From: Binbin Wu <binbin.wu@linux.intel.com>
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: seanjc@google.com, pbonzini@redhat.com, chao.gao@intel.com,
kai.huang@intel.com, David.Laight@ACULAB.COM,
robert.hu@linux.intel.com, guang.zeng@intel.com,
binbin.wu@linux.intel.com
Subject: [PATCH v11 09/16] KVM: x86: Untag address for vmexit handlers when LAM applicable
Date: Wed, 13 Sep 2023 20:42:20 +0800 [thread overview]
Message-ID: <20230913124227.12574-10-binbin.wu@linux.intel.com> (raw)
In-Reply-To: <20230913124227.12574-1-binbin.wu@linux.intel.com>
Add and call vmx_get_untagged_addr() for 64-bit memory operand in vmexit
handlers when LAM is applicable. Also wire get_untagged_addr() interface.
As of now, vmx_get_untagged_addr() doesn't do untag yet.
For vmexit handlers related to 64-bit linear address:
- Cases need to untag address (handled in get_vmx_mem_address())
Operand(s) of VMX instructions and INVPCID.
Operand(s) of SGX ENCLS.
- Cases LAM doesn't apply to (no change needed)
Operand of INVLPG.
Linear address in INVPCID descriptor.
Linear address in INVVPID descriptor.
BASEADDR specified in SESC of ECREATE.
Note:
LAM doesn't apply to the writes to control registers or MSRs.
LAM masking applies before paging, so the faulting linear address in CR2
doesn't contain the metadata.
The guest linear address saved in VMCS doesn't contain metadata.
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Chao Gao <chao.gao@intel.com>
Tested-by: Xuelian Guo <xuelian.guo@intel.com>
---
arch/x86/kvm/vmx/nested.c | 5 +++++
arch/x86/kvm/vmx/sgx.c | 1 +
arch/x86/kvm/vmx/vmx.c | 7 +++++++
arch/x86/kvm/vmx/vmx.h | 2 ++
arch/x86/kvm/x86.c | 4 ++++
5 files changed, 19 insertions(+)
diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c
index 51622878d6e4..4ba46e1b29d2 100644
--- a/arch/x86/kvm/vmx/nested.c
+++ b/arch/x86/kvm/vmx/nested.c
@@ -4980,6 +4980,7 @@ int get_vmx_mem_address(struct kvm_vcpu *vcpu, unsigned long exit_qualification,
else
*ret = off;
+ *ret = vmx_get_untagged_addr(vcpu, *ret, 0);
/* Long mode: #GP(0)/#SS(0) if the memory address is in a
* non-canonical form. This is the only check on the memory
* destination for long mode!
@@ -5797,6 +5798,10 @@ static int handle_invvpid(struct kvm_vcpu *vcpu)
vpid02 = nested_get_vpid02(vcpu);
switch (type) {
case VMX_VPID_EXTENT_INDIVIDUAL_ADDR:
+ /*
+ * LAM doesn't apply to addresses that are inputs to TLB
+ * invalidation.
+ */
if (!operand.vpid ||
is_noncanonical_address(operand.gla, vcpu))
return nested_vmx_fail(vcpu,
diff --git a/arch/x86/kvm/vmx/sgx.c b/arch/x86/kvm/vmx/sgx.c
index 3e822e582497..6fef01e0536e 100644
--- a/arch/x86/kvm/vmx/sgx.c
+++ b/arch/x86/kvm/vmx/sgx.c
@@ -37,6 +37,7 @@ static int sgx_get_encls_gva(struct kvm_vcpu *vcpu, unsigned long offset,
if (!IS_ALIGNED(*gva, alignment)) {
fault = true;
} else if (likely(is_64_bit_mode(vcpu))) {
+ *gva = vmx_get_untagged_addr(vcpu, *gva, 0);
fault = is_noncanonical_address(*gva, vcpu);
} else {
*gva &= 0xffffffff;
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 6eba8c08eff6..b572cfe27342 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -8209,6 +8209,11 @@ static void vmx_vm_destroy(struct kvm *kvm)
free_pages((unsigned long)kvm_vmx->pid_table, vmx_get_pid_table_order(kvm));
}
+gva_t vmx_get_untagged_addr(struct kvm_vcpu *vcpu, gva_t gva, unsigned int flags)
+{
+ return gva;
+}
+
static struct kvm_x86_ops vmx_x86_ops __initdata = {
.name = KBUILD_MODNAME,
@@ -8349,6 +8354,8 @@ static struct kvm_x86_ops vmx_x86_ops __initdata = {
.complete_emulated_msr = kvm_complete_insn_gp,
.vcpu_deliver_sipi_vector = kvm_vcpu_deliver_sipi_vector,
