From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 00CA0C4332F for ; Thu, 1 Dec 2022 23:27:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231810AbiLAX1L (ORCPT ); Thu, 1 Dec 2022 18:27:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55678 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231560AbiLAX1F (ORCPT ); Thu, 1 Dec 2022 18:27:05 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFE1A578F1 for ; Thu, 1 Dec 2022 15:27:04 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-352e29ff8c2so31913837b3.21 for ; Thu, 01 Dec 2022 15:27:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=DA91i2oZnY42qV1reMA6fFQYAyKGGbDT6HRfvlU2Axc=; b=dknQcxepnbfWDiba9noWUVCaonlLdg8B/11fnai9Q3F7mag317asvQdsf+FqFF9fd4 YU6VtAXT0iwrRI/BP8oIfrzZ36BYaLecoa0Y+JQWbdR6ND1/pSbs9yG/uIb3zLfB99HR 15iYofue1KKJehKnekWfgNyetv0tN219KR31yZ3OcGv4/JAeBpNwsSBwFIV0ivD6Ehu1 E7lV6r966hKxFtahrqXwdoN7YkcvS/eenu2dh/wg16EfPdX0lqpSxYgUfidTR97UrPzn SEerIUXx6vUxrXpJCoAJqGccyLjb49C80+wqNcmXB0tDuKET6CkPYqMRRrTRc4OvePrg LKAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=DA91i2oZnY42qV1reMA6fFQYAyKGGbDT6HRfvlU2Axc=; b=Iq3gQmzWOzc9vWMzr3mnjI6zcsDHcsQbREKjFQscbUtmYfCtKjVjXQd078Xwi4rBIa sw7M0L+e21fWLZDsvVTNty/BooxhT+J/Vo/2IcxbXaQUb3MLRQRAQpOYnakI4SJF36y1 VBvIrQllIugYq9Dq4i/xkIE2exmNO0mZE8EOTvarXXprS0KYRb2LCu0PWqJ4FvQ2wlDq b70RPEp4wnqLU0YLXwT+57ojDuichPHfWkHKYMTo71yWfMy9lCmU/1NZ5qovx7tyoUa3 zUGscaTuxVcnENS/Wrta4fVx03bY7G7f1/Jd4sw7JdjAZM+ZefsbvmICsdR/Eu+f8SDQ AcYg== X-Gm-Message-State: ANoB5plQZ9P6dR//0KfLxX0SF2rNbaNU+SKaCGrmlbr6k0b/MR+6biPN +8bBXQKg63pH8ZMQeetZ0J8n0VmccvA= X-Google-Smtp-Source: AA0mqf6dkOhcaMQiyxN3fkH601nOEExPewEW+pyile2P+J24RgXs+/6gCa65uTJ+QuTJBaVSe9Q2aACc8oE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:6602:0:b0:6f9:890c:6468 with SMTP id a2-20020a256602000000b006f9890c6468mr12986187ybc.610.1669937223951; Thu, 01 Dec 2022 15:27:03 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:40 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-2-seanjc@google.com> Subject: [PATCH 01/16] x86/reboot: VMCLEAR active VMCSes before emergency reboot From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" VMCLEAR active VMCSes before any emergency reboot, not just if the kernel may kexec into a new kernel after a crash. Per Intel's SDM, the VMX architecture doesn't require the CPU to flush the VMCS cache on INIT. If an emergency reboot doesn't RESET CPUs, cached VMCSes could theoretically be kept and only be written back to memory after the new kernel is booted, i.e. could effectively corrupt memory after reboot. Opportunistically remove the setting of the global pointer to NULL to make checkpatch happy. Cc: Andrew Cooper Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kexec.h | 2 -- arch/x86/include/asm/reboot.h | 2 ++ arch/x86/kernel/crash.c | 31 ------------------------------- arch/x86/kernel/reboot.c | 22 ++++++++++++++++++++++ arch/x86/kvm/vmx/vmx.c | 10 +++------- 5 files changed, 27 insertions(+), 40 deletions(-) diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h index a3760ca796aa..256eee99afc8 100644 --- a/arch/x86/include/asm/kexec.h +++ b/arch/x86/include/asm/kexec.h @@ -208,8 +208,6 @@ int arch_kimage_file_post_load_cleanup(struct kimage *i= mage); #endif #endif =20 -typedef void crash_vmclear_fn(void); -extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; extern void kdump_nmi_shootdown_cpus(void); =20 #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index bc5b4d788c08..2551baec927d 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,6 +25,8 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 =20 +typedef void crash_vmclear_fn(void); +extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; void cpu_emergency_disable_virtualization(void); =20 typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c index 6b8a6aae02e3..7611dd5f90a4 100644 --- a/arch/x86/kernel/crash.c +++ b/arch/x86/kernel/crash.c @@ -48,38 +48,12 @@ struct crash_memmap_data { unsigned int type; }; =20 -/* - * This is used to VMCLEAR all VMCSs loaded on the - * processor. And when loading kvm_intel module, the - * callback function pointer will be assigned. - * - * protected by rcu. - */ -crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss =3D NULL; -EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); - -static inline void cpu_crash_vmclear_loaded_vmcss(void) -{ - crash_vmclear_fn *do_vmclear_operation =3D NULL; - - rcu_read_lock(); - do_vmclear_operation =3D rcu_dereference(crash_vmclear_loaded_vmcss); - if (do_vmclear_operation) - do_vmclear_operation(); - rcu_read_unlock(); -} - #if defined(CONFIG_SMP) && defined(CONFIG_X86_LOCAL_APIC) =20 static void kdump_nmi_callback(int cpu, struct pt_regs *regs) { crash_save_cpu(regs, cpu); =20 - /* - * VMCLEAR VMCSs loaded on all cpus if needed. - */ - cpu_crash_vmclear_loaded_vmcss(); - /* * Disable Intel PT to stop its logging */ @@ -133,11 +107,6 @@ void native_machine_crash_shutdown(struct pt_regs *reg= s) =20 crash_smp_send_stop(); =20 - /* - * VMCLEAR VMCSs loaded on this cpu if needed. - */ - cpu_crash_vmclear_loaded_vmcss(); - cpu_emergency_disable_virtualization(); =20 /* diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index d03c551defcc..299b970e5f82 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -787,6 +787,26 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif =20 +/* + * This is used to VMCLEAR all VMCSs loaded on the + * processor. And when loading kvm_intel module, the + * callback function pointer will be assigned. + * + * protected by rcu. + */ +crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; +EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); + +static inline void cpu_crash_vmclear_loaded_vmcss(void) +{ + crash_vmclear_fn *do_vmclear_operation =3D NULL; + + rcu_read_lock(); + do_vmclear_operation =3D rcu_dereference(crash_vmclear_loaded_vmcss); + if (do_vmclear_operation) + do_vmclear_operation(); + rcu_read_unlock(); +} =20 /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu =3D -1; @@ -798,6 +818,8 @@ int crashing_cpu =3D -1; */ void cpu_emergency_disable_virtualization(void) { + cpu_crash_vmclear_loaded_vmcss(); + cpu_emergency_vmxoff(); cpu_emergency_svm_disable(); } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 39dd3082fcd8..7ea020456dd0 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -41,7 +41,7 @@ #include #include #include -#include +#include #include #include #include @@ -743,7 +743,6 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } =20 -#ifdef CONFIG_KEXEC_CORE static void crash_vmclear_local_loaded_vmcss(void) { int cpu =3D raw_smp_processor_id(); @@ -753,7 +752,6 @@ static void crash_vmclear_local_loaded_vmcss(void) loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); } -#endif /* CONFIG_KEXEC_CORE */ =20 static void __loaded_vmcs_clear(void *arg) { @@ -8528,10 +8526,9 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr =3D false; =20 -#ifdef CONFIG_KEXEC_CORE RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); synchronize_rcu(); -#endif + vmx_cleanup_l1d_flush(); } =20 @@ -8580,10 +8577,9 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } =20 -#ifdef CONFIG_KEXEC_CORE rcu_assign_pointer(crash_vmclear_loaded_vmcss, crash_vmclear_local_loaded_vmcss); -#endif + vmx_check_vmcs12_offsets(); =20 /* --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 796D2C4332F for ; Thu, 1 Dec 2022 23:27:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231862AbiLAX1Q (ORCPT ); Thu, 1 Dec 2022 18:27:16 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55700 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231669AbiLAX1G (ORCPT ); Thu, 1 Dec 2022 18:27:06 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 278B7C936E for ; Thu, 1 Dec 2022 15:27:06 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-360b9418f64so31382377b3.7 for ; Thu, 01 Dec 2022 15:27:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=mFvMnjrU77HgMpRAg1eTYLQtly5wyhFPGsQhVSSbZ5w=; b=V5XJwdVzMPCeeU5F81jrySi2kZlFiOI6k5hfWuJgTghq/nNMqUROcbCoQ2Kw7fcy9X W8O+jP6seA9KJMHoGJ9/YVtFsHsy0cIUOsqkCyq6Oy2MSK0Mnqn40ilb06qPFzmF7Am+ KQL6aiFyJTMBvoRp2nKo8SVAkskXxp1Jo9eYWLZCls/BX3RtbCaly2db/iglPDSr89dy 3vUbQXqsjnv0ir4Ybig8xjQm8VdBRsQYVQDbGy1zqVQ9ThmxiI7FGdbhEd8YSrOdhiZU FSouX07x6UQg5O6eoqeakdiQ4xJ8RbydrwhXPFSYgSPt523CIvApw91KwjJUL2OyCQHy K+OA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=mFvMnjrU77HgMpRAg1eTYLQtly5wyhFPGsQhVSSbZ5w=; b=GZhOOJLWNtXSwP6+IOQPAmgEFZ/Gk1D1iZvbD8zSMNma/hz4tNNYMrx1lYqXNvgNdg CEwknAXY857GHm4TZzNrr0kGlefhjCbJHnVxNOCFPRQbmyNHrIUW7+mQO+tcswRNIsWX HuSNtL95QuYLfcVm84bDz0MBvDOFITHT0BFZ6GRrZ7W+cIJA75TWbSHKYqpe+zEA/0fi SXcGEtgWpzoC7n6UrIqdCbCGPR9gwLrQmFrcB2Y0nqDhqKcyrR4+WFZ2EuIhdOOO/9Gh 7lBq7AB7CYkO47229kWMvhyV85rqs4XBtEnoxA54InLq1AvczMwb8v7dRjlgZSuPMVVQ WPsw== X-Gm-Message-State: ANoB5pmOOKlIMwtQK7z6VJ6tdMl9ZZb4UQn3tOxVlPioeGaIuwMkOTcO /0aYIBimo2b9fuP9CS/njOOdhpuZL68= X-Google-Smtp-Source: AA0mqf79z57qigftfqjOoAwDOx4hLTLhy5rle8a0vTN1wZ6IbqOJ6lc+iRHIpwb69JaoIziFNELYLBkrQDE= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:4483:0:b0:6dc:ade6:e4a7 with SMTP id r125-20020a254483000000b006dcade6e4a7mr56531279yba.640.1669937225380; Thu, 01 Dec 2022 15:27:05 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:41 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-3-seanjc@google.com> Subject: [PATCH 02/16] x86/reboot: Expose VMCS crash hooks if and only if KVM_INTEL is enabled From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Expose the crash/reboot hooks used by KVM to do VMCLEAR+VMXOFF if and only if there's a potential in-tree user, KVM_INTEL. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/reboot.h | 2 ++ arch/x86/kernel/reboot.c | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index 2551baec927d..33c8e911e0de 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,8 +25,10 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 =20 +#if IS_ENABLED(CONFIG_KVM_INTEL) typedef void crash_vmclear_fn(void); extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; +#endif void cpu_emergency_disable_virtualization(void); =20 typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 299b970e5f82..6c0b1634b884 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -787,6 +787,7 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif =20 +#if IS_ENABLED(CONFIG_KVM_INTEL) /* * This is used to VMCLEAR all VMCSs loaded on the * processor. And when loading kvm_intel module, the @@ -807,6 +808,7 @@ static inline void cpu_crash_vmclear_loaded_vmcss(void) do_vmclear_operation(); rcu_read_unlock(); } +#endif =20 /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu =3D -1; @@ -818,7 +820,9 @@ int crashing_cpu =3D -1; */ void cpu_emergency_disable_virtualization(void) { +#if IS_ENABLED(CONFIG_KVM_INTEL) cpu_crash_vmclear_loaded_vmcss(); +#endif =20 cpu_emergency_vmxoff(); cpu_emergency_svm_disable(); --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D5198C4332F for ; Thu, 1 Dec 2022 23:27:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231864AbiLAX1V (ORCPT ); Thu, 1 Dec 2022 18:27:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55730 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231743AbiLAX1I (ORCPT ); Thu, 1 Dec 2022 18:27:08 -0500 Received: from mail-pl1-x649.google.com (mail-pl1-x649.google.com [IPv6:2607:f8b0:4864:20::649]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA566C936E for ; Thu, 1 Dec 2022 15:27:07 -0800 (PST) Received: by mail-pl1-x649.google.com with SMTP id b6-20020a170902d50600b00189a5536820so3999136plg.16 for ; Thu, 01 Dec 2022 15:27:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=vAEGWmnkIaZN34ogUmGjDhJYcwm+21Yr0Q/GOJt7SsE=; b=e10rLrq5H4tRsG7RSONr1Pd3P75SakXaOIfcayuGuSZ6bvGnGfPv/7fvWzv/vMg+7c AivT7YnVzAxUudzOW+CmUZCcaBSrPbcyDHmhrV+SMv3LlngXPKcYiarG+ekynwhyY9Dp avGLrSmjQfqAxmGMc2Usq0sUX8wgLB003WCKE/5Edl/j7mNlxhS9grYZzODJFZsoFLlr UXNj9KhRfaMjg4zXHoVINjeHRdawsSdC8e/TIg0gFqd+Yje5ApPbCMSOm/5fW7kt9bvd iXVsbzaWdwaxGNxOOYvkFR2vjx3Vcq/e0jas8nkQaNbq3TV7KhUnhD7xfP7Qei8Vd+6M jvOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vAEGWmnkIaZN34ogUmGjDhJYcwm+21Yr0Q/GOJt7SsE=; b=rR4HcPsEsJtXI3bLvOKZHtiCIH9dR+YGqIPNsYw6A8vOJWfO46krP8Fjv+j8kRQLZQ c0GE2RwB5SPHGA+9pfsM8aujSW7y9CB5xj1K7huzPKv/YfLFxNrCM6bCPXcBL35fqKII y/APDh36mEdQVSvNhD5/OHTWs8VgwV2Msxx6p9qKc3giWUN0lD6D8Si8HZMG66VwOgSS +SL3ExHVm4P/FHi9VKewXCsoJWGgtZt3pWgghjR8U0w+wHgNyQ1Wj/L+sKPCID0rRs6l lRaMIVpZx7TwLclaZRisaivlarqZms6GIrBhDvMor/IDhgpCJtdDgpL3cStzue/IZrmR w2uA== X-Gm-Message-State: ANoB5pkzF3DMFO7BEOSExcr5rAv0fM2RtWaM8omw3MuxV8cpFr1SkzeG mLZAovnA5RorNwjIm6CvRrkJTF8AiCA= X-Google-Smtp-Source: AA0mqf7DRwRAd3vNXDO1D/ZnrZUXZ2HH/PzmnJlXmMkLPxnQWY9lwrVg93IMK+sm/0rU7+321MVzITapx8s= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:43a4:b0:219:1d0a:34a6 with SMTP id r33-20020a17090a43a400b002191d0a34a6mr3023592pjg.1.1669937227185; Thu, 01 Dec 2022 15:27:07 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:42 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-4-seanjc@google.com> Subject: [PATCH 03/16] x86/reboot: Harden virtualization hooks for emergency reboot From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Provide dedicated helpers to (un)register virt hooks used during an emergency crash/reboot, and WARN if there is an attempt to overwrite the registered callback, or an attempt to do an unpaired unregister. Opportunsitically use rcu_assign_pointer() instead of RCU_INIT_POINTER(), mainly so that the set/unset paths are more symmetrical, but also because any performance gains from using RCU_INIT_POINTER() are meaningless for this code. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/reboot.h | 5 +++-- arch/x86/kernel/reboot.c | 30 ++++++++++++++++++++++++------ arch/x86/kvm/vmx/vmx.c | 6 ++---- 3 files changed, 29 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index 33c8e911e0de..1d098a7d329a 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -26,8 +26,9 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_APM 1 =20 #if IS_ENABLED(CONFIG_KVM_INTEL) -typedef void crash_vmclear_fn(void); -extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; +typedef void (cpu_emergency_virt_cb)(void); +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k); #endif void cpu_emergency_disable_virtualization(void); =20 diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 6c0b1634b884..78182b2969db 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -795,17 +795,35 @@ void machine_crash_shutdown(struct pt_regs *regs) * * protected by rcu. */ -crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; -EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); +static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; + +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, callback); +} +EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); + +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) !=3D cal= lback)) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, NULL); + synchronize_rcu(); +} +EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); =20 static inline void cpu_crash_vmclear_loaded_vmcss(void) { - crash_vmclear_fn *do_vmclear_operation =3D NULL; + cpu_emergency_virt_cb *callback; =20 rcu_read_lock(); - do_vmclear_operation =3D rcu_dereference(crash_vmclear_loaded_vmcss); - if (do_vmclear_operation) - do_vmclear_operation(); + callback =3D rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); rcu_read_unlock(); } #endif diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 7ea020456dd0..6e0cc4d03884 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -8526,8 +8526,7 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr =3D false; =20 - RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); - synchronize_rcu(); + cpu_emergency_unregister_virt_callback(crash_vmclear_local_loaded_vmcss); =20 vmx_cleanup_l1d_flush(); } @@ -8577,8 +8576,7 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } =20 - rcu_assign_pointer(crash_vmclear_loaded_vmcss, - crash_vmclear_local_loaded_vmcss); + cpu_emergency_register_virt_callback(crash_vmclear_local_loaded_vmcss); =20 vmx_check_vmcs12_offsets(); =20 --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3C9BAC4321E for ; Thu, 1 Dec 2022 23:27:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231869AbiLAX1Y (ORCPT ); Thu, 1 Dec 2022 18:27:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55782 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231795AbiLAX1K (ORCPT ); Thu, 1 Dec 2022 18:27:10 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA088C9366 for ; Thu, 1 Dec 2022 15:27:09 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-39afd53dcdbso31374777b3.8 for ; Thu, 01 Dec 2022 15:27:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=gWsZ8OEnLV5ymKaFcFmcePQ3bdY8nApK/KZQmQFCIA8=; b=KN+kBu6bWD02SccUwaKTReovA9KttAHlSNVjQiYSWj29bw0KOiCRw/sKqjr/lVMsDF Fs7Tr5euBCRY2XuQF6p7OubZFH+0hwCZaHv6tJRF7NnLpHO6x0G76cQZ+teH+Sqyatke QvK9E0JqQyweeu9vSF3H9lSs4o0oy7nK4o7cGI5MwRQ3LILlUaCVzkwKXXJ4MJxzkYwP 4b+8FdEFgNCMr9gBAWReY4t8hXIKJoDbkTk8M+cpJule4aX29nrdLG+4QNAWps/F6asm XgfYfXc5EIaFHcCMD9VChTb9l77gn/d1UI6XkXoW5ETAbItWPe5FSl2x6tF/ZsgsrOrY qgLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gWsZ8OEnLV5ymKaFcFmcePQ3bdY8nApK/KZQmQFCIA8=; b=X2rqvtGVrcEumMZwjQZO1EVstJny4xBtp8Il5I5Onr6G8hdRelHogRJnUuf9XpWL+7 V36POqzBOZdGlCVckDLcnKn4u4GGAFqmVBLyZ760cfbQiwGOW8obgQcU5CaYboXa8idD XH+r9pddPq3dtukQp3IM9za8CxifitMIvUHTZ9Fh/Y9MMttvx/IeS3MRwbmpYHjWTDbV 5UbDLPna5SgJDAzPxr66QicgVTp6V8YQgwFxBX6IWgAREyx55k1gvpW5rcLO9i6JX8c5 cHOT+Ch3tU63jYHhiefUlI35GxPScCNb8YGmcX3gxnHbWbtntSZAkSsyJPYSe+8n5uFk RnIg== X-Gm-Message-State: ANoB5pmjYJUdKNOVSCGIely5HwL7IQme6tgbf+c/eg40IpRvPrf6yNP+ o1Fyg9gEQ1UlDEGsbe9t/p31yf+Um10= X-Google-Smtp-Source: AA0mqf5maF4Vu0S4xUlcIY8YFxf8gDoFMgorwDnnuu84ndnWGBO3blG1tL2RQ1OFKekagbDVnUSGdnXjp3c= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:af04:0:b0:6de:9623:a2ec with SMTP id a4-20020a25af04000000b006de9623a2ecmr46844162ybh.496.1669937228986; Thu, 01 Dec 2022 15:27:08 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:43 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-5-seanjc@google.com> Subject: [PATCH 04/16] x86/reboot: Assert that IRQs are disabled when turning off virtualization From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Assert that IRQs are disabled when turning off virtualization in an emergency. KVM enables hardware via on_each_cpu(), i.e. could re-enable hardware if a pending IPI were delivered after disabling virtualization. Signed-off-by: Sean Christopherson --- arch/x86/kernel/reboot.