Re: [PATCH] x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sean Christopherson <seanjc@google.com>
To: Borislav Petkov <bp@alien8.de>
Cc: Peter Gonda <pgonda@google.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	linux-kernel@vger.kernel.org, x86@kernel.org,
	David Rientjes <rientjes@google.com>
Subject: Re: [PATCH] x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling
Date: Mon, 28 Dec 2020 15:43:06 -0800	[thread overview]
Message-ID: <X+ptiuVAMXJ3uBX8@google.com> (raw)
In-Reply-To: <20201228223650.GD20321@zn.tnic>

On Mon, Dec 28, 2020, Borislav Petkov wrote:
> On Thu, Dec 17, 2020 at 09:19:13AM -0800, Sean Christopherson wrote:
> > On Wed, Dec 16, 2020, Peter Gonda wrote:
> > > 
> > > The IN and OUT immediate instructions only use an 8-bit immediate. The
> > > current VC handler uses the entire 32-bit immediate value. These
> > > instructions only set the first bytes.
> > > 
> > > Tested with a loop back port with "outb %0,$0xe0". Before the port seen
> > > by KVM was 0xffffffffffffffe0 instead of 0xe0. After the correct port
> > > was seen by KVM and the guests loop back OUT then IN were equal.
> > > 
> > > 
> > > Signed-off-by: Peter Gonda <pgonda@google.com>
> > > Acked-by: David Rientjes <rientjes@google.com>
> > > 
> > > 
> > > ---
> > >  arch/x86/kernel/sev-es-shared.c | 8 ++++++--
> > >  drivers/Makefile                | 1 +
> > >  2 files changed, 7 insertions(+), 2 deletions(-)
> > > 
> > > diff --git a/arch/x86/kernel/sev-es-shared.c b/arch/x86/kernel/sev-es-shared.c
> > > index 7d04b356d44d..6c790377c55c 100644
> > > --- a/arch/x86/kernel/sev-es-shared.c
> > > +++ b/arch/x86/kernel/sev-es-shared.c
> > > @@ -305,14 +305,14 @@ static enum es_result vc_ioio_exitinfo(struct es_em_ctxt *ctxt, u64 *exitinfo)
> > >  	case 0xe4:
> > >  	case 0xe5:
> > >  		*exitinfo |= IOIO_TYPE_IN;
> > > -		*exitinfo |= (u64)insn->immediate.value << 16;
> > > +		*exitinfo |= insn->immediate.bytes[0] << 16;
> > 
> > Can't we just drop the explicit cast to u64?  Or explicitly cast to u8?  Doesn't
> > really matter, but poking into the backing bytes feels a bit backwards.
> 
> GHCB spec says for IOIO_PROT (exit code 0x7b):
> 
> "SW_EXITINFO1 will be set as documented in AMD64 Architecture
> Programmer’s Manual Volume 2: System Programming, Section 15.10.2"
> 
> That section has "Figure 15-2. EXITINFO1 for IOIO Intercept" where
> [31:16] is the intercepted I/O port.
> 
> Now, insn->immediate.value is a union between a signed int and a
> unsigned char bytes[4] array so in order to be absolutely correct, that
> should use:
> 
> 	insn->immediate.bytes[0]

Eh, casting to u8 is "absolutely correct" as well.  I don't like using bytes[]
because it feels like accessing the raw data as opposed to the end result of
decoding, but it's not a sticking point.

> (u64) cast doesn't matter because *exitinfo = 0 at function entry and
> that is part of the first assignment afterwards.
> 
> I still don't see how that sign extension 0xffffffffffffffe0 can happen,
> though. Maybe something gets added during instruction decoding...

Yes, insn_get_immediate() sets insn->immediate.value directly and sign extends
the imm8 (which is correct, e.g. for "AND r/m64, imm8"). 

	switch (inat_immediate_size(insn->attr)) {
	case INAT_IMM_BYTE:
		insn->immediate.value = get_next(signed char, insn);
		insn->immediate.nbytes = 1;
		break;
	...
	}
> 
> Hmmm.
> 
> -- 
> Regards/Gruss,
>     Boris.
> 
> https://people.kernel.org/tglx/notes-about-netiquette

next prev parent reply	other threads:[~2020-12-28 23:44 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-17  1:04 [PATCH] x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling Peter Gonda
2020-12-17 17:19 ` Sean Christopherson
2020-12-28 22:36   ` Borislav Petkov
2020-12-28 23:43     ` Sean Christopherson [this message]
2020-12-29 10:56       ` Borislav Petkov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=X+ptiuVAMXJ3uBX8@google.com \
    --to=seanjc@google.com \
    --cc=bp@alien8.de \
    --cc=jroedel@suse.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=pgonda@google.com \
    --cc=rientjes@google.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.