From mboxrd@z Thu Jan  1 00:00:00 1970
From: Sean Christopherson <sean.j.christopherson@intel.com>
Subject: Re: [RFC PATCH v6 64/92] kvm: introspection: add single-stepping
Date: Mon, 12 Aug 2019 13:50:39 -0700
Message-ID: <20190812205038.GC1437@linux.intel.com>
References: <20190809160047.8319-1-alazar@bitdefender.com>
	<20190809160047.8319-65-alazar@bitdefender.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Return-path: <virtualization-bounces@lists.linux-foundation.org>
Content-Disposition: inline
In-Reply-To: <20190809160047.8319-65-alazar@bitdefender.com>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/virtualization>,
	<mailto:virtualization-request@lists.linux-foundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/virtualization/>
List-Post: <mailto:virtualization@lists.linux-foundation.org>
List-Help: <mailto:virtualization-request@lists.linux-foundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/virtualization>,
	<mailto:virtualization-request@lists.linux-foundation.org?subject=subscribe>
Sender: virtualization-bounces@lists.linux-foundation.org
Errors-To: virtualization-bounces@lists.linux-foundation.org
To: Adalbert =?utf-8?B?TGF6xINy?= <alazar@bitdefender.com>
Cc: Tamas K Lengyel <tamas@tklengyel.com>, Weijiang Yang <weijiang.yang@intel.com>, Zhang@linux.intel.com, kvm@vger.kernel.org, Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>, Jan Kiszka <jan.kiszka@siemens.com>, Samuel =?iso-8859-1?Q?Laur=E9n?= <samuel.lauren@iki.fi>, Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>, Joerg Roedel <joro@8bytes.org>, virtualization@lists.linux-foundation.org, linux-mm@kvack.org, Patrick Colp <patrick.colp@oracle.com>, =?utf-8?B?TmljdciZb3IgQ8OuyJt1?= <ncitu@bitdefender.com>, Mathieu Tarral <mathieu.tarral@protonmail.com>, Yu C <yu.c.zhang@intel.com>, Stefan Hajnoczi <stefanha@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>, Mihai =?utf-8?B?RG9uyJt1?= <mdontu@bitdefender.com>, Jim Mattson <jmattson@google.com>
List-Id: virtualization@lists.linuxfoundation.org

