesOZZSaRue50
         ue4n7GST08XdJW+D3ZVLynGdQHdeF1PiD+g1F2fIE54Dpy9w4uBpWHTNnYE9MF5hUpMe
         MxnXLu0anSPBvOMXHuEeUUTja2/OtEBJ9yLQp47FwgMkd7PxkIsfKZmRBWCOVtehVxXM
         l9/A==
X-Gm-Message-State: AOJu0Yzq28LFcAFscWlwZWSpIor5M4SMfUlsfRhn2lVBVfPGHNAsMz+W
	hNW8XwiGQFoSsDCwnlcMjCjJzdb21Puz3+RFShaetdrWdbcXa5ovuWmpnDmEWADW6XL7v5GZA8J
	2Jw==
X-Google-Smtp-Source: 
 AGHT+IFRNVOusb8NQXdsGL9g9hQDWm+VyTFubFptChkJmXOI5zfWn5LIjq49IRgRPhze5UG2hHk0EnpyWr8=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a05:6902:154e:b0:dee:6866:98c9 with SMTP id
 3f1490d57ef6-dee68669b8cmr5303731276.1.1715990686245; Fri, 17 May 2024
 17:04:46 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:26 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-6-seanjc@google.com>
Subject: [PATCH 5/9] KVM: VMX: Dump VMCS on unexpected #VE
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Dump the VMCS on an unexpected #VE, otherwise it's practically impossible
to figure out why the #VE occurred.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/vmx.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 51b2cd13250a..0c68643d982b 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -5217,8 +5217,10 @@ static int handle_exception_nmi(struct kvm_vcpu *vcpu)
 	if (is_invalid_opcode(intr_info))
 		return handle_ud(vcpu);
 
-	if (KVM_BUG_ON(is_ve_fault(intr_info), vcpu->kvm))
+	if (KVM_BUG_ON(is_ve_fault(intr_info), vcpu->kvm)) {
+		dump_vmcs(vcpu);
 		return -EIO;
+	}
 
 	error_code = 0;
 	if (intr_info & INTR_INFO_DELIVER_CODE_MASK)