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 78182b2969db..40ea16ecb3b8 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -838,6 +838,8 @@ int crashing_cpu =3D -1; */ void cpu_emergency_disable_virtualization(void) { + lockdep_assert_irqs_disabled(); + #if IS_ENABLED(CONFIG_KVM_INTEL) cpu_crash_vmclear_loaded_vmcss(); #endif --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CB532C4332F for ; Thu, 1 Dec 2022 23:27:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231882AbiLAX1b (ORCPT ); Thu, 1 Dec 2022 18:27:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55940 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231708AbiLAX1Q (ORCPT ); Thu, 1 Dec 2022 18:27:16 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74012CA7AF for ; Thu, 1 Dec 2022 15:27:11 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-349423f04dbso31721177b3.13 for ; Thu, 01 Dec 2022 15:27:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=oOjLsBhtQc4Zwk7j8jnMy1RaD3WNvOTCrnpAR6Y5Wh4=; b=iD7DAvdmg/6zF71OGW1W55vNfYRUgmUrzSQ3x+UEEnpmklMmMgQUfTEP1QKNKMSlRX TxjAJfp7C02va3ptgeSSWV94pjJBk1+6p5N1AvvEj2k2S9IHil3K+fjpWRQDEypcl0j/ j8ocO0aDVQ+QsjPt4v69TDSd3UXkBlYv9XKDk9zA79T74/aCGjrFuLNH5IIHtiZbw8kp DRWUreIUMwKrhLY3Lmbubt7OnAPJZZ0DizPcMzAQADuXs8vWwGmX9o7ltMQKioHYfJMD FYstpPF/MfDvZBN6JBFlSsWFdfMXXtd1YSwGg5tndJytuH6jeVnlrEFk42zns1yga60d blLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=oOjLsBhtQc4Zwk7j8jnMy1RaD3WNvOTCrnpAR6Y5Wh4=; b=CezxbrfaN87sQXdfPrqyg8byoCmaZXiSxqQRcwm5fowzmaiNmJ8q0XBjcu2rwT9ZaW +uzeG2yx6jxh5k/vcG3vLk3mrLb1WMyGYQFos43q/sVSt7+GQDX4lX2/l38AinqeP/f4 YG/h9wsFWm94mXekvpwO5MQXUlIjyidVThsNxa+WZ7iRLnexqLzX8tpb7Tg2xJYr1tC+ 5Rpf6mslFijf43TtggCcFu8fPeA2UMsBb1WE4qKVPYN6EXr18J05JosMr63AffQAzbFp /XoGbD4EKze+VOR3cdF9QygdP+LqYDMJlgAcQFNLXivkZPfwLXMIVZvrn2ghwvms0+Kf dIQg== X-Gm-Message-State: ANoB5pnrNRToyPNQRB2kAoB2oS/GVgUfwiHoIUlfrP+U0LirUJpl44CZ 6sMklm22c/6NNr3XHVwMm7UR3vPBclQ= X-Google-Smtp-Source: AA0mqf6e3fI8ZKhR812Q6WWT615sHyFSm1ucZmUC1BB457teQBEMBCmdWiFc6wIBLpE6L5mS6tfUF2fQ+xw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:9e84:0:b0:6dc:a18d:9ee5 with SMTP id p4-20020a259e84000000b006dca18d9ee5mr48977176ybq.88.1669937230726; Thu, 01 Dec 2022 15:27:10 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:44 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-6-seanjc@google.com> Subject: [PATCH 05/16] x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Use KVM VMX's reboot/crash callback to do VMXOFF in an emergency instead of manually and blindly doing VMXOFF. There's no need to attempt VMXOFF if KVM (or some other out-of-tree hypervisor) isn't loaded/active, i.e. if the CPU can't possibly be post-VMXON. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 10 ---------- arch/x86/kernel/reboot.c | 30 +++++++++--------------------- arch/x86/kvm/vmx/vmx.c | 8 +++++--- 3 files changed, 14 insertions(+), 34 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 0acb14806a74..4f61283b1f52 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -70,16 +70,6 @@ static inline void __cpu_emergency_vmxoff(void) cpu_vmxoff(); } =20 -/** Disable VMX if it is supported and enabled on the current CPU - */ -static inline void cpu_emergency_vmxoff(void) -{ - if (cpu_has_vmx()) - __cpu_emergency_vmxoff(); -} - - - =20 /* * SVM functions: diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 40ea16ecb3b8..85ea1fdebf4c 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -788,13 +788,7 @@ void machine_crash_shutdown(struct pt_regs *regs) #endif =20 #if IS_ENABLED(CONFIG_KVM_INTEL) -/* - * This is used to VMCLEAR all VMCSs loaded on the - * processor. And when loading kvm_intel module, the - * callback function pointer will be assigned. - * - * protected by rcu. - */ +/* RCU-protected callback to disable virtualization prior to reboot. */ static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; =20 void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) @@ -815,17 +809,6 @@ void cpu_emergency_unregister_virt_callback(cpu_emerge= ncy_virt_cb *callback) synchronize_rcu(); } EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); - -static inline void cpu_crash_vmclear_loaded_vmcss(void) -{ - cpu_emergency_virt_cb *callback; - - rcu_read_lock(); - callback =3D rcu_dereference(cpu_emergency_virt_callback); - if (callback) - callback(); - rcu_read_unlock(); -} #endif =20 /* This is the CPU performing the emergency shutdown work. */ @@ -841,10 +824,15 @@ void cpu_emergency_disable_virtualization(void) lockdep_assert_irqs_disabled(); =20 #if IS_ENABLED(CONFIG_KVM_INTEL) - cpu_crash_vmclear_loaded_vmcss(); -#endif + cpu_emergency_virt_cb *callback; =20 - cpu_emergency_vmxoff(); + rcu_read_lock(); + callback =3D rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); + rcu_read_unlock(); +#endif + /* KVM_AMD doesn't yet utilize the common callback. */ cpu_emergency_svm_disable(); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 6e0cc4d03884..6f3ade75a670 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -743,7 +743,7 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } =20 -static void crash_vmclear_local_loaded_vmcss(void) +static void vmx_emergency_disable(void) { int cpu =3D raw_smp_processor_id(); struct loaded_vmcs *v; @@ -751,6 +751,8 @@ static void crash_vmclear_local_loaded_vmcss(void) list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); + + __cpu_emergency_vmxoff(); } =20 static void __loaded_vmcs_clear(void *arg) @@ -8526,7 +8528,7 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr =3D false; =20 - cpu_emergency_unregister_virt_callback(crash_vmclear_local_loaded_vmcss); + cpu_emergency_unregister_virt_callback(vmx_emergency_disable); =20 vmx_cleanup_l1d_flush(); } @@ -8576,7 +8578,7 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } =20 - cpu_emergency_register_virt_callback(crash_vmclear_local_loaded_vmcss); + cpu_emergency_register_virt_callback(vmx_emergency_disable); =20 vmx_check_vmcs12_offsets(); =20 --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 96FABC4321E for ; Thu, 1 Dec 2022 23:27:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231886AbiLAX1t (ORCPT ); Thu, 1 Dec 2022 18:27:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56124 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231863AbiLAX1U (ORCPT ); Thu, 1 Dec 2022 18:27:20 -0500 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D836DCC661 for ; Thu, 1 Dec 2022 15:27:12 -0800 (PST) Received: by mail-pj1-x1049.google.com with SMTP id on5-20020a17090b1d0500b0021821a07953so7567251pjb.4 for ; Thu, 01 Dec 2022 15:27:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=N1MKEpLC40vm6+kyhw5xs+CtLNykGWLPO1eTQOZjc3U=; b=GfJDQ/9peKOon7QfuMScKrcJcuXlJoBRDCKCmFSBO1trRWmCwApGQXz1DxOCbQtu/3 Bml2/OASO5LhkfH24P9S8CMso0T48H5ERZZCMnquEISh/5N3YCdSWvIN9vogM77nu7do 1JiFutI9smzRoiX2Xmgn8/FR9FqytQcFoa/ftWaCHX1gXByWXi2MzGFXM5RyGSruj+T4 zpgHhHN+Xr11wpdmxgPwOHkiHSthxQgIuQpf7KAJ1ILeB4m9S2+cGoXynZ0m0yw8Ugbz GVODLTY87cfYie73+3wRWKa1xc0gqkv/xEeLPQBM1DXCuvlAN9k1+NWZLJ456sdiHbXw Uh1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=N1MKEpLC40vm6+kyhw5xs+CtLNykGWLPO1eTQOZjc3U=; b=cl/lYF6kaqcbuKCm26XOCmlY6Bf9KlioSnEDMJtFrqtlhQZAAubQUfISKJ/ScMNJDv WebxHFBFXqrdqd+jf8qv+2vUzayc4rI4LmWf21r0raXUfmpIH0Q7BYG8P/jN2oUWO+Z7 EErE8hSSRfQwxA7sI+vbnmDvXWN5A6MIIJqLJffBdCpkGny9uOSE48dqkwWsu6CIGp6b SzEaLQpIM36X/sIOJ8k3uAJb0RpMWWmRfcPyBh0x2ILsPLXRLyAXZAyvQ9TmAqgJyRCr KB1hwZD9+rNX6mjYcByw3KB7yzv3W18jfbsk9oh5qp9rY9MteZqz2yP5Hl9l4dE/gT/v CYaw== X-Gm-Message-State: ANoB5pl7cp8h9zZtlFEWZu3Tb9Bfb8GBGn0At37esXBraXyCPHcKyY0v XoOU1zFAB2KWqWCDIzNiR6Y/LzG4MOg= X-Google-Smtp-Source: AA0mqf728o14x2qPtbsV/svyt/B0IMOGeXVA6OC8OQvU7e9OrEVnZ5ZliFnbfztRETZFFS+A8vGyIpBzzc0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:a601:b0:189:8001:b54f with SMTP id u1-20020a170902a60100b001898001b54fmr25838795plq.37.1669937232408; Thu, 01 Dec 2022 15:27:12 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:45 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-7-seanjc@google.com> Subject: [PATCH 06/16] x86/reboot: KVM: Disable SVM during reboot via virt/KVM reboot callback From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Use the virt callback to disable SVM (and set GIF=3D1) during an emergency instead of blindly attempting to disable SVM. Like the VMX case, if KVM (or an out-of-tree hypervisor) isn't loaded/active, SVM can't be in use. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/reboot.h | 2 +- arch/x86/include/asm/virtext.h | 8 -------- arch/x86/kernel/reboot.c | 6 ++---- arch/x86/kvm/svm/svm.c | 19 +++++++++++++++++-- 4 files changed, 20 insertions(+), 15 deletions(-) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index 1d098a7d329a..dc2b77e6704b 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,7 +25,7 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 =20 -#if IS_ENABLED(CONFIG_KVM_INTEL) +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) typedef void (cpu_emergency_virt_cb)(void); void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k); diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 4f61283b1f52..97349410c937 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -130,12 +130,4 @@ static inline void cpu_svm_disable(void) } } =20 -/** Makes sure SVM is disabled, if it is supported on the CPU - */ -static inline void cpu_emergency_svm_disable(void) -{ - if (cpu_has_svm(NULL)) - cpu_svm_disable(); -} - #endif /* _ASM_X86_VIRTEX_H */ diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 85ea1fdebf4c..3eec3cdbc054 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -787,7 +787,7 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif =20 -#if IS_ENABLED(CONFIG_KVM_INTEL) +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) /* RCU-protected callback to disable virtualization prior to reboot. */ static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; =20 @@ -823,7 +823,7 @@ void cpu_emergency_disable_virtualization(void) { lockdep_assert_irqs_disabled(); =20 -#if IS_ENABLED(CONFIG_KVM_INTEL) +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) cpu_emergency_virt_cb *callback; =20 rcu_read_lock(); @@ -832,8 +832,6 @@ void cpu_emergency_disable_virtualization(void) callback(); rcu_read_unlock(); #endif - /* KVM_AMD doesn't yet utilize the common callback. */ - cpu_emergency_svm_disable(); } =20 #if defined(CONFIG_SMP) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 46b658d0f46e..d56d5fe42262 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -38,6 +38,7 @@ #include #include #include +#include #include =20 #include @@ -565,6 +566,11 @@ void __svm_write_tsc_multiplier(u64 multiplier) preempt_enable(); } =20 +static void svm_emergency_disable(void) +{ + cpu_svm_disable(); +} + static void svm_hardware_disable(void) { /* Make sure we clean up behind us */ @@ -5084,6 +5090,13 @@ static struct kvm_x86_init_ops svm_init_ops __initda= ta =3D { .pmu_ops =3D &amd_pmu_ops, }; =20 +static void __svm_exit(void) +{ + kvm_x86_vendor_exit(); + + cpu_emergency_unregister_virt_callback(svm_emergency_disable); +} + static int __init svm_init(void) { int r; @@ -5097,6 +5110,8 @@ static int __init svm_init(void) if (r) return r; =20 + cpu_emergency_register_virt_callback(svm_emergency_disable); + /* * Common KVM initialization _must_ come last, after this, /dev/kvm is * exposed to userspace! @@ -5109,14 +5124,14 @@ static int __init svm_init(void) return 0; =20 err_kvm_init: - kvm_x86_vendor_exit(); + __svm_exit(); return r; } =20 static void __exit svm_exit(void) { kvm_exit(); - kvm_x86_vendor_exit(); + __svm_exit(); } =20 module_init(svm_init) --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5324CC4332F for ; Thu, 1 Dec 2022 23:28:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231940AbiLAX15 (ORCPT ); Thu, 1 Dec 2022 18:27:57 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231875AbiLAX10 (ORCPT ); Thu, 1 Dec 2022 18:27:26 -0500 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF709CC64E for ; Thu, 1 Dec 2022 15:27:14 -0800 (PST) Received: by mail-pj1-x1049.google.com with SMTP id l2-20020a17090add8200b00218daa1a812so2952599pjv.3 for ; Thu, 01 Dec 2022 15:27:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=PueUj9DN6y/B+t9EKbOQHEz5+gc+C1Dj1im/eZPScN4=; b=MS4rtQrmXPYim7WgQgTNM4fYna3dJdawLyxdI3gxmMYsAenENi/HoieSKBu4uCq4DY btGKvi4pzD+yD18bJlTr1pY+t7g7c1ZcDRdBWVFw0Ch5PmWQGP5l2BLkQx21HI+ugfze +HgPsEsOcYYQn2TTomEnrZSQL1LG+p1oNm58avOaTcv/nMMpWW8u44c8VlhNcp7hKpnv +1R2r7nqOOjK82AyKFm7xg6vbEeOYD4FEnU7AsGk7L65aC1LdgE+N6a8gBZYv1zrQiZ0 ZT6aQxoincXgbjSvwlt9EuygYRjWnFdbD4gSsVajlwz9bNW2/XvbwVqQ3mb3kXY5jujb BRpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=PueUj9DN6y/B+t9EKbOQHEz5+gc+C1Dj1im/eZPScN4=; b=ooTeUyX5v2uE1KLSVmQaq/ePM+NEI9SsiYJGTcsskFoT1svtzjH7Oafl0cEeoboNb9 xioOPJ7VQnxQjnmr2S4s6eQ1wM9Va3bU0Ln0R2SpfubLiCAMR/joPgHsIJuRd0hHxZRo laqU9L6Px3Gkj3DnIrItdpfwWOTD+SWPlE6CaDkCuTGk1jiPlP7LbqZYM/7vAkqhrsJY 3Pe8/hx1P1f+Hi5qPPjR8laAGHrUNZpnaxubjbr72//OHO3UO8XnUxeUh5jrEV3isncP DvF2SJJ+8hol6ngQYZphdhspMdrpCgPxlA7hOh/BdLugm+siHBL2tfQWhrECUkoifJVb wcVA== X-Gm-Message-State: ANoB5plytlwamOIzWOlNqr8ZBhMGTUVBnKLYlAtr8aNRx5Y+Rx7Cr4d+ 3MuKxVNkrP1M3h7YC/apOcnoiNbM7ng= X-Google-Smtp-Source: AA0mqf5tkYWPCh1BUcoB0u0U/ejTOx5LRiJtDeLILxQsyS796anrXkrYxrmQtli0SxALjOp6WWJHleCTUsc= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a65:60c9:0:b0:470:48c1:aae9 with SMTP id r9-20020a6560c9000000b0047048c1aae9mr43149036pgv.4.1669937234233; Thu, 01 Dec 2022 15:27:14 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:46 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-8-seanjc@google.com> Subject: [PATCH 07/16] x86/reboot: Hoist "disable virt" helpers above "emergency reboot" path From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move the various "disable virtualization" helpers above the emergency reboot path so that emergency_reboot_disable_virtualization() can be stubbed out in a future patch if neither KVM_INTEL nor KVM_AMD is enabled, i.e. if there is no in-tree user of CPU virtualization. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/reboot.h | 4 +- arch/x86/kernel/reboot.c | 86 +++++++++++++++++------------------ 2 files changed, 45 insertions(+), 45 deletions(-) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index dc2b77e6704b..2be5b89c9a05 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -29,8 +29,10 @@ void __noreturn machine_real_restart(unsigned int type); typedef void (cpu_emergency_virt_cb)(void); void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k); -#endif void cpu_emergency_disable_virtualization(void); +#else +static inline void cpu_emergency_disable_virtualization(void) {} +#endif =20 typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); void nmi_panic_self_stop(struct pt_regs *regs); diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 3eec3cdbc054..a006ddaa1405 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -530,6 +530,48 @@ static inline void kb_wait(void) =20 static inline void nmi_shootdown_cpus_on_restart(void); =20 +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) +/* RCU-protected callback to disable virtualization prior to reboot. */ +static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; + +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, callback); +} +EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); + +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) !=3D cal= lback)) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, NULL); + synchronize_rcu(); +} +EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); + +/* + * Disable virtualization, i.e. VMX or SVM, to ensure INIT is recognized d= uring + * reboot. VMX blocks INIT if the CPU is post-VMXON, and SVM blocks INIT = if + * GIF=3D0, i.e. if the crash occurred between CLGI and STGI. + */ +void cpu_emergency_disable_virtualization(void) +{ + cpu_emergency_virt_cb *callback; + + lockdep_assert_irqs_disabled(); + + rcu_read_lock(); + callback =3D rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); + rcu_read_unlock(); +} +#endif /* CONFIG_KVM_INTEL || CONFIG_KVM_AMD */ + static void emergency_reboot_disable_virtualization(void) { /* Just make sure we won't change CPUs while doing this */ @@ -787,53 +829,9 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif =20 -#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) -/* RCU-protected callback to disable virtualization prior to reboot. */ -static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; - -void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) -{ - if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) - return; - - rcu_assign_pointer(cpu_emergency_virt_callback, callback); -} -EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); - -void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k) -{ - if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) !