T24gRnJpLCBBdWcgMDksIDIwMTkgYXQgMDc6MDA6MTlQTSArMDMwMCwgQWRhbGJlcnQgTGF6xINy
IHdyb3RlOgo+IEZyb206IE5pY3XImW9yIEPDrsibdSA8bmNpdHVAYml0ZGVmZW5kZXIuY29tPgo+
IAo+IFRoaXMgd291bGQgYmUgdXNlZCBlaXRoZXIgaWYgdGhlIGludHJvc3BlY3Rpb24gdG9vbCBy
ZXF1ZXN0IGl0IGFzIGEKPiByZXBseSB0byBhIEtWTUlfRVZFTlRfUEYgZXZlbnQgb3IgdG8gY29w
ZSB3aXRoIGluc3RydWN0aW9ucyB0aGF0IGNhbm5vdAo+IGJlIGhhbmRsZWQgYnkgdGhlIHg4NiBl
bXVsYXRvciBkdXJpbmcgdGhlIGhhbmRsaW5nIG9mIGEgVk1FWElULiBJbgo+IHRoZXNlIHNpdHVh
dGlvbnMsIGFsbCBvdGhlciB2Q1BVLXMgYXJlIGtpY2tlZCBhbmQgaGVsZCwgdGhlIEVQVC1iYXNl
ZAo+IHByb3RlY3Rpb24gaXMgcmVtb3ZlZCBhbmQgdGhlIGd1ZXN0IGlzIHNpbmdsZSBzdGVwcGVk
IGJ5IHRoZSB2Q1BVIHRoYXQKPiB0cmlnZ2VyZWQgdGhlIGluaXRpYWwgVk1FWElULiBVcG9uIGNv
bXBsZXRpb24gdGhlIEVQVC1iYXNlIHByb3RlY3Rpb24KPiBpcyByZWluc3RhbGxlZCBhbmQgYWxs
IHZDUFUtcyBhbGwgYWxsb3dlZCB0byByZXR1cm4gdG8gdGhlIGd1ZXN0Lgo+IAo+IFRoaXMgaXMg
YSByYXRoZXIgc2xvdyB3b3JrYXJvdW5kIHRoYXQga2lja3MgaW4gb2NjYXNpb25hbGx5LiBJbiB0
aGUKPiBmdXR1cmUsIHRoZSBtb3N0IGZyZXF1ZW50bHkgc2luZ2xlLXN0ZXBwZWQgaW5zdHJ1Y3Rp
b25zIHNob3VsZCBiZSBhZGRlZAo+IHRvIHRoZSBlbXVsYXRvciAodXN1YWxseSwgc3RvcmVzIHRv
IGFuZCBmcm9tIG1lbW9yeSAtIFNTRS9BVlgpLgo+IAo+IEZvciB0aGUgbW9tZW50IGl0IHdvcmtz
IG9ubHkgb24gSW50ZWwuCj4gCj4gQ0M6IEppbSBNYXR0c29uIDxqbWF0dHNvbkBnb29nbGUuY29t
Pgo+IENDOiBTZWFuIENocmlzdG9waGVyc29uIDxzZWFuLmouY2hyaXN0b3BoZXJzb25AaW50ZWwu
Y29tPgo+IENDOiBKb2VyZyBSb2VkZWwgPGpvcm9AOGJ5dGVzLm9yZz4KPiBTaWduZWQtb2ZmLWJ5
OiBOaWN1yJlvciBDw67Im3UgPG5jaXR1QGJpdGRlZmVuZGVyLmNvbT4KPiBDby1kZXZlbG9wZWQt
Ynk6IE1paGFpIERvbsibdSA8bWRvbnR1QGJpdGRlZmVuZGVyLmNvbT4KPiBTaWduZWQtb2ZmLWJ5
OiBNaWhhaSBEb27Im3UgPG1kb250dUBiaXRkZWZlbmRlci5jb20+Cj4gQ28tZGV2ZWxvcGVkLWJ5
OiBBZGFsYmVydCBMYXrEg3IgPGFsYXphckBiaXRkZWZlbmRlci5jb20+Cj4gU2lnbmVkLW9mZi1i
eTogQWRhbGJlcnQgTGF6xINyIDxhbGF6YXJAYml0ZGVmZW5kZXIuY29tPgo+IC0tLQo+ICBhcmNo
L3g4Ni9pbmNsdWRlL2FzbS9rdm1faG9zdC5oIHwgICAzICsKPiAgYXJjaC94ODYva3ZtL2t2bWku
YyAgICAgICAgICAgICB8ICA0NyArKysrKysrKysrLQo+ICBhcmNoL3g4Ni9rdm0vc3ZtLmMgICAg
ICAgICAgICAgIHwgICA1ICsrCj4gIGFyY2gveDg2L2t2bS92bXgvdm14LmMgICAgICAgICAgfCAg
MTcgKysrKwo+ICBhcmNoL3g4Ni9rdm0veDg2LmMgICAgICAgICAgICAgIHwgIDE5ICsrKysrCj4g
IGluY2x1ZGUvbGludXgva3ZtaS5oICAgICAgICAgICAgfCAgIDQgKwo+ICB2aXJ0L2t2bS9rdm1p
LmMgICAgICAgICAgICAgICAgIHwgMTQ1ICsrKysrKysrKysrKysrKysrKysrKysrKysrKysrKyst
Cj4gIHZpcnQva3ZtL2t2bWlfaW50LmggICAgICAgICAgICAgfCAgMTYgKysrKwo+ICA4IGZpbGVz
IGNoYW5nZWQsIDI1MyBpbnNlcnRpb25zKCspLCAzIGRlbGV0aW9ucygtKQo+IAo+IGRpZmYgLS1n
aXQgYS9hcmNoL3g4Ni9pbmNsdWRlL2FzbS9rdm1faG9zdC5oIGIvYXJjaC94ODYvaW5jbHVkZS9h
c20va3ZtX2hvc3QuaAo+IGluZGV4IGFkMzZhNWZjMjA0OC4uNjBlMmMyOThkNDY5IDEwMDY0NAo+
IC0tLSBhL2FyY2gveDg2L2luY2x1ZGUvYXNtL2t2bV9ob3N0LmgKPiArKysgYi9hcmNoL3g4Ni9p
bmNsdWRlL2FzbS9rdm1faG9zdC5oCj4gQEAgLTEwMTYsNiArMTAxNiw3IEBAIHN0cnVjdCBrdm1f
eDg2X29wcyB7Cj4gIAl2b2lkICgqbXNyX2ludGVyY2VwdCkoc3RydWN0IGt2bV92Y3B1ICp2Y3B1
LCB1bnNpZ25lZCBpbnQgbXNyLAo+ICAJCQkJYm9vbCBlbmFibGUpOwo+ICAJYm9vbCAoKmRlc2Nf
aW50ZXJjZXB0KShzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUsIGJvb2wgZW5hYmxlKTsKPiArCXZvaWQg
KCpzZXRfbXRmKShzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUsIGJvb2wgZW5hYmxlKTsKCk1URiBpcyBh
IFZNWCBzcGVjaWZpYyBpbXBsZW1lbnRhdGlvbiBvZiBzaW5nbGUtc3RlcHBpbmcsIHRoaXMgc2hv
dWxkIGJlCmVuYWJsZV9zaW5nbGVfc3RlcCgpIG9yIHNvbWV0aGluZyBhbG9uZyB0aG9zZSBsaW5l
cy4gIEZvciBleGFtcGxlLCBJIGFzc3VtZQpTVk0gY291bGQgaW1wbGVtZW50IHNvbWV0aGluZyB0
aGF0IGlzIG1vc3RseSBmdW5jdGlvbmFsIHZpYSBSRkxBR1MuVEYuCgo+ICAJdm9pZCAoKmNyM193
cml0ZV9leGl0aW5nKShzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUsIGJvb2wgZW5hYmxlKTsKPiAgCWJv
b2wgKCpuZXN0ZWRfcGFnZWZhdWx0KShzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpOwo+ICAJYm9vbCAo
KnNwdF9mYXVsdCkoc3RydWN0IGt2bV92Y3B1ICp2Y3B1KTsKPiBAQCAtMTYyOCw2ICsxNjI5LDgg
QEAgdm9pZCBrdm1fYXJjaF9tc3JfaW50ZXJjZXB0KHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwgdW5z
aWduZWQgaW50IG1zciwKPiAgCQkJCWJvb2wgZW5hYmxlKTsKPiAgYm9vbCBrdm1fbW11X25lc3Rl
ZF9wYWdlZmF1bHQoc3RydWN0IGt2bV92Y3B1ICp2Y3B1KTsKPiAgYm9vbCBrdm1fc3B0X2ZhdWx0
KHN0cnVjdCBrdm1fdmNwdSAqdmNwdSk7Cj4gK3ZvaWQga3ZtX3NldF9tdGYoc3RydWN0IGt2bV92
Y3B1ICp2Y3B1LCBib29sIGVuYWJsZSk7Cj4gK3ZvaWQga3ZtX3NldF9pbnRlcnJ1cHRfc2hhZG93
KHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwgaW50IG1hc2spOwo+ICB2b2lkIGt2bV9jb250cm9sX2Ny
M193cml0ZV9leGl0aW5nKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwgYm9vbCBlbmFibGUpOwo+ICAK
PiAgI2VuZGlmIC8qIF9BU01fWDg2X0tWTV9IT1NUX0ggKi8KPiBkaWZmIC0tZ2l0IGEvYXJjaC94
ODYva3ZtL2t2bWkuYyBiL2FyY2gveDg2L2t2bS9rdm1pLmMKPiBpbmRleCAwNGNhYzViOGE0ZDAu
LmYwYWI0YmQ5ZWIzNyAxMDA2NDQKPiAtLS0gYS9hcmNoL3g4Ni9rdm0va3ZtaS5jCj4gKysrIGIv
YXJjaC94ODYva3ZtL2t2bWkuYwo+IEBAIC01MjAsNyArNTIwLDYgQEAgYm9vbCBrdm1pX2FyY2hf
cGZfZXZlbnQoc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCBncGFfdCBncGEsIGd2YV90IGd2YSwKPiAg
CXUzMiBjdHhfc2l6ZTsKPiAgCXU2NCBjdHhfYWRkcjsKPiAgCXUzMiBhY3Rpb247Cj4gLQlib29s
IHNpbmdsZXN0ZXBfaWdub3JlZDsKPiAgCWJvb2wgcmV0ID0gZmFsc2U7Cj4gIAo+ICAJaWYgKCFr
dm1fc3B0X2ZhdWx0KHZjcHUpKQo+IEBAIC01MzMsNyArNTMyLDcgQEAgYm9vbCBrdm1pX2FyY2hf
cGZfZXZlbnQoc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCBncGFfdCBncGEsIGd2YV90IGd2YSwKPiAg
CWlmIChpdmNwdS0+ZWZmZWN0aXZlX3JlcF9jb21wbGV0ZSkKPiAgCQlyZXR1cm4gdHJ1ZTsKPiAg
Cj4gLQlhY3Rpb24gPSBrdm1pX21zZ19zZW5kX3BmKHZjcHUsIGdwYSwgZ3ZhLCBhY2Nlc3MsICZz
aW5nbGVzdGVwX2lnbm9yZWQsCj4gKwlhY3Rpb24gPSBrdm1pX21zZ19zZW5kX3BmKHZjcHUsIGdw
YSwgZ3ZhLCBhY2Nlc3MsICZpdmNwdS0+c3NfcmVxdWVzdGVkLAo+ICAJCQkJICAmaXZjcHUtPnJl
cF9jb21wbGV0ZSwgJmN0eF9hZGRyLAo+ICAJCQkJICBpdmNwdS0+Y3R4X2RhdGEsICZjdHhfc2l6
ZSk7Cj4gIAo+IEBAIC01NDcsNiArNTQ2LDggQEAgYm9vbCBrdm1pX2FyY2hfcGZfZXZlbnQoc3Ry
dWN0IGt2bV92Y3B1ICp2Y3B1LCBncGFfdCBncGEsIGd2YV90IGd2YSwKPiAgCQlyZXQgPSB0cnVl
Owo+ICAJCWJyZWFrOwo+ICAJY2FzZSBLVk1JX0VWRU5UX0FDVElPTl9SRVRSWToKPiArCQlpZiAo
aXZjcHUtPnNzX3JlcXVlc3RlZCAmJiAha3ZtaV9zdGFydF9zcyh2Y3B1LCBncGEsIGFjY2Vzcykp
Cj4gKwkJCXJldCA9IHRydWU7Cj4gIAkJYnJlYWs7Cj4gIAlkZWZhdWx0Ogo+ICAJCWt2bWlfaGFu
ZGxlX2NvbW1vbl9ldmVudF9hY3Rpb25zKHZjcHUsIGFjdGlvbiwgIlBGIik7Cj4gQEAgLTc1OCw2
ICs3NTksNDggQEAgaW50IGt2bWlfYXJjaF9jbWRfY29udHJvbF9jcihzdHJ1Y3Qga3ZtX3ZjcHUg
KnZjcHUsCj4gIAlyZXR1cm4gMDsKPiAgfQo+ICAKPiArdm9pZCBrdm1pX2FyY2hfc3RhcnRfc2lu
Z2xlX3N0ZXAoc3RydWN0IGt2bV92Y3B1ICp2Y3B1KQo+ICt7Cj4gKwlrdm1fc2V0X210Zih2Y3B1
LCB0cnVlKTsKPiArCj4gKwkvKgo+ICsJICogU2V0IGJsb2NrIGJ5IFNUSSBvbmx5IGlmIHRoZSBS
RkxBR1MuSUYgPSAxLgo+ICsJICogQmxvY2tpbmcgYnkgYm90aCBTVEkgYW5kIE1PVi9QT1AgU1Mg
aXMgbm90IHBvc3NpYmxlLgo+ICsJICovCj4gKwlpZiAoa3ZtX2FyY2hfaW50ZXJydXB0X2FsbG93
ZWQodmNwdSkpCj4gKwkJa3ZtX3NldF9pbnRlcnJ1cHRfc2hhZG93KHZjcHUsIEtWTV9YODZfU0hB
RE9XX0lOVF9TVEkpOwoKVGhpcyBpcyB3cm9uZywgdGhlIFNUSSBzaGFkb3cgb25seSBleGlzdHMg
aWYgaW50ZXJydXB0cyB3ZXJlIHVuYmxvY2tlZApwcmlvciB0byBTVEkuICBJJ20gZ3Vlc3Npbmcg
dGhpcyBpcyBhIGhhY2sgdG8gd29ya2Fyb3VuZAprdm1pX2FyY2hfc3RvcF9zaW5nbGVfc3RlcCgp
IG5vdCBwcm9wZXJseSBoYW5kbGluZyB0aGUgY2xlYXJpbmcgY2FzZS4KCj4gKwo+ICt9Cj4gKwo+
ICt2b2lkIGt2bWlfYXJjaF9zdG9wX3NpbmdsZV9zdGVwKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSkK
PiArewo+ICsJa3ZtX3NldF9tdGYodmNwdSwgZmFsc2UpOwo+ICsJLyoKPiArCSAqIFRoZSBibG9j
a2luZyBieSBTVEkgaXMgY2xlYXJlZCBhZnRlciB0aGUgZ3Vlc3QKPiArCSAqIGV4ZWN1dGVzIG9u
ZSBpbnN0cnVjdGlvbiBvciBpbmN1cnMgYW4gZXhjZXB0aW9uLgo+ICsJICogSG93ZXZlciB3ZSBt
aWdoIHN0b3AgdGhlIFNTIGJlZm9yZSBlbnRlcmluZyB0byBndWVzdCwKPiArCSAqIHNvIGJlIHN1
cmUgd2UgYXJlIGNsZWFyaW5nIHRoZSBTVEkgYmxvY2tpbmcuCj4gKwkgKi8KPiArCWt2bV9zZXRf
aW50ZXJydXB0X3NoYWRvdyh2Y3B1LCAwKTsKClRoZXJlIGFyZSBvbmx5IHRocmVlIGNhbGxlcnMg
b2Yga3ZtaV9zdG9wX3NzKCksIGl0IHNob3VsZCBiZSBwb3NzaWJsZQp0byBhY2N1cmF0ZWx5IHVw
ZGF0ZSBpbnRlcnJ1cHRpYmlsaXR5OgoKICAtIGt2bWlfcnVuX3NzKCkgZmFpbCwgZG8gbm90aGlu
ZwogIC0gVk0tRXhpdCB0aGF0IHdhc24ndCBhIHNpbmdsZS1zdGVwIC0gY2xlYXIgaW50ZXJydXB0
aWJpbGl0eSBpZiB0aGUKICAgIGd1ZXN0IGV4ZWN1dGVkIGFuIGluc3RydWN0aW9uIChpbmNsdWRp
bmcgZmF1bHRlZCBvbiBhbiBpbnN0cikuCiAgLSBNVEYgVk0tRXhpdCAtIGRvIG5vdGhpbmcgKFZN
Q1Mgc2hvdWxkIGFscmVhZHkgYmUgdXAtdG8tZGF0ZSkuCgo+ICt9Cj4gKwo+ICt1OCBrdm1pX2Fy
Y2hfcmVsYXhfcGFnZV9hY2Nlc3ModTggb2xkLCB1OCBuZXcpCj4gK3sKPiArCXU4IHJldCA9IG9s
ZCB8IG5ldzsKPiArCj4gKwkvKgo+ICsJICogQW4gU1BURSBlbnRyeSB3aXRoIGp1c3QgdGhlIC13
eCBiaXRzIHNldCBjYW4gdHJpZ2dlciBhCj4gKwkgKiBtaXNjb25maWd1cmF0aW9uIGVycm9yIGZy
b20gdGhlIGhhcmR3YXJlLCBhcyBpdCdzIHRoZSBjYXNlCj4gKwkgKiBmb3IgeDg2IHdoZXJlIHRo
aXMgYWNjZXNzIG1vZGUgaXMgdXNlZCB0byBtYXJrIEkvTyBtZW1vcnkuCj4gKwkgKiBUaHVzLCB3
ZSBtYWtlIHN1cmUgdGhhdCAtd3ggYWNjZXNzZXMgYXJlIHRyYW5zbGF0ZWQgdG8gcnd4Lgo+ICsJ
ICovCj4gKwlpZiAoKHJldCAmIChLVk1JX1BBR0VfQUNDRVNTX1cgfCBLVk1JX1BBR0VfQUNDRVNT
X1gpKSA9PQo+ICsJICAgIChLVk1JX1BBR0VfQUNDRVNTX1cgfCBLVk1JX1BBR0VfQUNDRVNTX1gp
KQo+ICsJCXJldCB8PSBLVk1JX1BBR0VfQUNDRVNTX1I7Cj4gKwo+ICsJcmV0dXJuIHJldDsKPiAr
fQo+ICsKPiAgc3RhdGljIGNvbnN0IHN0cnVjdCB7Cj4gIAl1bnNpZ25lZCBpbnQgYWxsb3dfYml0
Owo+ICAJZW51bSBrdm1fcGFnZV90cmFja19tb2RlIHRyYWNrX21vZGU7Cj4gZGlmZiAtLWdpdCBh
L2FyY2gveDg2L2t2bS9zdm0uYyBiL2FyY2gveDg2L2t2bS9zdm0uYwo+IGluZGV4IGIxNzhiODkw
MDY2MC4uMzQ4MWMwMjQ3NjgwIDEwMDY0NAo+IC0tLSBhL2FyY2gveDg2L2t2bS9zdm0uYwo+ICsr
KyBiL2FyY2gveDg2L2t2bS9zdm0uYwo+IEBAIC03MTgzLDYgKzcxODMsMTAgQEAgc3RhdGljIGJv
b2wgc3ZtX3NwdF9mYXVsdChzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpCj4gIAlyZXR1cm4gKHN2bS0+
dm1jYi0+Y29udHJvbC5leGl0X2NvZGUgPT0gU1ZNX0VYSVRfTlBGKTsKPiAgfQo+ICAKPiArc3Rh
dGljIHZvaWQgc3ZtX3NldF9tdGYoc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCBib29sIGVuYWJsZSkK
PiArewo+ICt9Cj4gKwo+ICBzdGF0aWMgdm9pZCBzdm1fY3IzX3dyaXRlX2V4aXRpbmcoc3RydWN0
IGt2bV92Y3B1ICp2Y3B1LCBib29sIGVuYWJsZSkKPiAgewo+ICB9Cj4gQEAgLTcyMjUsNiArNzIy
OSw3IEBAIHN0YXRpYyBzdHJ1Y3Qga3ZtX3g4Nl9vcHMgc3ZtX3g4Nl9vcHMgX19yb19hZnRlcl9p
bml0ID0gewo+ICAJLmNwdV9oYXNfYWNjZWxlcmF0ZWRfdHByID0gc3ZtX2NwdV9oYXNfYWNjZWxl
cmF0ZWRfdHByLAo+ICAJLmhhc19lbXVsYXRlZF9tc3IgPSBzdm1faGFzX2VtdWxhdGVkX21zciwK
PiAgCj4gKwkuc2V0X210ZiA9IHN2bV9zZXRfbXRmLAo+ICAJLmNyM193cml0ZV9leGl0aW5nID0g
c3ZtX2NyM193cml0ZV9leGl0aW5nLAo+ICAJLm1zcl9pbnRlcmNlcHQgPSBzdm1fbXNyX2ludGVy
Y2VwdCwKPiAgCS5kZXNjX2ludGVyY2VwdCA9IHN2bV9kZXNjX2ludGVyY2VwdCwKPiBkaWZmIC0t
Z2l0IGEvYXJjaC94ODYva3ZtL3ZteC92bXguYyBiL2FyY2gveDg2L2t2bS92bXgvdm14LmMKPiBp
bmRleCA3ZDFlMzQxYjUxYWQuLmYwMzY5ZDA1NzRkYyAxMDA2NDQKPiAtLS0gYS9hcmNoL3g4Ni9r
dm0vdm14L3ZteC5jCj4gKysrIGIvYXJjaC94ODYva3ZtL3ZteC92bXguYwo+IEBAIC01Mzg0LDYg
KzUzODQsNyBAQCBzdGF0aWMgaW50IGhhbmRsZV9pbnZhbGlkX29wKHN0cnVjdCBrdm1fdmNwdSAq
dmNwdSkKPiAgCj4gIHN0YXRpYyBpbnQgaGFuZGxlX21vbml0b3JfdHJhcChzdHJ1Y3Qga3ZtX3Zj
cHUgKnZjcHUpCj4gIHsKPiArCWt2bWlfc3RvcF9zcyh2Y3B1KTsKPiAgCXJldHVybiAxOwo+ICB9
Cj4gIAo+IEBAIC01OTkyLDYgKzU5OTMsMTEgQEAgc3RhdGljIGludCB2bXhfaGFuZGxlX2V4aXQo
c3RydWN0IGt2bV92Y3B1ICp2Y3B1KQo+ICAJCX0KPiAgCX0KPiAgCj4gKwlpZiAoa3ZtaV92Y3B1
X2VuYWJsZWRfc3ModmNwdSkKPiArCQkJJiYgZXhpdF9yZWFzb24gIT0gRVhJVF9SRUFTT05fRVBU
X1ZJT0xBVElPTgo+ICsJCQkmJiBleGl0X3JlYXNvbiAhPSBFWElUX1JFQVNPTl9NT05JVE9SX1RS
QVBfRkxBRykKCkJhZCBpbmRlbnRhdGlvbi4gIFRoaXMgaXMgcHJldmVsYW50IHRocm91Z2ggdGhl
IHNlcmllcy4KCj4gKwkJa3ZtaV9zdG9wX3NzKHZjcHUpOwo+ICsKPiAgCWlmIChleGl0X3JlYXNv
biA8IGt2bV92bXhfbWF4X2V4aXRfaGFuZGxlcnMKPiAgCSAgICAmJiBrdm1fdm14X2V4aXRfaGFu
ZGxlcnNbZXhpdF9yZWFzb25dKQo+ICAJCXJldHVybiBrdm1fdm14X2V4aXRfaGFuZGxlcnNbZXhp
dF9yZWFzb25dKHZjcHUpOwo+IEBAIC03ODQyLDYgKzc4NDgsMTYgQEAgc3RhdGljIF9fZXhpdCB2
b2lkIGhhcmR3YXJlX3Vuc2V0dXAodm9pZCkKPiAgCWZyZWVfa3ZtX2FyZWEoKTsKPiAgfQo+ICAK
PiArc3RhdGljIHZvaWQgdm14X3NldF9tdGYoc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCBib29sIGVu
YWJsZSkKPiArewo+ICsJaWYgKGVuYWJsZSkKPiArCQl2bWNzX3NldF9iaXRzKENQVV9CQVNFRF9W
TV9FWEVDX0NPTlRST0wsCj4gKwkJCSAgICAgIENQVV9CQVNFRF9NT05JVE9SX1RSQVBfRkxBRyk7
Cj4gKwllbHNlCj4gKwkJdm1jc19jbGVhcl9iaXRzKENQVV9CQVNFRF9WTV9FWEVDX0NPTlRST0ws
Cj4gKwkJCQlDUFVfQkFTRURfTU9OSVRPUl9UUkFQX0ZMQUcpOwo+ICt9Cj4gKwo+ICBzdGF0aWMg
dm9pZCB2bXhfbXNyX2ludGVyY2VwdChzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUsIHVuc2lnbmVkIGlu
dCBtc3IsCj4gIAkJCSAgICAgIGJvb2wgZW5hYmxlKQo+ICB7Cj4gQEAgLTc5MjcsNiArNzk0Myw3
IEBAIHN0YXRpYyBzdHJ1Y3Qga3ZtX3g4Nl9vcHMgdm14X3g4Nl9vcHMgX19yb19hZnRlcl9pbml0
ID0gewo+ICAJLmNwdV9oYXNfYWNjZWxlcmF0ZWRfdHByID0gcmVwb3J0X2ZsZXhwcmlvcml0eSwK
PiAgCS5oYXNfZW11bGF0ZWRfbXNyID0gdm14X2hhc19lbXVsYXRlZF9tc3IsCj4gIAo+ICsJLnNl
dF9tdGYgPSB2bXhfc2V0X210ZiwKPiAgCS5tc3JfaW50ZXJjZXB0ID0gdm14X21zcl9pbnRlcmNl
cHQsCj4gIAkuY3IzX3dyaXRlX2V4aXRpbmcgPSB2bXhfY3IzX3dyaXRlX2V4aXRpbmcsCj4gIAku
ZGVzY19pbnRlcmNlcHQgPSB2bXhfZGVzY19pbnRlcmNlcHQsCj4gZGlmZiAtLWdpdCBhL2FyY2gv
eDg2L2t2bS94ODYuYyBiL2FyY2gveDg2L2t2bS94ODYuYwo+IGluZGV4IDM4YWFkZGFkYjkzYS4u
NjU4NTUzNDAyNDlhIDEwMDY0NAo+IC0tLSBhL2FyY2gveDg2L2t2bS94ODYuYwo+ICsrKyBiL2Fy
Y2gveDg2L2t2bS94ODYuYwo+IEBAIC03MzU4LDYgKzczNTgsMTMgQEAgc3RhdGljIGludCBpbmpl
Y3RfcGVuZGluZ19ldmVudChzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUsIGJvb2wgcmVxX2ludF93aW4p
Cj4gIHsKPiAgCWludCByOwo+ICAKPiArCWlmIChrdm1pX3ZjcHVfZW5hYmxlZF9zcyh2Y3B1KSkK
