| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250401113616.204203-14-Neeraj.Upadhyay@amd.com>
Date: Tue, 1 Apr 2025 17:06:12 +0530
From: Neeraj Upadhyay <Neeraj.Upadhyay@....com>
To: <linux-kernel@...r.kernel.org>
CC: <bp@...en8.de>, <tglx@...utronix.de>, <mingo@...hat.com>,
<dave.hansen@...ux.intel.com>, <Thomas.Lendacky@....com>, <nikunj@....com>,
<Santosh.Shukla@....com>, <Vasant.Hegde@....com>,
<Suravee.Suthikulpanit@....com>, <David.Kaplan@....com>, <x86@...nel.org>,
<hpa@...or.com>, <peterz@...radead.org>, <seanjc@...gle.com>,
<pbonzini@...hat.com>, <kvm@...r.kernel.org>,
<kirill.shutemov@...ux.intel.com>, <huibo.wang@....com>,
<naveen.rao@....com>, <francescolavra.fl@...il.com>
Subject: [PATCH v3 13/17] x86/apic: Handle EOI writes for SAVIC guests
Secure AVIC accelerates guest's EOI msr writes for edge-triggered
interrupts. For level-triggered interrupts, EOI msr writes trigger
VC exception with SVM_EXIT_AVIC_UNACCELERATED_ACCESS error code. The
VC handler would need to trigger a GHCB protocol MSR write event to
to notify the Hypervisor about completion of the level-triggered
interrupt. This is required for cases like emulated IOAPIC. VC exception
handling adds extra performance overhead for APIC register write. In
addition, some unaccelerated APIC register msr writes are trapped,
whereas others are faulted. This results in additional complexity in
VC exception handling for unacclerated accesses. So, directly do a GHCB
protocol based EOI write from apic->eoi() callback for level-triggered
interrupts. Use wrmsr for edge-triggered interrupts, so that hardware
re-evaluates any pending interrupt which can be delivered to guest vCPU.
For level-triggered interrupts, re-evaluation happens on return from
VMGEXIT corresponding to the GHCB event for EOI msr write.
Signed-off-by: Neeraj Upadhyay <Neeraj.Upadhyay@....com>
---
Changes since v2:
- Reuse find_highest_vector() from kvm/lapic.c
- Misc cleanups.
arch/x86/include/asm/apic-emul.h | 28 +++++++++++++
arch/x86/kernel/apic/x2apic_savic.c | 62 +++++++++++++++++++++++++----
arch/x86/kvm/lapic.c | 23 ++---------
3 files changed, 85 insertions(+), 28 deletions(-)
create mode 100644 arch/x86/include/asm/apic-emul.h
diff --git a/arch/x86/include/asm/apic-emul.h b/arch/x86/include/asm/apic-emul.h
new file mode 100644
index 000000000000..60d9e88fefc6
--- /dev/null
+++ b/arch/x86/include/asm/apic-emul.h
@@ -0,0 +1,28 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef _ASM_X86_APIC_EMUL_H
+#define _ASM_X86_APIC_EMUL_H
+
+#define MAX_APIC_VECTOR 256
+#define APIC_VECTORS_PER_REG 32
+
+static inline int apic_find_highest_vector(void *bitmap)
+{
+ unsigned int regno;
+ unsigned int vec;
+ u32 *reg;
+
+ /*
+ * The registers int the bitmap are 32-bit wide and 16-byte
+ * aligned. State of a vector is stored in a single bit.
+ */
+ for (regno = MAX_APIC_VECTOR / APIC_VECTORS_PER_REG - 1; regno >= 0; regno--) {
+ vec = regno * APIC_VECTORS_PER_REG;
+ reg = bitmap + regno * 16;
+ if (*reg)
+ return __fls(*reg) + vec;
+ }
+
+ return -1;
+}
+
+#endif /* _ASM_X86_APIC_EMUL_H */
diff --git a/arch/x86/kernel/apic/x2apic_savic.c b/arch/x86/kernel/apic/x2apic_savic.c
index 4adb9cad0a0c..9e2a9bdb0762 100644
--- a/arch/x86/kernel/apic/x2apic_savic.c
+++ b/arch/x86/kernel/apic/x2apic_savic.c
@@ -13,6 +13,7 @@
#include <linux/align.h>
#include <asm/apic.h>
+#include <asm/apic-emul.h>
#include <asm/sev.h>
#include "local.h"
@@ -49,20 +50,27 @@ static __always_inline void set_reg(unsigned int offset, u32 val)
WRITE_ONCE(this_cpu_ptr(apic_page)->regs[offset >> 2], val);
}
-#define SAVIC_ALLOWED_IRR 0x204
-
-static inline void update_vector(unsigned int cpu, unsigned int offset,
- unsigned int vector, bool set)
+static inline unsigned long *get_reg_bitmap(unsigned int cpu, unsigned int offset)
{
struct apic_page *ap = per_cpu_ptr(apic_page, cpu);
- unsigned long *reg = (unsigned long *) &ap->bytes[offset];
- unsigned int bit;
+ return (unsigned long *) &ap->bytes[offset];
+}
+
+static inline unsigned int get_vec_bit(unsigned int vector)
+{
/*
* The registers are 32-bit wide and 16-byte aligned.
