| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20231113022326.24388-7-mic@digikod.net>
Date: Sun, 12 Nov 2023 21:23:13 -0500
From: Mickaël Salaün <mic@...ikod.net>
To: Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
"H . Peter Anvin" <hpa@...or.com>,
Ingo Molnar <mingo@...hat.com>,
Kees Cook <keescook@...omium.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>
Cc: Mickaël Salaün <mic@...ikod.net>,
Alexander Graf <graf@...zon.com>,
Chao Peng <chao.p.peng@...ux.intel.com>,
"Edgecombe, Rick P" <rick.p.edgecombe@...el.com>,
Forrest Yuan Yu <yuanyu@...gle.com>,
James Gowans <jgowans@...zon.com>,
James Morris <jamorris@...ux.microsoft.com>,
John Andersen <john.s.andersen@...el.com>,
"Madhavan T . Venkataraman" <madvenka@...ux.microsoft.com>,
Marian Rotariu <marian.c.rotariu@...il.com>,
Mihai Donțu <mdontu@...defender.com>,
Nicușor Cîțu <nicu.citu@...oud.com>,
Thara Gopinath <tgopinath@...rosoft.com>,
Trilok Soni <quic_tsoni@...cinc.com>,
Wei Liu <wei.liu@...nel.org>,
Will Deacon <will@...nel.org>,
Yu Zhang <yu.c.zhang@...ux.intel.com>,
Zahra Tarkhani <ztarkhani@...rosoft.com>,
Ștefan Șicleru <ssicleru@...defender.com>,
dev@...ts.cloudhypervisor.org,
kvm@...r.kernel.org,
linux-hardening@...r.kernel.org,
linux-hyperv@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
qemu-devel@...gnu.org,
virtualization@...ts.linux-foundation.org,
x86@...nel.org,
xen-devel@...ts.xenproject.org
Subject: [RFC PATCH v2 06/19] KVM: x86: Add kvm_x86_ops.fault_gva()
This function is needed for kvm_mmu_page_fault() to create synthetic
page faults.
Code originally written by Mihai Donțu and Nicușor Cîțu:
https://lore.kernel.org/r/20211006173113.26445-18-alazar@bitdefender.com
Renamed fault_gla() to fault_gva() and use the new
EPT_VIOLATION_GVA_IS_VALID.
Cc: Borislav Petkov <bp@...en8.de>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: H. Peter Anvin <hpa@...or.com>
Cc: Ingo Molnar <mingo@...hat.com>
Cc: Kees Cook <keescook@...omium.org>
Cc: Madhavan T. Venkataraman <madvenka@...ux.microsoft.com>
Cc: Paolo Bonzini <pbonzini@...hat.com>
Cc: Sean Christopherson <seanjc@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Vitaly Kuznetsov <vkuznets@...hat.com>
Cc: Wanpeng Li <wanpengli@...cent.com>
Co-developed-by: Mihai Donțu <mdontu@...defender.com>
Signed-off-by: Mihai Donțu <mdontu@...defender.com>
Co-developed-by: Nicușor Cîțu <nicu.citu@...oud.com>
Signed-off-by: Nicușor Cîțu <nicu.citu@...oud.com>
Signed-off-by: Mickaël Salaün <mic@...ikod.net>
---
arch/x86/include/asm/kvm-x86-ops.h | 1 +
arch/x86/include/asm/kvm_host.h | 2 ++
arch/x86/kvm/svm/svm.c | 9 +++++++++
arch/x86/kvm/vmx/vmx.c | 10 ++++++++++
4 files changed, 22 insertions(+)
diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h
index e3054e3e46d5..ba3db679db2b 100644
--- a/arch/x86/include/asm/kvm-x86-ops.h
+++ b/arch/x86/include/asm/kvm-x86-ops.h
@@ -134,6 +134,7 @@ KVM_X86_OP(msr_filter_changed)
KVM_X86_OP(complete_emulated_msr)
KVM_X86_OP(vcpu_deliver_sipi_vector)
KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons);
+KVM_X86_OP(fault_gva)
#undef KVM_X86_OP
#undef KVM_X86_OP_OPTIONAL
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index dff10051e9b6..0415dacd4b28 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -1750,6 +1750,8 @@ struct kvm_x86_ops {
* Returns vCPU specific APICv inhibit reasons
*/
unsigned long (*vcpu_get_apicv_inhibit_reasons)(struct kvm_vcpu *vcpu);
+
+ u64 (*fault_gva)(struct kvm_vcpu *vcpu);
};
struct kvm_x86_nested_ops {
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index beea99c8e8e0..d32517a2cf9c 100644
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4906,6 +4906,13 @@ static int svm_vm_init(struct kvm *kvm)
return 0;
}
+static u64 svm_fault_gva(struct kvm_vcpu *vcpu)
+{
+ const struct vcpu_svm *svm = to_svm(vcpu);
+
+ return svm->vcpu.arch.cr2 ? svm->vcpu.arch.cr2 : ~0ull;
+}
+
static struct kvm_x86_ops svm_x86_ops __initdata = {
.name = KBUILD_MODNAME,
@@ -5037,6 +5044,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata = {
.vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector,
.vcpu_get_apicv_inhibit_reasons = avic_vcpu_get_apicv_inhibit_reasons,
+
+ .fault_gva = svm_fault_gva,
};
/*
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index 1b1581f578b0..a8158bc1dda9 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -8233,6 +8233,14 @@ static void vmx_vm_destroy(struct kvm *kvm)
free_pages((unsigned long)kvm_vmx->pid_table, vmx_get_pid_table_order(kvm));
}
+static u64 vmx_fault_gva(struct kvm_vcpu *vcpu)
+{
+ if (vcpu->arch.exit_qualification & EPT_VIOLATION_GVA_IS_VALID)
+ return vmcs_readl(GUEST_LINEAR_ADDRESS);
+
+ return ~0ull;
+}
+
static struct kvm_x86_ops vmx_x86_ops __initdata = {
.name = KBUILD_MODNAME,
@@ -8373,6 +8381,8 @@ static struct kvm_x86_ops vmx_x86_ops __initdata = {
.complete_emulated_msr = kvm_complete_insn_gp,
.vcpu_deliver_sipi_vector = kvm_vcpu_deliver_sipi_vector,
+
+ .fault_gva = vmx_fault_gva,
};
static unsigned int vmx_handle_intel_pt_intr(void)
--
2.42.1
Powered by blists - more mailing lists