From: Binbin Wu <binbin.wu@linux.intel.com>
To: pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org
Cc: rick.p.edgecombe@intel.com, kai.huang@intel.com,
adrian.hunter@intel.com, reinette.chatre@intel.com,
xiaoyao.li@intel.com, tony.lindgren@linux.intel.com,
isaku.yamahata@intel.com, yan.y.zhao@intel.com,
chao.gao@intel.com, linux-kernel@vger.kernel.org,
binbin.wu@linux.intel.com
Subject: [PATCH 01/18] KVM: x86: Add a switch_db_regs flag to handle TDX's auto-switched behavior
Date: Tue, 10 Dec 2024 08:49:27 +0800 [thread overview]
Message-ID: <20241210004946.3718496-2-binbin.wu@linux.intel.com> (raw)
In-Reply-To: <20241210004946.3718496-1-binbin.wu@linux.intel.com>
From: Isaku Yamahata <isaku.yamahata@intel.com>
Add a flag KVM_DEBUGREG_AUTO_SWITCH to skip saving/restoring guest
DRs.
TDX-SEAM unconditionally saves/restores guest DRs on TD exit/enter,
and resets DRs to architectural INIT state on TD exit. Use the new
flag KVM_DEBUGREG_AUTO_SWITCH to indicate that KVM doesn't need to
save/restore guest DRs. KVM still needs to restore host DRs after TD
exit if there are active breakpoints in the host, which is covered by
the existing code.
MOV-DR exiting is always cleared for TDX guests, so the handler for DR
access is never called, and KVM_DEBUGREG_WONT_EXIT is never set. Add
a warning if both KVM_DEBUGREG_WONT_EXIT and KVM_DEBUGREG_AUTO_SWITCH
are set.
Opportunistically convert the KVM_DEBUGREG_* definitions to use BIT().
Reported-by: Xiaoyao Li <xiaoyao.li@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Co-developed-by: Chao Gao <chao.gao@intel.com>
Signed-off-by: Chao Gao <chao.gao@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
[binbin: rework changelog]
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
---
TDX "the rest" breakout:
- Update the comment about KVM_DEBUGREG_AUTO_SWITCH.
- Check explicitly KVM_DEBUGREG_AUTO_SWITCH is not set in switch_db_regs
before restoring guest DRs, because KVM_DEBUGREG_BP_ENABLED could be set
by userspace. (Paolo)
https://lore.kernel.org/lkml/ea136ac6-53cf-cdc5-a741-acfb437819b1@redhat.com/
- Fix the issue that host DRs are not restored in v19 (Binbin)
https://lore.kernel.org/kvm/20240413002026.GP3039520@ls.amr.corp.intel.com/
- Update the changelog a bit.
---
arch/x86/include/asm/kvm_host.h | 11 +++++++++--
arch/x86/kvm/vmx/tdx.c | 1 +
arch/x86/kvm/x86.c | 4 +++-
3 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index df535f08e004..a0814079777f 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -604,8 +604,15 @@ struct kvm_pmu {
struct kvm_pmu_ops;
enum {
- KVM_DEBUGREG_BP_ENABLED = 1,
- KVM_DEBUGREG_WONT_EXIT = 2,
+ KVM_DEBUGREG_BP_ENABLED = BIT(0),
+ KVM_DEBUGREG_WONT_EXIT = BIT(1),
+ /*
+ * Guest debug registers (DR0-3, DR6 and DR7) are saved/restored by
+ * hardware on exit from or enter to guest. KVM needn't switch them.
+ * DR0-3, DR6 and DR7 are set to their architectural INIT value on VM
+ * exit, host values need to be restored.
