From nobody Tue Apr 7 23:43:59 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass(p=quarantine dis=none) header.from=amd.com ARC-Seal: i=2; a=rsa-sha256; t=1773239274; cv=pass; d=zohomail.com; s=zohoarc; b=W7isUHCs8p2rKhjKdb0LY9Gkz3HWlO6q1FrYSJg++eC7YKGwzfO27dX91+uq9+BhnPTevQFq0DBYOAGahODPsyWC6QaUjUbqtxsTO17paTkuCz1XfZzoLYC8CotMYjDmJcnwrCZsiCv3SjGbB/vcExsYmhT2Tqs+pSoepSm3J4w= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1773239274; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=F9MIEfn09tg7aPNeCKXTNnjlwWiDP/C9u8yiYjGcYfU=; b=gcaGjYMEoTY7/D6P/Z5cm0ovU7b18y2ljUKNoN6zcUaI/jiqyB8mmPE4yv0In62/TZMGVnWfv4SdvIKNKSOApKLp+TEyCGGotMDP1E/wvUmlBpYy3SBjCr+L4laPesfOs6JqTVdnUamQT6Slkko0T+PLpobAaNr+plXs4d88Irk= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1773239274344284.14350810937265; Wed, 11 Mar 2026 07:27:54 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1251171.1548414 (Exim 4.92) (envelope-from ) id 1w0KXA-0008KR-KT; Wed, 11 Mar 2026 14:27:36 +0000 Received: by outflank-mailman (output) from mailman id 1251171.1548414; Wed, 11 Mar 2026 14:27:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1w0KXA-0008KI-HU; Wed, 11 Mar 2026 14:27:36 +0000 Received: by outflank-mailman (input) for mailman id 1251171; Wed, 11 Mar 2026 14:27:35 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1w0KX9-00087A-G6 for xen-devel@lists.xenproject.org; Wed, 11 Mar 2026 14:27:35 +0000 Received: from SN4PR0501CU005.outbound.protection.outlook.com (mail-southcentralusazlp170110003.outbound.protection.outlook.com [2a01:111:f403:c10d::3]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 716ee96f-1d56-11f1-b164-2bf370ae4941; Wed, 11 Mar 2026 15:27:34 +0100 (CET) Received: from SN7PR18CA0008.namprd18.prod.outlook.com (2603:10b6:806:f3::32) by DS0PR12MB6437.namprd12.prod.outlook.com (2603:10b6:8:cb::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9700.11; Wed, 11 Mar 2026 14:27:28 +0000 Received: from SA2PEPF0000150B.namprd04.prod.outlook.com (2603:10b6:806:f3:cafe::5c) by SN7PR18CA0008.outlook.office365.com (2603:10b6:806:f3::32) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9678.27 via Frontend Transport; Wed, 11 Mar 2026 14:27:28 +0000 Received: from satlexmb07.amd.com (165.204.84.17) by SA2PEPF0000150B.mail.protection.outlook.com (10.167.242.43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9678.18 via Frontend Transport; Wed, 11 Mar 2026 14:27:27 +0000 Received: from xcbagarciav01.xilinx.com (10.180.168.240) by satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Wed, 11 Mar 2026 09:27:25 -0500 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 716ee96f-1d56-11f1-b164-2bf370ae4941 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=wO1VSRZQxNiG3dKFQJ0Y12kyqCUDIT33gpnT4vlm60Y7vYXbbhADDo+bT2eZ8bkv/gmN7JyNppbxW9atrgBtdq1n0CWyhOCc536aEj6SoEpuPisXQWHNzy1+kxg7b30ne1MYL5CVuWN2jBbaqutaY+vzIVfssdzlnfYWII9sq8Oxp3BOFBY1wDeNsHFognJhdAU4Ro9nlJpHe9lD/pbwE/qlepeHvTLAObjN4VeCHY7U4b7Kgy2LqIUOQgQFeCv81ts+ztOMDMDitGoVoIPbiznmdHehkgM/wepIJ2oIPC5W0+M4BjCvWwjDI21/K0fmPWeLl1PxPtHwmNlyf1uwuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=F9MIEfn09tg7aPNeCKXTNnjlwWiDP/C9u8yiYjGcYfU=; b=R9HpJPRloPHphkMOEeZViEYeadn4WjtHSJaY/oE52TZ77QHnt8uLw2b4/P20XI5A2nZUmV31twVQu+aHiHmClxPUxj0qyeDaARXDdVnKFt4RcccR36nYAdrzd02lnlW3co1SDZcWBTM7jHOMbE4xuw0dBnU1cFHcqbwbZpzcVTE5z8S17TxSi2jB2UZaEBK0/JnRuid5ltWhWu/QtbOSdui7a0++BtwM1SAahkV6JINHINPQ/mrBPng7n8xSl4pbcZX/zNCGQM52QqaXf5ozOmEP2AAbNSiyBxKCHJPPTR6XG7O67S6b2Z/guFu0agXlBsdYhhVGRMWydW7/CocsCw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F9MIEfn09tg7aPNeCKXTNnjlwWiDP/C9u8yiYjGcYfU=; b=DjNe1fap8LsWv1BF1m+RImUlVEhtgk1j3EhdWK19h3xQiSWChWVNG8S3TV54tEpvmqhpBXIMVH+zlWUcvnu3pdI3XoJUWM052rQ1GPCRiRgNRXyoWdSKAXPWTmLFN5xBROwPtTpc/BpyPCIpVBnvxIjWTvhJZFByoRBhFiln+Kk= X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C From: Alejandro Vallejo To: CC: Alejandro Vallejo , Jan Beulich , Andrew Cooper , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Jason Andryuk Subject: [PATCH v4 2/4] x86/hvm: Disable cross-vendor handling in #UD handler Date: Wed, 11 Mar 2026 15:27:05 +0100 Message-ID: <20260311142711.16754-3-alejandro.garciavallejo@amd.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260311142711.16754-1-alejandro.garciavallejo@amd.com> References: <20260311142711.16754-1-alejandro.garciavallejo@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com (10.181.42.216) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SA2PEPF0000150B:EE_|DS0PR12MB6437:EE_ X-MS-Office365-Filtering-Correlation-Id: 9e412c67-49c2-480c-4039-08de7f7a5287 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|1800799024|36860700016|56012099003|18002099003|22082099003; X-Microsoft-Antispam-Message-Info: +BQHOIlJa7UaHE8e4PpkK5BzL/P1XGTVYKqjQq7lCGMD/Vt7qN5FYqsebOyPJaBFBGC6RVDfZYtVUtRTL1HLgwxECsunjO/c38EXmxV2PlvW/zNtCpg/mH36Es5pq9glDWkuuDve07RpefKuBqhDjl/yfuc21JwWhtm8P8pT5hTMygeyOGnDpn91AAYvxTWho9zPTgR7q9b0A18w2n3ci6lI6y8Hcem80Mw1leoHLGGhiDHgg1fW4UgEvyX2OAPePeiN6MhB0hOk7wMj2m9n7KFW7gByWzP2q0jEWP4WJiJeb8ZNYMELlvd/tHgAq3Si9+V60KCR+/dfSDLAbDxt7KMAioesq8eDcKPYHbmeS/cnkewQgIAvnO1laaEjXQvZKyGyD7gphZHirGBUBwO1CxVUC+LYHH3NnM/0NaC1FACfnSS+6qy6ZZNxCaF5siIXw6ybIdAD96jB1bj/Jiva9XFDTQQ8ycsFOBF6lWkimKiWxEeXNz68kQjprQ4HYkKTSeAFFI/qz6nHxDl7X/pFRo0qSelYe2AQnXm1jY2FtksUigKkRxVQXsfHuPwPFBKr+lf5Z0qYNES/dCAjzENB9Zq2GFjQvhvXhgcuAOkNTYQApqXrPfNbZ697lK96d+vD9BSZ7tqUd3pS4CEUsi2e1Z6Vv3nD97lTuR5RRvpeeh/tILsQT5gdRL6WPwBAHxTt2kfr6dvGxECl/aKM7+g56aA+W6kD31pEjp+5UmRvhLa8qcZ6JFQS9QW1gbKcz+dxsWduTFIuVqubWltzP7zWnw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(82310400026)(1800799024)(36860700016)(56012099003)(18002099003)(22082099003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: ERXY193S6l0R1QhseYNZ0VDAwgWEBWzBS7NWBL+YKGdycS3mZnGi4iOHgz2JWdYefc3oP9wKRBbY4VLkYGuvrO6v6phnN7dHD8chRKIzIz4TpYIJ+byKKYL+jk91KFHBWEd8NZZLciV8bvtHq8isZlxZLoCOECzTfXBnX3AosSN0cP75rJc/0thBm34sApoFH9kSw37ovJqSssgmmTb3Npul0hh903KHAQPC/QgmWrTRPSoM5Ao8Jij43vGfpn3MuF78XgwtZfh1mNYmY2ruqYsZvvCCF4p7eyicjEXJ42s+bJ34tNPUc/yL4mlHylc4MBB15xjBx9o392DOjAOzAF+ev9zEFkwG0roNv3drMAlpo1vHprNBsFLqdxEmMZAlywlVQgH1djGhjy0VP+hXhRjhVDr1B7PpKg1LKSs2fq53TFC7vMtAfQnu6y4R0vFv X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Mar 2026 14:27:27.9893 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9e412c67-49c2-480c-4039-08de7f7a5287 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SA2PEPF0000150B.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6437 X-ZohoMail-DKIM: pass (identity @amd.com) X-ZM-MESSAGEID: 1773239278101154100 Content-Type: text/plain; charset="utf-8" Remove cross-vendor support now that VMs can no longer have a different vendor than the host. While at it, refactor the function to exit early and skip initialising the emulation context when FEP is not enabled. No functional change intended. Signed-off-by: Alejandro Vallejo Reviewed-by: Jan Beulich --- v4: * Reverted refactor of the `walk` variable assignment * Added ASSERT_UNREACHABLE() to the !hvm_fep path. * Moved the `reinject` label to the UNIMPLEMENTED case in the emulator result handler. --- xen/arch/x86/hvm/hvm.c | 73 +++++++++++++++----------------------- xen/arch/x86/hvm/svm/svm.c | 3 +- xen/arch/x86/hvm/vmx/vmx.c | 3 +- 3 files changed, 30 insertions(+), 49 deletions(-) diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 4d37a93c57a..4280acfc074 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -3832,67 +3832,50 @@ int hvm_descriptor_access_intercept(uint64_t exit_i= nfo, return X86EMUL_OKAY; } =20 -static bool cf_check is_cross_vendor( - const struct x86_emulate_state *state, const struct x86_emulate_ctxt *= ctxt) -{ - switch ( ctxt->opcode ) - { - case X86EMUL_OPC(0x0f, 0x05): /* syscall */ - case X86EMUL_OPC(0x0f, 0x34): /* sysenter */ - case X86EMUL_OPC(0x0f, 0x35): /* sysexit */ - return true; - } - - return false; -} - void hvm_ud_intercept(struct cpu_user_regs *regs) { struct vcpu *cur =3D current; - bool should_emulate =3D - cur->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor; struct hvm_emulate_ctxt ctxt; + const struct segment_register *cs =3D &ctxt.seg_reg[x86_seg_cs]; + uint32_t walk; + unsigned long addr; + char sig[5]; /* ud2; .ascii "xen" */ =20 - hvm_emulate_init_once(&ctxt, opt_hvm_fep ? NULL : is_cross_vendor, reg= s); - - if ( opt_hvm_fep ) + if ( !opt_hvm_fep ) { - const struct segment_register *cs =3D &ctxt.seg_reg[x86_seg_cs]; - uint32_t walk =3D ((ctxt.seg_reg[x86_seg_ss].dpl =3D=3D 3) - ? PFEC_user_mode : 0) | PFEC_insn_fetch; - unsigned long addr; - char sig[5]; /* ud2; .ascii "xen" */ - - if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip, - sizeof(sig), hvm_access_insn_fetch, - cs, &addr) && - (hvm_copy_from_guest_linear(sig, addr, sizeof(sig), - walk, NULL) =3D=3D HVMTRANS_okay)= && - (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) =3D=3D 0) ) - { - regs->rip +=3D sizeof(sig); - regs->eflags &=3D ~X86_EFLAGS_RF; - - /* Zero the upper 32 bits of %rip if not in 64bit mode. */ - if ( !(hvm_long_mode_active(cur) && cs->l) ) - regs->rip =3D (uint32_t)regs->rip; + ASSERT_UNREACHABLE(); + goto reinject; + } =20 - add_taint(TAINT_HVM_FEP); + hvm_emulate_init_once(&ctxt, NULL, regs); =20 - should_emulate =3D true; - } - } + walk =3D ((ctxt.seg_reg[x86_seg_ss].dpl =3D=3D 3) + ? PFEC_user_mode : 0) | PFEC_insn_fetch; =20 - if ( !should_emulate ) + if ( hvm_virtual_to_linear_addr(x86_seg_cs, cs, regs->rip, + sizeof(sig), hvm_access_insn_fetch, + cs, &addr) && + (hvm_copy_from_guest_linear(sig, addr, sizeof(sig), + walk, NULL) =3D=3D HVMTRANS_okay) && + (memcmp(sig, "\xf\xb" "xen", sizeof(sig)) =3D=3D 0) ) { - hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC); - return; + regs->rip +=3D sizeof(sig); + regs->eflags &=3D ~X86_EFLAGS_RF; + + /* Zero the upper 32 bits of %rip if not in 64bit mode. */ + if ( !(hvm_long_mode_active(cur) && cs->l) ) + regs->rip =3D (uint32_t)regs->rip; + + add_taint(TAINT_HVM_FEP); } + else + goto reinject; =20 switch ( hvm_emulate_one(&ctxt, VIO_no_completion) ) { case X86EMUL_UNHANDLEABLE: case X86EMUL_UNIMPLEMENTED: + reinject: hvm_inject_hw_exception(X86_EXC_UD, X86_EVENT_NO_EC); break; case X86EMUL_EXCEPTION: diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index 243c41fb13a..20591c4a44f 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -589,8 +589,7 @@ static void cf_check svm_cpuid_policy_changed(struct vc= pu *v) const struct cpu_policy *cp =3D v->domain->arch.cpu_policy; u32 bitmap =3D vmcb_get_exception_intercepts(vmcb); =20 - if ( opt_hvm_fep || - (v->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor)= ) + if ( opt_hvm_fep ) bitmap |=3D (1U << X86_EXC_UD); else bitmap &=3D ~(1U << X86_EXC_UD); diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 82c55f49aea..eda99e268d1 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -803,8 +803,7 @@ static void cf_check vmx_cpuid_policy_changed(struct vc= pu *v) const struct cpu_policy *cp =3D v->domain->arch.cpu_policy; int rc =3D 0; =20 - if ( opt_hvm_fep || - (v->domain->arch.cpuid->x86_vendor !=3D boot_cpu_data.x86_vendor)= ) + if ( opt_hvm_fep ) v->arch.hvm.vmx.exception_bitmap |=3D (1U << X86_EXC_UD); else v->arch.hvm.vmx.exception_bitmap &=3D ~(1U << X86_EXC_UD); --=20 2.43.0