+
+ .get_untagged_addr = vmx_get_untagged_addr,
};
static unsigned int vmx_handle_intel_pt_intr(void)
diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h
index c2130d2c8e24..45cee1a8bc0a 100644
--- a/arch/x86/kvm/vmx/vmx.h
+++ b/arch/x86/kvm/vmx/vmx.h
@@ -420,6 +420,8 @@ void vmx_enable_intercept_for_msr(struct kvm_vcpu *vcpu, u32 msr, int type);
u64 vmx_get_l2_tsc_offset(struct kvm_vcpu *vcpu);
u64 vmx_get_l2_tsc_multiplier(struct kvm_vcpu *vcpu);
+gva_t vmx_get_untagged_addr(struct kvm_vcpu *vcpu, gva_t gva, unsigned int flags);
+
static inline void vmx_set_intercept_for_msr(struct kvm_vcpu *vcpu, u32 msr,
int type, bool value)
{
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index e03313287816..4c2cdfcae79d 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -13396,6 +13396,10 @@ int kvm_handle_invpcid(struct kvm_vcpu *vcpu, unsigned long type, gva_t gva)
switch (type) {
case INVPCID_TYPE_INDIV_ADDR:
+ /*
+ * LAM doesn't apply to addresses that are inputs to TLB
+ * invalidation.
+ */
if ((!pcid_enabled && (operand.pcid != 0)) ||
is_noncanonical_address(operand.gla, vcpu)) {
kvm_inject_gp(vcpu, 0);
--
2.25.1
next prev parent reply other threads:[~2023-09-13 15:40 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-13 12:42 [PATCH v11 00/16] LAM and LASS KVM Enabling Binbin Wu
2023-09-13 12:42 ` [PATCH v11 01/16] KVM: x86: Consolidate flags for __linearize() Binbin Wu
2023-09-13 12:42 ` [PATCH v11 02/16] KVM: x86: Use a new flag for branch targets Binbin Wu
2023-10-23 16:20 ` Sean Christopherson
2023-09-13 12:42 ` [PATCH v11 03/16] KVM: x86: Add an emulation flag for implicit system access Binbin Wu
2023-09-13 12:42 ` [PATCH v11 04/16] KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() Binbin Wu
2023-09-13 12:42 ` [PATCH v11 05/16] KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD Binbin Wu
2023-09-13 12:42 ` [PATCH v11 06/16] KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's legality Binbin Wu
2023-09-13 12:42 ` [PATCH v11 07/16] KVM: x86: Remove kvm_vcpu_is_illegal_gpa() Binbin Wu
2023-09-13 12:42 ` [PATCH v11 08/16] KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and call it in emulator Binbin Wu
2023-10-23 23:14 ` Sean Christopherson
2023-10-23 23:30 ` Sean Christopherson
2023-09-13 12:42 ` Binbin Wu [this message]
2023-09-13 12:42 ` [PATCH v11 10/16] KVM: x86: Virtualize LAM for supervisor pointer Binbin Wu
2023-09-13 12:42 ` [PATCH v11 11/16] KVM: x86: Virtualize LAM for user pointer Binbin Wu
2023-09-13 12:42 ` [PATCH v11 12/16] KVM: x86: Advertise and enable LAM (user and supervisor) Binbin Wu
2023-09-13 12:42 ` [PATCH v11 13/16] KVM: x86: Use KVM-governed feature framework to track "LAM enabled" Binbin Wu
2023-09-13 12:42 ` [PATCH v11 14/16] KVM: emulator: Add emulation of LASS violation checks on linear address Binbin Wu
2023-09-13 12:42 ` [PATCH v11 15/16] KVM: VMX: Virtualize LASS Binbin Wu
2023-09-13 12:42 ` [PATCH v11 16/16] KVM: x86: Advertise LASS CPUID to user space Binbin Wu
2023-10-08 9:37 ` [PATCH v11 00/16] LAM and LASS KVM Enabling Binbin Wu
2023-10-10 23:48 ` Sean Christopherson
2023-10-21 0:26 ` Sean Christopherson
2023-10-21 0:34 ` Sean Christopherson
2023-10-22 12:35 ` Binbin Wu
2023-10-23 23:43 ` Sean Christopherson
2023-10-24 8:31 ` Binbin Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230913124227.12574-10-binbin.wu@linux.intel.com \
--to=binbin.wu@linux.intel.com \
--cc=David.Laight@ACULAB.COM \
--cc=chao.gao@intel.com \
--cc=guang.zeng@intel.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=robert.hu@linux.intel.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox