From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DBE72C7EE24 for ; Fri, 12 May 2023 23:50:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240925AbjELXul (ORCPT ); Fri, 12 May 2023 19:50:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50924 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240847AbjELXud (ORCPT ); Fri, 12 May 2023 19:50:33 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9108F1FC3 for ; Fri, 12 May 2023 16:50:32 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id 98e67ed59e1d1-24e02410034so10374693a91.0 for ; Fri, 12 May 2023 16:50:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935432; x=1686527432; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=AdqZMtZaSKGgEy54ZI8iaQkXyWsGslzW0QTgtvZWoNI=; b=5jyM5juOrlj9NYvKkpIJw46gHGAcT58Bf9xhCB3KTTODHqeYj2xsf8mUFNX25FhdEW 9KjzeE6uMrpwW7BlWw5I06ke8VUkemqm9LFTbtPk7/zsIbYSVOp7jqCXcE3WbSOQK8dx tO+eCIqRWrxaaQ6Qji0kwmzWKlrDEAS8WjuUiULGz99Q98To/tpJq6DxnbrBtR0IR/aB Kulv46zdcWohPA1iK3VAh3TSC0e1+OulLH6ZkhNDVWLatqvEtNvnvvQqFyCGHO6h9Nb2 fKsxwJZTe5bjB/tVeqd80cr5X9UKPoWaTU2StoJjCMiC32Wv6Mt7AukROrJCELSX5nAM maEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935432; x=1686527432; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=AdqZMtZaSKGgEy54ZI8iaQkXyWsGslzW0QTgtvZWoNI=; b=CBCzGIkDZgvR4WNsQrxVD/7ez9PYXT4AfoP5Reag5tsnNNHks0PPJ1sC0hEhii+5CS 7YfhJ1HnvCq2jF0vc1duW7NOxbSF8PCJg2kn3/5Yp0glKonun+T5Tk2ybQbBMHz1YFZO wtYuRzqzKtVVxCrj+r/nFg0oTu1xRsK5qZOPLInumCCfVGqO4kFLvV/5ZurZItBcnkld oiex/mY/M4tFwZfNs3ZHtIBw7k3phgdom3APbOfE0OlI825l0ytBCY9O3NdVZEXP7EJl KrxRnznX+jaqVcvFvovxHJuHgd6huTN0klCjskw1Kd9J7lSrN/xpbLRmuMRzUAtSQF4L P8eQ== X-Gm-Message-State: AC+VfDw6TBIJnQIAz68WpvgFRIsdsXHjsoYeEcnPKIyu5JLJHEeUkFba kQJWPs0B61lOgnphUwIvdoAkzzFGtqo= X-Google-Smtp-Source: ACHHUZ6KKw1Ju7rMyajRdADi1++fw/wIj3ZeqRUSTB+7LLx+0cdxAEnsh86vxXJW6s56scnNjuVMkiDKG8o= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:1194:b0:246:fd4b:14e6 with SMTP id gk20-20020a17090b119400b00246fd4b14e6mr8009138pjb.7.1683935432164; Fri, 12 May 2023 16:50:32 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:09 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-2-seanjc@google.com> Subject: [PATCH v3 01/18] x86/reboot: VMCLEAR active VMCSes before emergency reboot From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" VMCLEAR active VMCSes before any emergency reboot, not just if the kernel may kexec into a new kernel after a crash. Per Intel's SDM, the VMX architecture doesn't require the CPU to flush the VMCS cache on INIT. If an emergency reboot doesn't RESET CPUs, cached VMCSes could theoretically be kept and only be written back to memory after the new kernel is booted, i.e. could effectively corrupt memory after reboot. Opportunistically remove the setting of the global pointer to NULL to make checkpatch happy. Cc: Andrew Cooper Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kexec.h | 2 -- arch/x86/include/asm/reboot.h | 2 ++ arch/x86/kernel/crash.c | 31 ------------------------------- arch/x86/kernel/reboot.c | 22 ++++++++++++++++++++++ arch/x86/kvm/vmx/vmx.c | 10 +++------- 5 files changed, 27 insertions(+), 40 deletions(-) diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h index a3760ca796aa..256eee99afc8 100644 --- a/arch/x86/include/asm/kexec.h +++ b/arch/x86/include/asm/kexec.h @@ -208,8 +208,6 @@ int arch_kimage_file_post_load_cleanup(struct kimage *i= mage); #endif #endif =20 -typedef void crash_vmclear_fn(void); -extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; extern void kdump_nmi_shootdown_cpus(void); =20 #endif /* __ASSEMBLY__ */ diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index bc5b4d788c08..2551baec927d 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,6 +25,8 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 =20 +typedef void crash_vmclear_fn(void); +extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; void cpu_emergency_disable_virtualization(void); =20 typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c index cdd92ab43cda..54cd959cb316 100644 --- a/arch/x86/kernel/crash.c +++ b/arch/x86/kernel/crash.c @@ -48,38 +48,12 @@ struct crash_memmap_data { unsigned int type; }; =20 -/* - * This is used to VMCLEAR all VMCSs loaded on the - * processor. And when loading kvm_intel module, the - * callback function pointer will be assigned. - * - * protected by rcu. - */ -crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss =3D NULL; -EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); - -static inline void cpu_crash_vmclear_loaded_vmcss(void) -{ - crash_vmclear_fn *do_vmclear_operation =3D NULL; - - rcu_read_lock(); - do_vmclear_operation =3D rcu_dereference(crash_vmclear_loaded_vmcss); - if (do_vmclear_operation) - do_vmclear_operation(); - rcu_read_unlock(); -} - #if defined(CONFIG_SMP) && defined(CONFIG_X86_LOCAL_APIC) =20 static void kdump_nmi_callback(int cpu, struct pt_regs *regs) { crash_save_cpu(regs, cpu); =20 - /* - * VMCLEAR VMCSs loaded on all cpus if needed. - */ - cpu_crash_vmclear_loaded_vmcss(); - /* * Disable Intel PT to stop its logging */ @@ -133,11 +107,6 @@ void native_machine_crash_shutdown(struct pt_regs *reg= s) =20 crash_smp_send_stop(); =20 - /* - * VMCLEAR VMCSs loaded on this cpu if needed. - */ - cpu_crash_vmclear_loaded_vmcss(); - cpu_emergency_disable_virtualization(); =20 /* diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index d03c551defcc..299b970e5f82 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -787,6 +787,26 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif =20 +/* + * This is used to VMCLEAR all VMCSs loaded on the + * processor. And when loading kvm_intel module, the + * callback function pointer will be assigned. + * + * protected by rcu. + */ +crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; +EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); + +static inline void cpu_crash_vmclear_loaded_vmcss(void) +{ + crash_vmclear_fn *do_vmclear_operation =3D NULL; + + rcu_read_lock(); + do_vmclear_operation =3D rcu_dereference(crash_vmclear_loaded_vmcss); + if (do_vmclear_operation) + do_vmclear_operation(); + rcu_read_unlock(); +} =20 /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu =3D -1; @@ -798,6 +818,8 @@ int crashing_cpu =3D -1; */ void cpu_emergency_disable_virtualization(void) { + cpu_crash_vmclear_loaded_vmcss(); + cpu_emergency_vmxoff(); cpu_emergency_svm_disable(); } diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 44fb619803b8..317f72baf0c3 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -41,7 +41,7 @@ #include #include #include -#include +#include #include #include #include @@ -744,7 +744,6 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } =20 -#ifdef CONFIG_KEXEC_CORE static void crash_vmclear_local_loaded_vmcss(void) { int cpu =3D raw_smp_processor_id(); @@ -754,7 +753,6 @@ static void crash_vmclear_local_loaded_vmcss(void) loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); } -#endif /* CONFIG_KEXEC_CORE */ =20 static void __loaded_vmcs_clear(void *arg) { @@ -8549,10 +8547,9 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr =3D false; =20 -#ifdef CONFIG_KEXEC_CORE RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); synchronize_rcu(); -#endif + vmx_cleanup_l1d_flush(); } =20 @@ -8601,10 +8598,9 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } =20 -#ifdef CONFIG_KEXEC_CORE rcu_assign_pointer(crash_vmclear_loaded_vmcss, crash_vmclear_local_loaded_vmcss); -#endif + vmx_check_vmcs12_offsets(); =20 /* --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0328C77B7C for ; Fri, 12 May 2023 23:50:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240932AbjELXuo (ORCPT ); Fri, 12 May 2023 19:50:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50970 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240881AbjELXug (ORCPT ); Fri, 12 May 2023 19:50:36 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BE049269E for ; Fri, 12 May 2023 16:50:34 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-559d8e22306so189775167b3.1 for ; Fri, 12 May 2023 16:50:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935434; x=1686527434; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=nr0/2P0PrhPVltPxqFEO8yZGlq+w0+NW5S2btIKs8As=; b=WnOy9eWYFT1JeIO58JaMN1jZcMhT11BdOKPnALDAvrjMuhmZH42P9YhiZa/7JYaYGY ZpHrwciGnurOfJK9oBMXECwzcbEmpZfTWoGPFiZvJ8gE7xDpEIqA+FoxYyfH6y7DyEbJ +lNK1HZAQoGu6aWxcQqJxEpOkzAtMrWoFOh0Eelr1BaB+ZGd4k5UOiGGNYp9UpCi9D+z K5up0w1/ftbLw4OwW15WahGKHXE4yaa6gTWI6h7md8aEWjTJaNNiXhCLCQ9EeQlXZjhk M+9AdiXDgGvYOgot5GgzVAVDi+/PP32mF4DqfsRGOyX3UZkUQ2COmITahoXI/TtRngN+ mU6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935434; x=1686527434; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=nr0/2P0PrhPVltPxqFEO8yZGlq+w0+NW5S2btIKs8As=; b=UnTt5ePcBdS9r3T3SyJ5vA4UMdA0oeOMagL7775fBqP5m3yMac1t5kqBn7HPEb0aku l8N8vq6lC2od77aNUp0bTSuvdY2DID/RT2Id94mHdQHjAz871yKYlozB/F+6D/iX5Rlp +Fvbl/Il1KDmo4bOMw/Ox0vDVi8psVGXUuhf+/Oxf6clMf+uzCVrD42CP92X8XYVt9c/ 7P0BHE4btYFsJgzZVWn0BDoL5KiNOSthuWY7knatFbmmvievx8dxLsS0wX+SI0sYWHO+ 7UgaMIrDUPBWMO87469iToQBRmlPaFORuzpZw2JAjAT+8+yGcVHO/vlTaGaXNuddQ+Nc ULxQ== X-Gm-Message-State: AC+VfDwHiQjKgpfUtgEADnWx3/g8BI2Yo1xMlWlpNSeH02d/6OUstHxB wU81hvJbN9JLH1OCY05+AZY0mq3AL8g= X-Google-Smtp-Source: ACHHUZ5fCcu/o8G8jp7gcUKE/IEMSr5CBYWwKcUGKW1V18cr7ZFI2S5aWNKXh3lhFT3tw6R83mDt0fyaSK8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:ca49:0:b0:55d:9484:f153 with SMTP id y9-20020a81ca49000000b0055d9484f153mr16043474ywk.7.1683935434025; Fri, 12 May 2023 16:50:34 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:10 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-3-seanjc@google.com> Subject: [PATCH v3 02/18] x86/reboot: Harden virtualization hooks for emergency reboot From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Provide dedicated helpers to (un)register virt hooks used during an emergency crash/reboot, and WARN if there is an attempt to overwrite the registered callback, or an attempt to do an unpaired unregister. Opportunsitically use rcu_assign_pointer() instead of RCU_INIT_POINTER(), mainly so that the set/unset paths are more symmetrical, but also because any performance gains from using RCU_INIT_POINTER() are meaningless for this code. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/include/asm/reboot.h | 5 +++-- arch/x86/kernel/reboot.c | 30 ++++++++++++++++++++++++------ arch/x86/kvm/vmx/vmx.c | 6 ++---- 3 files changed, 29 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index 2551baec927d..d9a38d379d18 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,8 +25,9 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 =20 -typedef void crash_vmclear_fn(void); -extern crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; +typedef void (cpu_emergency_virt_cb)(void); +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k); void cpu_emergency_disable_virtualization(void); =20 typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 299b970e5f82..739e09527dbb 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -794,17 +794,35 @@ void machine_crash_shutdown(struct pt_regs *regs) * * protected by rcu. */ -crash_vmclear_fn __rcu *crash_vmclear_loaded_vmcss; -EXPORT_SYMBOL_GPL(crash_vmclear_loaded_vmcss); +static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; + +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, callback); +} +EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); + +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) !=3D cal= lback)) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, NULL); + synchronize_rcu(); +} +EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); =20 static inline void cpu_crash_vmclear_loaded_vmcss(void) { - crash_vmclear_fn *do_vmclear_operation =3D NULL; + cpu_emergency_virt_cb *callback; =20 rcu_read_lock(); - do_vmclear_operation =3D rcu_dereference(crash_vmclear_loaded_vmcss); - if (do_vmclear_operation) - do_vmclear_operation(); + callback =3D rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); rcu_read_unlock(); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 317f72baf0c3..fc9cdb4114cc 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -8547,8 +8547,7 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr =3D false; =20 - RCU_INIT_POINTER(crash_vmclear_loaded_vmcss, NULL); - synchronize_rcu(); + cpu_emergency_unregister_virt_callback(crash_vmclear_local_loaded_vmcss); =20 vmx_cleanup_l1d_flush(); } @@ -8598,8 +8597,7 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } =20 - rcu_assign_pointer(crash_vmclear_loaded_vmcss, - crash_vmclear_local_loaded_vmcss); + cpu_emergency_register_virt_callback(crash_vmclear_local_loaded_vmcss); =20 vmx_check_vmcs12_offsets(); =20 --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2D88FC77B7F for ; Fri, 12 May 2023 23:50:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240994AbjELXut (ORCPT ); Fri, 12 May 2023 19:50:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51030 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240890AbjELXuh (ORCPT ); Fri, 12 May 2023 19:50:37 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A0CF81FC3 for ; Fri, 12 May 2023 16:50:36 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id 41be03b00d2f7-521262a6680so9677033a12.1 for ; Fri, 12 May 2023 16:50:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935436; x=1686527436; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=+s2vjHRYRtpZyb+3MD4uIyfdE2NLcpaPYwgApb/ZFNM=; b=eL4nHQSDwW7gmn00vvldj9MYIw/3vl4sCi/gnCCZSk6YcH5PAXQT7/IXU9zbw1lNI9 z+L1Zy318WhArTc/IZwxY2CV/HxE6817Z6q5II4naCiKmZwRCydxx9BFa3lSMUkDWQXs uQTqwaP1wdkQmPAB+fuSO33FjSoWj/+WsZ5JB83+H3v3s5puS+/LPVNmUvWnx9bcX9RF AYH5XguXq4T2STOgcQIcPxf6BixVfX46SeQfMIqlMJ9k08ja3rveKxzZUzkpQuNLnvcn oENOWnPIVaCFGgVgYvMUxe6OMGVjh3GK8kO3QPex+mbdBytrp1xOd2AfIy8LFooshtE4 fe+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935436; x=1686527436; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+s2vjHRYRtpZyb+3MD4uIyfdE2NLcpaPYwgApb/ZFNM=; b=bm0k1oJSL7RPpuclSmmCY47f52OLG+1YlVxrJMxFEiXOwjaPD1OKbOwdXnBvUyfvRO lyweH9Wj8Unp8k6zGZm5zArm5w0MsSbmUuIcgmJ96mIixXHHG4s6NRY06vptXvzcq6Ey 1BpO+fjx6DQRlh4kWrmA9DLRNyOddrKPmd2apVE/exHyqqLUYTR6iSYlwy+TmoiIVOhT kMLMWQEtAK7MqchaSgxHdaRz+h/P2ZybLKb2dRqgBJKW4P8dA/eLLRnrOmIBaM2YvdaL rrKWKqj5LLPWevsHAc5kjRWwk11lUC4mlqoCeO0mmnjYUGBSABQ/XEQ5Dped1XGu6pPO 0U0Q== X-Gm-Message-State: AC+VfDyu5f4KckAYhw2vmfxM4m8NDnaxS5vgTfxH3suD77OY8PRUl8eE oOIPnxNNbiDQ+hVMzHGxzQeJ8TGPX9s= X-Google-Smtp-Source: ACHHUZ7YCOK7NeYCRWfTly2nekYy4l2odBN0e7AOiKGNjhSjgZdoa73xpxS+RBUYSn0lbsw0WS09kiQdiYg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:28c6:0:b0:520:bbac:7c4e with SMTP id bs189-20020a6328c6000000b00520bbac7c4emr7385721pgb.9.1683935436148; Fri, 12 May 2023 16:50:36 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:11 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-4-seanjc@google.com> Subject: [PATCH v3 03/18] x86/reboot: KVM: Handle VMXOFF in KVM's reboot callback From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Use KVM VMX's reboot/crash callback to do VMXOFF in an emergency instead of manually and blindly doing VMXOFF. There's no need to attempt VMXOFF if a hypervisor, i.e. KVM, isn't loaded/active, i.e. if the CPU can't possibly be post-VMXON. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 10 ---------- arch/x86/kernel/reboot.c | 29 +++++++++-------------------- arch/x86/kvm/vmx/vmx.c | 8 +++++--- 3 files changed, 14 insertions(+), 33 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 3b12e6b99412..5bc29fab15da 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -70,16 +70,6 @@ static inline void __cpu_emergency_vmxoff(void) cpu_vmxoff(); } =20 -/** Disable VMX if it is supported and enabled on the current CPU - */ -static inline void cpu_emergency_vmxoff(void) -{ - if (cpu_has_vmx()) - __cpu_emergency_vmxoff(); -} - - - =20 /* * SVM functions: diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 739e09527dbb..0cf2261c2dec 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -787,13 +787,7 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif =20 -/* - * This is used to VMCLEAR all VMCSs loaded on the - * processor. And when loading kvm_intel module, the - * callback function pointer will be assigned. - * - * protected by rcu. - */ +/* RCU-protected callback to disable virtualization prior to reboot. */ static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; =20 void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) @@ -815,17 +809,6 @@ void cpu_emergency_unregister_virt_callback(cpu_emerge= ncy_virt_cb *callback) } EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); =20 -static inline void cpu_crash_vmclear_loaded_vmcss(void) -{ - cpu_emergency_virt_cb *callback; - - rcu_read_lock(); - callback =3D rcu_dereference(cpu_emergency_virt_callback); - if (callback) - callback(); - rcu_read_unlock(); -} - /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu =3D -1; =20 @@ -836,9 +819,15 @@ int crashing_cpu =3D -1; */ void cpu_emergency_disable_virtualization(void) { - cpu_crash_vmclear_loaded_vmcss(); + cpu_emergency_virt_cb *callback; =20 - cpu_emergency_vmxoff(); + rcu_read_lock(); + callback =3D rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); + rcu_read_unlock(); + + /* KVM_AMD doesn't yet utilize the common callback. */ cpu_emergency_svm_disable(); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index fc9cdb4114cc..76cdb189f1b5 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -744,7 +744,7 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } =20 -static void crash_vmclear_local_loaded_vmcss(void) +static void vmx_emergency_disable(void) { int cpu =3D raw_smp_processor_id(); struct loaded_vmcs *v; @@ -752,6 +752,8 @@ static void crash_vmclear_local_loaded_vmcss(void) list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); + + __cpu_emergency_vmxoff(); } =20 static void __loaded_vmcs_clear(void *arg) @@ -8547,7 +8549,7 @@ static void __vmx_exit(void) { allow_smaller_maxphyaddr =3D false; =20 - cpu_emergency_unregister_virt_callback(crash_vmclear_local_loaded_vmcss); + cpu_emergency_unregister_virt_callback(vmx_emergency_disable); =20 vmx_cleanup_l1d_flush(); } @@ -8597,7 +8599,7 @@ static int __init vmx_init(void) pi_init_cpu(cpu); } =20 - cpu_emergency_register_virt_callback(crash_vmclear_local_loaded_vmcss); + cpu_emergency_register_virt_callback(vmx_emergency_disable); =20 vmx_check_vmcs12_offsets(); =20 --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76D38C7EE25 for ; Fri, 12 May 2023 23:50:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241078AbjELXuy (ORCPT ); Fri, 12 May 2023 19:50:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51110 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240906AbjELXuk (ORCPT ); Fri, 12 May 2023 19:50:40 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 245C140ED for ; Fri, 12 May 2023 16:50:38 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id d2e1a72fcca58-643aad3bbf3so5464094b3a.0 for ; Fri, 12 May 2023 16:50:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935437; x=1686527437; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=/jmBez73RsnuS+uU/xiNQiFMzjYNw0oV2iJF3mbgvJ0=; b=xlRxYqTPR40AEoqZn/L6lxwwX9jASAhxh5BJ5/+5IZF9h4us7R3K362Avf7/wX0IcA XTozwVsltuizAmLhIaW3V3/21m8bc73W8EZrhnFEUFojSwvZ7LUDqY+bvD9ru1AX3dKO 3ckkn9O26SKBX0x9uwUd++Tk3Jd2jrWNd2OCjimqKsp62OdmL9Yw2VrLsjKpUYgGdIv8 NwoqiH0UDdzPyG2QqKyzIxBUM3G6PM2lfN1HYpbsW/ELVvGhofKPj+IwwQ4AGX0NGDr3 w2Le63AVJ0fMXR33ixFj7na0sT9Yg5wSWbImsdoBS0QVDLO0t/VW8428aurQQH8BXPhW hhog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935437; x=1686527437; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/jmBez73RsnuS+uU/xiNQiFMzjYNw0oV2iJF3mbgvJ0=; b=b3x+I5fiSmBV/vkW8Zn+wleBfQvTpMvWbZZSu7ODTKykZHh2GHhnVI0CHBPvosWgwh KGxBwvMBVFAFE/6xqizsjpdFlfQj8ONctW47hW9rcF2mpxFQbTYEKV5wBLrt72xhA4aZ YDp4lJOT+XAxfY1sFlB6HvxRBPl+bHr7BDGYAv3zUqsNfpdqAhHLVxiX8j0nxBvz+S8g vl62kzjM3BmQo/rg7zApPKSc6brOGWTZcl4rK8w+hppKkbnlauZP3s2SfYE4oVWC6xMv AbVLUWxesQkL0R+iGowGiZ9gqZVOGI1MEy+dYnBAAh2uv/w6wtA1fHiGsHky35j2+ArF w/4Q== X-Gm-Message-State: AC+VfDxw1gdfYuAdGz1EX40kUpbWGMeAHy0hQi6LzjI5vAzBGfehEffp PLOf4mKMRIrdRBfB4VrRHSX/UNGjRQQ= X-Google-Smtp-Source: ACHHUZ6TWHazXiZOhV3QRVyclx3u8oyy3vtvy+owJF/RtDMeFsLh/zrVPtZPdDtRyNHbm9QOLl8WMmX7aFU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:7d6:b0:624:5886:4b4b