From patchwork Sat May 18 00:04:27 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667450
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C52D52F3E
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:48 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990690; cv=none;
 b=gVi2WWk82laXsC7PJSybw9XRRgRZNcJLsjaWSpgz8ApLv91nlQO1Njr8cThyVavDcfw+P5I/oRHtROk6o/1B1kvbfjfpGfXdgnO1ce6paXesL5PfRMeAkIEF5XW+4S6VMVS+4CkrMokotkFdofePJlpiryHQgL0VulAEthCTFBQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990690; c=relaxed/simple;
	bh=G0H1ZribibIRAeIPrcFsCyVZimPoXaBX2C7zZ9WKf10=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=s5r9wYF34XMMmX6BtRej6oZwIz+WRO90x6H7ljQ5QbNSxUJlf4++MRiF7BltoeCEY7pArgwqEiA8QSUmXfUw3FyRWNzvCdY9yeUhCpXTSV6LeMCzjgBxFYlyVspH2iw+tOgY0hUlc6LuCvcUd4zZ2SGWZsNipaj8FeEULu3pHqs=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=F9/Y6jJF; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="F9/Y6jJF"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-2b58c1d014bso7991361a91.1
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990688; x=1716595488;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=F6tFR9z1vs8c6u2WtnRiVVbIp33RqmLFmChD3Ch8F40=;
        b=F9/Y6jJFhzewat4Cg4F+eQuIev0srhsroVkR8wbo1PmWIPhlRju6kAQkd2PzSkbUBz
         L3gYIcwPIFifCEn+9BgkbCv9ZHKKd/Qa6suXuu22bOWt/2Ev0MxEqzq6FUXnz/2mnlCq
         ZZD2z+xqNZ0xjnBWi7J7vK9lK611m6jtwKdNr0h3anFylsax9XOYwq8pMdq7osHyKzoZ
         gQbxapf4HX9Fp0AM+01Z1EmaVd76TN0QvN/Q53M/bFIktm1dCn4HrsGm1RTBMI4rwN9v
         SMSQzQXvsMm6YqD7Mm1RXT+pmAZ2oxp4SNJechiyHd/PoHdvlNu/kzTk5A7mI3x7tlR4
         wLGw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990688; x=1716595488;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=F6tFR9z1vs8c6u2WtnRiVVbIp33RqmLFmChD3Ch8F40=;
        b=JVKc+NKYSHxv5hi4Aeusd2hUpb3U83fidaa/kbz83TaPeEVlbKjzCu+dxk2JvKU1Ty
         xal5ZxU30cZR5b0PyGP4zBjzD6hNg+fea7HMjukDo0veCdTbzteB6NmxZm8Fau8mOA7Q
         ZI3PkB/IbyeleVDGaMnotZgH0k1wFW9hqymhmiDSk6Zk4QijhQgtK1aL30+gP0ucFanj
         qZexPz2s5usk9zd+VMMyed6E89iuklL3e/RjFvX61pNTpjlln8C0nAIlYIix0oCMxow+
         zIE2dI5jOhxYTk0HOkm9sG3axjaRco4XNsGc8nRIUOrD65QSzuOR4tbCL1vWMKvvgm/Q
         pVmQ==
X-Gm-Message-State: AOJu0YzK/iWnjY2QSixRyRZ0jQBtZXlOd3t6dTKWAH6ffHvqxInkEo8l
	0QlytNa+AnsyawthkLGrVEZylbKeEzMxScf8tcmKu9LVakvp95hAXWHJj9XFpOXAn9KjNS5lp6G
	JGQ==
X-Google-Smtp-Source: 
 AGHT+IHcIhWQz88cxjQfIWr9QqPrvA4yvrV/FRAF27BDNzjGzBtgW0NQ5/zWEknFAvdFH63hTP7V0CPnMDs=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a17:90a:9309:b0:2b2:ad92:da6d with SMTP id