PiArCQkvKgo+ICsJCSAqIFdlIGNhbm5vdCBpbmplY3QgZXZlbnRzIGR1cmluZyBzaW5nbGUtc3Rl
cHBpbmcuCj4gKwkJICogVHJ5IGFnYWluIGxhdGVyLgo+ICsJCSAqLwo+ICsJCXJldHVybiAtMTsK
PiArCj4gIAkvKiB0cnkgdG8gcmVpbmplY3QgcHJldmlvdXMgZXZlbnRzIGlmIGFueSAqLwo+ICAK
PiAgCWlmICh2Y3B1LT5hcmNoLmV4Y2VwdGlvbi5pbmplY3RlZCkKPiBAQCAtMTAxMzQsNiArMTAx
NDEsMTggQEAgdm9pZCBrdm1fY29udHJvbF9jcjNfd3JpdGVfZXhpdGluZyhzdHJ1Y3Qga3ZtX3Zj
cHUgKnZjcHUsIGJvb2wgZW5hYmxlKQo+ICB9Cj4gIEVYUE9SVF9TWU1CT0woa3ZtX2NvbnRyb2xf
Y3IzX3dyaXRlX2V4aXRpbmcpOwo+ICAKPiArdm9pZCBrdm1fc2V0X210ZihzdHJ1Y3Qga3ZtX3Zj
cHUgKnZjcHUsIGJvb2wgZW5hYmxlKQo+ICt7Cj4gKwlrdm1feDg2X29wcy0+c2V0X210Zih2Y3B1
LCBlbmFibGUpOwo+ICt9Cj4gK0VYUE9SVF9TWU1CT0woa3ZtX3NldF9tdGYpOwo+ICsKPiArdm9p
ZCBrdm1fc2V0X2ludGVycnVwdF9zaGFkb3coc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCBpbnQgbWFz
aykKPiArewo+ICsJa3ZtX3g4Nl9vcHMtPnNldF9pbnRlcnJ1cHRfc2hhZG93KHZjcHUsIG1hc2sp
Owo+ICt9Cj4gK0VYUE9SVF9TWU1CT0woa3ZtX3NldF9pbnRlcnJ1cHRfc2hhZG93KTsKCldoeSBk
byB0aGVzZSB3cmFwcGVycyBleGlzdCwgYW5kIHdoeSBhcmUgdGhleSBleHBvcnRlZD8gIEludHJv
c3BlY3Rpb24gaXMKYnVpbHQgaW50byBrdm0sIGFueSByZWFzb24gbm90IHRvIHVzZSBrdm1feDg2
X29wcyBkaXJlY3RseT8gIFRoZSBtb3N0CmRlZmluaXRlbHkgZG9uJ3QgbmVlZCB0byBiZSBleHBv
cnRlZC4KCj4gKwo+ICBib29sIGt2bV9zcHRfZmF1bHQoc3RydWN0IGt2bV92Y3B1ICp2Y3B1KQo+
ICB7Cj4gIAlyZXR1cm4ga3ZtX3g4Nl9vcHMtPnNwdF9mYXVsdCh2Y3B1KTsKPiBkaWZmIC0tZ2l0
IGEvaW5jbHVkZS9saW51eC9rdm1pLmggYi9pbmNsdWRlL2xpbnV4L2t2bWkuaAo+IGluZGV4IDVk
MTYyYjllNjdmMi4uMWRjOTAyODRkYzNhIDEwMDY0NAo+IC0tLSBhL2luY2x1ZGUvbGludXgva3Zt
aS5oCj4gKysrIGIvaW5jbHVkZS9saW51eC9rdm1pLmgKPiBAQCAtMjIsNiArMjIsOCBAQCBib29s
IGt2bWlfcXVldWVfZXhjZXB0aW9uKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSk7Cj4gIHZvaWQga3Zt
aV90cmFwX2V2ZW50KHN0cnVjdCBrdm1fdmNwdSAqdmNwdSk7Cj4gIGJvb2wga3ZtaV9kZXNjcmlw
dG9yX2V2ZW50KHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwgdTggZGVzY3JpcHRvciwgdTggd3JpdGUp
Owo+ICB2b2lkIGt2bWlfaGFuZGxlX3JlcXVlc3RzKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSk7Cj4g
K3ZvaWQga3ZtaV9zdG9wX3NzKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSk7Cj4gK2Jvb2wga3ZtaV92
Y3B1X2VuYWJsZWRfc3Moc3RydWN0IGt2bV92Y3B1ICp2Y3B1KTsKClNwZWxsIG91dCBzaW5nbGUg
c3RlcCwgYW5kIGJlIGNvbnNpc3RlbnQgYmV0d2VlbiBzaW5nbGVfc3RlcCBhbmQgc2luZ2xlc3Rl
cC4KVGhhdCBhcHBsaWVzIHRvIHByZXR0eSBtdWNoIGV2ZXJ5IHZhcmlhYmxlIGFuZCBmdW5jdGlv
biB1bmxlc3MgZG9pbmcgc28KcmVhbGx5IG1ha2VzIHRoZSB2ZXJib3NpdHkgb2Jub3hpb3VzLgoK
PiAgdm9pZCBrdm1pX2luaXRfZW11bGF0ZShzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpOwo+ICB2b2lk
IGt2bWlfYWN0aXZhdGVfcmVwX2NvbXBsZXRlKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSk7Cj4gIGJv
b2wga3ZtaV9icF9pbnRlcmNlcHRlZChzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUsIHUzMiBkYmcpOwo+
IEBAIC00NCw2ICs0Niw4IEBAIHN0YXRpYyBpbmxpbmUgdm9pZCBrdm1pX2hhbmRsZV9yZXF1ZXN0
cyhzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpIHsgfQo+ICBzdGF0aWMgaW5saW5lIGJvb2wga3ZtaV9o
eXBlcmNhbGxfZXZlbnQoc3RydWN0IGt2bV92Y3B1ICp2Y3B1KSB7IHJldHVybiBmYWxzZTsgfQo+
ICBzdGF0aWMgaW5saW5lIGJvb2wga3ZtaV9xdWV1ZV9leGNlcHRpb24oc3RydWN0IGt2bV92Y3B1
ICp2Y3B1KSB7IHJldHVybiB0cnVlOyB9Cj4gIHN0YXRpYyBpbmxpbmUgdm9pZCBrdm1pX3RyYXBf
ZXZlbnQoc3RydWN0IGt2bV92Y3B1ICp2Y3B1KSB7IH0KPiArc3RhdGljIGlubGluZSB2b2lkIGt2
bWlfc3RvcF9zcyhzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpIHsgfQo+ICtzdGF0aWMgaW5saW5lIGJv
b2wga3ZtaV92Y3B1X2VuYWJsZWRfc3Moc3RydWN0IGt2bV92Y3B1ICp2Y3B1KSB7IHJldHVybiBm
YWxzZTsgfQo+ICBzdGF0aWMgaW5saW5lIHZvaWQga3ZtaV9pbml0X2VtdWxhdGUoc3RydWN0IGt2
bV92Y3B1ICp2Y3B1KSB7IH0KPiAgc3RhdGljIGlubGluZSB2b2lkIGt2bWlfYWN0aXZhdGVfcmVw
X2NvbXBsZXRlKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSkgeyB9Cj4gIHN0YXRpYyBpbmxpbmUgYm9v
bCBrdm1pX2JwX2ludGVyY2VwdGVkKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwgdTMyIGRiZykKPiBk
aWZmIC0tZ2l0IGEvdmlydC9rdm0va3ZtaS5jIGIvdmlydC9rdm0va3ZtaS5jCj4gaW5kZXggZDQ3
YTcyNWE0MDQ1Li5hM2E1YWY5MDgwYTkgMTAwNjQ0Cj4gLS0tIGEvdmlydC9rdm0va3ZtaS5jCj4g
KysrIGIvdmlydC9rdm0va3ZtaS5jCj4gQEAgLTEyNjAsMTEgKzEyNjAsMTkgQEAgdm9pZCBrdm1p
X3J1bl9qb2JzKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSkKPiAgCX0KPiAgfQo+ICAKPiArc3RhdGlj
IGJvb2wgbmVlZF90b193YWl0X2Zvcl9zcyhzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpCj4gK3sKPiAr
CXN0cnVjdCBrdm1pX3ZjcHUgKml2Y3B1ID0gSVZDUFUodmNwdSk7Cj4gKwlzdHJ1Y3Qga3ZtaSAq
aWt2bSA9IElLVk0odmNwdS0+a3ZtKTsKPiArCj4gKwlyZXR1cm4gYXRvbWljX3JlYWQoJmlrdm0t
PnNzX2FjdGl2ZSkgJiYgIWl2Y3B1LT5zc19vd25lcjsKPiArfQo+ICsKPiAgc3RhdGljIGJvb2wg
bmVlZF90b193YWl0KHN0cnVjdCBrdm1fdmNwdSAqdmNwdSkKPiAgewo+ICAJc3RydWN0IGt2bWlf
dmNwdSAqaXZjcHUgPSBJVkNQVSh2Y3B1KTsKPiAgCj4gLQlyZXR1cm4gaXZjcHUtPnJlcGx5X3dh
aXRpbmc7Cj4gKwlyZXR1cm4gaXZjcHUtPnJlcGx5X3dhaXRpbmcgfHwgbmVlZF90b193YWl0X2Zv
cl9zcyh2Y3B1KTsKPiAgfQo+ICAKPiAgc3RhdGljIGJvb2wgZG9uZV93YWl0aW5nKHN0cnVjdCBr
dm1fdmNwdSAqdmNwdSkKPiBAQCAtMTU3Miw2ICsxNTgwLDE0MSBAQCBpbnQga3ZtaV9jbWRfcGF1
c2VfdmNwdShzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUsIGJvb2wgd2FpdCkKPiAgCXJldHVybiAwOwo+
ICB9Cj4gIAo+ICt2b2lkIGt2bWlfc3RvcF9zcyhzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpCj4gK3sK
PiArCXN0cnVjdCBrdm1pX3ZjcHUgKml2Y3B1ID0gSVZDUFUodmNwdSk7Cj4gKwlzdHJ1Y3Qga3Zt
ICprdm0gPSB2Y3B1LT5rdm07Cj4gKwlzdHJ1Y3Qga3ZtaSAqaWt2bTsKPiArCWludCBpOwo+ICsK
PiArCWlrdm0gPSBrdm1pX2dldChrdm0pOwo+ICsJaWYgKCFpa3ZtKQo+ICsJCXJldHVybjsKPiAr
Cj4gKwlpZiAodW5saWtlbHkoIWl2Y3B1LT5zc19vd25lcikpIHsKPiArCQlrdm1pX3dhcm4oaWt2
bSwgIiVzXG4iLCBfX2Z1bmNfXyk7Cj4gKwkJZ290byBvdXQ7Cj4gKwl9Cj4gKwo+ICsJZm9yIChp
ID0gaWt2bS0+c3NfbGV2ZWw7IGktLTspCj4gKwkJa3ZtaV9zZXRfZ2ZuX2FjY2Vzcyhrdm0sCj4g
KwkJCQkgICAgaWt2bS0+c3NfY29udGV4dFtpXS5nZm4sCj4gKwkJCQkgICAgaWt2bS0+c3NfY29u
dGV4dFtpXS5vbGRfYWNjZXNzLAo+ICsJCQkJICAgIGlrdm0tPnNzX2NvbnRleHRbaV0ub2xkX3dy
aXRlX2JpdG1hcCk7Cj4gKwo+ICsJaWt2bS0+c3NfbGV2ZWwgPSAwOwo+ICsKPiArCWt2bWlfYXJj
aF9zdG9wX3NpbmdsZV9zdGVwKHZjcHUpOwo+ICsKPiArCWF0b21pY19zZXQoJmlrdm0tPnNzX2Fj
dGl2ZSwgZmFsc2UpOwo+ICsJLyoKPiArCSAqIE1ha2Ugc3NfYWN0aXZlIHVwZGF0ZSB2aXNpYmxl
Cj4gKwkgKiBiZWZvcmUgcmVzdW1pbmcgYWxsIHRoZSBvdGhlciB2Q1BVcy4KPiArCSAqLwo+ICsJ
c21wX21iX19hZnRlcl9hdG9taWMoKTsKPiArCWt2bV9tYWtlX2FsbF9jcHVzX3JlcXVlc3Qoa3Zt
LCAwKTsKPiArCj4gKwlpdmNwdS0+c3Nfb3duZXIgPSBmYWxzZTsKPiArCj4gK291dDoKPiArCWt2
bWlfcHV0KGt2bSk7Cj4gK30KPiArRVhQT1JUX1NZTUJPTChrdm1pX3N0b3Bfc3MpOwo+ICsKPiAr
c3RhdGljIGJvb2wga3ZtaV9hY3F1aXJlX3NzKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSkKPiArewo+
ICsJc3RydWN0IGt2bWlfdmNwdSAqaXZjcHUgPSBJVkNQVSh2Y3B1KTsKPiArCXN0cnVjdCBrdm1p
ICppa3ZtID0gSUtWTSh2Y3B1LT5rdm0pOwo+ICsKPiArCWlmIChpdmNwdS0+c3Nfb3duZXIpCj4g
KwkJcmV0dXJuIHRydWU7Cj4gKwo+ICsJaWYgKGF0b21pY19jbXB4Y2hnKCZpa3ZtLT5zc19hY3Rp
dmUsIGZhbHNlLCB0cnVlKSAhPSBmYWxzZSkKPiArCQlyZXR1cm4gZmFsc2U7Cj4gKwo+ICsJa3Zt
X21ha2VfYWxsX2NwdXNfcmVxdWVzdCh2Y3B1LT5rdm0sIEtWTV9SRVFfSU5UUk9TUEVDVElPTiB8
Cj4gKwkJCQkJCUtWTV9SRVFVRVNUX1dBSVQpOwo+ICsKPiArCWl2Y3B1LT5zc19vd25lciA9IHRy
dWU7Cj4gKwo+ICsJcmV0dXJuIHRydWU7Cj4gK30KPiArCj4gK3N0YXRpYyBib29sIGt2bWlfcnVu
X3NzKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwgZ3BhX3QgZ3BhLCB1OCBhY2Nlc3MpCj4gK3sKPiAr
CXN0cnVjdCBrdm1pICppa3ZtID0gSUtWTSh2Y3B1LT5rdm0pOwo+ICsJdTggb2xkX2FjY2Vzcywg
bmV3X2FjY2VzczsKPiArCXUzMiBvbGRfd3JpdGVfYml0bWFwOwo+ICsJZ2ZuX3QgZ2ZuID0gZ3Bh
X3RvX2dmbihncGEpOwo+ICsJaW50IGVycjsKPiArCj4gKwlrdm1pX2FyY2hfc3RhcnRfc2luZ2xl
X3N0ZXAodmNwdSk7Cj4gKwo+ICsJZXJyID0ga3ZtaV9nZXRfZ2ZuX2FjY2Vzcyhpa3ZtLCBnZm4s
ICZvbGRfYWNjZXNzLCAmb2xkX3dyaXRlX2JpdG1hcCk7Cj4gKwkvKiBsaWtlbHkgd2FzIHJlbW92
ZWQgZnJvbSByYWRpeCB0cmVlIGR1ZSB0byByd3ggKi8KPiArCWlmIChlcnIpIHsKPiArCQlrdm1p
X3dhcm4oaWt2bSwgIiVzOiBnZm4gMHglbGx4IG5vdCBmb3VuZCBpbiB0aGUgcmFkaXggdHJlZVxu
IiwKPiArCQkJICBfX2Z1bmNfXywgZ2ZuKTsKPiArCQlyZXR1cm4gdHJ1ZTsKPiArCX0KPiArCj4g
KwlpZiAoaWt2bS0+c3NfbGV2ZWwgPT0gU0lOR0xFX1NURVBfTUFYX0RFUFRIIC0gMSkgewo+ICsJ
CWt2bWlfZXJyKGlrdm0sICJzaW5nbGUgc3RlcCBsaW1pdCByZWFjaGVkXG4iKTsKPiArCQlyZXR1
cm4gZmFsc2U7Cj4gKwl9Cj4gKwo+ICsJaWt2bS0+c3NfY29udGV4dFtpa3ZtLT5zc19sZXZlbF0u
Z2ZuID0gZ2ZuOwo+ICsJaWt2bS0+c3NfY29udGV4dFtpa3ZtLT5zc19sZXZlbF0ub2xkX2FjY2Vz
cyA9IG9sZF9hY2Nlc3M7Cj4gKwlpa3ZtLT5zc19jb250ZXh0W2lrdm0tPnNzX2xldmVsXS5vbGRf
d3JpdGVfYml0bWFwID0gb2xkX3dyaXRlX2JpdG1hcDsKPiArCWlrdm0tPnNzX2xldmVsKys7Cj4g
Kwo+ICsJbmV3X2FjY2VzcyA9IGt2bWlfYXJjaF9yZWxheF9wYWdlX2FjY2VzcyhvbGRfYWNjZXNz
LCBhY2Nlc3MpOwo+ICsKPiArCWt2bWlfc2V0X2dmbl9hY2Nlc3ModmNwdS0+a3ZtLCBnZm4sIG5l
d19hY2Nlc3MsIG9sZF93cml0ZV9iaXRtYXApOwo+ICsKPiArCXJldHVybiB0cnVlOwo+ICt9Cj4g
Kwo+ICtib29sIGt2bWlfc3RhcnRfc3Moc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCBncGFfdCBncGEs
IHU4IGFjY2VzcykKPiArewo+ICsJYm9vbCByZXQgPSBmYWxzZTsKPiArCj4gKwl3aGlsZSAoIWt2
bWlfYWNxdWlyZV9zcyh2Y3B1KSkgewo+ICsJCWludCBlcnIgPSBrdm1pX3J1bl9qb2JzX2FuZF93
YWl0KHZjcHUpOwo+ICsKPiArCQlpZiAoZXJyKSB7Cj4gKwkJCWt2bWlfZXJyKElLVk0odmNwdS0+
a3ZtKSwgImt2bWlfYWNxdWlyZV9zcygpIGhhcyBmYWlsZWRcbiIpOwo+ICsJCQlnb3RvIG91dDsK
PiArCQl9Cj4gKwl9Cj4gKwo+ICsJaWYgKGt2bWlfcnVuX3NzKHZjcHUsIGdwYSwgYWNjZXNzKSkK
PiArCQlyZXQgPSB0cnVlOwo+ICsJZWxzZQo+ICsJCWt2bWlfc3RvcF9zcyh2Y3B1KTsKPiArCj4g
K291dDoKPiArCXJldHVybiByZXQ7Cj4gK30KPiArCj4gK2Jvb2wga3ZtaV92Y3B1X2VuYWJsZWRf
c3Moc3RydWN0IGt2bV92Y3B1ICp2Y3B1KQo+ICt7Cj4gKwlzdHJ1Y3Qga3ZtaV92Y3B1ICppdmNw
dSA9IElWQ1BVKHZjcHUpOwo+ICsJc3RydWN0IGt2bWkgKmlrdm07Cj4gKwlib29sIHJldDsKPiAr
Cj4gKwlpa3ZtID0ga3ZtaV9nZXQodmNwdS0+a3ZtKTsKPiArCWlmICghaWt2bSkKPiArCQlyZXR1
cm4gZmFsc2U7Cj4gKwo+ICsJcmV0ID0gaXZjcHUtPnNzX293bmVyOwo+ICsKPiArCWt2bWlfcHV0
KHZjcHUtPmt2bSk7Cj4gKwo+ICsJcmV0dXJuIHJldDsKPiArfQo+ICtFWFBPUlRfU1lNQk9MKGt2
bWlfdmNwdV9lbmFibGVkX3NzKTsKPiArCj4gIHN0YXRpYyB2b2lkIGt2bWlfam9iX2Fib3J0KHN0
cnVjdCBrdm1fdmNwdSAqdmNwdSwgdm9pZCAqY3R4KQo+ICB7Cj4gIAlzdHJ1Y3Qga3ZtaV92Y3B1
ICppdmNwdSA9IElWQ1BVKHZjcHUpOwo+IGRpZmYgLS1naXQgYS92aXJ0L2t2bS9rdm1pX2ludC5o
IGIvdmlydC9rdm0va3ZtaV9pbnQuaAo+IGluZGV4IGQ3Zjk4NThkM2U5Ny4uMTU1MGZlMzNlZDQ4
IDEwMDY0NAo+IC0tLSBhL3ZpcnQva3ZtL2t2bWlfaW50LmgKPiArKysgYi92aXJ0L2t2bS9rdm1p
X2ludC5oCj4gQEAgLTEyNiw2ICsxMjYsOSBAQCBzdHJ1Y3Qga3ZtaV92Y3B1IHsKPiAgCQlERUNM
QVJFX0JJVE1BUChoaWdoLCBLVk1JX05VTV9NU1IpOwo+ICAJfSBtc3JfbWFzazsKPiAgCj4gKwli
b29sIHNzX293bmVyOwoKV2h5IGlzIHNpbmdsZS1zdGVwcGluZyBtdXR1YWxseSBleGNsdXNpdmUg
YWNyb3NzIGFsbCB2Q1BVcz8gIERvZXMgdGhhdAphbHdheXMgaGF2ZSB0byBiZSB0aGUgY2FzZT8K
Cj4gKwlib29sIHNzX3JlcXVlc3RlZDsKPiArCj4gIAlzdHJ1Y3QgbGlzdF9oZWFkIGpvYl9saXN0
Owo+ICAJc3BpbmxvY2tfdCBqb2JfbG9jazsKPiAgCj4gQEAgLTE1MSw2ICsxNTQsMTUgQEAgc3Ry
dWN0IGt2bWkgewo+ICAJREVDTEFSRV9CSVRNQVAoZXZlbnRfYWxsb3dfbWFzaywgS1ZNSV9OVU1f
RVZFTlRTKTsKPiAgCURFQ0xBUkVfQklUTUFQKHZtX2V2X21hc2ssIEtWTUlfTlVNX0VWRU5UUyk7
Cj4gIAo+ICsjZGVmaW5lIFNJTkdMRV9TVEVQX01BWF9ERVBUSCA4Cj4gKwlzdHJ1Y3Qgewo+ICsJ
CWdmbl90IGdmbjsKPiArCQl1OCBvbGRfYWNjZXNzOwo+ICsJCXUzMiBvbGRfd3JpdGVfYml0bWFw
Owo+ICsJfSBzc19jb250ZXh0W1NJTkdMRV9TVEVQX01BWF9ERVBUSF07Cj4gKwl1OCBzc19sZXZl
bDsKPiArCWF0b21pY190IHNzX2FjdGl2ZTsKCkdvb2Qgb3Bwb3J0dW5pdHkgZm9yIGFuIHVubmFt
ZWQgc3RydWN0LCBlLmcuCgoJc3RydWN0IHsKCQlzdHJ1Y3Qgc2luZ2xlX3N0ZXBfY29udGV4dFsu
Li5dOwoJCWJvb2wgb3duZXI7CgkJYm9vbCByZXF1ZXN0ZWQ7CgkJdTggbGV2ZWwKCQlhdG9taWNf
dCBhY3RpdmU7Cgl9IHNpbmdsZV9zdGVwOwoKPiArCj4gIAlzdHJ1Y3Qgewo+ICAJCWJvb2wgaW5p
dGlhbGl6ZWQ7Cj4gIAkJYXRvbWljX3QgZW5hYmxlZDsKPiBAQCAtMjI0LDYgKzIzNiw3IEBAIGlu
dCBrdm1pX2FkZF9qb2Ioc3RydWN0IGt2bV92Y3B1ICp2Y3B1LAo+ICAJCSB2b2lkICpjdHgsIHZv
aWQgKCpmcmVlX2ZjdCkodm9pZCAqY3R4KSk7Cj4gIHZvaWQga3ZtaV9oYW5kbGVfY29tbW9uX2V2
ZW50X2FjdGlvbnMoc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCB1MzIgYWN0aW9uLAo+ICAJCQkJICAg
ICAgY29uc3QgY2hhciAqc3RyKTsKPiArYm9vbCBrdm1pX3N0YXJ0X3NzKHN0cnVjdCBrdm1fdmNw
dSAqdmNwdSwgZ3BhX3QgZ3BhLCB1OCBhY2Nlc3MpOwo+ICAKPiAgLyogYXJjaCAqLwo+ICB2b2lk
IGt2bWlfYXJjaF91cGRhdGVfcGFnZV90cmFja2luZyhzdHJ1Y3Qga3ZtICprdm0sCj4gQEAgLTI3
NCw2ICsyODcsOSBAQCBpbnQga3ZtaV9hcmNoX2NtZF9pbmplY3RfZXhjZXB0aW9uKHN0cnVjdCBr
dm1fdmNwdSAqdmNwdSwgdTggdmVjdG9yLAo+ICAJCQkJICAgdTY0IGFkZHJlc3MpOwo+ICBpbnQg
a3ZtaV9hcmNoX2NtZF9jb250cm9sX2NyKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwKPiAgCQkJICAg
ICBjb25zdCBzdHJ1Y3Qga3ZtaV9jb250cm9sX2NyICpyZXEpOwo+ICt2b2lkIGt2bWlfYXJjaF9z
dGFydF9zaW5nbGVfc3RlcChzdHJ1Y3Qga3ZtX3ZjcHUgKnZjcHUpOwo+ICt2b2lkIGt2bWlfYXJj
aF9zdG9wX3NpbmdsZV9zdGVwKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSk7Cj4gK3U4IGt2bWlfYXJj
aF9yZWxheF9wYWdlX2FjY2Vzcyh1OCBvbGQsIHU4IG5ldyk7Cj4gIGludCBrdm1pX2FyY2hfY21k
X2NvbnRyb2xfbXNyKHN0cnVjdCBrdm1fdmNwdSAqdmNwdSwKPiAgCQkJICAgICAgY29uc3Qgc3Ry
dWN0IGt2bWlfY29udHJvbF9tc3IgKnJlcSk7Cj4gIGludCBrdm1pX2FyY2hfY21kX2dldF9tdHJy
X3R5cGUoc3RydWN0IGt2bV92Y3B1ICp2Y3B1LCB1NjQgZ3BhLCB1OCAqdHlwZSk7Cl9fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fClZpcnR1YWxpemF0aW9uIG1h
aWxpbmcgbGlzdApWaXJ0dWFsaXphdGlvbkBsaXN0cy5saW51eC1mb3VuZGF0aW9uLm9yZwpodHRw
czovL2xpc3RzLmxpbnV4Zm91bmRhdGlvbi5vcmcvbWFpbG1hbi9saXN0aW5mby92aXJ0dWFsaXph
dGlvbg==