with SMTP id n22-20020a056a0007d600b0062458864b4bmr6850731pfu.5.1683935437710; Fri, 12 May 2023 16:50:37 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:12 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-5-seanjc@google.com> Subject: [PATCH v3 04/18] x86/reboot: KVM: Disable SVM during reboot via virt/KVM reboot callback From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Use the virt callback to disable SVM (and set GIF=3D1) during an emergency instead of blindly attempting to disable SVM. Like the VMX case, if a hypervisor, i.e. KVM, isn't loaded/active, SVM can't be in use. Signed-off-by: Sean Christopherson Acked-by: Kai Huang --- arch/x86/include/asm/virtext.h | 8 -------- arch/x86/kernel/reboot.c | 3 --- arch/x86/kvm/svm/svm.c | 19 +++++++++++++++++-- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index 5bc29fab15da..aaed66249ccf 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -133,12 +133,4 @@ static inline void cpu_svm_disable(void) } } =20 -/** Makes sure SVM is disabled, if it is supported on the CPU - */ -static inline void cpu_emergency_svm_disable(void) -{ - if (cpu_has_svm(NULL)) - cpu_svm_disable(); -} - #endif /* _ASM_X86_VIRTEX_H */ diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 0cf2261c2dec..92b380e199a3 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -826,9 +826,6 @@ void cpu_emergency_disable_virtualization(void) if (callback) callback(); rcu_read_unlock(); - - /* KVM_AMD doesn't yet utilize the common callback. */ - cpu_emergency_svm_disable(); } =20 #if defined(CONFIG_SMP) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index eb308c9994f9..0f0d04900bf2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -38,6 +38,7 @@ #include #include #include +#include #include =20 #include @@ -568,6 +569,11 @@ void __svm_write_tsc_multiplier(u64 multiplier) preempt_enable(); } =20 +static void svm_emergency_disable(void) +{ + cpu_svm_disable(); +} + static void svm_hardware_disable(void) { /* Make sure we clean up behind us */ @@ -5184,6 +5190,13 @@ static struct kvm_x86_init_ops svm_init_ops __initda= ta =3D { .pmu_ops =3D &amd_pmu_ops, }; =20 +static void __svm_exit(void) +{ + kvm_x86_vendor_exit(); + + cpu_emergency_unregister_virt_callback(svm_emergency_disable); +} + static int __init svm_init(void) { int r; @@ -5197,6 +5210,8 @@ static int __init svm_init(void) if (r) return r; =20 + cpu_emergency_register_virt_callback(svm_emergency_disable); + /* * Common KVM initialization _must_ come last, after this, /dev/kvm is * exposed to userspace! @@ -5209,14 +5224,14 @@ static int __init svm_init(void) return 0; =20 err_kvm_init: - kvm_x86_vendor_exit(); + __svm_exit(); return r; } =20 static void __exit svm_exit(void) { kvm_exit(); - kvm_x86_vendor_exit(); + __svm_exit(); } =20 module_init(svm_init) --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36FDFC77B7F for ; Fri, 12 May 2023 23:51:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240726AbjELXu6 (ORCPT ); Fri, 12 May 2023 19:50:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51112 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240898AbjELXus (ORCPT ); Fri, 12 May 2023 19:50:48 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 339E935A6 for ; Fri, 12 May 2023 16:50:40 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-ba71ed074ceso5953360276.0 for ; Fri, 12 May 2023 16:50:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935439; x=1686527439; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=qe0nkbWmCyKJWkQTDDVLIYD5KqVMDGWynhMHlJu7zeU=; b=kuAgRvu3zYo75pMBLrsRWnCeJ6ZWtulbQUnM7oeEwamoK+Zc5KgVon4oD78DPBbWJ/ paP5o3BlKZZai9QliuryvolqTkGnu7dwmvN5aXHU3vA0cBm836XGpDkcL6uzXYYSKsFE It71ivzWEZpyzTW73EHv5HbVEhM12XFcE6/pv4EugGd2+YoD4xnLzrjMAgYuXFTUuMsF lLfsSpC7gfP9BS+ss0xjTpZ9LEvne+rjriNsbVTIewGLvyChSUM7vy6aSV0AJnC/aFov qqUnJMNuqephjTPbZtNpuyzV2BJKXtsnUedsBl5q1DlogroDOv5wa4Xp09Eo2ab1Uzln WbRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935439; x=1686527439; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qe0nkbWmCyKJWkQTDDVLIYD5KqVMDGWynhMHlJu7zeU=; b=BthjzqUdnjBTsbCg7cqRhRyQTMcqY+L+b4uk2jqUrDtPkt4mgQsLJBur5cCA3o3cuL ic9LGFrkjHnqUCoUelduZYBuQrxRsNomQIvKaMnEvTZWVQKBnR1PjADMY9Ud/NRsliyh PNFIPAAFdyVIj+L6JmSOF75vg1M3NG6PegOOhh8VVSxluxjENRu6DXCHxWHr1cHfVU6n 1mOflE3LUzfDStmxzs0UBFY8nC3Q8SbdMVwxMo80ml59JdCciIMVlBVswbgBeWg16Vas fb7vYopJWoVKe5qaeImSRYyY8bOB8XAsyfYOVkF3sk9IUyQjEWJ8SsJk6BSgg+5GbBEv YUow== X-Gm-Message-State: AC+VfDzVZSrnTgwoTAZmp69GF6elYD6wWlyk4qplXNiD/5QRb1QYGrIC mYwhnL8qjc/t0wFinZQo925LHOi2NJM= X-Google-Smtp-Source: ACHHUZ6MgC4/o0S6diyWnfqcy1rtJCbXK7+pyhMdZw0rPyM78v2GBCE10SqJ/Z4EPnuBcnGBn9PVTM/I59c= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:78ce:0:b0:55d:9e7c:72c0 with SMTP id t197-20020a8178ce000000b0055d9e7c72c0mr17732359ywc.0.1683935439368; Fri, 12 May 2023 16:50:39 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:13 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-6-seanjc@google.com> Subject: [PATCH v3 05/18] x86/reboot: Disable virtualization during reboot iff callback is registered From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Attempt to disable virtualization during an emergency reboot if and only if there is a registered virt callback, i.e. iff a hypervisor (KVM) is active. If there's no active hypervisor, then the CPU can't be operating with VMX or SVM enabled (barring an egregious bug). Note, IRQs are disabled, which prevents KVM from coming along and enabling virtualization after the fact. Signed-off-by: Sean Christopherson --- arch/x86/kernel/reboot.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 92b380e199a3..20f7bdabc52e 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -22,7 +22,6 @@ #include #include #include -#include #include #include #include @@ -545,7 +544,7 @@ static void emergency_reboot_disable_virtualization(voi= d) * Do the NMI shootdown even if virtualization is off on _this_ CPU, as * other CPUs may have virtualization enabled. */ - if (cpu_has_vmx() || cpu_has_svm(NULL)) { + if (rcu_access_pointer(cpu_emergency_virt_callback)) { /* Safely force _this_ CPU out of VMX/SVM operation. */ cpu_emergency_disable_virtualization(); =20 --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06FFFC77B7C for ; Fri, 12 May 2023 23:51:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241167AbjELXvF (ORCPT ); Fri, 12 May 2023 19:51:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51108 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240999AbjELXuu (ORCPT ); Fri, 12 May 2023 19:50:50 -0400 Received: from mail-pf1-x44a.google.com (mail-pf1-x44a.google.com [IPv6:2607:f8b0:4864:20::44a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D32164204 for ; Fri, 12 May 2023 16:50:41 -0700 (PDT) Received: by mail-pf1-x44a.google.com with SMTP id d2e1a72fcca58-643fdfb437aso37898819b3a.0 for ; Fri, 12 May 2023 16:50:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935441; x=1686527441; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=0PGjBuYsH+qENFwlP6YIflCQgyh/+jY7Rp+4isY3uAw=; b=IpfXQKDNfq33fpp3TPAvdomMbm4Tbp6Xj0gdNAonYxvAp7JiZH8DmMQtZ9srWRapbz uC7LCmu5T5/VGui1txQ58MH0oCADW5St/+sfDoVIdQXRmFDLDMqeb+YXOELs57FobABo W2VW19HXHMjvv7XhXhLW/3HE5P/QkjRtL+OavFPe7HpQtrOtUGG9nau0a9TrCMXLj/j9 HgpwQhjgvU153Dot5mlhrfTuKsstno+0N2i/DoQQh31g90SbOl2XZqe9Lh6QhQ1EWwxN vYiHuv0qOtY5g2x/zkKecxGT0507wZyf4a0QiN2eJOil/pkK5+ime7jlXipteWR+kVjL aHYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935441; x=1686527441; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0PGjBuYsH+qENFwlP6YIflCQgyh/+jY7Rp+4isY3uAw=; b=Unv891HwcDPnsCikyLomAUQRp13toYvNt/FAxcoODsvkfoEXL4yr8/BjvNB2PyHOjz 2BPRpayKTYopVrhhORu9x3EXEx9qCjNlyAXKmVR+UJzB6VP3QM2AgikNc+VSFAj6DF5E 64sDj+lJZbPfh3Txf/XWNyJD8DgSoTIQHRL+zB5ynvlvkwJyooMluHLmXKvW/CLuR7xQ Te8+fmACN5dPtoKLRx2x0nFEwis9GlLkpsHQSzJQYeiXas1o3SCpR5aX02/EcvrlXTkH KWVSFaILnU2eHUnSiYicOpJ8lV+j0wFJFGSUnLfVxZetg/KENvOsix3Qv7XLQ2j0KsO8 W3vA== X-Gm-Message-State: AC+VfDxvQQNrxfe+/LCYrZLIWoi97b2Vu4mWmMkbi6HQScRXdiWDwjIP TEXGvorLmB/wtbAMXJOdzs9d9EDPBmo= X-Google-Smtp-Source: ACHHUZ5015X5VBKKDq2a5Ifaz7FuNszYa68VWUi9ZcPvMRinIm3wMD/xCPEGT9Zo2IVcHCQEnAWdclNi+W0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90a:6f81:b0:24b:6d01:584a with SMTP id e1-20020a17090a6f8100b0024b6d01584amr8598399pjk.0.1683935441288; Fri, 12 May 2023 16:50:41 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:14 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-7-seanjc@google.com> Subject: [PATCH v3 06/18] x86/reboot: Assert that IRQs are disabled when turning off virtualization From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Assert that IRQs are disabled when turning off virtualization in an emergency. KVM enables hardware via on_each_cpu(), i.e. could re-enable hardware if a pending IPI were delivered after disabling virtualization. Remove a misleading comment from emergency_reboot_disable_virtualization() about "just" needing to guarantee the CPU is stable (see above). Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/kernel/reboot.