=3D cal= lback)) - return; - - rcu_assign_pointer(cpu_emergency_virt_callback, NULL); - synchronize_rcu(); -} -EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); -#endif - /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu =3D -1; =20 -/* - * Disable virtualization, i.e. VMX or SVM, to ensure INIT is recognized d= uring - * reboot. VMX blocks INIT if the CPU is post-VMXON, and SVM blocks INIT = if - * GIF=3D0, i.e. if the crash occurred between CLGI and STGI. - */ -void cpu_emergency_disable_virtualization(void) -{ - lockdep_assert_irqs_disabled(); - -#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) - cpu_emergency_virt_cb *callback; - - rcu_read_lock(); - callback =3D rcu_dereference(cpu_emergency_virt_callback); - if (callback) - callback(); - rcu_read_unlock(); -#endif -} - #if defined(CONFIG_SMP) =20 static nmi_shootdown_cb shootdown_callback; --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26F25C4332F for ; Thu, 1 Dec 2022 23:28:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231948AbiLAX2C (ORCPT ); Thu, 1 Dec 2022 18:28:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231890AbiLAX1p (ORCPT ); Thu, 1 Dec 2022 18:27:45 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 88F5CC9369 for ; Thu, 1 Dec 2022 15:27:16 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id e202-20020a2550d3000000b006f9d739c724so3283628ybb.6 for ; Thu, 01 Dec 2022 15:27:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=mxnx1olCgpn8Pr+RNzUvtPR2vQ070ZCifbSFVF3Ymvo=; b=cTIoFoh3mPUgLL/QEB0t8d8mxoaMjs0WFC4VTtxM2YNkBjNbFk2j4FQLz7ApkM+Nk6 G33twuelGjD4foWG1Syr5r/C2YpXmkrHPJbJHFQwo/fYv9dfswhlMX9aEbBJFGJzncEq 3Lm4gk+tvERDgIyxTBgBDJjgEiVpOOvYRJueMb4ZvBoPxQJ01/Z7T1bHQF9vQmJTHxQg 0TNYH5tBUnsfkHyU0QHy0D8zV+Gf9OCOyHbo9+/vs2eKSedoZcYnELHQU/24rDLMgxXI w660ch7/tSYm5Pyi29T2Wu83D+3Qs22B/grTMju+6gUumLPHBrDqhvHPBKiY0LhJuQiy 6NbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=mxnx1olCgpn8Pr+RNzUvtPR2vQ070ZCifbSFVF3Ymvo=; b=GSS96IiYDvDD8ZM7fry3ytHO+nJpDGGXxf3cKTwNB5MxQ9/yq5vqT7cLzploS3NNI6 A/5TaT5Fl13PhO5l0dnOtrgPnEw7q8HJaSOiMKplddxATMT//t8nE7Qe3F+vi8Kko2HS ZQrAFl4Q9O4/n6nlJYM+lA4H/vJM52oZGv3L6EpB9l2Z07SRiQy4KfC00qPCV7USJQO4 9juxZ3i2fikO+RvMOV2u2dPfIOuHE+gIDXIcreoplC60rcCdx9wEvlo9Dsl828QgadmH MAlb/8ampaSN39nXnKjB9ES2WY3omJeZMh1EATe7nbVKnjJ2KPHileRzQC7i41TF8QrT 6Mcw== X-Gm-Message-State: ANoB5pmnoodb1eU8AtxhLhrSmUCOp7awEQ9C1PX6MPegujGGEy5SiN/s 4Qa1zYg8pT47Mwi8v6IPnCpoNDxRSWo= X-Google-Smtp-Source: AA0mqf7YorijRGbMLOiJH8OO7bjSUhytkGUCubeB0e+1e9Wx6/ILmXuh7TNQXpI/A6dFp5ks9Z29TaerEmY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:88c6:0:b0:38d:e8f4:c8ba with SMTP id y189-20020a8188c6000000b0038de8f4c8bamr66092474ywf.159.1669937235862; Thu, 01 Dec 2022 15:27:15 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:47 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-9-seanjc@google.com> Subject: [PATCH 08/16] x86/reboot: Disable virtualization during reboot iff callback is registered From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Attempt to disable virtualization during an emergency reboot if and only if there is a registered virt callback, i.e. iff a hypervisor (KVM) is active. If there's no active hypervisor, then the CPU can't be operating with VMX or SVM enabled (barring an egregious bug). Note, IRQs are disabled, which prevents KVM from coming along and enabling virtualization after the fact. Signed-off-by: Sean Christopherson --- arch/x86/kernel/reboot.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index a006ddaa1405..e0dd1b00ba01 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -22,7 +22,6 @@ #include #include #include -#include #include #include #include @@ -570,7 +569,6 @@ void cpu_emergency_disable_virtualization(void) callback(); rcu_read_unlock(); } -#endif /* CONFIG_KVM_INTEL || CONFIG_KVM_AMD */ =20 static void emergency_reboot_disable_virtualization(void) { @@ -587,7 +585,7 @@ static void emergency_reboot_disable_virtualization(voi= d) * Do the NMI shootdown even if virtualization is off on _this_ CPU, as * other CPUs may have virtualization enabled. */ - if (cpu_has_vmx() || cpu_has_svm(NULL)) { + if (rcu_access_pointer(cpu_emergency_virt_callback)) { /* Safely force _this_ CPU out of VMX/SVM operation. */ cpu_emergency_disable_virtualization(); =20 @@ -595,6 +593,9 @@ static void emergency_reboot_disable_virtualization(voi= d) nmi_shootdown_cpus_on_restart(); } } +#else +static void emergency_reboot_disable_virtualization(void) { } +#endif /* CONFIG_KVM_INTEL || CONFIG_KVM_AMD */ =20 =20 void __attribute__((weak)) mach_reboot_fixups(void) --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EEC56C4332F for ; Thu, 1 Dec 2022 23:28:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231890AbiLAX2Y (ORCPT ); Thu, 1 Dec 2022 18:28:24 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57808 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231863AbiLAX1v (ORCPT ); Thu, 1 Dec 2022 18:27:51 -0500 Received: from mail-pl1-x64a.google.com (mail-pl1-x64a.google.com [IPv6:2607:f8b0:4864:20::64a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F686CCFC3 for ; Thu, 1 Dec 2022 15:27:18 -0800 (PST) Received: by mail-pl1-x64a.google.com with SMTP id j18-20020a170902da9200b00189b3b16addso3776350plx.23 for ; Thu, 01 Dec 2022 15:27:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=T4fKy3rsoDeg9TcItgm719DIQWhJRDtEiEGAdRW9bCs=; b=BlKLkceE/MZzKU1chFtrlSK8BRam4GW1b+pEyW8oCQsRojYO+kFKCToEPx4UQQRweG q9MvoW7cjJbdcO4Gv9BYOu4/II6TPltvYOy2zCoxKE4Wr5vZEYObcLExn+/TJqgxLCwR ObMfEyhtP5H8QHkFsRqCNAD3tus2yhawcBHu3bXzcGte0zk1r0YZ4JYi8oLZ9k7LKYRu 5nZQoBma6hoh08WelfwSv5FgVK6G3NAVm2YSRUg7Ev5tR/f1LMXz0szwD0O7ZNnSwhg0 7rEaHiNYNnp1OcyMH0hOskiAO3CUMlSW02MfQkeyE7g8dujy67jAZC5+ke3bg7W7xrmS A5uQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=T4fKy3rsoDeg9TcItgm719DIQWhJRDtEiEGAdRW9bCs=; b=CCkrz5ZRRQwWAFfiuw9tDOT9NjbttYOnzRNlExROVL/TscAXpuebdWCnkUvB/N1BDy Aap4evFVpqNOTawrmhBZPfnqtaXb1xfu9QL9kK43KqZ3E6P89PStrAWkfA6Obyj+0aVI ybJRzlYzxs3SVKKv8TM4KuSQW2jqzUr6F6d7fadWgDd3X9TrRiOqJ5xOhYfeyH6oPvFd 5chMyRFqBpNQ/goWZxRl3ui0DVZV6PF9CSu0Y0MYVaNSqQFhfLwWTpL+8giLXoOR02cj ZfgXcFW5BjTc1dnq4BeEnChxWn1kOlUhqRDjMnfoWrLquWn5ay3aJg3A8MjJ7WmM8cEJ rGeQ== X-Gm-Message-State: ANoB5pn4TVnJPQIdQELc/ExD39eCrjtrfRI/DVjwKW3w39Cw5VSSoclT 9zCLsk/8d0mBk/ifCIJJVZiC0Xe+8aA= X-Google-Smtp-Source: AA0mqf5usr/pO/baVlQfScpjJx3z2ov/8/MiXiFA/IdjyZbPp4o0eX12ADXBEcXlx4QR/AKgsuyG+Ood2ts= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:dd82:b0:212:fdb1:720b with SMTP id l2-20020a17090add8200b00212fdb1720bmr79232894pjv.66.1669937237499; Thu, 01 Dec 2022 15:27:17 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:48 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-10-seanjc@google.com> Subject: [PATCH 09/16] x86/virt: KVM: Open code cpu_has_vmx() in KVM VMX From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Fold the raw CPUID check for VMX into kvm_is_vmx_supported(), its sole user. Keep the check even though KVM also checks X86_FEATURE_VMX, as the intent is to provide a unique error message if VMX is unsupported by hardware, whereas X86_FEATURE_VMX may be clear due to firmware and/or kernel actions. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 10 ---------- arch/x86/kvm/vmx/vmx.c | 2 +- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 97349410c937..c5df63c606be 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -22,14 +22,6 @@ /* * VMX functions: */ - -static inline int cpu_has_vmx(void) -{ - unsigned long ecx =3D cpuid_ecx(1); - return test_bit(5, &ecx); /* CPUID.1:ECX.VMX[bit 5] -> VT */ -} - - /** * cpu_vmxoff() - Disable VMX on the current CPU * @@ -61,8 +53,6 @@ static inline int cpu_vmx_enabled(void) } =20 /** Disable VMX if it is enabled on the current CPU - * - * You shouldn't call this if cpu_has_vmx() returns 0. */ static inline void __cpu_emergency_vmxoff(void) { diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 6f3ade75a670..5bdcae435897 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2713,7 +2713,7 @@ static bool kvm_is_vmx_supported(void) { int cpu =3D raw_smp_processor_id(); =20 - if (!cpu_has_vmx()) { + if (!