| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Feb 2022 16:44:05 +0200
From: Maxim Levitsky <mlevitsk@...hat.com>
To: Zeng Guang <guang.zeng@...el.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
Vitaly Kuznetsov <vkuznets@...hat.com>,
Wanpeng Li <wanpengli@...cent.com>,
Jim Mattson <jmattson@...gle.com>,
Joerg Roedel <joro@...tes.org>, kvm@...r.kernel.org,
Dave Hansen <dave.hansen@...ux.intel.com>,
Tony Luck <tony.luck@...el.com>,
Kan Liang <kan.liang@...ux.intel.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>,
Kim Phillips <kim.phillips@....com>,
Jarkko Sakkinen <jarkko@...nel.org>,
Jethro Beekman <jethro@...tanix.com>,
Kai Huang <kai.huang@...el.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Robert Hu <robert.hu@...el.com>, Gao Chao <chao.gao@...el.com>
Subject: Re: [PATCH v6 5/9] KVM: x86: Add support for vICR APIC-write
VM-Exits in x2APIC mode
On Fri, 2022-02-25 at 16:22 +0800, Zeng Guang wrote:
> Upcoming Intel CPUs will support virtual x2APIC MSR writes to the vICR,
> i.e. will trap and generate an APIC-write VM-Exit instead of intercepting
> the WRMSR. Add support for handling "nodecode" x2APIC writes, which
> were previously impossible.
>
> Note, x2APIC MSR writes are 64 bits wide.
>
> Signed-off-by: Zeng Guang <guang.zeng@...el.com>
> ---
> arch/x86/kvm/lapic.c | 25 ++++++++++++++++++++++---
> 1 file changed, 22 insertions(+), 3 deletions(-)
>
> diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
> index 629c116b0d3e..e4bcdab1fac0 100644
> --- a/arch/x86/kvm/lapic.c
> +++ b/arch/x86/kvm/lapic.c
> @@ -67,6 +67,7 @@ static bool lapic_timer_advance_dynamic __read_mostly;
> #define LAPIC_TIMER_ADVANCE_NS_MAX 5000
> /* step-by-step approximation to mitigate fluctuation */
> #define LAPIC_TIMER_ADVANCE_ADJUST_STEP 8
> +static int kvm_lapic_msr_read(struct kvm_lapic *apic, u32 reg, u64 *data);
>
> static inline void __kvm_lapic_set_reg(char *regs, int reg_off, u32 val)
> {
> @@ -2227,10 +2228,28 @@ EXPORT_SYMBOL_GPL(kvm_lapic_set_eoi);
> /* emulate APIC access in a trap manner */
> void kvm_apic_write_nodecode(struct kvm_vcpu *vcpu, u32 offset)
> {
> - u32 val = kvm_lapic_get_reg(vcpu->arch.apic, offset);
> + struct kvm_lapic *apic = vcpu->arch.apic;
> + u64 val;
> +
> + if (apic_x2apic_mode(apic)) {
> + /*
> + * When guest APIC is in x2APIC mode and IPI virtualization
> + * is enabled, accessing APIC_ICR may cause trap-like VM-exit
> + * on Intel hardware. Other offsets are not possible.
> + */
> + if (WARN_ON_ONCE(offset != APIC_ICR))
> + return;
>
> - /* TODO: optimize to just emulate side effect w/o one more write */
> - kvm_lapic_reg_write(vcpu->arch.apic, offset, val);
> + kvm_lapic_msr_read(apic, offset, &val);
> + if (val & APIC_ICR_BUSY)
> + kvm_x2apic_icr_write(apic, val);
> + else
> + kvm_apic_send_ipi(apic, (u32)val, (u32)(val >> 32));
I don't fully understand the above code.
First of where kvm_x2apic_icr_write is defined?
Second, I thought that busy bit is not used in x2apic mode?
At least in intel's SDM, section 10.12.9 'ICR Operation in x2APIC Mode'
this bit is not defined.
Best regards,
Maxim Levitsky
> + } else {
> + val = kvm_lapic_get_reg(apic, offset);
> + /* TODO: optimize to just emulate side effect w/o one more write */
> + kvm_lapic_reg_write(apic, offset, (u32)val);
> + }
> }
> EXPORT_SYMBOL_GPL(kvm_apic_write_nodecode);
>
Powered by blists - more mailing lists