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 20f7bdabc52e..fddfea5f1d20 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -531,7 +531,6 @@ static inline void nmi_shootdown_cpus_on_restart(void); =20 static void emergency_reboot_disable_virtualization(void) { - /* Just make sure we won't change CPUs while doing this */ local_irq_disable(); =20 /* @@ -820,6 +819,13 @@ void cpu_emergency_disable_virtualization(void) { cpu_emergency_virt_cb *callback; =20 + /* + * IRQs must be disabled as KVM enables virtualization in hardware via + * function call IPIs, i.e. IRQs need to be disabled to guarantee + * virtualization stays disabled. + */ + lockdep_assert_irqs_disabled(); + rcu_read_lock(); callback =3D rcu_dereference(cpu_emergency_virt_callback); if (callback) --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EC594C7EE24 for ; Fri, 12 May 2023 23:51:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240946AbjELXv3 (ORCPT ); Fri, 12 May 2023 19:51:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51698 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241047AbjELXuv (ORCPT ); Fri, 12 May 2023 19:50:51 -0400 Received: from mail-yw1-x1149.google.com (mail-yw1-x1149.google.com [IPv6:2607:f8b0:4864:20::1149]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0EC7C9EFA for ; Fri, 12 May 2023 16:50:44 -0700 (PDT) Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-559ffd15df9so171524397b3.3 for ; Fri, 12 May 2023 16:50:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935443; x=1686527443; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=XrP26l12dblklnP33ZoJ42tkdCuUxCksg2I7hVQj90o=; b=t3l3UThP2dJQk781dgfm6ckxPk0wInH63kNwS1OxOB5doCeMhOaQ3QCXkQXvuUOA22 f500PigbQpIBdH2L/iV9XKXKmJBE5MSuSvQPGDjtyzUbExUbv/sIzHHFD8tUjK52BCI0 Y+UQneyRIAprJu6zNMgiQ7+5VC9LUoyyAgYLFz2IPzVqdrQFmyu7zqrD528/W/QvjSCz p4IyB3q3+NIIppbhu+S9j9P4m/QenC8u7xxgvihHzvBMezKm8ffOtRi3dn9ayb6slaPk NqjANNiGDzr1vrweDks4SWJ6Xs/zvvsU82qGHDybQx1cmHSVayh1VoU3yVv/OeK3VYc5 vipw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935443; x=1686527443; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=XrP26l12dblklnP33ZoJ42tkdCuUxCksg2I7hVQj90o=; b=JqJfkYrUXBU6WKbNfhjM6maDL6ycs7wvIwXmLfu5RyPphWhGGSnmhq09RFqKaJyBao HrII/A4irOdW4A8hR1dWJplBrUnQGscI9nqcYxtYhH66em6/cdlZ/TIUU1YzEURzVZbj tRrBOyjqHIZz46fQIS4BNU9FyFyNBUCvzftjhUy0EEmHX6IFqAYo+DqyDle/vmQA5+zy bKILQUXNm+uHnAs4OS1EA01jYXxgILdSJN2JC3UUVXbxTNLxAkgHWjrsACo26pAIh0of 7AJcs5ROZRay542WBF5adqTJHrjZPcnQu15uER6DO4VmY0spVmBBeswiFlzQ175S8SNb aBoQ== X-Gm-Message-State: AC+VfDxSa0yQhDk32E1lDo0kPwzl2iZ9VckqyUQTIJm6vBlvsK1JZ/Be +lMMzjX2M9w05zH/vL2OC3VAsTf5o78= X-Google-Smtp-Source: ACHHUZ6M2e4Ssla5r6FTjmFpHe6ltl5bE07hk4DQg/mz/hvAn1S6vuXVAqtyoscKHvcT/LmMkGccQQCY/Ak= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a81:c70a:0:b0:55d:6af3:1e2c with SMTP id m10-20020a81c70a000000b0055d6af31e2cmr15498070ywi.3.1683935443126; Fri, 12 May 2023 16:50:43 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:15 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-8-seanjc@google.com> Subject: [PATCH v3 07/18] x86/reboot: Hoist "disable virt" helpers above "emergency reboot" path From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move the various "disable virtualization" helpers above the emergency reboot path so that emergency_reboot_disable_virtualization() can be stubbed out in a future patch if neither KVM_INTEL nor KVM_AMD is enabled, i.e. if there is no in-tree user of CPU virtualization. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/kernel/reboot.c | 90 ++++++++++++++++++++-------------------- 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index fddfea5f1d20..493d66e59a4f 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -529,6 +529,51 @@ static inline void kb_wait(void) =20 static inline void nmi_shootdown_cpus_on_restart(void); =20 +/* RCU-protected callback to disable virtualization prior to reboot. */ +static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; + +void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, callback); +} +EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); + +void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k) +{ + if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) !=3D cal= lback)) + return; + + rcu_assign_pointer(cpu_emergency_virt_callback, NULL); + synchronize_rcu(); +} +EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); + +/* + * Disable virtualization, i.e. VMX or SVM, to ensure INIT is recognized d= uring + * reboot. VMX blocks INIT if the CPU is post-VMXON, and SVM blocks INIT = if + * GIF=3D0, i.e. if the crash occurred between CLGI and STGI. + */ +void cpu_emergency_disable_virtualization(void) +{ + cpu_emergency_virt_cb *callback; + + /* + * IRQs must be disabled as KVM enables virtualization in hardware via + * function call IPIs, i.e. IRQs need to be disabled to guarantee + * virtualization stays disabled. + */ + lockdep_assert_irqs_disabled(); + + rcu_read_lock(); + callback =3D rcu_dereference(cpu_emergency_virt_callback); + if (callback) + callback(); + rcu_read_unlock(); +} + static void emergency_reboot_disable_virtualization(void) { local_irq_disable(); @@ -785,54 +830,9 @@ void machine_crash_shutdown(struct pt_regs *regs) } #endif =20 -/* RCU-protected callback to disable virtualization prior to reboot. */ -static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; - -void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback) -{ - if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback))) - return; - - rcu_assign_pointer(cpu_emergency_virt_callback, callback); -} -EXPORT_SYMBOL_GPL(cpu_emergency_register_virt_callback); - -void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k) -{ - if (WARN_ON_ONCE(rcu_access_pointer(cpu_emergency_virt_callback) !=3D cal= lback)) - return; - - rcu_assign_pointer(cpu_emergency_virt_callback, NULL); - synchronize_rcu(); -} -EXPORT_SYMBOL_GPL(cpu_emergency_unregister_virt_callback); - /* This is the CPU performing the emergency shutdown work. */ int crashing_cpu =3D -1; =20 -/* - * Disable virtualization, i.e. VMX or SVM, to ensure INIT is recognized d= uring - * reboot. VMX blocks INIT if the CPU is post-VMXON, and SVM blocks INIT = if - * GIF=3D0, i.e. if the crash occurred between CLGI and STGI. - */ -void cpu_emergency_disable_virtualization(void) -{ - cpu_emergency_virt_cb *callback; - - /* - * IRQs must be disabled as KVM enables virtualization in hardware via - * function call IPIs, i.e. IRQs need to be disabled to guarantee - * virtualization stays disabled. - */ - lockdep_assert_irqs_disabled(); - - rcu_read_lock(); - callback =3D rcu_dereference(cpu_emergency_virt_callback); - if (callback) - callback(); - rcu_read_unlock(); -} - #if defined(CONFIG_SMP) =20 static nmi_shootdown_cb shootdown_callback; --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06A21C77B7F for ; Fri, 12 May 2023 23:51:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241002AbjELXvd (ORCPT ); Fri, 12 May 2023 19:51:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51874 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241139AbjELXu5 (ORCPT ); Fri, 12 May 2023 19:50:57 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 03B3F8A57 for ; Fri, 12 May 2023 16:50:45 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id 41be03b00d2f7-52883b49dabso5839444a12.2 for ; Fri, 12 May 2023 16:50:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935444; x=1686527444; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=/1IPICvf7oBSkQ+FrPIawf/Mg2EXS+lcMpbXqr7FjNI=; b=TymfnqyOMHELbo2UfU2++anjDyQ5g/Fd3TGS65R1rGGjB5ZdpTRVOXWGPFiLTKxtrv wyJwbLAFaG+N5fESRVELoolS3Ul5LAUQJUBqoWxGuaYg7kIBA6li7RU69Y3DVPBExuRj Gz1TmaQpvxIm8yq8J96nz+Oy0ixKCzQ/92URbshs0tQynmouaoSlkYRkCUGvL2dQZLnw OURA4pD1v+JIREOhUZ+cjyPIOh2nkk+u0EgwbQhEgrifasOJ4LgFsX1ONtqhrf8PM17V yzAx6U/uE7gXlrCYy1lBNHL4CGo0tog2DdHnZmEY9831+q9P6JXpZGiTnNjxJAmQpWnJ aatA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935444; x=1686527444; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=/1IPICvf7oBSkQ+FrPIawf/Mg2EXS+lcMpbXqr7FjNI=; b=E/tnDqcGhZvgieYbEi+r/vKYwerja5V7rosXWH1FNpNnERMb2zrnK/DordGAuLhE6T /DLXHLbIG4iqT3imh+rOKuCi8eSHA99WL1/FTollRro7q93fGqZyln0idfzHCshAygu3 MDLlG7Si8PMgzvvKkJ2/RmyWfZl+5Vhjvq+lyTjUBkaVUnQb6wrPQ+JBuV8Le6auiRPi E67ISpg551cyUJSVD3z3+ETvs1l8FIKv9ZjPH6u20RYd7kIT9vdPXjUWkHkbhUMrqiyq DkKLvqPEF0Qkuoo5hv3gp6aEaiv14ZgolZEEN91RYjO+D7cbXYw7h8lnIjMLZXsYTbLB PiCA== X-Gm-Message-State: AC+VfDy9g9z3igb2pE6TMdd55tIccrFjTY8qHiiDSvEmtr/VgzmjCR6B C7e/wIBlHFZO7bxTRwaO1IALCPBnxhk= X-Google-Smtp-Source: ACHHUZ4NkybXz2S8sZ+f7jfd9GQ8/ArkxwtmNPQiM8HUXTMa0NPm7uvWK7LDMj15Q8ugWGuQHxy6T5Nx4TM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:8ac1:0:b0:52c:8878:65dc with SMTP id y184-20020a638ac1000000b0052c887865dcmr7791562pgd.1.1683935444712; Fri, 12 May 2023 16:50:44 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:16 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-9-seanjc@google.com> Subject: [PATCH v3 08/18] x86/reboot: Expose VMCS crash hooks if and only if KVM_{INTEL,AMD} is enabled From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Expose the crash/reboot hooks used by KVM to disable virtualization in hardware and unblock INIT only if there's a potential in-tree user, i.e. either KVM_INTEL or KVM_AMD is enabled. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/include/asm/reboot.h | 4 ++++ arch/x86/kernel/reboot.c | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/reboot.h b/arch/x86/include/asm/reboot.h index d9a38d379d18..9cf0b21bf495 100644 --- a/arch/x86/include/asm/reboot.h +++ b/arch/x86/include/asm/reboot.h @@ -25,10 +25,14 @@ void __noreturn machine_real_restart(unsigned int type); #define MRR_BIOS 0 #define MRR_APM 1 =20 +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) typedef void (cpu_emergency_virt_cb)(void); void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); void cpu_emergency_unregister_virt_callback(cpu_emergency_virt_cb *callbac= k); void cpu_emergency_disable_virtualization(void); +#else +static inline void cpu_emergency_disable_virtualization(void) {} +#endif /* CONFIG_KVM_INTEL || CONFIG_KVM_AMD */ =20 typedef void (*nmi_shootdown_cb)(int, struct pt_regs*); void nmi_panic_self_stop(struct pt_regs *regs); diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c index 493d66e59a4f..6818d8de85a1 100644 --- a/arch/x86/kernel/reboot.c +++ b/arch/x86/kernel/reboot.c @@ -529,6 +529,7 @@ static inline void kb_wait(void) =20 static inline void nmi_shootdown_cpus_on_restart(void); =20 +#if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) /* RCU-protected callback to disable virtualization prior to reboot. */ static cpu_emergency_virt_cb __rcu *cpu_emergency_virt_callback; =20 @@ -596,7 +597,9 @@ static void emergency_reboot_disable_virtualization(voi= d) nmi_shootdown_cpus_on_restart(); } } - +#else +static void emergency_reboot_disable_virtualization(void) { } +#endif /* CONFIG_KVM_INTEL || CONFIG_KVM_AMD */ =20 void __attribute__((weak)) mach_reboot_fixups(void) { --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B0EA4C77B7C for ; Fri, 12 May 2023 23:51:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240870AbjELXvt (ORCPT ); Fri, 12 May 2023 19:51:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52324 