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=w6KY=WI=vger.kernel.org=kvm-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
	INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 168B9C433FF
	for <kvm@archiver.kernel.org>; Mon, 12 Aug 2019 20:50:43 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id C768520684
	for <kvm@archiver.kernel.org>; Mon, 12 Aug 2019 20:50:42 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726921AbfHLUul (ORCPT <rfc822;kvm@archiver.kernel.org>);
        Mon, 12 Aug 2019 16:50:41 -0400
Received: from mga17.intel.com ([192.55.52.151]:48150 "EHLO mga17.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726707AbfHLUul (ORCPT <rfc822;kvm@vger.kernel.org>);
        Mon, 12 Aug 2019 16:50:41 -0400
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 12 Aug 2019 13:50:39 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.64,378,1559545200"; 
   d="scan'208";a="183678501"
Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.41])
  by FMSMGA003.fm.intel.com with ESMTP; 12 Aug 2019 13:50:39 -0700
Date:   Mon, 12 Aug 2019 13:50:39 -0700
From:   Sean Christopherson <sean.j.christopherson@intel.com>
To:     Adalbert =?utf-8?B?TGF6xINy?= <alazar@bitdefender.com>
Cc:     kvm@vger.kernel.org, linux-mm@kvack.org,
        virtualization@lists.linux-foundation.org,
        Paolo Bonzini <pbonzini@redhat.com>,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
        Tamas K Lengyel <tamas@tklengyel.com>,
        Mathieu Tarral <mathieu.tarral@protonmail.com>,
        Samuel =?iso-8859-1?Q?Laur=E9n?= <samuel.lauren@iki.fi>,
        Patrick Colp <patrick.colp@oracle.com>,
        Jan Kiszka <jan.kiszka@siemens.com>,
        Stefan Hajnoczi <stefanha@redhat.com>,
        Weijiang Yang <weijiang.yang@intel.com>, Zhang@linux.intel.com,
        Yu C <yu.c.zhang@intel.com>,
        Mihai =?utf-8?B?RG9uyJt1?= <mdontu@bitdefender.com>,
        =?utf-8?B?TmljdciZb3IgQ8OuyJt1?= <ncitu@bitdefender.com>,
        Jim Mattson <jmattson@google.com>,
        Joerg Roedel <joro@8bytes.org>
Subject: Re: [RFC PATCH v6 64/92] kvm: introspection: add single-stepping
Message-ID: <20190812205038.GC1437@linux.intel.com>
References: <20190809160047.8319-1-alazar@bitdefender.com>
 <20190809160047.8319-65-alazar@bitdefender.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20190809160047.8319-65-alazar@bitdefender.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

