Re: [PATCH v2 3/5] KVM: nVMX: emulate the INVVPID instruction

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Paolo Bonzini <pbonzini@redhat.com>
To: Wanpeng Li <wanpeng.li@hotmail.com>
Cc: Jan Kiszka <jan.kiszka@siemens.com>, Bandan Das <bsd@redhat.com>,
	Wincy Van <fanwenyi0529@gmail.com>,
	kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 3/5] KVM: nVMX: emulate the INVVPID instruction
Date: Tue, 13 Oct 2015 16:35:09 +0200	[thread overview]
Message-ID: <561D169D.4050802@redhat.com> (raw)
In-Reply-To: <BLU437-SMTP68C78EE161613A5020EEE680350@phx.gbl>



On 08/10/2015 07:57, Wanpeng Li wrote:
> Add the INVVPID instruction emulation.
> 
> Reviewed-by: Wincy Van <fanwenyi0529@gmail.com>
> Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
> ---
>  arch/x86/include/asm/vmx.h |  3 +++
>  arch/x86/kvm/vmx.c         | 49 +++++++++++++++++++++++++++++++++++++++++++++-
>  2 files changed, 51 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h
> index 448b7ca..af5fdaf 100644
> --- a/arch/x86/include/asm/vmx.h
> +++ b/arch/x86/include/asm/vmx.h
> @@ -397,8 +397,10 @@ enum vmcs_field {
>  #define IDENTITY_PAGETABLE_PRIVATE_MEMSLOT	(KVM_USER_MEM_SLOTS + 2)
>  
>  #define VMX_NR_VPIDS				(1 << 16)
> +#define VMX_VPID_EXTENT_INDIVIDUAL_ADDR 	0
>  #define VMX_VPID_EXTENT_SINGLE_CONTEXT		1
>  #define VMX_VPID_EXTENT_ALL_CONTEXT		2
> +#define VMX_VPID_EXTENT_SHIFT			40

This is not used.

Comparing handle_invept with handle_invvpid, some differences are 
apparent:

>  static int handle_invvpid(struct kvm_vcpu *vcpu)
>  {
> -	kvm_queue_exception(vcpu, UD_VECTOR);
> +	struct vcpu_vmx *vmx = to_vmx(vcpu);
> +	u32 vmx_instruction_info;
> +	unsigned long type;
> +	gva_t gva;
> +	struct x86_exception e;
> +	int vpid;
> +
> +	if (!(vmx->nested.nested_vmx_secondary_ctls_high &
> +	      SECONDARY_EXEC_ENABLE_VPID)) {

This lacks a check against VMX_VPID_INVVPID_BIT.

> +		kvm_queue_exception(vcpu, UD_VECTOR);
> +		return 1;
> +	}
> +
> +	if (!nested_vmx_check_permission(vcpu))
> +		return 1;
> +
> +	vmx_instruction_info = vmcs_read32(VMX_INSTRUCTION_INFO);
> +	type = kvm_register_readl(vcpu, (vmx_instruction_info >> 28) & 0xf);

This is missing the equivalent of this invept code:

        types = (vmx->nested.nested_vmx_ept_caps >> VMX_EPT_EXTENT_SHIFT) & 6;

        if (!(types & (1UL << type))) {
                nested_vmx_failValid(vcpu,
                                VMXERR_INVALID_OPERAND_TO_INVEPT_INVVPID);
                return 1;
        }

> +	/* according to the intel vmx instruction reference, the memory
> +	 * operand is read even if it isn't needed (e.g., for type==global)
> +	 */
> +	if (get_vmx_mem_address(vcpu, vmcs_readl(EXIT_QUALIFICATION),
> +			vmx_instruction_info, false, &gva))
> +		return 1;
> +	if (kvm_read_guest_virt(&vcpu->arch.emulate_ctxt, gva, &vpid,
> +				sizeof(u32), &e)) {
> +		kvm_inject_page_fault(vcpu, &e);
> +		return 1;
> +	}
> +
> +	switch (type) {
> +	case VMX_VPID_EXTENT_ALL_CONTEXT:
> +		if (get_vmcs12(vcpu)->virtual_processor_id == 0) {
> +			nested_vmx_failValid(vcpu,
> +				VMXERR_INVALID_OPERAND_TO_INVEPT_INVVPID);
> +			return 1;
> +		}
> +		vmx_flush_tlb(vcpu);
> +		nested_vmx_succeed(vcpu);
> +		break;
> +	default:
> +		/* Trap single context invalidation invvpid calls */
> +		BUG_ON(1);

... which means that this BUG_ON(1) is guest triggerable.

Unit tests would have caught this... :)

Paolo

> +		break;
> +	}
> +
> +	skip_emulated_instruction(vcpu);
>  	return 1;
>  }
>  
>

next prev parent reply	other threads:[~2015-10-13 14:35 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1444283846-9964-1-git-send-email-wanpeng.li@hotmail.com>
2015-10-08  5:57 ` [PATCH v2 1/5] KVM: VMX: adjust interface to allocate/free_vpid Wanpeng Li
2015-10-08  5:57 ` [PATCH v2 2/5] KVM: VMX: introduce __vmx_flush_tlb to handle specific vpid Wanpeng Li
2015-10-08  5:57 ` [PATCH v2 3/5] KVM: nVMX: emulate the INVVPID instruction Wanpeng Li
2015-10-13 14:35   ` Paolo Bonzini [this message]
2015-10-08  5:57 ` [PATCH v2 4/5] KVM: nVMX: nested VPID emulation Wanpeng Li
2015-10-08  5:57 ` [PATCH v2 5/5] KVM: nVMX: expose VPID capability to L1 Wanpeng Li
2015-10-13 14:44   ` Paolo Bonzini
2015-10-13 22:47     ` Wanpeng Li

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=561D169D.4050802@redhat.com \
    --to=pbonzini@redhat.com \
    --cc=bsd@redhat.com \
    --cc=fanwenyi0529@gmail.com \
    --cc=jan.kiszka@siemens.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=wanpeng.li@hotmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.