(cpuid_ecx(1) & feature_bit(VMX))) { pr_err("VMX not supported by CPU %d\n", cpu); return false; } --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B2B84C4332F for ; Thu, 1 Dec 2022 23:28:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231953AbiLAX23 (ORCPT ); Thu, 1 Dec 2022 18:28:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58044 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231937AbiLAX1y (ORCPT ); Thu, 1 Dec 2022 18:27:54 -0500 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C2266CCFCE for ; Thu, 1 Dec 2022 15:27:19 -0800 (PST) Received: by mail-pg1-x54a.google.com with SMTP id m9-20020a63ed49000000b00477f449365fso2937095pgk.15 for ; Thu, 01 Dec 2022 15:27:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=7SXAjG1M+IBfGsFtMHywIkRjTzn4Js8KsrZjxZEQBMU=; b=ACp2sPOEEhtUBdUDYUmigXNlNuydDo0L5gzT5adI9Ji7FnPzwS3jyQFj4800dH1gw9 aarAXgAVG3T7xg4Qhv/0Lq9enspYAIWfp8dNBJRTmS+OV8tF9ebUWwetC6n5CUXx24+d 0uT9DyPL9JhKc9a+6znnfRysveD6YN6SmC+p/THzkHUOU2Qy5pq7IvsseLzKTf9lvQpk jBnmpRrZ8oaXv4SPUSlSo32xL0T3HTioALanjDXwhPrU8IvuVvweucc4eV0oxIvVYTrE 6yoSVAkLxA59E0IbPqoP/RYWydh6JrEZiaA0oBmaahC/ifgo4vHX4h36dkajhv5R/+U3 0NKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7SXAjG1M+IBfGsFtMHywIkRjTzn4Js8KsrZjxZEQBMU=; b=s+N0dkZZmEH03u1RjQvVr6VdzY2UWswBVaGYXCmZgHw9R89FZb76sM850dXt5mZyLl CbLhSZqBdApKNcdiAKACw+iP2pqgY5Ymz8q9Oz1jtv2l6l9EEr1CVq2PeH4W7NA9+xYZ /u0mN+e4AjX4M54K6nukHr8w60MxQHUM2pUvRnak3E2Pg0lrKczWJKSa+C02qyIW4p7i or8dTUb4qwV6m1jmRIeo23hbVuVkVRRzY1xtDWEEhY64dt2STR3ndkQx3FAM+FWJyJP7 FV9E8sO1f9XElo7cazUFGUgPuJrEZNPSn3alLjMm9ID5BiMhhrW0awb+YlKGT0212eIJ pfmg== X-Gm-Message-State: ANoB5plN3bkxG6qut/MwGVSIX0ycZEKhIHJS+olJDjKT79rH5/8ozoKW 6oXsSRlGoe85DAx/suXQSGqDeRiIvnY= X-Google-Smtp-Source: AA0mqf5WubwN175lIMTyZxAOD6OhDkttOnqc3F5KtxxV+MMxPH5WaxC+3QCgYB5pFp1bK+wzYaA2AQ5YxyA= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:d086:b0:219:227d:d91f with SMTP id k6-20020a17090ad08600b00219227dd91fmr2875299pju.0.1669937238934; Thu, 01 Dec 2022 15:27:18 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:49 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-11-seanjc@google.com> Subject: [PATCH 10/16] x86/virt: KVM: Move VMXOFF helpers into KVM VMX From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that VMX is disabled in emergencies via the virt callbacks, move the VMXOFF helpers into KVM, the only remaining user. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 42 ---------------------------------- arch/x86/kvm/vmx/vmx.c | 29 ++++++++++++++++++++--- 2 files changed, 26 insertions(+), 45 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index c5df63c606be..0b373543514f 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -19,48 +19,6 @@ #include #include =20 -/* - * VMX functions: - */ -/** - * cpu_vmxoff() - Disable VMX on the current CPU - * - * Disable VMX and clear CR4.VMXE (even if VMXOFF faults) - * - * Note, VMXOFF causes a #UD if the CPU is !post-VMXON, but it's impossibl= e to - * atomically track post-VMXON state, e.g. this may be called in NMI conte= xt. - * Eat all faults as all other faults on VMXOFF faults are mode related, i= .e. - * faults are guaranteed to be due to the !post-VMXON check unless the CPU= is - * magically in RM, VM86, compat mode, or at CPL>0. - */ -static inline int cpu_vmxoff(void) -{ - asm_volatile_goto("1: vmxoff\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "cc", "memory" : fault); - - cr4_clear_bits(X86_CR4_VMXE); - return 0; - -fault: - cr4_clear_bits(X86_CR4_VMXE); - return -EIO; -} - -static inline int cpu_vmx_enabled(void) -{ - return __read_cr4() & X86_CR4_VMXE; -} - -/** Disable VMX if it is enabled on the current CPU - */ -static inline void __cpu_emergency_vmxoff(void) -{ - if (cpu_vmx_enabled()) - cpu_vmxoff(); -} - - /* * SVM functions: */ diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 5bdcae435897..8be99651dcc9 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -47,7 +47,6 @@ #include #include #include -#include #include =20 #include "capabilities.h" @@ -743,6 +742,29 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } =20 +/* + * Disable VMX and clear CR4.VMXE (even if VMXOFF faults) + * + * Note, VMXOFF causes a #UD if the CPU is !post-VMXON, but it's impossibl= e to + * atomically track post-VMXON state, e.g. this may be called in NMI conte= xt. + * Eat all faults as all other faults on VMXOFF faults are mode related, i= .e. + * faults are guaranteed to be due to the !post-VMXON check unless the CPU= is + * magically in RM, VM86, compat mode, or at CPL>0. + */ +static int kvm_cpu_vmxoff(void) +{ + asm_volatile_goto("1: vmxoff\n\t" + _ASM_EXTABLE(1b, %l[fault]) + ::: "cc", "memory" : fault); + + cr4_clear_bits(X86_CR4_VMXE); + return 0; + +fault: + cr4_clear_bits(X86_CR4_VMXE); + return -EIO; +} + static void vmx_emergency_disable(void) { int cpu =3D raw_smp_processor_id(); @@ -752,7 +774,8 @@ static void vmx_emergency_disable(void) loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); =20 - __cpu_emergency_vmxoff(); + if (__read_cr4() & X86_CR4_VMXE) + kvm_cpu_vmxoff(); } =20 static void __loaded_vmcs_clear(void *arg) @@ -2814,7 +2837,7 @@ static void vmx_hardware_disable(void) { vmclear_local_loaded_vmcss(); =20 - if (cpu_vmxoff()) + if (kvm_cpu_vmxoff()) kvm_spurious_fault(); =20 hv_reset_evmcs(); --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6BF5EC4332F for ; Thu, 1 Dec 2022 23:28:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232031AbiLAX2b (ORCPT ); Thu, 1 Dec 2022 18:28:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55940 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231866AbiLAX2N (ORCPT ); Thu, 1 Dec 2022 18:28:13 -0500 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C9E3ECD9AF for ; Thu, 1 Dec 2022 15:27:20 -0800 (PST) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-3b0af5bcbd3so31937297b3.0 for ; Thu, 01 Dec 2022 15:27:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=cZG0yqcEStsxMCOsGsLbuxg5UhLo/05v+igNhXo+egE=; b=RotdmcndZEfo541ypzSPA7Gcqjp5N5B+Rvwnjgnlg21E5OPmwUUXI5ZMNxXAnzf52t IhdK5L/SO2/0KxmL3DKN+rfrgSmI/ZkWytNZTRoph0+fvkqxhzuuLUSw4nUmof/0Udsy iMa5J7R6rApimfrhjQMQ8hhXvU75Xj8K8YoDsaiXGKftndME+NVFdnVaPKbV8S2b10Fu 6gTcApWj7SRS7ZErG2x0H9djRoGdZX/kHKFwcOvoKZCEGCwmWmx9HJ10rz6o0kkDi3Qa 4Ehw0p1YJjZ8tWZNRYLdgtcMZUyVcpBwAuEpg09goY7gr85IH0GXMeA53TfVd4aZmVsy 9jTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cZG0yqcEStsxMCOsGsLbuxg5UhLo/05v+igNhXo+egE=; b=P3wQ2dlwhert5h4NDIBlgrwBGtdcyBIIYJSKoHvFUGgyRshZaoP0ISjGrlYJC0mZeC UxBl52DMKklsl0uvbvcvzDC+e1xFfRUMD0sJsLRHAh85e0oysTmAjmp0qBwI/YUAstaS FK8NYRnJQ8Fit1AeRWAJWqQQWag049EMd4s//HnAPiA+nsp3C0rwSQRzuAegjRJcrdUj zHG9+CZppcN+z4yUVpqMKri4KPiltOGCVASydfzQpW5A8Du1onfnkCMNF0FthnWkqYmK kJeWa7DgRP4XecZ019bkCEk6NL6y9IZG3JcswRikSWEnTKzXd3kNoqpvfC3LSruMPBrw 1X3A== X-Gm-Message-State: ANoB5plk8zFJsEnt/Ug8fSvk/PMej285fe4/Wp+PMMTYcsNvaq29WTc+ 8+wOxrpieGDNnFT4NWzMugeMCWEjQq0= X-Google-Smtp-Source: AA0mqf7MJWHcAG6vdTf9w1OowNCeW1uuWVIj+VLHOB6jpKtg81SgZinEw7Y+yyKEhmtsa7huiHGdgyCAcF8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:ef4c:0:b0:6f5:f4bc:1327 with SMTP id w12-20020a25ef4c000000b006f5f4bc1327mr23058180ybm.244.1669937240562; Thu, 01 Dec 2022 15:27:20 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:50 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-12-seanjc@google.com> Subject: [PATCH 11/16] KVM: SVM: Make KVM_AMD depend on CPU_SUP_AMD or CPU_SUP_HYGON From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Make building KVM SVM support depend on support for AMD or Hygon. KVM already effectively restricts SVM support to AMD and Hygon by virtue of the vendor string checks in cpu_has_svm(), and KVM VMX supports depends on one of its three known vendors (Intel, Centaur, or Zhaoxin). Add the CPU_SUP_HYGON clause even though CPU_SUP_HYGON selects CPU_SUP_AMD to document that KVM SVM support isn't just for AMD CPUs, and to prevent breakage should Hygon support ever become a standalone thing. Signed-off-by: Sean Christopherson --- arch/x86/kvm/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 8e578311ca9d..0d403e9b6a47 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -102,7 +102,7 @@ config X86_SGX_KVM =20 config KVM_AMD tristate "KVM for AMD processors support" - depends on KVM + depends on KVM && (CPU_SUP_AMD || CPU_SUP_HYGON) help Provides support for KVM on AMD processors equipped with the AMD-V (SVM) extensions. --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 43810C4332F for ; Thu, 1 Dec 2022 23:28:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231981AbiLAX2s (ORCPT ); Thu, 1 Dec 2022 18:28:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59168 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231974AbiLAX2S (ORCPT ); Thu, 1 Dec 2022 18:28:18 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0AC63CE41E for ; Thu, 1 Dec 2022 15:27:23 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id f71-20020a25384a000000b006dd7876e98eso3289312yba.15 for ; Thu, 01 Dec 2022 15:27:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=xKO5gDHH6l2BFGRx+bAr/R/X/txGS/YMP3y88vo/DQs=; b=O6HXE5mlRidl0Q4rg3rTusA/uGWWbvzYZixtwdz2MUbik0b8Z6ICCGGqeQiqEoime7 L2AfiIVKS9WasGmJLtrCfdVsyTFPf0YlWz56R1E38/8w0f500LJAenTrT3AVUQu+q1dz 2wgGdMjtPJrgnEFXMeWyb+VyPnSBwX0LdNfpokDzQ8gCS38+Sb4zbTS066WOEl+djFle 9Kskm+wQwxdJNVTFMHKMxzvNjt37+Rt2yBgO4kuYpsqiKNSZWiIQbn1Z9p3I6T2vOnBX PFfgGe2Oj+l8DFaSFI4MgLtP9BvgCA6CYt8cSln717GUjOaqIuI2yds0V00PifmVFZQU