On Fri, Aug 09, 2019 at 07:00:19PM +0300, Adalbert Lazăr wrote:
> From: Nicușor Cîțu <ncitu@bitdefender.com>
> 
> This would be used either if the introspection tool request it as a
> reply to a KVMI_EVENT_PF event or to cope with instructions that cannot
> be handled by the x86 emulator during the handling of a VMEXIT. In
> these situations, all other vCPU-s are kicked and held, the EPT-based
> protection is removed and the guest is single stepped by the vCPU that
> triggered the initial VMEXIT. Upon completion the EPT-base protection
> is reinstalled and all vCPU-s all allowed to return to the guest.
> 
> This is a rather slow workaround that kicks in occasionally. In the
> future, the most frequently single-stepped instructions should be added
> to the emulator (usually, stores to and from memory - SSE/AVX).
> 
> For the moment it works only on Intel.
> 
> CC: Jim Mattson <jmattson@google.com>
> CC: Sean Christopherson <sean.j.christopherson@intel.com>
> CC: Joerg Roedel <joro@8bytes.org>
> Signed-off-by: Nicușor Cîțu <ncitu@bitdefender.com>
> Co-developed-by: Mihai Donțu <mdontu@bitdefender.com>
> Signed-off-by: Mihai Donțu <mdontu@bitdefender.com>
> Co-developed-by: Adalbert Lazăr <alazar@bitdefender.com>
> Signed-off-by: Adalbert Lazăr <alazar@bitdefender.com>
> ---
>  arch/x86/include/asm/kvm_host.h |   3 +
>  arch/x86/kvm/kvmi.c             |  47 ++++++++++-
>  arch/x86/kvm/svm.c              |   5 ++
>  arch/x86/kvm/vmx/vmx.c          |  17 ++++
>  arch/x86/kvm/x86.c              |  19 +++++
>  include/linux/kvmi.h            |   4 +
>  virt/kvm/kvmi.c                 | 145 +++++++++++++++++++++++++++++++-
>  virt/kvm/kvmi_int.h             |  16 ++++
>  8 files changed, 253 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
> index ad36a5fc2048..60e2c298d469 100644
> --- a/arch/x86/include/asm/kvm_host.h
> +++ b/arch/x86/include/asm/kvm_host.h
> @@ -1016,6 +1016,7 @@ struct kvm_x86_ops {
>  	void (*msr_intercept)(struct kvm_vcpu *vcpu, unsigned int msr,
>  				bool enable);
>  	bool (*desc_intercept)(struct kvm_vcpu *vcpu, bool enable);
> +	void (*set_mtf)(struct kvm_vcpu *vcpu, bool enable);

