| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Feb 2021 16:57:41 -0800
From: Sean Christopherson <seanjc@...gle.com>
To: Paolo Bonzini <pbonzini@...hat.com>,
Jiri Kosina <trivial@...nel.org>
Cc: Sean Christopherson <seanjc@...gle.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH 0/9] KVM: x86: Move common exit handlers to x86.c
The main focus of this series is moving common exit handlers to x86.c,
to avoid duplicate code between SVM and VMX, and also to help prevent
silly divergences between SVM and VMX.
Except for patch 03, which is absolutely grotesque, the changes are
relatively small.
To allow wiring up the common handlers directly to SVM's exit handler
array, patch 03 changes the prototype for SVM's handlers to take @vcpu
instead of @svm. That created a cascade effect where many helpers were
doing pointless conversions from vcpu->svm->vcpu, and cleaning up those
snowballed into a broader purging of svm->vcpu. There are still quite a
few instances of svm->vcpu, but the ones remaining are at least
reasonable. E.g. patterns like this were fairly common (though this was
the most egregious).
static bool svm_get_nmi_mask(struct kvm_vcpu *vcpu)
{
struct vcpu_svm *svm = to_svm(vcpu);
return !!(svm->vcpu.arch.hflags & HF_NMI_MASK);
}
static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked)
{
struct vcpu_svm *svm = to_svm(vcpu);
if (masked) {
svm->vcpu.arch.hflags |= HF_NMI_MASK;
if (!sev_es_guest(svm->vcpu.kvm))
svm_set_intercept(svm, INTERCEPT_IRET);
} else {
svm->vcpu.arch.hflags &= ~HF_NMI_MASK;
if (!sev_es_guest(svm->vcpu.kvm))
svm_clr_intercept(svm, INTERCEPT_IRET);
}
}
This is based on kvm/queue, commit 4edbfa87f4f4 ("KVM: X86: Expose bus lock
debug exception to guest"). It should also apply fairly cleanly on
kvm/nested-svm, commit f8a5f661936a ("KVM: nSVM: Trace VM-Enter consistency
check failures").
Paolo, I based this on kvm/queue under the assumption it can all wait until
5.13. I don't think there's anything urgent here, and the conflicts with
the stuff in kvm/nested-svm are annoying. Let me know if you want me to
rebase anything/all to get something into 5.12, I know 5.12 is a little
light on x86 changes :-D.
Sean Christopherson (9):
KVM: SVM: Move AVIC vCPU kicking snippet to helper function
KVM: SVM: Remove an unnecessary forward declaration
KVM: SVM: Pass @vcpu to exit handlers (and many, many other places)
KVM: nSVM: Add VMLOAD/VMSAVE helper to deduplicate code
KVM: x86: Move XSETBV emulation to common code
KVM: x86: Move trivial instruction-based exit handlers to common code
KVM: x86: Move RDPMC emulation to common code
KVM: SVM: Don't manually emulate RDPMC if nrips=0
KVM: SVM: Skip intercepted PAUSE instructions after emulation
arch/x86/include/asm/kvm_host.h | 9 +-
arch/x86/kvm/svm/avic.c | 57 +--
arch/x86/kvm/svm/nested.c | 119 +++---
arch/x86/kvm/svm/sev.c | 27 +-
arch/x86/kvm/svm/svm.c | 629 ++++++++++++++------------------
arch/x86/kvm/svm/svm.h | 12 +-
arch/x86/kvm/vmx/vmx.c | 74 +---
arch/x86/kvm/x86.c | 62 +++-
8 files changed, 447 insertions(+), 542 deletions(-)
--
2.30.0.365.g02bc693789-goog
Powered by blists - more mailing lists