 98e67ed59e1d1-2b6ccc73bbemr63870a91.4.1715990688132; Fri, 17 May 2024
 17:04:48 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:27 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-7-seanjc@google.com>
Subject: [PATCH 6/9] KVM: x86/mmu: Print SPTEs on unexpected #VE
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Print the SPTEs that correspond to the faulting GPA on an unexpected EPT
Violation #VE to help the user debug failures, e.g. to pinpoint which SPTE
didn't have SUPPRESS_VE set.

Opportunistically assert that the underlying exit reason was indeed an EPT
Violation, as the CPU has *really* gone off the rails if a #VE occurs due
to a completely unexpected exit reason.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/include/asm/kvm_host.h |  1 +
 arch/x86/kvm/mmu/mmu.c          | 42 ++++++++++++++++++++++++++-------
 arch/x86/kvm/vmx/vmx.c          |  5 ++++
 3 files changed, 39 insertions(+), 9 deletions(-)

diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index aabf1648a56a..9bb2e164c523 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -2159,6 +2159,7 @@ int kvm_emulate_hypercall(struct kvm_vcpu *vcpu);
 
 int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, u64 error_code,
 		       void *insn, int insn_len);
+void kvm_mmu_print_sptes(struct kvm_vcpu *vcpu, gpa_t gpa, const char *msg);
 void kvm_mmu_invlpg(struct kvm_vcpu *vcpu, gva_t gva);
 void kvm_mmu_invalidate_addr(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu,
 			     u64 addr, unsigned long roots);
diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c
index d2af077d8b34..f2c9580d9588 100644
--- a/arch/x86/kvm/mmu/mmu.c
+++ b/arch/x86/kvm/mmu/mmu.c
@@ -4124,6 +4124,22 @@ static int get_walk(struct kvm_vcpu *vcpu, u64 addr, u64 *sptes, int *root_level
 	return leaf;
 }
 
+static int get_sptes_lockless(struct kvm_vcpu *vcpu, u64 addr, u64 *sptes,
+			      int *root_level)
+{
+	int leaf;
+
+	walk_shadow_page_lockless_begin(vcpu);
+
+	if (is_tdp_mmu_active(vcpu))
+		leaf = kvm_tdp_mmu_get_walk(vcpu, addr, sptes, root_level);
+	else
+		leaf = get_walk(vcpu, addr, sptes, root_level);
+
+	walk_shadow_page_lockless_end(vcpu);
+	return leaf;
+}
+
 /* return true if reserved bit(s) are detected on a valid, non-MMIO SPTE. */
 static bool get_mmio_spte(struct kvm_vcpu *vcpu, u64 addr, u64 *sptep)
 {
@@ -4132,15 +4148,7 @@ static bool get_mmio_spte(struct kvm_vcpu *vcpu, u64 addr, u64 *sptep)
 	int root, leaf, level;
 	bool reserved = false;
 