EfaA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=xKO5gDHH6l2BFGRx+bAr/R/X/txGS/YMP3y88vo/DQs=; b=Ts50H8020oU9WL4U2VNovfiYgWZA6f/J+VxXBkd0Y9Y6cTEMYgTun49RB7U/XTHclg i2QdcCeOwk/JLIvt190mMN7WXd9MBh46cizjtSvrRc3AvYz9SACU2EWgB7XSgP6lgeuC Xb5lcnZllvNZdgoKfTdv18ySmMesHIOAng8gAVI9FyKcaIR/tugLYDxyBh72Hvme2k70 wynKj/AO569nkLfjur5XQ+85gH9jOI55/hiF09XEDVH5Q1+BzkAbU6GUoHKM2q/mc38y dADIODZ+BmyqPq+6YTqsTNN/CNXmnySRuziT1q8uJG6MgZAK/8Jagf64N1IvjMK/23k9 3jLg== X-Gm-Message-State: ANoB5pm4OkVnJSp3z52oqJACSzk0TnfQiQw+pCk0YU7apB9BdF8n+zto 0C17Nff3sDaJTfNyyBRATwG57WpGu4E= X-Google-Smtp-Source: AA0mqf6r5wVfKxGEDpenXvu+3yNlydRMkzdX022siAktDieu8OZ+F1d0HzAQPOqn6tZJ1GsC0NgzArz2qEQ= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:6c44:0:b0:6e9:b6ea:fc86 with SMTP id h65-20020a256c44000000b006e9b6eafc86mr47631850ybc.183.1669937242341; Thu, 01 Dec 2022 15:27:22 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:51 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-13-seanjc@google.com> Subject: [PATCH 12/16] x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm() From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Drop the explicit check on the extended CPUID level in cpu_has_svm(), the kernel's cached CPUID info will leave the entire SVM leaf unset if said leaf is not supported by hardware. Prior to using cached information, the check was needed to avoid false positives due to Intel's rather crazy CPUID behavior of returning the values of the maximum supported leaf if the specified leaf is unsupported. Fixes: 682a8108872f ("x86/kvm/svm: Simplify cpu_has_svm()") Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 6 ------ 1 file changed, 6 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 0b373543514f..eddc0eeb836f 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -39,12 +39,6 @@ static inline int cpu_has_svm(const char **msg) return 0; } =20 - if (boot_cpu_data.extended_cpuid_level < SVM_CPUID_FUNC) { - if (msg) - *msg =3D "can't execute cpuid_8000000a"; - return 0; - } - if (!boot_cpu_has(X86_FEATURE_SVM)) { if (msg) *msg =3D "svm not available"; --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0291FC4332F for ; Thu, 1 Dec 2022 23:28:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231993AbiLAX2w (ORCPT ); Thu, 1 Dec 2022 18:28:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59242 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231976AbiLAX2T (ORCPT ); Thu, 1 Dec 2022 18:28:19 -0500 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A1CFCE42A for ; Thu, 1 Dec 2022 15:27:24 -0800 (PST) Received: by mail-pj1-x1049.google.com with SMTP id pq17-20020a17090b3d9100b0020a4c65c3a9so2979944pjb.0 for ; Thu, 01 Dec 2022 15:27:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=V7jdLGRYb4fYAe8gIednP3AKBH7dhOuHWBQtK2IRaKg=; b=KrMJ/BgpveA+ly1uPiZ5pmidqkhZDKpo9w6VWcD7XE8wIMwUuj1AJO76QyHhE2cKtS fXybiajbUEedKZgAFffo2ZyWwqwKal5Dnjj7p8KuOscMWR6HqsJPbrVng9W73l8xn/JC ZL9LolusjV6VhRGkyJCW+JVCE84j6ZEov6ayjdEu0Vrl9FkK9P2cBQJpoT5E6Gg6gCj+ 2GofqL0ci/dwuU7kkQjlqIrBEMIdnnA7PYjgGDlItNlYmOKBYD6mX0OvSsazv2Tk+KWk uedUB3yAu9UsKRydgGMByIJR44IN6hPSNidlDqpGjlWz4XY4+r4ez9xqiCX/DBRay83y IIVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=V7jdLGRYb4fYAe8gIednP3AKBH7dhOuHWBQtK2IRaKg=; b=7psv2eJPmUclubX+AlwbM97QrIAF1BQaRMPXto/pUfidaH4g4Uj3dRM/AMI+FIRhYF E4BMzcHDxNX/Krd1M2m1O9ydjsWuuGufBoBJhlDHVfWvLYNQyAWTfyoQkr3Wc2iOotsC hTM05D/rum1MG/UXBq055qYSdMgU+bItyLJY/zJpdxy1PiZvb5y4JXXXO5CEkNtP2MMl 5tuRmgQIORlnnxHlsmlc/n7TcJQMVe/rAJ3xo1LHO+Ghzh7Nd9XZ1sUhWCPFx65zpdwQ ssdnDJxrxOnHVnHlidrtOiJIsDiE+vG2DXhr08LwVUxI3B9RoExNssTJD6WmtOo3QRiO NQJA== X-Gm-Message-State: ANoB5pl3xmS54OIxBXxhee52KsIAYhiUFHukpFJiNPV6zT+gQDxifKcy 4VzF0QrXjFvlnrI6CNoN34RrHKUcuFs= X-Google-Smtp-Source: AA0mqf5OFUH4655YN7eGM/9Hpu4YrVFA8Z2vIAGHjTZvYAFUwFrrMer4WU/8uTn6DvxYUwdjKm0nDRy8wCw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:aa7:9ec2:0:b0:575:d302:7443 with SMTP id r2-20020aa79ec2000000b00575d3027443mr10995163pfq.76.1669937244071; Thu, 01 Dec 2022 15:27:24 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:52 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-14-seanjc@google.com> Subject: [PATCH 13/16] x86/virt: KVM: Open code cpu_has_svm() into kvm_is_svm_supported() From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Fold the guts of cpu_has_svm() into kvm_is_svm_supported(), its sole remaining user. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 28 ---------------------------- arch/x86/kvm/svm/svm.c | 11 ++++++++--- 2 files changed, 8 insertions(+), 31 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index eddc0eeb836f..683d20411335 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -22,35 +22,7 @@ /* * SVM functions: */ - -/** Check if the CPU has SVM support - * - * You can use the 'msg' arg to get a message describing the problem, - * if the function returns zero. Simply pass NULL if you are not interested - * on the messages; gcc should take care of not generating code for - * the messages on this case. - */ -static inline int cpu_has_svm(const char **msg) -{ - if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_AMD && - boot_cpu_data.x86_vendor !=3D X86_VENDOR_HYGON) { - if (msg) - *msg =3D "not amd or hygon"; - return 0; - } - - if (!boot_cpu_has(X86_FEATURE_SVM)) { - if (msg) - *msg =3D "svm not available"; - return 0; - } - return 1; -} - - /** Disable SVM on the current CPU - * - * You should call this only if cpu_has_svm() returned true. */ static inline void cpu_svm_disable(void) { diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d56d5fe42262..ba281651dee4 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -523,11 +523,16 @@ static void svm_init_osvw(struct kvm_vcpu *vcpu) static bool kvm_is_svm_supported(void) { int cpu =3D raw_smp_processor_id(); - const char *msg; u64 vm_cr; =20 - if (!cpu_has_svm(&msg)) { - pr_err("SVM not supported by CPU %d, %s\n", cpu, msg); + if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_AMD && + boot_cpu_data.x86_vendor !=3D X86_VENDOR_HYGON) { + pr_err("CPU %d isn't AMD or Hygon\n", cpu); + return false; + } + + if (!boot_cpu_has(X86_FEATURE_SVM)) { + pr_err("SVM not supported by CPU %d\n", cpu); return false; } =20 --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C15E3C4332F for ; Thu, 1 Dec 2022 23:29:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231795AbiLAX3C (ORCPT ); Thu, 1 Dec 2022 18:29:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58590 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232018AbiLAX2Y (ORCPT ); Thu, 1 Dec 2022 18:28:24 -0500 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A06DCF789 for ; Thu, 1 Dec 2022 15:27:28 -0800 (PST) Received: by mail-pj1-x1049.google.com with SMTP id pa16-20020a17090b265000b0020a71040b4cso2938985pjb.6 for ; Thu, 01 Dec 2022 15:27:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=nVLXdYejrcua3wTUeNkWgCThb6Lpcy1BgMQmZ5bZe4M=; b=TXHeUjjbugM+AmeKkD4B4A3KLhdcZ7ljZbuQPNSoSb87JxUqp1NIhswkLLphZ3dmRr je0ZhrVi9Hut4hTXSzT7WdZHjdMuefJJxUXxpiHwA3Q601WSolyJ7lPedgVPpW9I+kDC k4IAhc/4NGIK7Q6MlszXT4wyv1nbj45C/2D/QgdBf1s4QCAPZBh9BKj1uGvs5DRy9Jn2 5WXmKEgNxxFQXPzhOsEKBbhvMESFoaQhEgV5gU4NgA85/3WeDtQ03LrjYgXfkr9eebgG 7Eyf/fQ4jQXDYtUSUKjp8MTJf1NuHk9CrM02Rm7kI4G0RlYe1jDQ9ERXRYZ0Qa8pACR6 c+nw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=nVLXdYejrcua3wTUeNkWgCThb6Lpcy1BgMQmZ5bZe4M=; b=xdX/kS8QqSP70R4pYtu9NbEY7VkjTFzA46ntcxQZLcdixhxu21Qzdoxml8PD+Mxyoo gEkzAsOc+e6bu1jhXOE5MtSMqobLLSK/t1iqjBFJdf8i/0x4t4sEKqJQGkDE3ulPmem5 ligqxZ+JNsDENP0cCbgNPrs7J1nItC3AvRFbFThOfHAzDrALkWh+BI+9MfmPrxaQoiCN Gp7fvPliHN8rrZXR8UWXVGe9ZgrLM2RcsNS4AsscaUVvB6umIJ67GYrZbTAIbNEOvkAd tkvYNFlBr8m2dC3hW2yXyA4PiR/QEQ21gWgnO0IolEA83QsVCWivMw3KKP6MuBMcec54 nvdQ== X-Gm-Message-State: ANoB5pn3qm9803klwRkxzBKbqiL0OyJdyd7TnuLHVpggH7Hqi/qOzUg8 rbW4361K/EsKC/ofx0wDpRTGP2MNli4= X-Google-Smtp-Source: AA0mqf6C1RuHk9+9pQBBmj5QPNvYMawTzMK/5CWJaDKDXJYU+1useC2MDvF4QdkOIMDVyFOnGH3L1J4KMho= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a62:52c4:0:b0:576:e21:8a32 with SMTP id g187-20020a6252c4000000b005760e218a32mr6732194pfb.46.1669937245736; Thu, 01 Dec 2022 15:27:25 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:53 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-15-seanjc@google.com> Subject: [PATCH 14/16] x86/virt: KVM: Move "disable SVM" helper into KVM SVM From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move cpu_svm_disable() into KVM proper now that all hardware virtualization management is routed through KVM. Remove the now-empty virtext.h. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 47 ---------------------------------- arch/x86/kvm/svm/svm.c | 25 +++++++++++++++--- 2 files changed, 22 insertions(+), 50 deletions(-) delete mode 100644 arch/x86/include/asm/virtext.h diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h deleted file mode 100644 index 683d20411335..000000000000 --- a/arch/x86/include/asm/virtext.h +++ /dev/null @@ -1,47 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* CPU virtualization extensions handling - * - * This should carry the code for handling CPU virtualization extensions - * that needs to live in the kernel core. - * - * Author: Eduardo Habkost - * - * Copyright (C) 2008, Red Hat Inc. - * - * Contains code from KVM, Copyright (C) 2006 Qumranet, Inc. - */ -#ifndef _ASM_X86_VIRTEX_H -#define _ASM_X86_VIRTEX_H - -#include - -#include -#include -#include - -/* - * SVM functions: - */ -/** Disable SVM on the current CPU - */ -static inline void cpu_svm_disable(void) -{ - uint64_t efer; - - wrmsrl(MSR_VM_HSAVE_PA, 0); - rdmsrl(MSR_EFER, efer); - if (efer & EFER_SVME) { - /* - * Force GIF=3D1 prior to disabling SVM, e.g. to ensure INIT and - * NMI aren't blocked. Eat faults on STGI, as it #UDs if SVM - * isn't enabled and SVM can be disabled by an NMI callback. - */ - asm_volatile_goto("1: stgi\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "memory" : fault); -fault: - wrmsrl(MSR_EFER, efer & ~EFER_SVME); - } -} - -#endif /* _ASM_X86_VIRTEX_H */ diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index ba281651dee4..2aec27b34487 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -41,7 +41,6 @@ #include #include =20 -#include #include "trace.h" =20 #include "svm.h" @@ -571,9 +570,29 @@ void __svm_write_tsc_multiplier(u64 multiplier) preempt_enable(); } =20 +static inline void kvm_cpu_svm_disable(void) +{ + uint64_t efer; + + wrmsrl(MSR_VM_HSAVE_PA, 0); + rdmsrl(MSR_EFER, efer); + if (efer & EFER_SVME) { + /* + * Force GIF=3D1 prior to disabling SVM, e.g. to ensure INIT and + * NMI aren't blocked. Eat faults on STGI, as it #UDs if SVM + * isn't enabled and SVM can be disabled by an NMI callback. + */ + asm_volatile_goto("1: stgi\n\t" + _ASM_EXTABLE(1b, %l[fault]) + ::: "memory" : fault); +fault: + wrmsrl(MSR_EFER, efer & ~EFER_SVME); + } +} + static void svm_emergency_disable(void) { - cpu_svm_disable(); + kvm_cpu_svm_disable(); } =20 static void svm_hardware_disable(void) @@ -582,7 +601,7 @@ static void svm_hardware_disable(void) if (tsc_scaling) __svm_write_tsc_multiplier(SVM_TSC_RATIO_DEFAULT); =20 - cpu_svm_disable(); + kvm_cpu_svm_disable(); =20 amd_pmu_disable_virt(); } --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 12853C4332F for ; Thu, 1 Dec 2022 23:29:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231872AbiLAX3E (ORCPT ); Thu, 1 Dec 2022 18:29:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58618 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232021AbiLAX2Z (ORCPT ); Thu, 1 Dec 2022 18:28:25 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 03D9CCF799 for ; Thu, 1 Dec 2022 15:27:28 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id a5-20020a25af05000000b006e450a5e507so3339456ybh.22 for ; Thu, 01 Dec 2022 15:27:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=Sg9CsRxM4jZa0E7/KgshS4sdVS6EzlxV440C3ZXBs0s=; b=rYmAuULP73HrorSXL/MXkPO2BOATv/miT4OfDFVrD8TkA1qSe6/IIl8YrljhxYVpYH YwsWmcYp1eSR4JNDQ2YGoIJdEhu1rDp37/CF+HbhwLUN65HbY0WGBFa5ctKoY79gc0ef JDhgX4BKJI/y7kAOm1tQe0DyfyVKKCc+vwpJktXvrTD9/e7fexqQ258M0oKiEKrWf2e5 kr6+lUd1xeyAEBE/yV2MYvZHUncP1Xp+C4RY9HVn8RnATVHHs9GDjuoxCC1PHFavaKQl glgmwU6SVos0A27SE07k1IR8yDx4s9WboVRX0zWUVbkd4pJs0St7c5abpQqZq3hxqlRU TjmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Sg9CsRxM4jZa0E7/KgshS4sdVS6EzlxV440C3ZXBs0s=; b=o/G1mClCcR91UVrWxJTFw1V8W9/B8JohkPrvD+dbCdXo1yXdMTB8UYi/Kwg8bCZY+y /MnkbuRmyvR13CD6xFzxpNYGzKckwe2r8nW89vgmh7KboZDOfWwQCDE5Af2RW/EE+RRk ePgNyKLoM5OxGUpiDegWDNe7/s1hvkQpWdiaYiOJUmjT68kxEaz1k4HdAdH58P1JITCI Ri83/AYtHnzXt4iSAgVS6mjs8s+XNiqz3SXKIm0CDvFWhuD5NjHk8WLLA47JneZR+oX1 rnM8yJ37JWJPlYOKxI5E2BwdNPLJXX5AMNu9BPRM9hZJBxCG3IHBLJLyKJwjjFvup2UB Gn2g== X-Gm-Message-State: ANoB5plQ5EsFKSezpYF3O/bCzltJOAkiYQD72wVGVo61rfzsKZF2htM0 msFfMk65UGBXj0nKVifeLmht8//d1kU= X-Google-Smtp-Source: AA0mqf4Vb7jVCySVqyHIb2RgwHxQmPFL3B44Hbkl8hGjWW/Knam+udRj69vxcylPzQTcX5+lQQ+iVC126vI= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a5b:c0d:0:b0:6fb:935d:bcc7 with SMTP id f13-20020a5b0c0d000000b006fb935dbcc7mr6530196ybq.130.1669937247256; Thu, 01 Dec 2022 15:27:27 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:54 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-16-seanjc@google.com> Subject: [PATCH 15/16] KVM: x86: Force kvm_rebooting=true during emergency reboot/crash From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Set kvm_rebooting when virtualization is disabled in an emergency so that KVM eats faults on virtualization instructions even if kvm_reboot() isn't reached. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 2 ++ arch/x86/kvm/vmx/vmx.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 2aec27b34487..08ed4679903a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -592,6 +592,8 @@ static inline void kvm_cpu_svm_disable(void) =20 static void svm_emergency_disable(void) { + kvm_rebooting =3D true; + kvm_cpu_svm_disable(); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 8be99651dcc9..7f8147a7d126 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -770,6 +770,8 @@ static void vmx_emergency_disable(void) int cpu =3D raw_smp_processor_id(); struct loaded_vmcs *v; =20 + kvm_rebooting =3D true; + list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); --=20 2.39.0.rc0.267.gcb52ba06e7-goog From nobody Thu Sep 18 20:21:59 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 382D1C3A5A7 for ; Thu, 1 Dec 2022 23:29:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232099AbiLAX3V (ORCPT ); Thu, 1 Dec 2022 18:29:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59316 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231978AbiLAX2s (ORCPT ); Thu, 1 Dec 2022 18:28:48 -0500 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BB10F10B5 for ; Thu, 1 Dec 2022 15:27:45 -0800 (PST) Received: by mail-pj1-x1049.google.com with SMTP id b1-20020a17090a10c100b0020da29fa5e5so3450153pje.2 for ; Thu, 01 Dec 2022 15:27:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=e1NugFnVCB110oXGMzrxJ93wD+BGdk2//9yqV+Q+IFc=; b=AMe6PZQjL+GG9iGCzR8Y1kDAWFNDPhfhQ+A1ONMZtd40MzMjOdxdVkLPy+o4zaOX0k EapYcGzlaA1WBqr4QlwRfZ/UOs5nydC4Z1Q/Gf0DfQdR3+VxXzQfOWCYeJSuLnkwtnNB L7Vajcoe+gve+aTRDGu6MsW0HaBmVK74RQOdCPb2q3azcTPtng2zprtO4MceWEGmlla3 f3hiYd9MJ2N+xVUOXVq+DxA3f9DleU3IbHw/BTopzy8ZL9QIuIC8mpHHUKu8syJvajlJ alNgTMKhLluW+5etzrvrxstnTPTvrN0Wrp8jdMFi222FhOv00hZ6Xw+CcRQjc1UzjctI O/Sw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=e1NugFnVCB110oXGMzrxJ93wD+BGdk2//9yqV+Q+IFc=; b=ZIpYLEqi7+sRlH7tQUJAJ0Y/bOlOAfUaMEIgAhdj9eFUEOdrSarwHpPFlT+7UgiD+3 ZYC/lC2TGx8Yb6Cnlnr27RTjhqHRMDvt/ZWROVz2Z3HhqCfPSTcIir9GFHHaVu752qFs uIm7aIxHoGutq0xqWL3+vlM+TdfO7OVUFcoCqth0IHLx9F+9xVYQ9QcTIuEeDrb5r6hw ao6/CjwLN5Va85XCDlzpUj/x9VwcS6+Q9DeEDwCknFjFo4Yasu87WpV8vS5vXIogPY0M Rb1bXpzW6F6r0wvzW7CVw2YyhpKZrT6ymF4+3siUvN54qMbtXkjBi2AiH7LNHd4XaaLA X6UA== X-Gm-Message-State: ANoB5plmLUBLHwafFSWjL5N3QaXVFrD9NrFDDLgrFUIi7/xJMhE6Zuji /4Ozpx/z1QI6z7N+M56MBI8/IETmWXY= X-Google-Smtp-Source: AA0mqf5ZwcIe+YY0pzfxIbAo3lP4N19HMp0HJsnVajNzyxLAxNKYPCVLQTfGvi94v6IjIRWdxVfh94oDZbo= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:6904:b0:188:fd9b:479d with SMTP id j4-20020a170902690400b00188fd9b479dmr53509373plk.93.1669937248948; Thu, 01 Dec 2022 15:27:28 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 1 Dec 2022 23:26:55 +0000 In-Reply-To: <20221201232655.290720-1-seanjc@google.com> Mime-Version: 1.0 References: <20221201232655.290720-1-seanjc@google.com> X-Mailer: git-send-email 2.39.0.rc0.267.gcb52ba06e7-goog Message-ID: <20221201232655.290720-17-seanjc@google.com> Subject: [PATCH 16/16] KVM: SVM: Use "standard" stgi() helper when disabling SVM From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Sean Christopherson , Paolo Bonzini Cc: "H. Peter Anvin" , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Andrew Cooper Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that kvm_rebooting is guaranteed to be true prior to disabling SVM in an emergency, use the existing stgi() helper instead of open coding STGI. In effect, eat faults on STGI if and only if kvm_rebooting=3D=3Dtrue. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 08ed4679903a..72899a61f708 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -579,13 +579,9 @@ static inline void kvm_cpu_svm_disable(void) if (efer & EFER_SVME) { /* * Force GIF=3D1 prior to disabling SVM, e.g. to ensure INIT and - * NMI aren't blocked. Eat faults on STGI, as it #UDs if SVM - * isn't enabled and SVM can be disabled by an NMI callback. + * NMI aren't blocked. */ - asm_volatile_goto("1: stgi\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "memory" : fault); -fault: + stgi(); wrmsrl(MSR_EFER, efer & ~EFER_SVME); } } --=20 2.39.0.rc0.267.gcb52ba06e7-goog