| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Jul 2020 08:43:28 -0700
From: Sean Christopherson <sean.j.christopherson@...el.com>
To: Joerg Roedel <joro@...tes.org>
Cc: Paolo Bonzini <pbonzini@...hat.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, Joerg Roedel <jroedel@...e.de>
Subject: Re: [PATCH 3/4] KVM: SVM: Add GHCB Accessor functions
On Wed, Jul 29, 2020 at 03:22:33PM +0200, Joerg Roedel wrote:
> From: Joerg Roedel <jroedel@...e.de>
>
> Building a correct GHCB for the hypervisor requires setting valid bits
> in the GHCB. Simplify that process by providing accessor functions to
> set values and to update the valid bitmap.
>
> Signed-off-by: Joerg Roedel <jroedel@...e.de>
> ---
> arch/x86/include/asm/svm.h | 61 ++++++++++++++++++++++++++++++++++++++
> 1 file changed, 61 insertions(+)
>
> diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h
> index 9a3e0b802716..0420250b008b 100644
> --- a/arch/x86/include/asm/svm.h
> +++ b/arch/x86/include/asm/svm.h
> @@ -341,4 +341,65 @@ struct __attribute__ ((__packed__)) vmcb {
>
> #define SVM_CR0_SELECTIVE_MASK (X86_CR0_TS | X86_CR0_MP)
>
> +/* GHCB Accessor functions */
> +
> +#define DEFINE_GHCB_INDICES(field) \
> + u16 idx = offsetof(struct vmcb_save_area, field) / 8; \
Using sizeof(u64) instead of '8' would be helpful here.
> + u16 byte_idx = idx / 8; \
> + u16 bit_idx = idx % 8; \
Oof. I love macro frameworks as much as the next person, but declaring
local variables in a macro like this is nasty.
> + BUILD_BUG_ON(byte_idx > ARRAY_SIZE(ghcb->save.valid_bitmap));
> +
> +#define GHCB_SET_VALID(ghcb, field) \
> + { \
> + DEFINE_GHCB_INDICES(field) \
> + (ghcb)->save.valid_bitmap[byte_idx] |= BIT(bit_idx); \
Rather than manually calculate the byte/bit indices just use __set_bit()
and test_bit(). That will also solve the variable declaration issue.
E.g.
#define GHB_BITMAP_IDX(field) \
(offsetof(struct vmcb_save_area, (field)) / sizeof(u64))
#define GHCB_SET_VALID(ghcb, field) \
__set_bit(GHCB_BITMAP_IDX(field), (unsigned long *)&ghcb->save.valid_bitmap)
Or alternatively drop GHCB_SET_VALID() and just open code the two users.
> + }
> +
> +#define DEFINE_GHCB_SETTER(field) \
> + static inline void \
> + ghcb_set_##field(struct ghcb *ghcb, u64 value) \
> + { \
> + GHCB_SET_VALID(ghcb, field) \
> + (ghcb)->save.field = value; \
The ghcb doesn't need to be wrapped in (), it's a parameter to a function.
Same comment for the below usage.
> + }
> +
> +#define DEFINE_GHCB_ACCESSORS(field) \
> + static inline bool ghcb_is_valid_##field(const struct ghcb *ghcb) \
I'd prefer to follow the naming of the arch reg accessors, i.e.
static inline bool ghcb_##field##_is_valid(...)
to pair with
kvm_##lname##_read
kvm_##lname##_write
And because ghcb_is_valid_rip() reads a bit weird, e.g. IMO is more likely
to be read as "does the RIP in the GHCB hold a valid (canonical) value",
versus ghcb_rip_is_valid() reading as "is RIP valid in the GHCB".
> + { \
> + DEFINE_GHCB_INDICES(field) \
> + return !!((ghcb)->save.valid_bitmap[byte_idx] \
> + & BIT(bit_idx)); \
> + } \
> + \
> + static inline void \
> + ghcb_set_##field(struct ghcb *ghcb, u64 value) \
> + { \
> + GHCB_SET_VALID(ghcb, field) \
> + (ghcb)->save.field = value; \
> + }
> +
> +DEFINE_GHCB_ACCESSORS(cpl)
> +DEFINE_GHCB_ACCESSORS(rip)
> +DEFINE_GHCB_ACCESSORS(rsp)
> +DEFINE_GHCB_ACCESSORS(rax)
> +DEFINE_GHCB_ACCESSORS(rcx)
> +DEFINE_GHCB_ACCESSORS(rdx)
> +DEFINE_GHCB_ACCESSORS(rbx)
> +DEFINE_GHCB_ACCESSORS(rbp)
> +DEFINE_GHCB_ACCESSORS(rsi)
> +DEFINE_GHCB_ACCESSORS(rdi)
> +DEFINE_GHCB_ACCESSORS(r8)
> +DEFINE_GHCB_ACCESSORS(r9)
> +DEFINE_GHCB_ACCESSORS(r10)
> +DEFINE_GHCB_ACCESSORS(r11)
> +DEFINE_GHCB_ACCESSORS(r12)
> +DEFINE_GHCB_ACCESSORS(r13)
> +DEFINE_GHCB_ACCESSORS(r14)
> +DEFINE_GHCB_ACCESSORS(r15)
> +DEFINE_GHCB_ACCESSORS(sw_exit_code)
> +DEFINE_GHCB_ACCESSORS(sw_exit_info_1)
> +DEFINE_GHCB_ACCESSORS(sw_exit_info_2)
> +DEFINE_GHCB_ACCESSORS(sw_scratch)
> +DEFINE_GHCB_ACCESSORS(xcr0)
> +
> #endif
> --
> 2.17.1
>
Powered by blists - more mailing lists