+ */
+ KVM_DEBUGREG_AUTO_SWITCH = BIT(2),
};
struct kvm_mtrr {
diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index 3cf8a4e1fc29..b87daa643e6e 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -727,6 +727,7 @@ int tdx_vcpu_create(struct kvm_vcpu *vcpu)
vcpu->arch.efer = EFER_SCE | EFER_LME | EFER_LMA | EFER_NX;
+ vcpu->arch.switch_db_regs = KVM_DEBUGREG_AUTO_SWITCH;
vcpu->arch.cr0_guest_owned_bits = -1ul;
vcpu->arch.cr4_guest_owned_bits = -1ul;
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index e155ae90e9fa..2b4bd56e9fb4 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -10965,7 +10965,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
if (vcpu->arch.guest_fpu.xfd_err)
wrmsrl(MSR_IA32_XFD_ERR, vcpu->arch.guest_fpu.xfd_err);
- if (unlikely(vcpu->arch.switch_db_regs)) {
+ if (unlikely(vcpu->arch.switch_db_regs &&
+ !(vcpu->arch.switch_db_regs & KVM_DEBUGREG_AUTO_SWITCH))) {
set_debugreg(0, 7);
set_debugreg(vcpu->arch.eff_db[0], 0);
set_debugreg(vcpu->arch.eff_db[1], 1);
@@ -11012,6 +11013,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu)
*/
if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)) {
WARN_ON(vcpu->guest_debug & KVM_GUESTDBG_USE_HW_BP);
+ WARN_ON(vcpu->arch.switch_db_regs & KVM_DEBUGREG_AUTO_SWITCH);
kvm_x86_call(sync_dirty_debug_regs)(vcpu);
kvm_update_dr0123(vcpu);
kvm_update_dr7(vcpu);
--
2.46.0
next prev parent reply other threads:[~2024-12-10 0:47 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-10 0:49 [PATCH 00/18] KVM: TDX: TDX "the rest" part Binbin Wu
2024-12-10 0:49 ` Binbin Wu [this message]
2024-12-10 0:49 ` [PATCH 02/18] KVM: TDX: Handle EPT violation/misconfig exit Binbin Wu
2024-12-10 0:49 ` [PATCH 03/18] KVM: TDX: Detect unexpected SEPT violations due to pending SPTEs Binbin Wu
2024-12-10 0:49 ` [PATCH 04/18] KVM: TDX: Handle TDX PV CPUID hypercall Binbin Wu
2024-12-10 0:49 ` [PATCH 05/18] KVM: TDX: Handle TDX PV HLT hypercall Binbin Wu
2024-12-10 0:49 ` [PATCH 06/18] KVM: x86: Move KVM_MAX_MCE_BANKS to header file Binbin Wu
2024-12-10 0:49 ` [PATCH 07/18] KVM: TDX: Implement callbacks for MSR operations Binbin Wu
2025-01-15 11:26 ` Huang, Kai
2024-12-10 0:49 ` [PATCH 08/18] KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall Binbin Wu
2024-12-10 0:49 ` [PATCH 09/18] KVM: TDX: Enable guest access to LMCE related MSRs Binbin Wu
2024-12-10 0:49 ` [PATCH 10/18] KVM: TDX: Handle TDG.VP.VMCALL<GetTdVmCallInfo> hypercall Binbin Wu
2024-12-10 0:49 ` [PATCH 11/18] KVM: TDX: Add methods to ignore accesses to CPU state Binbin Wu
2025-01-15 6:51 ` Binbin Wu
2024-12-10 0:49 ` [PATCH 12/18] KVM: TDX: Add method to ignore guest instruction emulation Binbin Wu
2024-12-10 0:49 ` [PATCH 13/18] KVM: TDX: Add methods to ignore VMX preemption timer Binbin Wu
2024-12-10 0:49 ` [PATCH 14/18] KVM: TDX: Add methods to ignore accesses to TSC Binbin Wu
2024-12-10 0:49 ` [PATCH 15/18] KVM: TDX: Ignore setting up mce Binbin Wu
2024-12-10 0:49 ` [PATCH 16/18] KVM: TDX: Add a method to ignore hypercall patching Binbin Wu
2024-12-10 0:49 ` [PATCH 17/18] KVM: TDX: Make TDX VM type supported Binbin Wu
2024-12-10 0:49 ` [PATCH 18/18] Documentation/virt/kvm: Document on Trust Domain Extensions(TDX) Binbin Wu
2025-02-19 10:23 ` Huang, Kai
2025-02-20 5:50 ` Xiaoyao Li
2025-02-20 23:45 ` Huang, Kai
2024-12-10 18:25 ` [PATCH 00/18] KVM: TDX: TDX "the rest" part Paolo Bonzini
2024-12-11 1:31 ` Binbin Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241210004946.3718496-2-binbin.wu@linux.intel.com \
--to=binbin.wu@linux.intel.com \
--cc=adrian.hunter@intel.com \
--cc=chao.gao@intel.com \
--cc=isaku.yamahata@intel.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=reinette.chatre@intel.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tony.lindgren@linux.intel.com \
--cc=xiaoyao.li@intel.com \
--cc=yan.y.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.