MTF is a VMX specific implementation of single-stepping, this should be
enable_single_step() or something along those lines.  For example, I assume
SVM could implement something that is mostly functional via RFLAGS.TF.

>  	void (*cr3_write_exiting)(struct kvm_vcpu *vcpu, bool enable);
>  	bool (*nested_pagefault)(struct kvm_vcpu *vcpu);
>  	bool (*spt_fault)(struct kvm_vcpu *vcpu);
> @@ -1628,6 +1629,8 @@ void kvm_arch_msr_intercept(struct kvm_vcpu *vcpu, unsigned int msr,
>  				bool enable);
>  bool kvm_mmu_nested_pagefault(struct kvm_vcpu *vcpu);
>  bool kvm_spt_fault(struct kvm_vcpu *vcpu);
> +void kvm_set_mtf(struct kvm_vcpu *vcpu, bool enable);
> +void kvm_set_interrupt_shadow(struct kvm_vcpu *vcpu, int mask);
>  void kvm_control_cr3_write_exiting(struct kvm_vcpu *vcpu, bool enable);
>  
>  #endif /* _ASM_X86_KVM_HOST_H */
> diff --git a/arch/x86/kvm/kvmi.c b/arch/x86/kvm/kvmi.c
> index 04cac5b8a4d0..f0ab4bd9eb37 100644
> --- a/arch/x86/kvm/kvmi.c
> +++ b/arch/x86/kvm/kvmi.c
> @@ -520,7 +520,6 @@ bool kvmi_arch_pf_event(struct kvm_vcpu *vcpu, gpa_t gpa, gva_t gva,
>  	u32 ctx_size;
>  	u64 ctx_addr;
>  	u32 action;
> -	bool singlestep_ignored;
>  	bool ret = false;
>  
>  	if (!kvm_spt_fault(vcpu))
> @@ -533,7 +532,7 @@ bool kvmi_arch_pf_event(struct kvm_vcpu *vcpu, gpa_t gpa, gva_t gva,
>  	if (ivcpu->effective_rep_complete)
>  		return true;
>  
> -	action = kvmi_msg_send_pf(vcpu, gpa, gva, access, &singlestep_ignored,
> +	action = kvmi_msg_send_pf(vcpu, gpa, gva, access, &ivcpu->ss_requested,
>  				  &ivcpu->rep_complete, &ctx_addr,
>  				  ivcpu->ctx_data, &ctx_size);
>  
> @@ -547,6 +546,8 @@ bool kvmi_arch_pf_event(struct kvm_vcpu *vcpu, gpa_t gpa, gva_t gva,
>  		ret = true;
>  		break;
>  	case KVMI_EVENT_ACTION_RETRY:
> +		if (ivcpu->ss_requested && !kvmi_start_ss(vcpu, gpa, access))
> +			ret = true;
>  		break;
>  	default:
>  		kvmi_handle_common_event_actions(vcpu, action, "PF");
> @@ -758,6 +759,48 @@ int kvmi_arch_cmd_control_cr(struct kvm_vcpu *vcpu,
>  	return 0;
>  }
>  
> +void kvmi_arch_start_single_step(struct kvm_vcpu *vcpu)
> +{
> +	kvm_set_mtf(vcpu, true);
> +
> +	/*
> +	 * Set block by STI only if the RFLAGS.IF = 1.
> +	 * Blocking by both STI and MOV/POP SS is not possible.
> +	 */
> +	if (kvm_arch_interrupt_allowed(vcpu))
> +		kvm_set_interrupt_shadow(vcpu, KVM_X86_SHADOW_INT_STI);

