lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 18 Jul 2022 03:39:13 -0500
From:   Suravee Suthikulpanit <suravee.suthikulpanit@....com>
To:     <linux-kernel@...r.kernel.org>, <kvm@...r.kernel.org>
CC:     <pbonzini@...hat.com>, <mlevitsk@...hat.com>, <seanjc@...gle.com>,
        <jon.grimm@....com>,
        Suravee Suthikulpanit <suravee.suthikulpanit@....com>,
        Zeng Guang <guang.zeng@...el.com>
Subject: [PATCH] KVM: x86: Do not block APIC write for non ICR registers

The commit 5413bcba7ed5 ("KVM: x86: Add support for vICR APIC-write
VM-Exits in x2APIC mode") introduces logic to prevent APIC write
for offset other than ICR. This breaks x2AVIC support, which requires
KVM to trap and emulate x2APIC MSR writes.

Therefore, removes the warning and modify to logic to allow MSR write.

Fixes: 5413bcba7ed5 ("KVM: x86: Add support for vICR APIC-write VM-Exits in x2APIC mode")
Cc: Zeng Guang <guang.zeng@...el.com>
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@....com>
---
 arch/x86/kvm/lapic.c | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index 9d4f73c4dc02..f688090d98b0 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -69,6 +69,7 @@ static bool lapic_timer_advance_dynamic __read_mostly;
 /* step-by-step approximation to mitigate fluctuation */
 #define LAPIC_TIMER_ADVANCE_ADJUST_STEP 8
 static int kvm_lapic_msr_read(struct kvm_lapic *apic, u32 reg, u64 *data);
+static int kvm_lapic_msr_write(struct kvm_lapic *apic, u32 reg, u64 data);
 
 static inline void __kvm_lapic_set_reg(char *regs, int reg_off, u32 val)
 {
@@ -2284,17 +2285,23 @@ void kvm_apic_write_nodecode(struct kvm_vcpu *vcpu, u32 offset)
 	u64 val;
 
 	if (apic_x2apic_mode(apic)) {
+		kvm_lapic_msr_read(apic, offset, &val);
+
 		/*
 		 * When guest APIC is in x2APIC mode and IPI virtualization
 		 * is enabled, accessing APIC_ICR may cause trap-like VM-exit
 		 * on Intel hardware. Other offsets are not possible.
+		 *
+		 * For AMD AVIC, write to some APIC registers can cause
+		 * trap-like VM-exit (see arch/x86/kvm/svm/avic.c:
+		 * avic_unaccel_trap_write()).
 		 */
-		if (WARN_ON_ONCE(offset != APIC_ICR))
+		if (offset == APIC_ICR) {
+			kvm_apic_send_ipi(apic, (u32)val, (u32)(val >> 32));
+			trace_kvm_apic_write(APIC_ICR, val);
 			return;
-
-		kvm_lapic_msr_read(apic, offset, &val);
-		kvm_apic_send_ipi(apic, (u32)val, (u32)(val >> 32));
-		trace_kvm_apic_write(APIC_ICR, val);
+		}
+		kvm_lapic_msr_write(apic, offset, val);
 	} else {
 		val = kvm_lapic_get_reg(apic, offset);
 
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