* Compensate for the resulting bit number spacing.
*/
- bit = vector + 96 * (vector / 32);
+ return vector + 96 * (vector / 32);
+}
+
+static inline void update_vector(unsigned int cpu, unsigned int offset,
+ unsigned int vector, bool set)
+{
+ unsigned long *reg = get_reg_bitmap(cpu, offset);
+ unsigned int bit = get_vec_bit(vector);
if (set)
set_bit(bit, reg);
@@ -70,6 +78,16 @@ static inline void update_vector(unsigned int cpu, unsigned int offset,
clear_bit(bit, reg);
}
+static inline bool test_vector(unsigned int cpu, unsigned int offset, unsigned int vector)
+{
+ unsigned long *reg = get_reg_bitmap(cpu, offset);
+ unsigned int bit = get_vec_bit(vector);
+
+ return test_bit(bit, reg);
+}
+
+#define SAVIC_ALLOWED_IRR 0x204
+
static u32 x2apic_savic_read(u32 reg)
{
/*
@@ -374,6 +392,34 @@ static int x2apic_savic_probe(void)
return 1;
}
+static void x2apic_savic_eoi(void)
+{
+ unsigned int cpu;
+ int vec;
+
+ cpu = raw_smp_processor_id();
+ vec = apic_find_highest_vector(get_reg_bitmap(cpu, APIC_ISR));
+ if (WARN_ONCE(vec == -1, "EOI write while no active interrupt in APIC_ISR"))
+ return;
+
+ if (test_vector(cpu, APIC_TMR, vec)) {
+ update_vector(cpu, APIC_ISR, vec, false);
+ /*
+ * Propagate the EOI write to hv for level-triggered interrupts.
+ * Return to guest from GHCB protocol event takes care of
+ * re-evaluating interrupt state.
+ */
+ savic_ghcb_msr_write(APIC_EOI, 0);
+ } else {
+ /*
+ * Hardware clears APIC_ISR and re-evaluates the interrupt state
+ * to determine if there is any pending interrupt which can be
+ * delivered to CPU.
+ */
+ native_apic_msr_eoi();
+ }
+}
+
static struct apic apic_x2apic_savic __ro_after_init = {
.name = "secure avic x2apic",
@@ -403,7 +449,7 @@ static struct apic apic_x2apic_savic __ro_after_init = {
.read = x2apic_savic_read,
.write = x2apic_savic_write,
- .eoi = native_apic_msr_eoi,
+ .eoi = x2apic_savic_eoi,
.icr_read = native_x2apic_icr_read,
.icr_write = x2apic_savic_icr_write,
diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index 28e3317124fd..8269af8666b8 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -27,6 +27,7 @@
#include <linux/export.h>
#include <linux/math64.h>
#include <linux/slab.h>
+#include <asm/apic-emul.h>
#include <asm/processor.h>
#include <asm/mce.h>
#include <asm/msr.h>
@@ -55,9 +56,6 @@
/* 14 is the version for Xeon and Pentium 8.4.8*/
#define APIC_VERSION 0x14UL
#define LAPIC_MMIO_LENGTH (1 << 12)
-/* followed define is not in apicdef.h */
-#define MAX_APIC_VECTOR 256
-#define APIC_VECTORS_PER_REG 32
/*
* Enable local APIC timer advancement (tscdeadline mode only) with adaptive
@@ -626,21 +624,6 @@ static const unsigned int apic_lvt_mask[KVM_APIC_MAX_NR_LVT_ENTRIES] = {
[LVT_CMCI] = LVT_MASK | APIC_MODE_MASK
};
-static int find_highest_vector(void *bitmap)
-{
- int vec;
- u32 *reg;
-
- for (vec = MAX_APIC_VECTOR - APIC_VECTORS_PER_REG;
- vec >= 0; vec -= APIC_VECTORS_PER_REG) {
- reg = bitmap + REG_POS(vec);
- if (*reg)
- return __fls(*reg) + vec;
- }
-
- return -1;
-}
-
static u8 count_vectors(void *bitmap)
{
int vec;
@@ -704,7 +687,7 @@ EXPORT_SYMBOL_GPL(kvm_apic_update_irr);
static inline int apic_search_irr(struct kvm_lapic *apic)
{
- return find_highest_vector(apic->regs + APIC_IRR);
+ return apic_find_highest_vector(apic->regs + APIC_IRR);
}
static inline int apic_find_highest_irr(struct kvm_lapic *apic)
@@ -779,7 +762,7 @@ static inline int apic_find_highest_isr(struct kvm_lapic *apic)
if (likely(apic->highest_isr_cache != -1))
return apic->highest_isr_cache;
- result = find_highest_vector(apic->regs + APIC_ISR);
+ result = apic_find_highest_vector(apic->regs + APIC_ISR);
ASSERT(result == -1 || result >= 16);
return result;
--
2.34.1
Powered by blists - more mailing lists