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241229AbjELXvX (ORCPT ); Fri, 12 May 2023 19:51:23 -0400 Received: from mail-pg1-x549.google.com (mail-pg1-x549.google.com [IPv6:2607:f8b0:4864:20::549]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 80493D2E2 for ; Fri, 12 May 2023 16:50:47 -0700 (PDT) Received: by mail-pg1-x549.google.com with SMTP id 41be03b00d2f7-52c6c5dc988so5385956a12.2 for ; Fri, 12 May 2023 16:50:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935447; x=1686527447; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=lyO1h6O2hb1pX3gn73w8KZmEZqmVC2QRk75jhJzJfVE=; b=wYkLcQKCZAyiB+e+wRWpBW2sIHjDWES7SvFhMvvMkN06r8GJlzTrfxA4MZ7jTRcfER c/Wu+zs1epFfWscax+7n5JjFNFNjbpf7P3l5WaZVpw1BuCcD1uchmQZUNlq5qjybJOVu 9GLMHNfZUgePcRtV97872noY/g9bokUnvt5KgW805N/ymGUTa79KMO4dkXik1Is2h8so cl6Oq6CWj5W7cw1SgoCtW4pmgGHhj7f70oQId5TEdEDIzXoumgvytWGMlB6wVA/EDBQa Bwex+LWzuVC6lJAzrVfsEN6/ElMdSdDEA0Y8Kx7ByzyCKklfW8gkn9FZEWZAfq5g7LJ8 KKag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935447; x=1686527447; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=lyO1h6O2hb1pX3gn73w8KZmEZqmVC2QRk75jhJzJfVE=; b=Q3+sTEqJPFO9AJKz0rv6DxtyssbyENTflyfPTXc1IZZcwQKKo9vuerQw8DlP/pJGRy q7R5daG1BqkCmfRqzYch8t/pXLF7Jhjy4p60gqs7Eu0Z/fb28Ir5EqrM0MBdsnMvbkS9 N8T83mPHJKMGmrkB31wX9BLMpFlGDgZyTRuOsnryk0zc/fD45cx0JoT8sh1V4iyiykcg Qb/ZqYw2ri0Wek0WyatWn2e0Gr2qzpYSbJlAqQh7nQMtg0Rh0ZKkPXqyQYLF4Bi6CSY4 S+if7ubRcRowlKcvhMv3mZcnKAV+BDyOlMIU4quSN9XFc7oIpM5mMJZNHWG9CdOdqGUz HRIg== X-Gm-Message-State: AC+VfDwaP9x+uyREAM+agVgJo0UjWgq+YkcBZ1vwzpNnO2mFx4KOVzpM XGN9X62v6tEcJ3waoi10rN6zbzVLiu8= X-Google-Smtp-Source: ACHHUZ6pQB3SGwwZM/VN0XltNzg7WZNvA7eV4Dzb40H6hnaJ0k54EUK2xrUWfHHCqVRIGMwVF3mIjLXXV38= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a63:5f54:0:b0:51b:3c11:fb17 with SMTP id t81-20020a635f54000000b0051b3c11fb17mr684496pgb.12.1683935446804; Fri, 12 May 2023 16:50:46 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:17 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-10-seanjc@google.com> Subject: [PATCH v3 09/18] x86/virt: KVM: Open code cpu_has_vmx() in KVM VMX From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Fold the raw CPUID check for VMX into kvm_is_vmx_supported(), its sole user. Keep the check even though KVM also checks X86_FEATURE_VMX, as the intent is to provide a unique error message if VMX is unsupported by hardware, whereas X86_FEATURE_VMX may be clear due to firmware and/or kernel actions. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 10 ---------- arch/x86/kvm/vmx/vmx.c | 2 +- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index aaed66249ccf..b1171a5ad452 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -22,14 +22,6 @@ /* * VMX functions: */ - -static inline int cpu_has_vmx(void) -{ - unsigned long ecx =3D cpuid_ecx(1); - return test_bit(5, &ecx); /* CPUID.1:ECX.VMX[bit 5] -> VT */ -} - - /** * cpu_vmxoff() - Disable VMX on the current CPU * @@ -61,8 +53,6 @@ static inline int cpu_vmx_enabled(void) } =20 /** Disable VMX if it is enabled on the current CPU - * - * You shouldn't call this if cpu_has_vmx() returns 0. */ static inline void __cpu_emergency_vmxoff(void) { diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 76cdb189f1b5..f44f93772b4f 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2721,7 +2721,7 @@ static bool kvm_is_vmx_supported(void) { int cpu =3D raw_smp_processor_id(); =20 - if (!cpu_has_vmx()) { + if (!(cpuid_ecx(1) & feature_bit(VMX))) { pr_err("VMX not supported by CPU %d\n", cpu); return false; } --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 85463C77B7F for ; Fri, 12 May 2023 23:52:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241568AbjELXwB (ORCPT ); Fri, 12 May 2023 19:52:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52466 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241342AbjELXv3 (ORCPT ); Fri, 12 May 2023 19:51:29 -0400 Received: from mail-pg1-x54a.google.com (mail-pg1-x54a.google.com [IPv6:2607:f8b0:4864:20::54a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 63F97D876 for ; Fri, 12 May 2023 16:50:50 -0700 (PDT) Received: by mail-pg1-x54a.google.com with SMTP id 41be03b00d2f7-517baf1bc93so9671582a12.0 for ; Fri, 12 May 2023 16:50:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935448; x=1686527448; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=hI6HUK88ajDFBZywtDFlInISuvBrIM7YiPfSco4ddZU=; b=S3ZOGuBgFCPTdkJqL5D1ohiGQSYto1Citkxnx7iZrwQ1O+OKJrEBBJZDjc4CDp/g9y lw0wbED+SW3RlJm//T51IFB1tlAMVJdQkFXEAgQBM7CwLfi7gLbTPm/YgMf/GYgQf6JA nhLjgqxOwdRP9PRZJzFwRmHte0XjKgLUjze9N6+toz53zCc1n7TZGtdivlHnjYrTO0h4 QjYtwcucRhyLA/TQV39bIC+Gsrg2V55+xHR7WE38i8WLHmEXUOYX0Zu1WZGlZw6QIr8G ESAV0nMFZSCI4XW+MK//mEH68yMqkMNNxGnrnlk5sFO8lf2uyxogXVyUTtKD+KdRiMh1 dufA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935448; x=1686527448; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=hI6HUK88ajDFBZywtDFlInISuvBrIM7YiPfSco4ddZU=; b=B/C8nwlYSQvJbwiIGUhz/hOdfXcuwT//ufLEfVZurXWwaNJFSpz6EzrBpI2mWPOHbM oDlCB+qhBoq7SVZIUTP/VCH5PZlV46AyQXzxPlVzD0AL4eyhjk6IVWak+Y/w0tiQvtBz pbYZjh3c5Gn6XIbT2BuxWCFJjERv+2gRjVtjiPMqxb45Wn+dxzRFNqu7ONWE4FRGyhNJ pzN0jjUjyN9I39K/UpA05p5V4K8OpMT+0qAc3OfH6v00cxqC58mC3Bnbowakj1croYf/ cbQFOcf913lPlJ/CnTHYqai2bB3jp2ViyYkcIGFOYIcFYzJD4EyywOh/0vQzq3ur4WG+ +DCA== X-Gm-Message-State: AC+VfDxc69JEb3EY34xVMqN2BFJN0UvR1R0YUyFujCTMAXhckGqJsSXU LwuUpRfUNYEIPwLlVy9vgGpZsOHVLLA= X-Google-Smtp-Source: ACHHUZ6849GFR+yGj04lZIuGIWx0Nl8Ife/1fJ2YqWbkKfswx9jtop//tY1IpFOQw/i0I6AjVK2NN+Cu8YA= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:fe8b:b0:1ac:a39a:135a with SMTP id x11-20020a170902fe8b00b001aca39a135amr4433453plm.11.1683935448368; Fri, 12 May 2023 16:50:48 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:18 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-11-seanjc@google.com> Subject: [PATCH v3 10/18] x86/virt: KVM: Move VMXOFF helpers into KVM VMX From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that VMX is disabled in emergencies via the virt callbacks, move the VMXOFF helpers into KVM, the only remaining user. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/include/asm/virtext.h | 42 ---------------------------------- arch/x86/kvm/vmx/vmx.c | 29 ++++++++++++++++++++--- 2 files changed, 26 insertions(+), 45 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index b1171a5ad452..a27801f2bc71 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -19,48 +19,6 @@ #include #include =20 -/* - * VMX functions: - */ -/** - * cpu_vmxoff() - Disable VMX on the current CPU - * - * Disable VMX and clear CR4.VMXE (even if VMXOFF faults) - * - * Note, VMXOFF causes a #UD if the CPU is !post-VMXON, but it's impossibl= e to - * atomically track post-VMXON state, e.g. this may be called in NMI conte= xt. - * Eat all faults as all other faults on VMXOFF faults are mode related, i= .e. - * faults are guaranteed to be due to the !post-VMXON check unless the CPU= is - * magically in RM, VM86, compat mode, or at CPL>0. - */ -static inline int cpu_vmxoff(void) -{ - asm_volatile_goto("1: vmxoff\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "cc", "memory" : fault); - - cr4_clear_bits(X86_CR4_VMXE); - return 0; - -fault: - cr4_clear_bits(X86_CR4_VMXE); - return -EIO; -} - -static inline int cpu_vmx_enabled(void) -{ - return __read_cr4() & X86_CR4_VMXE; -} - -/** Disable VMX if it is enabled on the current CPU - */ -static inline void __cpu_emergency_vmxoff(void) -{ - if (cpu_vmx_enabled()) - cpu_vmxoff(); -} - - /* * SVM functions: */ diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f44f93772b4f..e00dba166a9e 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -47,7 +47,6 @@ #include #include #include -#include #include =20 #include "capabilities.h" @@ -744,6 +743,29 @@ static int vmx_set_guest_uret_msr(struct vcpu_vmx *vmx, return ret; } =20 +/* + * Disable VMX and clear CR4.VMXE (even if VMXOFF faults) + * + * Note, VMXOFF causes a #UD if the CPU is !post-VMXON, but it's impossibl= e to + * atomically track post-VMXON state, e.g. this may be called in NMI conte= xt. + * Eat all faults as all other faults on VMXOFF faults are mode related, i= .e. + * faults are guaranteed to be due to the !post-VMXON check unless the CPU= is + * magically in RM, VM86, compat mode, or at CPL>0. + */ +static int kvm_cpu_vmxoff(void) +{ + asm_volatile_goto("1: vmxoff\n\t" + _ASM_EXTABLE(1b, %l[fault]) + ::: "cc", "memory" : fault); + + cr4_clear_bits(X86_CR4_VMXE); + return 0; + +fault: + cr4_clear_bits(X86_CR4_VMXE); + return -EIO; +} + static void vmx_emergency_disable(void) { int cpu =3D raw_smp_processor_id(); @@ -753,7 +775,8 @@ static void vmx_emergency_disable(void) loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); =20 - __cpu_emergency_vmxoff(); + if (__read_cr4() & X86_CR4_VMXE) + kvm_cpu_vmxoff(); } =20 static void __loaded_vmcs_clear(void *arg) @@ -2821,7 +2844,7 @@ static void vmx_hardware_disable(void) { vmclear_local_loaded_vmcss(); =20 - if (cpu_vmxoff()) + if (kvm_cpu_vmxoff()) kvm_spurious_fault(); =20 hv_reset_evmcs(); --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E7928C77B7C for ; Fri, 12 May 2023 23:52:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241576AbjELXwE (ORCPT ); Fri, 12 May 2023 19:52:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51874 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240904AbjELXva (ORCPT ); Fri, 12 May 2023 19:51:30 -0400 Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D5760AD3F for ; Fri, 12 May 2023 16:50:51 -0700 (PDT) Received: by mail-pj1-x1049.google.com with SMTP id 98e67ed59e1d1-25017576284so5358959a91.3 for ; Fri, 12 May 2023 16:50:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935450; x=1686527450; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=LxDcS09oj97Wx6mpqCitfgO/wEihL/zs3WwclzJXVrs=; b=3UXj1nizRj4oLlTnGsYo1jkyfL9mkU7aP/AxzLjzcVWd8MZkQxCNMnS23/8RJLUodw ok0SC36DquJdKQxN0hVH2pSrfB/YpQoZ+CuGE0RKez4/PELDoIiFFBzGqSy72J+ABaaq GWVTkuyWWe6Tawuv1GiXVa+yG8hjXRwVLP72B8xy5qR/7Hdii+1lAGNeR5AzErGSj8m9 gwg8AQX2Ds6B/Uah4Wo0jc/YRzmzCj0Cnbuf2MQ8taXsF9E035Mhg+npjUwXrmSfYxXv Diw7E7tGb2lO1KIw4MRr1dv/yBVPkPcpcpc06jetvGRD/CVzjuA/1axT0GN8S+Tn5KGZ rGsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935450; x=1686527450; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LxDcS09oj97Wx6mpqCitfgO/wEihL/zs3WwclzJXVrs=; b=XMQt9YVm50ebgQ7FMzr9FYLlZgaJn2gdbJqRmodwi0YEgV/Frw1Ar9lywiYcyG0q85 E4g9+fjRBKje5PH7PDE1lHDdz+TIVb4+5h1rWngBVvSe/QrVdPdeNZBIrLmFastsw9+i MXVz+/eQ1HHrEZ0+QfhgK8ubFHr/x7iQ1tfCFQHBv0jUGfuMO+UotyG/R1l5zh/Dyas8 PaLVl7T19fN7YMp97uEt7KHQ9fPKNq2t8aF9qNqITVn51YSs51VfPln8733rkrrT7pb4 yHO0pAACQEWcGrsrspNBTegBaLqdq+RIZJmLTILALLX8MWtfimrLYAITFNrX0g8Xs5T1 koMA== X-Gm-Message-State: AC+VfDwU5S4CZIX+/uabBpGnUfz0ce9EZg9/sSTnlkqRFK3HoB+pbnNQ 5JgkciLbgvvctb0uKGzQOb+eROHhIhY= X-Google-Smtp-Source: ACHHUZ48zczwBDKdvB3sWp2+ob+YdKHROmTh6zcvA3LCitTa2KUmje9WaICS5+vDj+EmmtaYbGyho3TFxQ4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:482:b0:244:9147:ee20 with SMTP id bh2-20020a17090b048200b002449147ee20mr8107720pjb.0.1683935450341; Fri, 12 May 2023 16:50:50 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:19 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-12-seanjc@google.com> Subject: [PATCH v3 11/18] KVM: SVM: Make KVM_AMD depend on CPU_SUP_AMD or CPU_SUP_HYGON From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Make building KVM SVM support depend on support for AMD or Hygon. KVM already effectively restricts SVM support to AMD and Hygon by virtue of the vendor string checks in cpu_has_svm(), and KVM VMX supports depends on one of its three known vendors (Intel, Centaur, or Zhaoxin). Add the CPU_SUP_HYGON clause even though CPU_SUP_HYGON selects CPU_SUP_AMD to document that KVM SVM support isn't just for AMD CPUs, and to prevent breakage should Hygon support ever become a standalone thing. Signed-off-by: Sean Christopherson --- arch/x86/kvm/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 8e578311ca9d..0d403e9b6a47 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -102,7 +102,7 @@ config X86_SGX_KVM =20 config KVM_AMD tristate "KVM for AMD processors support" - depends on KVM + depends on KVM && (CPU_SUP_AMD || CPU_SUP_HYGON) help Provides support for KVM on AMD processors equipped with the AMD-V (SVM) extensions. --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9EADDC77B7C for ; Fri, 12 May 2023 23:52:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241460AbjELXwJ (ORCPT ); Fri, 12 May 2023 19:52:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52514 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241442AbjELXvb (ORCPT ); Fri, 12 May 2023 19:51:31 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4BD103C18 for ; Fri, 12 May 2023 16:50:53 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-b9963a72fd9so23006660276.0 for ; Fri, 12 May 2023 16:50:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935452; x=1686527452; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=NGpdato6VaRWPtVy0Xb6XT86ae084/tGO9eQqIWQisY=; b=V2qg6pEosKPgYv3xz41qbCC3jZh3J/DMpqxtXWZWSdb4Ni+x0zZ5vCpcKbqxgfMZsk 4/HMGtfVm92qSukpIHjzQLbcctI/0nYPoKDz7u6Xw6EGorFkECXVGzTB42dJ6sl8IDdI GgetN+C74aBQrJerUDzJ8wNjSeIAt9ke2QK9imegSnLDhp6qzZha+dgfpGtZ+wU+5FYm RHZ30Aiz5XnUg6Gs5ATMZpbdAvPVOGrACllSwdAT1QbTvxk+M/ujU7zyw0cGhTi9tf5k d+EN5OCDl2Ox76IMlNw5CZnfSwnJF7sDQBwjp1awamDyJ6L0+AO9U6b6xWGauGtaupRY hb2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935452; x=1686527452; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=NGpdato6VaRWPtVy0Xb6XT86ae084/tGO9eQqIWQisY=; b=fZcwVAnqNETZ3P//TwssGUX2jy7mPJta3vg736CRyG6HE/73DoO+JsNbSrASgwz0/n NcBhxVpWCoArDZIK9MYKVFCNFL5CcScP5QosH8OuhMr/VLZIqvDWuzisnhd0YaZJHH/7 DDHLpVmmsUnujkzdc267VWEga1q3pG5xd2dJDp18wyvYOORMpKwsHR3H35sK/8QiliL9 Lk12ruArtM2D66AHTaDmOoIJ4er5AdWNEdf8Lv9pJ68dPqv1v2RpN0HxfjJ8hngGxuln UcmtGDaMO+A95hUVVmiUbyeOlp+W916MQCki9zAdqW1uQyKEnplDyHaWuzcr2IZ3b7iA HwrA== X-Gm-Message-State: AC+VfDzAkc5idGzEmSgnTfnDRUQSNMCVIr01U9ekxbntI8xNamDP+WMJ 0guwkhdoHTsU3E29D3aTOYPyCC8nzhw= X-Google-Smtp-Source: ACHHUZ6rQgl83+ScHZSi2/PDJHLoq1j4+/LxtgMXAergNcCdWFhZr9rrfgNmnsB6NfpnpRo5P74OuUDuLWU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:32cf:0:b0:ba6:d183:5541 with SMTP id y198-20020a2532cf000000b00ba6d1835541mr3493648yby.5.1683935452176; Fri, 12 May 2023 16:50:52 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:20 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-13-seanjc@google.com> Subject: [PATCH v3 12/18] x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Drop the explicit check on the extended CPUID level in cpu_has_svm(), the kernel's cached CPUID info will leave the entire SVM leaf unset if said leaf is not supported by hardware. Prior to using cached information, the check was needed to avoid false positives due to Intel's rather crazy CPUID behavior of returning the values of the maximum supported leaf if the specified leaf is unsupported. Fixes: 682a8108872f ("x86/kvm/svm: Simplify cpu_has_svm()") Signed-off-by: Sean Christopherson --- arch/x86/include/asm/virtext.h | 6 ------ 1 file changed, 6 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index a27801f2bc71..be50c414efe4 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -39,12 +39,6 @@ static inline int cpu_has_svm(const char **msg) return 0; } =20 - if (boot_cpu_data.extended_cpuid_level < SVM_CPUID_FUNC) { - if (msg) - *msg =3D "can't execute cpuid_8000000a"; - return 0; - } - if (!boot_cpu_has(X86_FEATURE_SVM)) { if (msg) *msg =3D "svm not available"; --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9CEDAC77B7C for ; Fri, 12 May 2023 23:52:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241199AbjELXwN (ORCPT ); Fri, 12 May 2023 19:52:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51092 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241009AbjELXvn (ORCPT ); Fri, 12 May 2023 19:51:43 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C2E797EF1 for ; Fri, 12 May 2023 16:50:55 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id d2e1a72fcca58-643a9203dc2so5875555b3a.1 for ; Fri, 12 May 2023 16:50:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935454; x=1686527454; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=839Y/eRG8ebRjLuqi9Xn56iowlHDe8a0i2iqlO12mSc=; b=Gxu8ziQlfAlImSLHaPweZ+D4csyuikvy5ZGANEpKqYFv+GCEw8rBzatdOyzXvcrFlk khDmOjPXJOscRRcJ4R+I7+n+jt7SDqmKLS4p0LlsbDkXhrOtZ4PHBO0Rff66Sy3Y3f+p V1wIP9Im3C+Xh84d9suaPmW5FwvG0SU/hUV5/Xa8QTxMqPUUWw2DMi61KC6OBUQzTCzO V6Z3U+WAy2Iwz+uaQ0bRYQc/w/wAmnOI5SdSSLBKSltWgM7Ke2x6I8L34N+CpoPsx6fL yFor3M/l6L/c2FCl5sOOU2wqq/vQ1ehh17O8fWMXxmTnGYrJ0meqSa5rl9neC+fERQ0Y VzWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935454; x=1686527454; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=839Y/eRG8ebRjLuqi9Xn56iowlHDe8a0i2iqlO12mSc=; b=Cwxu78ukfuuKSoAow2+szFE79j2WMJ34qJ872cSfVHmoVj8fbp7igXdn2sNpofKaW6 Mkwb6lmXpiiDd+GpiByMh/w3crh9lnBq/edndIYLFlBybrBfpRZ4ynPH2yqs9aO22Abd By+9X/CB04WMJUbW5FTsvL4I6Jbcsn8hb76XcPES7qFqvtB1X2v1iDQZZlX5JUVeRB/V M5Hg8qtmUJsHknMwrtrdIRl/tA5rCyCWawK8E68QoHcjrJGm4iZDTYkmNptaISrinfgg mi0OSEcz/3QYEwmVTnz/LdtK9z0MZIIMqY7+bAFAMLsfAiLL7FjwUiCKUwHQ5Bfaf9oN b9jQ== X-Gm-Message-State: AC+VfDz6D6Nv00gFXji5vxeLGu+YT9eGpOQW2LR9c9JhLa9ElmA6hfSQ Ye6nG5yjvphbX/kC0t9y6ALkUDS7BYc= X-Google-Smtp-Source: ACHHUZ4mHtECRrnVPp35jcjFcnGMuNIxlAKsj1ry/R/WdzRVKO2if/+73EmH3/wtXXem7OK9+uq0pdG6t2w= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:be7:b0:641:31b1:e781 with SMTP id x39-20020a056a000be700b0064131b1e781mr7243898pfu.5.1683935453980; Fri, 12 May 2023 16:50:53 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:21 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-14-seanjc@google.com> Subject: [PATCH v3 13/18] x86/virt: KVM: Open code cpu_has_svm() into kvm_is_svm_supported() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Fold the guts of cpu_has_svm() into kvm_is_svm_supported(), its sole remaining user. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/include/asm/virtext.h | 28 ---------------------------- arch/x86/kvm/svm/svm.c | 11 ++++++++--- 2 files changed, 8 insertions(+), 31 deletions(-) diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h index be50c414efe4..632575e257d8 100644 --- a/arch/x86/include/asm/virtext.h +++ b/arch/x86/include/asm/virtext.h @@ -22,35 +22,7 @@ /* * SVM functions: */ - -/** Check if the CPU has SVM support - * - * You can use the 'msg' arg to get a message describing the problem, - * if the function returns zero. Simply pass NULL if you are not interested - * on the messages; gcc should take care of not generating code for - * the messages on this case. - */ -static inline int cpu_has_svm(const char **msg) -{ - if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_AMD && - boot_cpu_data.x86_vendor !=3D X86_VENDOR_HYGON) { - if (msg) - *msg =3D "not amd or hygon"; - return 0; - } - - if (!boot_cpu_has(X86_FEATURE_SVM)) { - if (msg) - *msg =3D "svm not available"; - return 0; - } - return 1; -} - - /** Disable SVM on the current CPU - * - * You should call this only if cpu_has_svm() returned true. */ static inline void cpu_svm_disable(void) { diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 0f0d04900bf2..b347173b4e29 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -526,11 +526,16 @@ static void svm_init_osvw(struct kvm_vcpu *vcpu) static bool kvm_is_svm_supported(void) { int cpu =3D raw_smp_processor_id(); - const char *msg; u64 vm_cr; =20 - if (!cpu_has_svm(&msg)) { - pr_err("SVM not supported by CPU %d, %s\n", cpu, msg); + if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_AMD && + boot_cpu_data.x86_vendor !