-	walk_shadow_page_lockless_begin(vcpu);
-
-	if (is_tdp_mmu_active(vcpu))
-		leaf = kvm_tdp_mmu_get_walk(vcpu, addr, sptes, &root);
-	else
-		leaf = get_walk(vcpu, addr, sptes, &root);
-
-	walk_shadow_page_lockless_end(vcpu);
-
+	leaf = get_sptes_lockless(vcpu, addr, sptes, &root);
 	if (unlikely(leaf < 0)) {
 		*sptep = 0ull;
 		return reserved;
@@ -5963,6 +5971,22 @@ int noinline kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, u64 err
 }
 EXPORT_SYMBOL_GPL(kvm_mmu_page_fault);
 
+void kvm_mmu_print_sptes(struct kvm_vcpu *vcpu, gpa_t gpa, const char *msg)
+{
+	u64 sptes[PT64_ROOT_MAX_LEVEL + 1];
+	int root_level, leaf, level;
+
+	leaf = get_sptes_lockless(vcpu, gpa, sptes, &root_level);
+	if (unlikely(leaf < 0))
+		return;
+
+	pr_err("%s %llx", msg, gpa);
+	for (level = root_level; level >= leaf; level--)
+		pr_cont(", spte[%d] = 0x%llx", level, sptes[level]);
+	pr_cont("\n");
+}
+EXPORT_SYMBOL_GPL(kvm_mmu_print_sptes);
+
 static void __kvm_mmu_invalidate_addr(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu,
 				      u64 addr, hpa_t root_hpa)
 {
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 0c68643d982b..2a3fce61c785 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -5218,7 +5218,12 @@ static int handle_exception_nmi(struct kvm_vcpu *vcpu)
 		return handle_ud(vcpu);
 
 	if (KVM_BUG_ON(is_ve_fault(intr_info), vcpu->kvm)) {
+		struct vmx_ve_information *ve_info = vmx->ve_info;
+
+		WARN_ONCE(ve_info->exit_reason != EXIT_REASON_EPT_VIOLATION,
+			  "Unexpected #VE on VM-Exit reason 0x%x", ve_info->exit_reason);
 		dump_vmcs(vcpu);
+		kvm_mmu_print_sptes(vcpu, ve_info->guest_physical_address, "#VE");
 		return -EIO;
 	}
 