This is wrong, the STI shadow only exists if interrupts were unblocked
prior to STI.  I'm guessing this is a hack to workaround
kvmi_arch_stop_single_step() not properly handling the clearing case.

> +
> +}
> +
> +void kvmi_arch_stop_single_step(struct kvm_vcpu *vcpu)
> +{
> +	kvm_set_mtf(vcpu, false);
> +	/*
> +	 * The blocking by STI is cleared after the guest
> +	 * executes one instruction or incurs an exception.
> +	 * However we migh stop the SS before entering to guest,
> +	 * so be sure we are clearing the STI blocking.
> +	 */
> +	kvm_set_interrupt_shadow(vcpu, 0);

There are only three callers of kvmi_stop_ss(), it should be possible
to accurately update interruptibility:

  - kvmi_run_ss() fail, do nothing
  - VM-Exit that wasn't a single-step - clear interruptibility if the
    guest executed an instruction (including faulted on an instr).
  - MTF VM-Exit - do nothing (VMCS should already be up-to-date).

> +}
> +
> +u8 kvmi_arch_relax_page_access(u8 old, u8 new)
> +{
> +	u8 ret = old | new;
> +
> +	/*
> +	 * An SPTE entry with just the -wx bits set can trigger a
> +	 * misconfiguration error from the hardware, as it's the case
> +	 * for x86 where this access mode is used to mark I/O memory.
> +	 * Thus, we make sure that -wx accesses are translated to rwx.
> +	 */
> +	if ((ret & (KVMI_PAGE_ACCESS_W | KVMI_PAGE_ACCESS_X)) ==
> +	    (KVMI_PAGE_ACCESS_W | KVMI_PAGE_ACCESS_X))
> +		ret |= KVMI_PAGE_ACCESS_R;
> +
> +	return ret;
> +}
> +
>  static const struct {
>  	unsigned int allow_bit;
>  	enum kvm_page_track_mode track_mode;
> diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
> index b178b8900660..3481c0247680 100644
> --- a/arch/x86/kvm/svm.c
> +++ b/arch/x86/kvm/svm.c
> @@ -7183,6 +7183,10 @@ static bool svm_spt_fault(struct kvm_vcpu *vcpu)
>  	return (svm->vmcb->control.exit_code == SVM_EXIT_NPF);
>  }
>  
> +static void svm_set_mtf(struct kvm_vcpu *vcpu, bool enable)
> +{
> +}
> +
>  static void svm_cr3_write_exiting(struct kvm_vcpu *vcpu, bool enable)
>  {
>  }
> @@ -7225,6 +7229,7 @@ static struct kvm_x86_ops svm_x86_ops __ro_after_init = {
>  	.cpu_has_accelerated_tpr = svm_cpu_has_accelerated_tpr,
>  	.has_emulated_msr = svm_has_emulated_msr,
>  
> +	.set_mtf = svm_set_mtf,
>  	.cr3_write_exiting = svm_cr3_write_exiting,
>  	.msr_intercept = svm_msr_intercept,
>  	.desc_intercept = svm_desc_intercept,
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index 7d1e341b51ad..f0369d0574dc 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -5384,6 +5384,7 @@ static int handle_invalid_op(struct kvm_vcpu *vcpu)
>  
>  static int handle_monitor_trap(struct kvm_vcpu *vcpu)
>  {
> +	kvmi_stop_ss(vcpu);
>  	return 1;
>  }
>  
> @@ -5992,6 +5993,11 @@ static int vmx_handle_exit(struct kvm_vcpu *vcpu)
>  		}
>  	}
>  
> +	if (kvmi_vcpu_enabled_ss(vcpu)
> +			&& exit_reason != EXIT_REASON_EPT_VIOLATION
> +			&& exit_reason != EXIT_REASON_MONITOR_TRAP_FLAG)

Bad indentation.  This is prevelant through the series.

> +		kvmi_stop_ss(vcpu);
> +
>  	if (exit_reason < kvm_vmx_max_exit_handlers
>  	    && kvm_vmx_exit_handlers[exit_reason])
>  		return kvm_vmx_exit_handlers[exit_reason](vcpu);
> @@ -7842,6 +7848,16 @@ static __exit void hardware_unsetup(void)
>  	free_kvm_area();
>  }
>  
> +static void vmx_set_mtf(struct kvm_vcpu *vcpu, bool enable)
> +{
> +	if (enable)
> +		vmcs_set_bits(CPU_BASED_VM_EXEC_CONTROL,
> +			      CPU_BASED_MONITOR_TRAP_FLAG);
> +	else
> +		vmcs_clear_bits(CPU_BASED_VM_EXEC_CONTROL,
> +				CPU_BASED_MONITOR_TRAP_FLAG);
> +}
> +
>  static void vmx_msr_intercept(struct kvm_vcpu *vcpu, unsigned int msr,
>  			      bool enable)
>  {
> @@ -7927,6 +7943,7 @@ static struct kvm_x86_ops vmx_x86_ops __ro_after_init = {
>  	.cpu_has_accelerated_tpr = report_flexpriority,
>  	.has_emulated_msr = vmx_has_emulated_msr,
>  
> +	.set_mtf = vmx_set_mtf,
>  	.msr_intercept = vmx_msr_intercept,
>  	.cr3_write_exiting = vmx_cr3_write_exiting,
>  	.desc_intercept = vmx_desc_intercept,
> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
> index 38aaddadb93a..65855340249a 100644
> --- a/arch/x86/kvm/x86.c
> +++ b/arch/x86/kvm/x86.c
> @@ -7358,6 +7358,13 @@ static int inject_pending_event(struct kvm_vcpu *vcpu, bool req_int_win)
>  {
>  	int r;
>  
> +	if (kvmi_vcpu_enabled_ss(vcpu))
> +		/*
> +		 * We cannot inject events during single-stepping.
> +		 * Try again later.
> +		 */
> +		return -1;
> +
>  	/* try to reinject previous events if any */
>  
>  	if (vcpu->arch.exception.injected)
> @@ -10134,6 +10141,18 @@ void kvm_control_cr3_write_exiting(struct kvm_vcpu *vcpu, bool enable)
>  }
>  EXPORT_SYMBOL(kvm_control_cr3_write_exiting);
>  
> +void kvm_set_mtf(struct kvm_vcpu *vcpu, bool enable)
> +{
> +	kvm_x86_ops->set_mtf(vcpu, enable);
> +}
> +EXPORT_SYMBOL(kvm_set_mtf);
> +
> +void kvm_set_interrupt_shadow(struct kvm_vcpu *vcpu, int mask)
> +{
> +	kvm_x86_ops->set_interrupt_shadow(vcpu, mask);
> +}
> +EXPORT_SYMBOL(kvm_set_interrupt_shadow);

Why do these wrappers exist, and why are they exported?  Introspection is
built into kvm, any reason not to use kvm_x86_ops directly?  The most
definitely don't need to be exported.

> +
>  bool kvm_spt_fault(struct kvm_vcpu *vcpu)
>  {
>  	return kvm_x86_ops->spt_fault(vcpu);
> diff --git a/include/linux/kvmi.h b/include/linux/kvmi.h
> index 5d162b9e67f2..1dc90284dc3a 100644
> --- a/include/linux/kvmi.h
> +++ b/include/linux/kvmi.h
> @@ -22,6 +22,8 @@ bool kvmi_queue_exception(struct kvm_vcpu *vcpu);
>  void kvmi_trap_event(struct kvm_vcpu *vcpu);
>  bool kvmi_descriptor_event(struct kvm_vcpu *vcpu, u8 descriptor, u8 write);
>  void kvmi_handle_requests(struct kvm_vcpu *vcpu);
> +void kvmi_stop_ss(struct kvm_vcpu *vcpu);
> +bool kvmi_vcpu_enabled_ss(struct kvm_vcpu *vcpu);

Spell out single step, and be consistent between single_step and singlestep.
That applies to pretty much every variable and function unless doing so
really makes the verbosity obnoxious.

