Re: [kvm-unit-tests PATCH 14/16] svm: rewerite vm entry macros

[Sean Christopherson <seanjc@google.com>]

On Thu, Oct 27, 2022, Maxim Levitsky wrote:
> On Mon, 2022-10-24 at 19:56 +0000, Sean Christopherson wrote:
> > > And also there is segment registers, etc, etc.
> > 
> > Which aren't GPRs.
> 
> But user can want to use them too.

My point is that they don't need to be handled in this the VM-Entry/VM-Exit path
as both VMX and SVM context switch all segment information through the VMCS/VMCB.
In other words, if we want to provide easy, generic access to segment information,
that can be done completely separately from this code and in a separate struct.

> > > Note though that my LBR tests do still need this as a macro because they must
> > > not do any extra jumps/calls as these clobber the LBR registers.
> > 
> > Shouldn't it be fairly easy to account for the CALL in the asm routine?  Taking
> > on that sort of dependency is quite gross, but it'd likely be less maintenance
> > in the long run than an inline asm blob.
> 
> That is not possible - the SVM has just one LBR - so doing call will erase it.

Ugh, that's a pain.  

> I'll think of something, I also do want to turn this into a function.

Actually, IIUC, there's no need to preserve the LBR across the call to a VMRUN
subroutine.  When checking that the host value is preserved, LBRs are disabled
before the call.  When checking that the guest value leaks back into the host,
the host value is irrelevant, the only thing that matters is that the LBR is
pre-filled with something other than the guest value, and that functionality is
provided by the call into the VMRUN subroutine.

LBR side topic #1, sequences like this should really be a single asm blob:

	wrmsr(MSR_IA32_DEBUGCTLMSR, DEBUGCTLMSR_LBR);
	DO_BRANCH(...);
	wrmsr(MSR_IA32_DEBUGCTLMSR, 0);

as there is nothing that prevents the compiler from inserting a branch between
DO_BRANCH() and the wrmsr().  It's extremely unlikely, but technicall possible.

LBR side topic #2, the tests are broken on our Milan systems.  I've poked around
a few times, but haven't dug in deep yet (and probably won't have cycles to do so
anytime soon).

PASS: Basic LBR test
PASS: Test that without LBRV enabled, guest LBR state does 'leak' to the host(1)
PASS: Test that without LBRV enabled, guest LBR state does 'leak' to the host(2)
PASS: Test that with LBRV enabled, guest LBR state doesn't leak (1)
Unhandled exception 6 #UD at ip 000000000040175c
error_code=0000      rflags=00010086      cs=00000008
rax=00000000004016e7 rcx=00000000000001dc rdx=80000000004016e7 rbx=0000000000414920
rbp=000000000042fa38 rsi=0000000000000000 rdi=0000000000414d98
 r8=00000000004176f9  r9=00000000000003f8 r10=000000000000000d r11=0000000000000000
r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000
cr0=0000000080010011 cr2=0000000000000000 cr3=00000000010bf000 cr4=0000000000040020
cr8=0000000000000000