From patchwork Sat May 18 00:04:28 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667451
Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com
 [209.85.219.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id CA64928DDF
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:50 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.219.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990692; cv=none;
 b=RzxBLlU2AWtPsxsuW7qa3zfufd7NpvNJsf19zmOrDOQD5KGoMczIyewZLAIIMCPgdzckN8e15KaxlTWf3l3TuNJkcZRQGSKQy2n7zlYXeplnaVlH2m9rbjuv6Ccd8Ukzq3+SJNmfjN94JIDgi0+zOPhZ6jDeR8S7CslgsnTUJW4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990692; c=relaxed/simple;
	bh=d+HGE5FKbalq1IyET5esmBeH4ox7PVAkkfHJLMxz3xo=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=HL3GXWTaa7pQH6ewvURBDGtTM1byioPqCxYIRDdn987ZK6FfcOb1v//Kd/xabNaATsreVC0/FC31ZxVK/PQM2LkVzvvgN8tVidTc93F6lJSJbFBm7ZFZZpJ1Jjp76Y5fgLnI62drMAYrRgRUOBUzgEUA55Hj0Cp4k/OkoVdntQo=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=N5udJawD; arc=none smtp.client-ip=209.85.219.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="N5udJawD"
Received: by mail-yb1-f202.google.com with SMTP id
 3f1490d57ef6-de8b6847956so14590450276.1
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990690; x=1716595490;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=gllonWtr/HXeH3HBzo9n0ORhoUvXSPNion6U8aTZ5rc=;
        b=N5udJawDMf7x+Wc0ZtJ4eh90N7pmyDLFo1b5pAMHBK8FgD6X5BUdM637bDySWH55s4
         RnPUCFCFfLkZpAz7JLDAKzb/YAxGpxoqH+PLWrjWmsZlSsB7s4xiXhsAGYA/qM/HQIlb
         qoCmvoABa3T7dtjlRiVbvXPaxs6762Q9D6RUH7WZd/UXfCJoLtWxgGBPPJYetTDA2L02
         /4JoQTO1j2EiHm7FjAfIrRgY7CF8HAIIkYiN72CAKLP5JoP9RxGJKvO488d9si7AJ2Po
         cfQ2ffg9OAJpeyL7rS4+52tjJrW10HwUfqfMOgsDJg2P8HuAFFXNFPO9Ztm01ytZuv3p
         frsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990690; x=1716595490;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=gllonWtr/HXeH3HBzo9n0ORhoUvXSPNion6U8aTZ5rc=;
        b=pa/KX64gC10jGiNRsBBcWqWgs4OiMHKy2p7wO4ng6AZadopYMAJIBLe0ze3FH8B//G
         XuQT6d0y35yi65y0Ytemygn7OaIMu17k8NXSDlai8uS2lQDquH+g/OD/dujn85u+1lDd
         KppRmY76pJUGOK2UJWmUrFH+GU3O2A+PaCbx+xXEG4uYpsivJrzlbeKug9QKum9V1qNd
         TGkAelVY8URdDkI/VIGZW9v+eIFyBIIAh7xTZUlU2tXtB9V4TnSd7hMAz2iOpJ46RoMX
         xc3iLmAPR7nSp78/cMieHCHtIBO9Kd4aRMm9fQql6HlM2SDojbBfRcprT0UvO9frMQrv
         vKmw==
X-Gm-Message-State: AOJu0YzIKovENWwRdoewcnKwEL0c22PCtKxCbE16et5ECCt5lXne5Iip
	Vb6vPIeHkE0v8o1Cl/Dzln18oKk2s8YOoN8uZhedVSxgjYufjMTHU45Y7E5H1BZ8hxtl/vaX9/L
	F0g==
X-Google-Smtp-Source: 
 AGHT+IFAyinQ0ziYwYxNYFhEDBpRzcHlzA15Uvh759ilYWGg6F9fzj5Lm4hz9NDOEEtMykWD/Id/cx5EJhg=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a05:6902:2d8f:b0:de5:4b39:ffd0 with SMTP id
 3f1490d57ef6-df49021cfccmr116977276.0.1715990689912; Fri, 17 May 2024
 17:04:49 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:28 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-8-seanjc@google.com>
Subject: [PATCH 7/9] KVM: VMX: Don't kill the VM on an unexpected #VE
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Don't terminiate the VM on an unexpected #VE, as it's extremely unlikely
the #VE is fatal to the guest, and even less likely that it presents a
danger to the host.  Simply resume the guest on "failure", as the #VE info
page's BUSY field will prevent converting any more EPT Violations to #VEs
for the vCPU (at least, that's what the BUSY field is supposed to do).

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/vmx/vmx.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 2a3fce61c785..58832aae2248 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -5217,14 +5217,14 @@ static int handle_exception_nmi(struct kvm_vcpu *vcpu)
 	if (is_invalid_opcode(intr_info))
 		return handle_ud(vcpu);
 
-	if (KVM_BUG_ON(is_ve_fault(intr_info), vcpu->kvm)) {
+	if (WARN_ON_ONCE(is_ve_fault(intr_info))) {
 		struct vmx_ve_information *ve_info = vmx->ve_info;
 
 		WARN_ONCE(ve_info->exit_reason != EXIT_REASON_EPT_VIOLATION,
 			  "Unexpected #VE on VM-Exit reason 0x%x", ve_info->exit_reason);
 		dump_vmcs(vcpu);
 		kvm_mmu_print_sptes(vcpu, ve_info->guest_physical_address, "#VE");
-		return -EIO;
+		return 1;
 	}
 
 	error_code = 0;

