Commit 4e02d4f9 authored by Paolo Bonzini's avatar Paolo Bonzini
Browse files

Merge tag 'kvm-x86-svm-6.16' of https://github.com/kvm-x86/linux into HEAD 

KVM SVM changes for 6.16:

 - Wait for target vCPU to acknowledge KVM_REQ_UPDATE_PROTECTED_GUEST_STATE to
   fix a race between AP destroy and VMRUN.

 - Decrypt and dump the VMSA in dump_vmcb() if debugging enabled for the VM.

 - Add support for ALLOWED_SEV_FEATURES.

 - Add #VMGEXIT to the set of handlers special cased for CONFIG_RETPOLINE=y.

 - Treat DEBUGCTL[5:2] as reserved to pave the way for virtualizing features
   that utilize those bits.

 - Don't account temporary allocations in sev_send_update_data().

 - Add support for KVM_CAP_X86_BUS_LOCK_EXIT on SVM, via Bus Lock Threshold.
parents 3e89d5fd 72df72e1

Documentation/virt/kvm/api.rst

+5 −0
Original line number Diff line number Diff line
@@ -8001,6 +8001,11 @@ apply some other policy-based mitigation. When exiting to userspace, KVM sets 
KVM_RUN_X86_BUS_LOCK in vcpu-run->flags, and conditionally sets the exit_reason

to KVM_EXIT_X86_BUS_LOCK.



Due to differences in the underlying hardware implementation, the vCPU's RIP at

the time of exit diverges between Intel and AMD.  On Intel hosts, RIP points at

the next instruction, i.e. the exit is trap-like.  On AMD hosts, RIP points at

the offending instruction, i.e. the exit is fault-like.



Note! Detected bus locks may be coincident with other exits to userspace, i.e.

KVM_RUN_X86_BUS_LOCK should be checked regardless of the primary exit reason if

userspace wants to take action on all detected bus locks.

arch/x86/include/asm/cpufeatures.h

+2 −0
Original line number Diff line number Diff line
@@ -379,6 +379,7 @@ 
#define X86_FEATURE_V_SPEC_CTRL		(15*32+20) /* "v_spec_ctrl" Virtual SPEC_CTRL */

#define X86_FEATURE_VNMI		(15*32+25) /* "vnmi" Virtual NMI */

#define X86_FEATURE_SVME_ADDR_CHK	(15*32+28) /* SVME addr check */

#define X86_FEATURE_BUS_LOCK_THRESHOLD	(15*32+29) /* Bus lock threshold */

#define X86_FEATURE_IDLE_HLT		(15*32+30) /* IDLE HLT intercept */



/* Intel-defined CPU features, CPUID level 0x00000007:0 (ECX), word 16 */
@@ -447,6 +448,7 @@ 
#define X86_FEATURE_DEBUG_SWAP		(19*32+14) /* "debug_swap" SEV-ES full debug state swap support */

#define X86_FEATURE_RMPREAD		(19*32+21) /* RMPREAD instruction */

#define X86_FEATURE_SEGMENTED_RMP	(19*32+23) /* Segmented RMP support */

#define X86_FEATURE_ALLOWED_SEV_FEATURES (19*32+27) /* Allowed SEV Features */

#define X86_FEATURE_SVSM		(19*32+28) /* "svsm" SVSM present */

#define X86_FEATURE_HV_INUSE_WR_ALLOWED	(19*32+30) /* Allow Write to in-use hypervisor-owned pages */

arch/x86/include/asm/kvm_host.h

+3 −2
Original line number Diff line number Diff line
@@ -125,7 +125,8 @@ 
	KVM_ARCH_REQ_FLAGS(31, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP)

#define KVM_REQ_HV_TLB_FLUSH \

	KVM_ARCH_REQ_FLAGS(32, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP)

#define KVM_REQ_UPDATE_PROTECTED_GUEST_STATE	KVM_ARCH_REQ(34)

#define KVM_REQ_UPDATE_PROTECTED_GUEST_STATE \

	KVM_ARCH_REQ_FLAGS(34, KVM_REQUEST_WAIT)



#define CR0_RESERVED_BITS                                               \

	(~(unsigned long)(X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | X86_CR0_TS \
@@ -411,7 +412,6 @@ struct kvm_rmap_head { 
};



struct kvm_pio_request {

	unsigned long linear_rip;

	unsigned long count;

	int in;

	int port;
@@ -917,6 +917,7 @@ struct kvm_vcpu_arch { 
	bool emulate_regs_need_sync_to_vcpu;

	bool emulate_regs_need_sync_from_vcpu;

	int (*complete_userspace_io)(struct kvm_vcpu *vcpu);

	unsigned long cui_linear_rip;



	gpa_t time;

	s8  pvclock_tsc_shift;

arch/x86/include/asm/svm.h

+9 −1
Original line number Diff line number Diff line
@@ -116,6 +116,7 @@ enum { 
	INTERCEPT_INVPCID,

	INTERCEPT_MCOMMIT,

	INTERCEPT_TLBSYNC,

	INTERCEPT_BUSLOCK,

	INTERCEPT_IDLE_HLT = 166,

};
@@ -159,7 +160,12 @@ struct __attribute__ ((__packed__)) vmcb_control_area { 
	u64 avic_physical_id;	/* Offset 0xf8 */

	u8 reserved_7[8];

	u64 vmsa_pa;		/* Used for an SEV-ES guest */

	u8 reserved_8[720];

	u8 reserved_8[16];

	u16 bus_lock_counter;		/* Offset 0x120 */

	u8 reserved_9[22];

	u64 allowed_sev_features;	/* Offset 0x138 */

	u64 guest_sev_features;		/* Offset 0x140 */

	u8 reserved_10[664];

	/*

	 * Offset 0x3e0, 32 bytes reserved

	 * for use by hypervisor/software.
@@ -291,6 +297,8 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_ 
#define SVM_SEV_FEAT_ALTERNATE_INJECTION		BIT(4)

#define SVM_SEV_FEAT_DEBUG_SWAP				BIT(5)



#define VMCB_ALLOWED_SEV_FEATURES_VALID			BIT_ULL(63)



struct vmcb_seg {

	u16 selector;

	u16 attrib;

arch/x86/include/uapi/asm/svm.h

+2 −0
Original line number Diff line number Diff line
@@ -95,6 +95,7 @@ 
#define SVM_EXIT_CR14_WRITE_TRAP		0x09e

#define SVM_EXIT_CR15_WRITE_TRAP		0x09f

#define SVM_EXIT_INVPCID       0x0a2

#define SVM_EXIT_BUS_LOCK			0x0a5

#define SVM_EXIT_IDLE_HLT      0x0a6

#define SVM_EXIT_NPF           0x400

#define SVM_EXIT_AVIC_INCOMPLETE_IPI		0x401
@@ -225,6 +226,7 @@ 
	{ SVM_EXIT_CR4_WRITE_TRAP,	"write_cr4_trap" }, \

	{ SVM_EXIT_CR8_WRITE_TRAP,	"write_cr8_trap" }, \

	{ SVM_EXIT_INVPCID,     "invpcid" }, \

	{ SVM_EXIT_BUS_LOCK,     "buslock" }, \

	{ SVM_EXIT_IDLE_HLT,     "idle-halt" }, \

	{ SVM_EXIT_NPF,         "npf" }, \

	{ SVM_EXIT_AVIC_INCOMPLETE_IPI,		"avic_incomplete_ipi" }, \