>  void kvmi_init_emulate(struct kvm_vcpu *vcpu);
>  void kvmi_activate_rep_complete(struct kvm_vcpu *vcpu);
>  bool kvmi_bp_intercepted(struct kvm_vcpu *vcpu, u32 dbg);
> @@ -44,6 +46,8 @@ static inline void kvmi_handle_requests(struct kvm_vcpu *vcpu) { }
>  static inline bool kvmi_hypercall_event(struct kvm_vcpu *vcpu) { return false; }
>  static inline bool kvmi_queue_exception(struct kvm_vcpu *vcpu) { return true; }
>  static inline void kvmi_trap_event(struct kvm_vcpu *vcpu) { }
> +static inline void kvmi_stop_ss(struct kvm_vcpu *vcpu) { }
> +static inline bool kvmi_vcpu_enabled_ss(struct kvm_vcpu *vcpu) { return false; }
>  static inline void kvmi_init_emulate(struct kvm_vcpu *vcpu) { }
>  static inline void kvmi_activate_rep_complete(struct kvm_vcpu *vcpu) { }
>  static inline bool kvmi_bp_intercepted(struct kvm_vcpu *vcpu, u32 dbg)
> diff --git a/virt/kvm/kvmi.c b/virt/kvm/kvmi.c
> index d47a725a4045..a3a5af9080a9 100644
> --- a/virt/kvm/kvmi.c
> +++ b/virt/kvm/kvmi.c
> @@ -1260,11 +1260,19 @@ void kvmi_run_jobs(struct kvm_vcpu *vcpu)
>  	}
>  }
>  
> +static bool need_to_wait_for_ss(struct kvm_vcpu *vcpu)
> +{
> +	struct kvmi_vcpu *ivcpu = IVCPU(vcpu);
> +	struct kvmi *ikvm = IKVM(vcpu->kvm);
> +
> +	return atomic_read(&ikvm->ss_active) && !ivcpu->ss_owner;
> +}
> +
>  static bool need_to_wait(struct kvm_vcpu *vcpu)
>  {
>  	struct kvmi_vcpu *ivcpu = IVCPU(vcpu);
>  
> -	return ivcpu->reply_waiting;
> +	return ivcpu->reply_waiting || need_to_wait_for_ss(vcpu);
>  }
>  
>  static bool done_waiting(struct kvm_vcpu *vcpu)
> @@ -1572,6 +1580,141 @@ int kvmi_cmd_pause_vcpu(struct kvm_vcpu *vcpu, bool wait)
>  	return 0;
>  }
>  
> +void kvmi_stop_ss(struct kvm_vcpu *vcpu)
> +{
> +	struct kvmi_vcpu *ivcpu = IVCPU(vcpu);
> +	struct kvm *kvm = vcpu->kvm;
> +	struct kvmi *ikvm;
> +	int i;
> +
> +	ikvm = kvmi_get(kvm);
> +	if (!ikvm)
> +		return;
> +
> +	if (unlikely(!ivcpu->ss_owner)) {
> +		kvmi_warn(ikvm, "%s\n", __func__);
> +		goto out;
> +	}
> +
> +	for (i = ikvm->ss_level; i--;)
> +		kvmi_set_gfn_access(kvm,
> +				    ikvm->ss_context[i].gfn,
> +				    ikvm->ss_context[i].old_access,
> +				    ikvm->ss_context[i].old_write_bitmap);
> +
> +	ikvm->ss_level = 0;
> +
> +	kvmi_arch_stop_single_step(vcpu);
> +
> +	atomic_set(&ikvm->ss_active, false);
> +	/*
> +	 * Make ss_active update visible
> +	 * before resuming all the other vCPUs.
> +	 */
> +	smp_mb__after_atomic();
> +	kvm_make_all_cpus_request(kvm, 0);
> +
> +	ivcpu->ss_owner = false;
> +
> +out:
> +	kvmi_put(kvm);
> +}
> +EXPORT_SYMBOL(kvmi_stop_ss);
> +
> +static bool kvmi_acquire_ss(struct kvm_vcpu *vcpu)
> +{
> +	struct kvmi_vcpu *ivcpu = IVCPU(vcpu);
> +	struct kvmi *ikvm = IKVM(vcpu->kvm);
> +
> +	if (ivcpu->ss_owner)
> +		return true;
> +
> +	if (atomic_cmpxchg(&ikvm->ss_active, false, true) != false)
> +		return false;
> +
> +	kvm_make_all_cpus_request(vcpu->kvm, KVM_REQ_INTROSPECTION |
> +						KVM_REQUEST_WAIT);
> +
> +	ivcpu->ss_owner = true;
> +
> +	return true;
> +}
> +
> +static bool kvmi_run_ss(struct kvm_vcpu *vcpu, gpa_t gpa, u8 access)
> +{
> +	struct kvmi *ikvm = IKVM(vcpu->kvm);
> +	u8 old_access, new_access;
> +	u32 old_write_bitmap;
> +	gfn_t gfn = gpa_to_gfn(gpa);
> +	int err;
> +
> +	kvmi_arch_start_single_step(vcpu);
> +
> +	err = kvmi_get_gfn_access(ikvm, gfn, &old_access, &old_write_bitmap);
> +	/* likely was removed from radix tree due to rwx */
> +	if (err) {
> +		kvmi_warn(ikvm, "%s: gfn 0x%llx not found in the radix tree\n",
> +			  __func__, gfn);
> +		return true;
> +	}
> +
> +	if (ikvm->ss_level == SINGLE_STEP_MAX_DEPTH - 1) {
> +		kvmi_err(ikvm, "single step limit reached\n");
> +		return false;
> +	}
> +
> +	ikvm->ss_context[ikvm->ss_level].gfn = gfn;
> +	ikvm->ss_context[ikvm->ss_level].old_access = old_access;
> +	ikvm->ss_context[ikvm->ss_level].old_write_bitmap = old_write_bitmap;
> +	ikvm->ss_level++;
> +
> +	new_access = kvmi_arch_relax_page_access(old_access, access);
> +
> +	kvmi_set_gfn_access(vcpu->kvm, gfn, new_access, old_write_bitmap);
> +
> +	return true;
> +}
> +
> +bool kvmi_start_ss(struct kvm_vcpu *vcpu, gpa_t gpa, u8 access)
> +{
> +	bool ret = false;
> +
> +	while (!kvmi_acquire_ss(vcpu)) {
> +		int err = kvmi_run_jobs_and_wait(vcpu);
> +
> +		if (err) {
> +			kvmi_err(IKVM(vcpu->kvm), "kvmi_acquire_ss() has failed\n");
> +			goto out;
> +		}
> +	}
> +
> +	if (kvmi_run_ss(vcpu, gpa, access))
> +		ret = true;
> +	else
> +		kvmi_stop_ss(vcpu);
> +
> +out:
> +	return ret;
> +}
> +
> +bool kvmi_vcpu_enabled_ss(struct kvm_vcpu *vcpu)
> +{
> +	struct kvmi_vcpu *ivcpu = IVCPU(vcpu);
> +	struct kvmi *ikvm;
> +	bool ret;
> +
> +	ikvm = kvmi_get(vcpu->kvm);
> +	if (!ikvm)
> +		return false;
> +
> +	ret = ivcpu->ss_owner;
> +
> +	kvmi_put(vcpu->kvm);
> +
> +	return ret;
> +}
> +EXPORT_SYMBOL(kvmi_vcpu_enabled_ss);
> +
>  static void kvmi_job_abort(struct kvm_vcpu *vcpu, void *ctx)
>  {
>  	struct kvmi_vcpu *ivcpu = IVCPU(vcpu);
> diff --git a/virt/kvm/kvmi_int.h b/virt/kvm/kvmi_int.h
> index d7f9858d3e97..1550fe33ed48 100644
> --- a/virt/kvm/kvmi_int.h
> +++ b/virt/kvm/kvmi_int.h
> @@ -126,6 +126,9 @@ struct kvmi_vcpu {
>  		DECLARE_BITMAP(high, KVMI_NUM_MSR);
>  	} msr_mask;
>  
> +	bool ss_owner;

Why is single-stepping mutually exclusive across all vCPUs?  Does that
always have to be the case?

> +	bool ss_requested;
> +
>  	struct list_head job_list;
>  	spinlock_t job_lock;
>  
> @@ -151,6 +154,15 @@ struct kvmi {
>  	DECLARE_BITMAP(event_allow_mask, KVMI_NUM_EVENTS);
>  	DECLARE_BITMAP(vm_ev_mask, KVMI_NUM_EVENTS);
>  
> +#define SINGLE_STEP_MAX_DEPTH 8
> +	struct {
> +		gfn_t gfn;
> +		u8 old_access;
> +		u32 old_write_bitmap;
> +	} ss_context[SINGLE_STEP_MAX_DEPTH];
> +	u8 ss_level;
> +	atomic_t ss_active;

Good opportunity for an unnamed struct, e.g.

	struct {
		struct single_step_context[...];
		bool owner;
		bool requested;
		u8 level
		atomic_t active;
	} single_step;

> +
>  	struct {
>  		bool initialized;
>  		atomic_t enabled;
> @@ -224,6 +236,7 @@ int kvmi_add_job(struct kvm_vcpu *vcpu,
>  		 void *ctx, void (*free_fct)(void *ctx));
>  void kvmi_handle_common_event_actions(struct kvm_vcpu *vcpu, u32 action,
>  				      const char *str);
> +bool kvmi_start_ss(struct kvm_vcpu *vcpu, gpa_t gpa, u8 access);
>  
>  /* arch */
>  void kvmi_arch_update_page_tracking(struct kvm *kvm,
> @@ -274,6 +287,9 @@ int kvmi_arch_cmd_inject_exception(struct kvm_vcpu *vcpu, u8 vector,
>  				   u64 address);
>  int kvmi_arch_cmd_control_cr(struct kvm_vcpu *vcpu,
>  			     const struct kvmi_control_cr *req);
> +void kvmi_arch_start_single_step(struct kvm_vcpu *vcpu);
> +void kvmi_arch_stop_single_step(struct kvm_vcpu *vcpu);
> +u8 kvmi_arch_relax_page_access(u8 old, u8 new);
>  int kvmi_arch_cmd_control_msr(struct kvm_vcpu *vcpu,
>  			      const struct kvmi_control_msr *req);
>  int kvmi_arch_cmd_get_mtrr_type(struct kvm_vcpu *vcpu, u64 gpa, u8 *type);