Merge tag 'kvm-x86-svm-6.7' of https://github.com/kvm-x86/linux into HEAD

KVM_X86_OP_OPTIONAL(vm_move_enc_context_from)

KVM_X86_OP_OPTIONAL(guest_memory_reclaimed)

KVM_X86_OP(get_msr_feature)

KVM_X86_OP(can_emulate_instruction)

KVM_X86_OP(check_emulate_instruction)

KVM_X86_OP(apic_init_signal_blocked)

KVM_X86_OP_OPTIONAL(enable_l2_tlb_flush)

KVM_X86_OP_OPTIONAL(migrate_timers)

	int (*get_msr_feature)(struct kvm_msr_entry *entry);

	bool (*can_emulate_instruction)(struct kvm_vcpu *vcpu, int emul_type,

	int (*check_emulate_instruction)(struct kvm_vcpu *vcpu, int emul_type,

					 void *insn, int insn_len);

	bool (*apic_init_signal_blocked)(struct kvm_vcpu *vcpu);

		svm->vmcb->control.int_state |= SVM_INTERRUPT_SHADOW_MASK;

}

static bool svm_can_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type,

					void *insn, int insn_len);

static int __svm_skip_emulated_instruction(struct kvm_vcpu *vcpu,

					   bool commit_side_effects)

	}

	if (!svm->next_rip) {

		/*

		 * FIXME: Drop this when kvm_emulate_instruction() does the

		 * right thing and treats "can't emulate" as outright failure

		 * for EMULTYPE_SKIP.

		 */

		if (!svm_can_emulate_instruction(vcpu, EMULTYPE_SKIP, NULL, 0))

			return 0;

		if (unlikely(!commit_side_effects))

			old_rflags = svm->vmcb->save.rflags;

	struct kvm_run *kvm_run = vcpu->run;

	struct vcpu_svm *svm = to_svm(vcpu);

	/*

	 * The VM save area has already been encrypted so it

	 * cannot be reinitialized - just terminate.

	 */

	if (sev_es_guest(vcpu->kvm))

		return -EINVAL;

	/*

	 * VMCB is undefined after a SHUTDOWN intercept.  INIT the vCPU to put

	 * userspace.  At a platform view, INIT is acceptable behavior as

	 * there exist bare metal platforms that automatically INIT the CPU

	 * in response to shutdown.

	 *

	 * The VM save area for SEV-ES guests has already been encrypted so it

	 * cannot be reinitialized, i.e. synthesizing INIT is futile.

	 */

	if (!sev_es_guest(vcpu->kvm)) {

		clear_page(svm->vmcb);

		kvm_vcpu_reset(vcpu, true);

	}

	kvm_run->exit_reason = KVM_EXIT_SHUTDOWN;

	return 0;

}

#endif

static bool svm_can_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type,

static int svm_check_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type,

					 void *insn, int insn_len)

{

	bool smep, smap, is_user;

	/* Emulation is always possible when KVM has access to all guest state. */

	if (!sev_guest(vcpu->kvm))

		return true;

		return X86EMUL_CONTINUE;

	/* #UD and #GP should never be intercepted for SEV guests. */

	WARN_ON_ONCE(emul_type & (EMULTYPE_TRAP_UD |

	 * to guest register state.

	 */

	if (sev_es_guest(vcpu->kvm))

		return false;

		return X86EMUL_RETRY_INSTR;

	/*

	 * Emulation is possible if the instruction is already decoded, e.g.

	 * when completing I/O after returning from userspace.

	 */

	if (emul_type & EMULTYPE_NO_DECODE)

		return true;

		return X86EMUL_CONTINUE;

	/*

	 * Emulation is possible for SEV guests if and only if a prefilled

	 * success (and in practice it will work the vast majority of the time).

	 */

	if (unlikely(!insn)) {

		if (!(emul_type & EMULTYPE_SKIP))

		if (emul_type & EMULTYPE_SKIP)

			return X86EMUL_UNHANDLEABLE;

		kvm_queue_exception(vcpu, UD_VECTOR);

		return false;

		return X86EMUL_PROPAGATE_FAULT;

	}

	/*

	 * table used to translate CS:RIP resides in emulated MMIO.