=3D X86_VENDOR_HYGON) { + pr_err("CPU %d isn't AMD or Hygon\n", cpu); + return false; + } + + if (!boot_cpu_has(X86_FEATURE_SVM)) { + pr_err("SVM not supported by CPU %d\n", cpu); return false; } =20 --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1737BC77B7C for ; Fri, 12 May 2023 23:52:31 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241646AbjELXw1 (ORCPT ); Fri, 12 May 2023 19:52:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52424 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241055AbjELXvu (ORCPT ); Fri, 12 May 2023 19:51:50 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 10BE0DDB4 for ; Fri, 12 May 2023 16:51:09 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id 98e67ed59e1d1-24e3e52228cso5750091a91.1 for ; Fri, 12 May 2023 16:51:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935455; x=1686527455; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=GHUYV32ME1G34t9dLxIdgC9KAsI3wgHSef3OtvHGUi0=; b=uhvP9GADu6S2ysvZ4kh5xkuiPjuKVJRMq0PLpWZGHB4wN8ed+iVJWoHLk2ep7fROUS IJycgzlSDI8KEjSYA7mhEkmYSTSRapx9HtpLQpyiXnYjv4PIH3g1bQjbPE3jFf8lpkt5 Gz78mLJDvk26m0aoygfQSTni1RV6EEk702oXX0lbtARIPa5i+nG1qe/9p8WYi7EXQ4ci sWm00cWad9ylKiwTdJF0lEvU75K1r2JFScJziAkNIJO6xRwg3MMPi7Tas8rH0Q4N5lv+ D3uIq9/OHxMY191f2bHbcVrxhuqdvgJLL6xlE8p5uPUNNs0RStLkt4Bg59filrO+q2W+ Hz3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935455; x=1686527455; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=GHUYV32ME1G34t9dLxIdgC9KAsI3wgHSef3OtvHGUi0=; b=OnG8QQuLLC82zQBy5nT6MKQWuaC2lqKsdPha0bZDmnNG0Nmgg8tgY/tQ7mtWLHv4Xa MhxzHCc7n82DXPkH4b41xDlgXixNE3NaLDPHSNTts1dQgSfdfgNO+5z08e4hfFD7QA+k i+aGEy5JL4dZjicOhraMEh94c3JDMHJ6hcPfAlvk5V3ZJiQk0ahqw8bWF6rN8e391c2S JI6WbFMhrzpOAE6HUb0kP1cQllHm2vgJPahfQlxoA7qOCKDS3WDT4NQc3g2x+D7MceTO zvzJN83uRlphFt9x5wA8/x2Mx11MrFNM4EDHmceN/BUVMstJcXBfb2awZdphgBm0G1m6 9ZoA== X-Gm-Message-State: AC+VfDy4oxXZuLMRDE5mPEsNP7QkZX+R9YaAHUOSPAfzIzyysYckvDoG nX7qOyE0EggzU4IXOCHqZVVTzU9Kx6U= X-Google-Smtp-Source: ACHHUZ5Q/Sy2dSoFMDVllQliE/fb5qz6zq0oSCa0U5wcU+tF+6w0q8dnUNsC+gKScE1N5jOd94K19SP9wn8= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:8d1:b0:252:7118:4711 with SMTP id ds17-20020a17090b08d100b0025271184711mr2723466pjb.5.1683935455774; Fri, 12 May 2023 16:50:55 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:22 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-15-seanjc@google.com> Subject: [PATCH v3 14/18] KVM: SVM: Check that the current CPU supports SVM in kvm_is_svm_supported() From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Check "this" CPU instead of the boot CPU when querying SVM support so that the per-CPU checks done during hardware enabling actually function as intended, i.e. will detect issues where SVM isn't support on all CPUs. Disable migration for the use from svm_init() mostly so that the standard accessors for the per-CPU data can be used without getting yelled at by CONFIG_DEBUG_PREEMPT=3Dy sanity checks. Preventing the "disabled by BIOS" error message from reporting the wrong CPU is largely a bonus, as ensuring a stable CPU during module load is a non-goal for KVM. Link: https://lore.kernel.org/all/ZAdxNgv0M6P63odE@google.com Cc: Kai Huang Cc: Chao Gao Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/kvm/svm/svm.c | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b347173b4e29..cf5f3880751b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -523,18 +523,20 @@ static void svm_init_osvw(struct kvm_vcpu *vcpu) vcpu->arch.osvw.status |=3D 1; } =20 -static bool kvm_is_svm_supported(void) +static bool __kvm_is_svm_supported(void) { - int cpu =3D raw_smp_processor_id(); + int cpu =3D smp_processor_id(); + struct cpuinfo_x86 *c =3D &cpu_data(cpu); + u64 vm_cr; =20 - if (boot_cpu_data.x86_vendor !=3D X86_VENDOR_AMD && - boot_cpu_data.x86_vendor !=3D X86_VENDOR_HYGON) { + if (c->x86_vendor !=3D X86_VENDOR_AMD && + c->x86_vendor !=3D X86_VENDOR_HYGON) { pr_err("CPU %d isn't AMD or Hygon\n", cpu); return false; } =20 - if (!boot_cpu_has(X86_FEATURE_SVM)) { + if (!cpu_has(c, X86_FEATURE_SVM)) { pr_err("SVM not supported by CPU %d\n", cpu); return false; } @@ -553,9 +555,20 @@ static bool kvm_is_svm_supported(void) return true; } =20 +static bool kvm_is_svm_supported(void) +{ + bool supported; + + migrate_disable(); + supported =3D __kvm_is_svm_supported(); + migrate_enable(); + + return supported; +} + static int svm_check_processor_compat(void) { - if (!kvm_is_svm_supported()) + if (!__kvm_is_svm_supported()) return -EIO; =20 return 0; --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6EB0FC77B7F for ; Fri, 12 May 2023 23:52:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241690AbjELXwb (ORCPT ); Fri, 12 May 2023 19:52:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51862 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241517AbjELXvw (ORCPT ); Fri, 12 May 2023 19:51:52 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 35013E70C for ; Fri, 12 May 2023 16:51:11 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-b99ef860a40so19172656276.3 for ; Fri, 12 May 2023 16:51:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935457; x=1686527457; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=sWKYMGr2xJR5IkyvgfWnlRd3TuGoEqGQxpAcHPUuLoI=; b=pUFGPT8lQ/LC3slZ956Xv7B1EbQcOcDYHNbvmRed8G+Le657DuRdLRZOVt0MdmVd4I Ydyl2I7r3wRIsI9SBdGP/i7lA6jlxdWsd2nnSlVhhRwfFMEi3aWHHPZbLriGmNXAdatO y1QH+u5Rsz5HtwQa0+g9efSul3Ejkhs6kB2v3+tIgB5h4Gphu9atedH6s20V6Rleo9ij 0onVurt26IiMBUNlAwa4atSJ6MHZW1YOXTek0iRKvIc8TJxqPOwG+PQEA2lg6sq+RlKC NviqAuSbp1Feg1HWSoekLlYHG3wDxReFRYbYdrNAra3LWjMnEr7dpHt73A7XCp7CdtTs OS0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935457; x=1686527457; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sWKYMGr2xJR5IkyvgfWnlRd3TuGoEqGQxpAcHPUuLoI=; b=AWW+czNxf1EMWhvhyZTfT8FZgZawu5cmtODk/QPGoYHKRcRJeCnSU/iTOsLGqb20+9 2zdXv4dTPJVYeaodLTw7C1JIEGTEYRMnf8XILqx297fOX2YhRrjuXFPVN7HKBI8Tbsgl 7m54+oRaQHe/vYcpqlyvy107I4CfefNBSvt/k1VN0F54egpe/S3V+qmR4bfME1x8s2sp PX2QFXSq1/tOGRD+8KYy1CkeA5wCiWCQNgnf8Kxt8p9Df4v9gsYCcyXEi6hKUQOYbLwc 2Kr3yAoy8oyIUZUnXUxccDu9Fx8FIq33KiFm822Co8n8jpY0t0Dxny/4FwJHsh4EZLGM SNuw== X-Gm-Message-State: AC+VfDw6kkqX2+onWh3IsAqp3L9hXxQ4PHz5pqPu4ke+pS9VXyanfBF9 oiyfqF+ouUzyfR1ldzyV8EQ2f1Z7KWE= X-Google-Smtp-Source: ACHHUZ5P5eG1O2xh6I7DcS6GbbsgmunLQLCRTjOmBv0eEmZAGkZ0ZzGU2KFmbbzlScMpsBjgZnG+lvB442A= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:db0e:0:b0:ba7:1878:5279 with SMTP id g14-20020a25db0e000000b00ba718785279mr1398905ybf.4.1683935457377; Fri, 12 May 2023 16:50:57 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:23 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-16-seanjc@google.com> Subject: [PATCH v3 15/18] KVM: VMX: Ensure CPU is stable when probing basic VMX support From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Disable migration when probing VMX support during module load to ensure the CPU is stable, mostly to match similar SVM logic, where allowing migration effective requires deliberately writing buggy code. As a bonus, KVM won't report the wrong CPU to userspace if VMX is unsupported, but in practice that is a very, very minor bonus as the only way that reporting the wrong CPU would actually matter is if hardware is broken or if the system is misconfigured, i.e. if KVM gets migrated from a CPU that _does_ support VMX to a CPU that does _not_ support VMX. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/kvm/vmx/vmx.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index e00dba166a9e..008914396180 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2740,9 +2740,9 @@ static int setup_vmcs_config(struct vmcs_config *vmcs= _conf, return 0; } =20 -static bool kvm_is_vmx_supported(void) +static bool __kvm_is_vmx_supported(void) { - int cpu =3D raw_smp_processor_id(); + int cpu =3D smp_processor_id(); =20 if (!(cpuid_ecx(1) & feature_bit(VMX))) { pr_err("VMX not supported by CPU %d\n", cpu); @@ -2758,13 +2758,24 @@ static bool kvm_is_vmx_supported(void) return true; } =20 +static bool kvm_is_vmx_supported(void) +{ + bool supported; + + migrate_disable(); + supported =3D __kvm_is_vmx_supported(); + migrate_enable(); + + return supported; +} + static int vmx_check_processor_compat(void) { int cpu =3D raw_smp_processor_id(); struct vmcs_config vmcs_conf; struct vmx_capability vmx_cap; =20 - if (!kvm_is_vmx_supported()) + if (!__kvm_is_vmx_supported()) return -EIO; =20 if (setup_vmcs_config(&vmcs_conf, &vmx_cap) < 0) { --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60387C77B7F for ; Fri, 12 May 2023 23:52:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240912AbjELXwm (ORCPT ); Fri, 12 May 2023 19:52:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52462 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241301AbjELXv6 (ORCPT ); Fri, 12 May 2023 19:51:58 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 20057E719 for ; Fri, 12 May 2023 16:51:16 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id 3f1490d57ef6-ba69d93a6b5so6415306276.1 for ; Fri, 12 May 2023 16:51:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935459; x=1686527459; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=KGKAnySlWtkvOAmbXxK2nlX19G10s26Qrw8fOC1mwIY=; b=xSptbPlAmdBo3OoV/lCpZzZM3pkZJe4U21Afu0d5tN2bwXkPEValyNtS1oEWn+XSbv sddtILRUbr35bNgtJCqHWHVCTZuJK4YUQGqsvtkMdbHnBPRtVcEgEVQP5WUj5aq/p/Fe EMHqkeMn2A+c73IsL9bazRv44DPi4+wbcSkO27qRDKC4+1DNxjVhdD2whZ7Etl30iCzq V7if3TNYXP7wmXBA4s5axBA9bvm1slAgM5s6SLgLjOkzr0KujZ7P+tQWaRx/8ZyHx4Jn 8CM32tr9uvqMHKRQhRvPjgImjU4WjHw7ctslGis+z1TBI89xg4LUA4HStSs4TXGNDFmV RFMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935459; x=1686527459; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KGKAnySlWtkvOAmbXxK2nlX19G10s26Qrw8fOC1mwIY=; b=Di7oatcCaNV5CwlJgVxYnS1JTCs+lKZF5cQcIFXMOyGNpStFSdcbaMS4mtWZ7g8ngr O9QgsjuK2+B1ImK92Hp4BxVYbCgOpH0gTskmtmHqBg+DeV1iDgBmBqWYfDFV8ilgp0SS sf+uqnd3A+Oz8fUFOmWuPVjhutfgcrmzA5YR5F3dhH3yNr6Xh4IZDutYYmSBVnXmdv/t GR9p7IcP77//yawkoYwCvJrR3q2CQ9oCdYTg2f/n8d1lPlATcIUvoIcEGfZomgq+Lpf9 Z8jz55xv5A3+MmOirdHtXXhc4ORfr7pzxWVAi7aZlfYL+j+eCug9pkByOD6jdIgr+c/F lb5g== X-Gm-Message-State: AC+VfDyMkR9lnVeO9u/yjC1HQ318br38qN+WKPVKyCzJNTztztPgwH+P 0juaqNPfGwWUynifq/iEqx+r7pAhzLo= X-Google-Smtp-Source: ACHHUZ6bBFVSrUuklgMDoFuwtCNwdtWGXarWaTlMpuS4Uei0RmmQyl9n5X2oX0HUPA0T5TVgW/DWQSOLPTM= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:180b:b0:b1d:5061:98e3 with SMTP id cf11-20020a056902180b00b00b1d506198e3mr15831702ybb.6.1683935459101; Fri, 12 May 2023 16:50:59 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:24 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-17-seanjc@google.com> Subject: [PATCH v3 16/18] x86/virt: KVM: Move "disable SVM" helper into KVM SVM From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move cpu_svm_disable() into KVM proper now that all hardware virtualization management is routed through KVM. Remove the now-empty virtext.h. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/include/asm/virtext.h | 50 ---------------------------------- arch/x86/kvm/svm/svm.c | 28 +++++++++++++++++-- 2 files changed, 25 insertions(+), 53 deletions(-) delete mode 100644 arch/x86/include/asm/virtext.h diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h deleted file mode 100644 index 632575e257d8..000000000000 --- a/arch/x86/include/asm/virtext.h +++ /dev/null @@ -1,50 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* CPU virtualization extensions handling - * - * This should carry the code for handling CPU virtualization extensions - * that needs to live in the kernel core. - * - * Author: Eduardo Habkost - * - * Copyright (C) 2008, Red Hat Inc. - * - * Contains code from KVM, Copyright (C) 2006 Qumranet, Inc. - */ -#ifndef _ASM_X86_VIRTEX_H -#define _ASM_X86_VIRTEX_H - -#include - -#include -#include -#include - -/* - * SVM functions: - */ -/** Disable SVM on the current CPU - */ -static inline void cpu_svm_disable(void) -{ - uint64_t efer; - - wrmsrl(MSR_VM_HSAVE_PA, 0); - rdmsrl(MSR_EFER, efer); - if (efer & EFER_SVME) { - /* - * Force GIF=3D1 prior to disabling SVM to ensure INIT and NMI - * aren't blocked, e.g. if a fatal error occurred between CLGI - * and STGI. Note, STGI may #UD if SVM is disabled from NMI - * context between reading EFER and executing STGI. In that - * case, GIF must already be set, otherwise the NMI would have - * been blocked, so just eat the fault. - */ - asm_volatile_goto("1: stgi\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "memory" : fault); -fault: - wrmsrl(MSR_EFER, efer & ~EFER_SVME); - } -} - -#endif /* _ASM_X86_VIRTEX_H */ diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index cf5f3880751b..2cc195d95d32 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -41,7 +41,6 @@ #include #include =20 -#include #include "trace.h" =20 #include "svm.h" @@ -587,9 +586,32 @@ void __svm_write_tsc_multiplier(u64 multiplier) preempt_enable(); } =20 +static inline void kvm_cpu_svm_disable(void) +{ + uint64_t efer; + + wrmsrl(MSR_VM_HSAVE_PA, 0); + rdmsrl(MSR_EFER, efer); + if (efer & EFER_SVME) { + /* + * Force GIF=3D1 prior to disabling SVM to ensure INIT and NMI + * aren't blocked, e.g. if a fatal error occurred between CLGI + * and STGI. Note, STGI may #UD if SVM is disabled from NMI + * context between reading EFER and executing STGI. In that + * case, GIF must already be set, otherwise the NMI would have + * been blocked, so just eat the fault. + */ + asm_volatile_goto("1: stgi\n\t" + _ASM_EXTABLE(1b, %l[fault]) + ::: "memory" : fault); +fault: + wrmsrl(MSR_EFER, efer & ~EFER_SVME); + } +} + static void svm_emergency_disable(void) { - cpu_svm_disable(); + kvm_cpu_svm_disable(); } =20 static void svm_hardware_disable(void) @@ -598,7 +620,7 @@ static void svm_hardware_disable(void) if (tsc_scaling) __svm_write_tsc_multiplier(SVM_TSC_RATIO_DEFAULT); =20 - cpu_svm_disable(); + kvm_cpu_svm_disable(); =20 amd_pmu_disable_virt(); } --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1EC52C77B7C for ; Fri, 12 May 2023 23:52:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241094AbjELXwf (ORCPT ); Fri, 12 May 2023 19:52:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52474 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241522AbjELXv7 (ORCPT ); Fri, 12 May 2023 19:51:59 -0400 Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7DE67E70A for ; Fri, 12 May 2023 16:51:17 -0700 (PDT) Received: by mail-pf1-x449.google.com with SMTP id d2e1a72fcca58-643842c87dbso10938665b3a.1 for ; Fri, 12 May 2023 16:51:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935460; x=1686527460; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=uTLS7GH4gIRN1PlS1PI+vIgLYG0J1IjMSATijGXdups=; b=kvQYtK4ceeq9iZaPajPCSno8Cvvhd5VB84yKUQcF9KyPXp6xW2qCq2himmqvfIWrmV XS2/4cPWvCWx/B488GJX566n8/8ilhQq/DY0YloUmQOSqBWvkuqSLRuicMKHkFbgLEH0 iHFrz2cCM4pBbAQSxkSIWK4a+ER/P+Ab7G8ulD0CZ8Be/7qNvOUkGhNRwc9i2tYYZbcQ eTTg+rc77wJkODC5XlDluglqiaCVRYPVyeUR5BrjeZ43h6NiSQA9IRt/shLAf1iU00GD zEjzDDopsLWUlIfMaEmjPlTIPse3nCvqcU0oOiHfmZ1BfK6pgwYjT5Ym/Ub1p/6CA2Sc PTQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935461; x=1686527461; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=uTLS7GH4gIRN1PlS1PI+vIgLYG0J1IjMSATijGXdups=; b=gn8mRqqsTRSefif+95wsIesL+nIxxey2BrxyvkZ21rQKoZhksiuNbLIqNB8tHoaBI5 Pv6kcApUipR1Z90G+HAJNaiPEKQJJVDSXH0sUYhesexmuVr8htOY3IyZoIrOVE+N7ZRY MnzrukBW+SX3Q4zya7GAeruqctWtAJ+EAh0/Tc66lBVa6MXrve52jFQmBmyn761QQAfC h/hPh3bcSNybxFrLHJ2Uk55UtG3MHu9F+ca7vcVJnGKwbyLIPrLFEDsV57W40fBsiIXu 4zfDe/BeeGUrOwXp5P03LQVkIjNgpMGeE4hrZCPYFXxlecHGAN7TMOHBvFY8Uzy/qHP0 fFhA== X-Gm-Message-State: AC+VfDzTabDsbcUk+Pysm2o7/Khi+YO/sKTt196QFNo+VuYPDn0X67OL 2i0TtY3Q/qIrh6o91AXIvBgmzFO8AP0= X-Google-Smtp-Source: ACHHUZ4FwMhCcIgCPfM5PBRpMD0yIf/X+GpptsjLvWUKlWl6UEbBBfCviS/y32hPpZQMovy3+EuAUfAPf9o= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a00:80dc:b0:643:85a7:b49c with SMTP id ei28-20020a056a0080dc00b0064385a7b49cmr7155796pfb.5.1683935460717; Fri, 12 May 2023 16:51:00 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:25 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-18-seanjc@google.com> Subject: [PATCH v3 17/18] KVM: x86: Force kvm_rebooting=true during emergency reboot/crash From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Set kvm_rebooting when virtualization is disabled in an emergency so that KVM eats faults on virtualization instructions even if kvm_reboot() isn't reached. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang --- arch/x86/kvm/svm/svm.c | 2 ++ arch/x86/kvm/vmx/vmx.c | 2 ++ 2 files changed, 4 insertions(+) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 2cc195d95d32..d00da133b14f 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -611,6 +611,8 @@ static inline void kvm_cpu_svm_disable(void) =20 static void svm_emergency_disable(void) { + kvm_rebooting =3D true; + kvm_cpu_svm_disable(); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 008914396180..1dec932aff21 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -771,6 +771,8 @@ static void vmx_emergency_disable(void) int cpu =3D raw_smp_processor_id(); struct loaded_vmcs *v; =20 + kvm_rebooting =3D true; + list_for_each_entry(v, &per_cpu(loaded_vmcss_on_cpu, cpu), loaded_vmcss_on_cpu_link) vmcs_clear(v->vmcs); --=20 2.40.1.606.ga4b1b128d6-goog From nobody Mon Feb 9 20:30:44 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E12EC77B7C for ; Fri, 12 May 2023 23:52:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241550AbjELXwk (ORCPT ); Fri, 12 May 2023 19:52:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241124AbjELXwA (ORCPT ); Fri, 12 May 2023 19:52:00 -0400 Received: from mail-pj1-x104a.google.com (mail-pj1-x104a.google.com [IPv6:2607:f8b0:4864:20::104a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 26C80E71A for ; Fri, 12 May 2023 16:51:20 -0700 (PDT) Received: by mail-pj1-x104a.google.com with SMTP id 98e67ed59e1d1-24deb9c5f8dso5541484a91.0 for ; Fri, 12 May 2023 16:51:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683935462; x=1686527462; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=eQC1WP9HfF32PBCDofAFgKjIRQz/i/Wsm+dGz45S7kY=; b=0z9ywKuRxK/XqqugSVuMPGre0/Po8fyCsSxJiFCIhtwbRrMCZJEhaBiGdn9Ds0ST1y aVSU/Gps3Oa+n6S6RXWn7V0u/AKgfEFdrOeLnrL60X6DkCPMxBOsXPOGC5b5S6FJnu4o UpOvqw1yFgIghLp5GskLHwrmqX0dEXdc0T/iIlFiFhCtSr6FGp+7TmLU9Kymq8+pD3J5 mSlnN8TBlcRMsE38W3JUIuDvWUOHVdUD3B51yV90RNZz0clUKn+1xhb8u6vb1/9theYc Ew069Rnx5yUTW3ew+psj0mH+WQVv1UFjm98Qw4Hb/oA/wF0+qdH+j+WgUgzlqHlUroHs +qAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683935462; x=1686527462; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eQC1WP9HfF32PBCDofAFgKjIRQz/i/Wsm+dGz45S7kY=; b=lWfQX9kPW18/A3VX4eYz9vMPrhbL2YeCDe7CLxaCsYQUn0UpPA8TBHzY+0KraVVI5t 50DoELXN2qF3ZYUIrypj85QTOcvv4ksRND7JohQvz+EUaeSWtbmb+4WGwMCKf2M6F5wO OF6phzR5ZI5MixDcnEUeTfp89sui4WEqToAQyBqZRr9BsKslVJsuVMoA1enVyNmRMDXi njHBn4t8N6GANLUGYCk+q0HgZesBqtMWFjtfegsNX4UnfvWgCjJ3eP6XtpnjzHSo2lAk GdnrYetOitVt341f2QxJLsckKB4jLUEBUvzHquU6tIHmq66SRYFrtdw5PCZunqz5dkZy 7jfw== X-Gm-Message-State: AC+VfDyrXY+s9Uxb/LQ2DWyrgG3P3s3wTkwC9M+QG7HkZraAfb76dZOe vzmmesOIK07rQAuu4W5QieDZTfTGuws= X-Google-Smtp-Source: ACHHUZ6Q5iYycxspH41azVUGb++smRyiNiIV0FKdKVgCrDxd4yD3BHLvKT9503TqoBtF75L7PEML+Y9aIJY= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:90b:148:b0:246:f99b:fd65 with SMTP id em8-20020a17090b014800b00246f99bfd65mr8097081pjb.5.1683935462688; Fri, 12 May 2023 16:51:02 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 12 May 2023 16:50:26 -0700 In-Reply-To: <20230512235026.808058-1-seanjc@google.com> Mime-Version: 1.0 References: <20230512235026.808058-1-seanjc@google.com> X-Mailer: git-send-email 2.40.1.606.ga4b1b128d6-goog Message-ID: <20230512235026.808058-19-seanjc@google.com> Subject: [PATCH v3 18/18] KVM: SVM: Use "standard" stgi() helper when disabling SVM From: Sean Christopherson To: Sean Christopherson , Paolo Bonzini Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Andrew Cooper , Kai Huang , Chao Gao Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that kvm_rebooting is guaranteed to be true prior to disabling SVM in an emergency, use the existing stgi() helper instead of open coding STGI. In effect, eat faults on STGI if and only if kvm_rebooting=3D=3Dtrue. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d00da133b14f..d94132898431 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -594,17 +594,10 @@ static inline void kvm_cpu_svm_disable(void) rdmsrl(MSR_EFER, efer); if (efer & EFER_SVME) { /* - * Force GIF=3D1 prior to disabling SVM to ensure INIT and NMI - * aren't blocked, e.g. if a fatal error occurred between CLGI - * and STGI. Note, STGI may #UD if SVM is disabled from NMI - * context between reading EFER and executing STGI. In that - * case, GIF must already be set, otherwise the NMI would have - * been blocked, so just eat the fault. + * Force GIF=3D1 prior to disabling SVM, e.g. to ensure INIT and + * NMI aren't blocked. */ - asm_volatile_goto("1: stgi\n\t" - _ASM_EXTABLE(1b, %l[fault]) - ::: "memory" : fault); -fault: + stgi(); wrmsrl(MSR_EFER, efer & ~EFER_SVME); } } --=20 2.40.1.606.ga4b1b128d6-goog