From patchwork Sat May 18 00:04:29 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667452
Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com
 [209.85.219.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9CB362F3E
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:52 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.219.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990694; cv=none;
 b=qq3PgeJT1/4nFOdJNaLc1kqBmluiaT6/Wv9uwAlodHcwwnpetmgW2WEJBmCiIfNnsg5HZ3iIf4CT2Qc26rJG0XUdOkp79MHX649jsiDOPGZYthbTk4h/NjngbQVJ2kMB/QWfWbuV1MP+uZmHGh++IGRhFp/Ga4p6PcM5fh0EEbU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990694; c=relaxed/simple;
	bh=ectuSuFOojgkLLmjDmKbjYyngGKrMAV7Dv3oP241fUo=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=m31JHeO6WXn/MUtHbmyNH/WnQWBa5JdwkbwPzNGgxU5MDHibGao7wyxHsBxrS4OgUeSfriP4FbNNIqxlGAbxiDK4mCy0B+ZiREaPbbb0Hpq7aYyL3k/67gGwjoqNs0I7Fcc4RbciJ0uvVxdNTjdpynRWAA0ExusiVHMboqpud4A=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=gLSq9dGa; arc=none smtp.client-ip=209.85.219.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="gLSq9dGa"
Received: by mail-yb1-f201.google.com with SMTP id
 3f1490d57ef6-de604ccb373so16868760276.2
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990691; x=1716595491;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=PmNsMiZYuI21fzAH4xPEmM+x/ygJuUkqhfrSS79CJmk=;
        b=gLSq9dGa52ECmsdav/wAWAWWusX9aMRCf9x2jakCdnSa6yyy0nE0yf8W0+ODQ1y3ih
         AITH4araNa5L9rj+ut55wbxonrcFzcCijBU6RO30aMAVO3BfDXuoZ6bj8gAzCc3d3fCq
         GuxUyDNjVzVwjBJDFnqtc1LuaEoyArEw+hSRHGOQPisM0mK7CxUI2WXnRbGgt2dNfi7c
         MkS74t+vw1k4WwhqlV7O5IPLj9+fSGv6FSY2YikhBXnsyPHVKBa5WXMncKcAhAWNNcGi
         6PjM8vMcqi8q3weCMigX9da32peQbE/LerKZ7tcQx7zblZe5XiD4kLwmjMwZWV6aeTYw
         eOfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990692; x=1716595492;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=PmNsMiZYuI21fzAH4xPEmM+x/ygJuUkqhfrSS79CJmk=;
        b=NlCpFjaG7g+X/Q6sN0OPk+3UofgM83riunaDsLK982oOzC+cXywggpbazkYtBuIPkW
         7/GE0bCWaDQUwffwv2O/WXL2tJN/acfVvMnlcMdvCYzTNDdIiYm/JtYSXCFjTby+04H8
         IPh8062dOk4Tee7o2XOB0waLwKVW9LROOQwdk2BWFMR1npkdg7fDH5nV5uvMs3zNQ3Fc
         izEO4G1qGPGe6i61qQSwkwe764SUH7iOJXz2T67IVL10VdyjVPRxn2zpMr8VIxXD/+U/
         n2vjzAIrXqM3eyEpOXxUYCPUYVIlRXkgailyDC/VrFQnfnsUGGWIaD4Oj1uNPdLeJo1k
         CEww==
X-Gm-Message-State: AOJu0Yyrw1wwUcIaOCV0mB6QaQ2uMbKcjXp17zVJBwEsSfeN0u1YEud9
	j+uXiCqswEtd6vy7F06KYkd47/k7DN2LF03+dcnwLwB0MrL/N6xXQOigW88w8AZ+ENO3tHVOAkC
	JRA==
X-Google-Smtp-Source: 
 AGHT+IEKsAdKYBFpozQHbHXiVJ/HspTDM2CFInyHubWioj3i50BbfdUhI4/kUioYnKr2iux2sNvJgfiTfs4=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a05:6902:706:b0:dee:63ce:9718 with SMTP id
 3f1490d57ef6-dee63ce9a16mr2061685276.1.1715990691759; Fri, 17 May 2024
 17:04:51 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:29 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-9-seanjc@google.com>
Subject: [PATCH 8/9] KVM: VMX: Enumerate EPT Violation #VE support in
 /proc/cpuinfo
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Don't suppress printing EPT_VIOLATION_VE in /proc/cpuinfo, knowing whether
or not KVM_INTEL_PROVE_VE actually does anything is extremely valuable.
A privileged user can get at the information by reading the raw MSR, but
the whole point of the VMX flags is to avoid needing to glean information
from raw MSR reads.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/include/asm/vmxfeatures.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/vmxfeatures.h b/arch/x86/include/asm/vmxfeatures.h
index 266daf5b5b84..695f36664889 100644
--- a/arch/x86/include/asm/vmxfeatures.h
+++ b/arch/x86/include/asm/vmxfeatures.h
@@ -77,7 +77,7 @@
 #define VMX_FEATURE_ENCLS_EXITING	( 2*32+ 15) /* "" VM-Exit on ENCLS (leaf dependent) */
 #define VMX_FEATURE_RDSEED_EXITING	( 2*32+ 16) /* "" VM-Exit on RDSEED */
 #define VMX_FEATURE_PAGE_MOD_LOGGING	( 2*32+ 17) /* "pml" Log dirty pages into buffer */
-#define VMX_FEATURE_EPT_VIOLATION_VE	( 2*32+ 18) /* "" Conditionally reflect EPT violations as #VE exceptions */
+#define VMX_FEATURE_EPT_VIOLATION_VE	( 2*32+ 18) /* Conditionally reflect EPT violations as #VE exceptions */
 #define VMX_FEATURE_PT_CONCEAL_VMX	( 2*32+ 19) /* "" Suppress VMX indicators in Processor Trace */
 #define VMX_FEATURE_XSAVES		( 2*32+ 20) /* "" Enable XSAVES and XRSTORS in guest */
 #define VMX_FEATURE_MODE_BASED_EPT_EXEC	( 2*32+ 22) /* "ept_mode_based_exec" Enable separate EPT EXEC bits for supervisor vs. user */