	 */

	if (likely(insn_len))

		return true;

		return X86EMUL_CONTINUE;

	/*

	 * Detect and workaround Errata 1096 Fam_17h_00_0Fh.

			kvm_inject_gp(vcpu, 0);

		else

			kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);

		return X86EMUL_PROPAGATE_FAULT;

	}

resume_guest:

	 * doesn't explicitly define "ignored", i.e. doing nothing and letting

	 * the guest spin is technically "ignoring" the access.

	 */

	return false;

	return X86EMUL_RETRY_INSTR;

}

static bool svm_apic_init_signal_blocked(struct kvm_vcpu *vcpu)

	.vm_copy_enc_context_from = sev_vm_copy_enc_context_from,

	.vm_move_enc_context_from = sev_vm_move_enc_context_from,

	.can_emulate_instruction = svm_can_emulate_instruction,

	.check_emulate_instruction = svm_check_emulate_instruction,

	.apic_init_signal_blocked = svm_apic_init_signal_blocked,

	return 0;

}

static bool vmx_can_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type,

static int vmx_check_emulate_instruction(struct kvm_vcpu *vcpu, int emul_type,

					 void *insn, int insn_len)

{

	/*

	 */

	if (to_vmx(vcpu)->exit_reason.enclave_mode) {

		kvm_queue_exception(vcpu, UD_VECTOR);

		return false;

		return X86EMUL_PROPAGATE_FAULT;

	}

	return true;

	return X86EMUL_CONTINUE;

}

static int skip_emulated_instruction(struct kvm_vcpu *vcpu)

{

	gpa_t gpa;

	if (!vmx_can_emulate_instruction(vcpu, EMULTYPE_PF, NULL, 0))

	if (vmx_check_emulate_instruction(vcpu, EMULTYPE_PF, NULL, 0))

		return 1;

	/*

	.enable_smi_window = vmx_enable_smi_window,

#endif

	.can_emulate_instruction = vmx_can_emulate_instruction,

	.check_emulate_instruction = vmx_check_emulate_instruction,

	.apic_init_signal_blocked = vmx_apic_init_signal_blocked,

	.migrate_timers = vmx_migrate_timers,

}

EXPORT_SYMBOL_GPL(kvm_write_guest_virt_system);

static int kvm_can_emulate_insn(struct kvm_vcpu *vcpu, int emul_type,

static int kvm_check_emulate_insn(struct kvm_vcpu *vcpu, int emul_type,

				  void *insn, int insn_len)

{

	return static_call(kvm_x86_can_emulate_instruction)(vcpu, emul_type,

	return static_call(kvm_x86_check_emulate_instruction)(vcpu, emul_type,

							      insn, insn_len);

}

	int emul_type = EMULTYPE_TRAP_UD;

	char sig[5]; /* ud2; .ascii "kvm" */

	struct x86_exception e;

	int r;

	if (unlikely(!kvm_can_emulate_insn(vcpu, emul_type, NULL, 0)))

	r = kvm_check_emulate_insn(vcpu, emul_type, NULL, 0);

	if (r != X86EMUL_CONTINUE)

		return 1;

	if (fep_flags &&

	struct x86_emulate_ctxt *ctxt = vcpu->arch.emulate_ctxt;

	bool writeback = true;

	if (unlikely(!kvm_can_emulate_insn(vcpu, emulation_type, insn, insn_len)))

	r = kvm_check_emulate_insn(vcpu, emulation_type, insn, insn_len);

	if (r != X86EMUL_CONTINUE) {

		if (r == X86EMUL_RETRY_INSTR || r == X86EMUL_PROPAGATE_FAULT)

			return 1;

		WARN_ON_ONCE(r != X86EMUL_UNHANDLEABLE);

		return handle_emulation_failure(vcpu, emulation_type);

	}

	vcpu->arch.l1tf_flush_l1d = true;

	if (!(emulation_type & EMULTYPE_NO_DECODE)) {