From: Sean Christopherson <seanjc@google.com>
To: Liam Merwick <liam.merwick@oracle.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Tom Lendacky <thomas.lendacky@amd.com>,
Brijesh Singh <brijesh.singh@amd.com>
Subject: Re: [PATCH 6/9] KVM: SVM: WARN if KVM attempts emulation on #UD or #GP for SEV guests
Date: Thu, 20 Jan 2022 17:04:11 +0000 [thread overview]
Message-ID: <YemWCwhQ8aYcqUw9@google.com> (raw)
In-Reply-To: <483ed34e-3125-7efb-1178-22f02173667a@oracle.com>
On Thu, Jan 20, 2022, Liam Merwick wrote:
> On 20/01/2022 01:07, Sean Christopherson wrote:
> > WARN if KVM attempts to emulate in response to #UD or #GP for SEV guests,
> > i.e. if KVM intercepts #UD or #GP, as emulation on any fault except #NPF
> > is impossible since KVM cannot read guest private memory to get the code
> > stream, and the CPU's DecodeAssists feature only provides the instruction
> > bytes on #NPF.
> >
> > Signed-off-by: Sean Christopherson <seanjc@google.com>
> > ---
> > arch/x86/kvm/svm/svm.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
> > index 994224ae2731..ed2ca875b84b 100644
> > --- a/arch/x86/kvm/svm/svm.c
> > +++ b/arch/x86/kvm/svm/svm.c
> > @@ -4267,6 +4267,9 @@ static bool svm_can_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type,
> > if (!sev_guest(vcpu->kvm))
> > return true;
> > + /* #UD and #GP should never be intercepted for SEV guests. */
> > + WARN_ON_ONCE(emul_type & (EMULTYPE_TRAP_UD | EMULTYPE_VMWARE_GP));
>
> What about EMULTYPE_TRAP_UD_FORCED?
Hmm, yeah, it's worth adding, there's no additional cost. I was thinking it was
a modifier to EMULTYPE_TRAP_UD, but it's a replacement specifically to bypass
the EmulateOnUD check (which I should have remembered since I added the type...).
next prev parent reply other threads:[~2022-01-20 17:04 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-20 1:07 [PATCH 0/9] KVM: SVM: Fix and clean up "can emulate" mess Sean Christopherson
2022-01-20 1:07 ` [PATCH 1/9] KVM: SVM: Never reject emulation due to SMAP errata for !SEV guests Sean Christopherson
2022-01-20 14:16 ` Liam Merwick
2022-01-20 1:07 ` [PATCH 2/9] Revert "KVM: SVM: avoid infinite loop on NPF from bad address" Sean Christopherson
2022-01-20 14:17 ` Liam Merwick
2022-01-20 1:07 ` [PATCH 3/9] KVM: SVM: Don't intercept #GP for SEV guests Sean Christopherson
2022-01-20 14:30 ` Liam Merwick
2022-01-20 16:55 ` Sean Christopherson
2022-01-20 1:07 ` [PATCH 4/9] KVM: SVM: Explicitly require DECODEASSISTS to enable SEV support Sean Christopherson
2022-01-20 14:32 ` Liam Merwick
2022-01-20 1:07 ` [PATCH 5/9] KVM: x86: Pass emulation type to can_emulate_instruction() Sean Christopherson
2022-01-20 14:38 ` Liam Merwick
2022-01-20 1:07 ` [PATCH 6/9] KVM: SVM: WARN if KVM attempts emulation on #UD or #GP for SEV guests Sean Christopherson
2022-01-20 15:44 ` Liam Merwick
2022-01-20 17:04 ` Sean Christopherson [this message]
2022-01-25 14:56 ` Paolo Bonzini
2022-01-20 1:07 ` [PATCH 7/9] KVM: SVM: Inject #UD on attempted emulation for SEV guest w/o insn buffer Sean Christopherson
2022-01-20 16:11 ` Liam Merwick
2022-01-20 1:07 ` [PATCH 8/9] KVM: SVM: Don't apply SEV+SMAP workaround on code fetch or PT access Sean Christopherson
2022-01-20 16:37 ` Liam Merwick
2022-01-20 1:07 ` [PATCH 9/9] KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode Sean Christopherson
2022-01-20 16:46 ` Liam Merwick
2022-01-20 16:58 ` [PATCH 0/9] KVM: SVM: Fix and clean up "can emulate" mess Liam Merwick
2022-01-21 8:30 ` Liam Merwick
2022-01-25 14:52 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YemWCwhQ8aYcqUw9@google.com \
--to=seanjc@google.com \
--cc=brijesh.singh@amd.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=liam.merwick@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=thomas.lendacky@amd.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.