From patchwork Sat May 18 00:04:30 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sean Christopherson <seanjc@google.com>
X-Patchwork-Id: 13667453
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2208C125CC
	for <kvm@vger.kernel.org>; Sat, 18 May 2024 00:04:54 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1715990695; cv=none;
 b=GmDgTf4YgysJa2v1ZTJl58PPr1WT8+QAuVIrR3d9NXZrO3IOGv5UwFlp3nj2AYsOR8FI5oxWS7jVTgE7wWk1qMTY2mZC4RyHFHTSDzktUd7HVukpVmk99bYjIHpmNVuAdg7hl4SjZowJLC6W7rMviwi1ryUgZsqGJSfVIXtprT0=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1715990695; c=relaxed/simple;
	bh=7aTw1q5fF2jfF8qaFVxCQ7vKf0J6QUU/de4LqX2pZiU=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=mVtLzleFI+fQsCcc3XW8dvzTKH4ievLmX8MM4PIz/nqSKbHmYW3/WyPioHdllYI4zw+pVzxlpy812QXh/wYHMbgJHwHqBcqSZH7fSeCRrR6DbPIqj3bb5InNwXf+Q4Uf/HDVonzfx3u1zLJlFo3lPz5XVy4oe6BC5/qn0PLlFfE=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=uKW/Z5a/; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="uKW/Z5a/"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-2b5cb8686c9so9236156a91.2
        for <kvm@vger.kernel.org>; Fri, 17 May 2024 17:04:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1715990694; x=1716595494;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:from:to:cc:subject:date:message-id:reply-to;
        bh=KaG30rbQSApl1hJFQFNfcRVacF/4y69sxTalkt/kPiY=;
        b=uKW/Z5a/2ekjqeq56LcRExA4lIDRl6EKXz4E97VoDd5NdAEjVOQ3/5YbV1PKzGcL92
         onkw/aTfPFMtU8BO+aU3mk+OSZmodXEdQVZJ6xhtwxC1ON7zw6LDyHBsAdHkpJSB9lOt
         yx8ftTszYtYEb0mKu8M19vIU5px/i8l5Her8A/neOc5Pi9kRN4kXqAgdKxSGolNybTMP
         0WQa8DXIqFO75uaz4vjcSQ61PPQIppBiV0ML2RtdZdlERw/MbCSUgVy+ZnOwB8XMuy/f
         /+EQKbCWL2hlsOskb0dj73gC126eCEWS3JcQOGXgv192j6gCpys2LfZs1JEk5tk7jw7U
         t65g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1715990694; x=1716595494;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=KaG30rbQSApl1hJFQFNfcRVacF/4y69sxTalkt/kPiY=;
        b=f7FRsiVptPMfsdo+wITVweqiPAjs3sWVmLcwrBixuO6Mn4384cTO8xWz3cPnow5ae+
         qSDfzvdgginSKPYTeX23WdUMG8C9zQF4Zt4XcoI6Vd8vEQskoDJgKAi1BomDT/TYTaB+
         nv1CefZgdSyGK/U2juhqxAnZ3Fa3bYK332ZlIpRBlV6ZcPdBEGop8DkIhwZl5UzIRk4a
         ZuqsmwAis6E9zqRQ+lj6UWNBpz9fkxTualaGdXlYil/GZJRF+OrsTIKi6t9cVUglhcCq
         7J5CN/rRr/KxxqqZWrl4kgv0BmLTDQ/rAdERmqF0rPEym/90tHAn7iGPHZlqKXKClb74
         34xw==
X-Gm-Message-State: AOJu0YwNhfpaAnIhLMg9ONnDehFnSZq3DvHgyAQgWjoFgKmordmmKn3L
	ylT+RY2cTQrbEYkdclUcCbwv/3FjI/q+RrcReXkdsQ0q/Y2o5ACa5+GQ3w9mrrQ7lr5lfbUli9s
	qow==
X-Google-Smtp-Source: 
 AGHT+IEbccThIlHdBUKBF+9ohVSG5QaFMw6xK62nY9XRpFOKV92TLuuJQe5NE/0y95hCq2GrvpgsmmwHd5k=
X-Received: from zagreus.c.googlers.com
 ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37])
 (user=seanjc job=sendgmr) by 2002:a17:90a:d80b:b0:2a7:4bb8:b24e with SMTP id
 98e67ed59e1d1-2b6cc453033mr63941a91.1.1715990693657; Fri, 17 May 2024
 17:04:53 -0700 (PDT)
Reply-To: Sean Christopherson <seanjc@google.com>
Date: Fri, 17 May 2024 17:04:30 -0700
In-Reply-To: <20240518000430.1118488-1-seanjc@google.com>
Precedence: bulk
X-Mailing-List: kvm@vger.kernel.org
List-Id: <kvm.vger.kernel.org>
List-Subscribe: <mailto:kvm+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:kvm+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20240518000430.1118488-1-seanjc@google.com>
X-Mailer: git-send-email 2.45.0.215.g3402c0e53f-goog
Message-ID: <20240518000430.1118488-10-seanjc@google.com>
Subject: [PATCH 9/9] KVM: x86: Disable KVM_INTEL_PROVE_VE by default
From: Sean Christopherson <seanjc@google.com>
To: Sean Christopherson <seanjc@google.com>,
 Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org

Disable KVM's "prove #VE" support by default, as it provides no functional
value, and even its sanity checking benefits are relatively limited.  I.e.
it should be fully opt-in even on debug kernels, especially since EPT
Violation #VE suppression appears to be buggy on some CPUs.

Opportunistically add a line in the help text to make it abundantly clear
that KVM_INTEL_PROVE_VE should never be enabled in a production
environment.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 arch/x86/kvm/Kconfig | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig
index 2a7f69abcac3..3468efc4be55 100644
--- a/arch/x86/kvm/Kconfig
+++ b/arch/x86/kvm/Kconfig
@@ -97,15 +97,15 @@ config KVM_INTEL
 
 config KVM_INTEL_PROVE_VE
         bool "Check that guests do not receive #VE exceptions"
-        default KVM_PROVE_MMU || DEBUG_KERNEL
-        depends on KVM_INTEL
+        depends on KVM_INTEL && DEBUG_KERNEL && EXPERT
         help
-
           Checks that KVM's page table management code will not incorrectly
           let guests receive a virtualization exception.  Virtualization
           exceptions will be trapped by the hypervisor rather than injected
           in the guest.
 
+          This should never be enabled in a production environment.
+
           If unsure, say N.
 
 config X86_SGX_KVM