From nobody Mon Sep 16 19:39:23 2024 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1824119DFA6 for ; Thu, 25 Jul 2024 17:52:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721929963; cv=none; b=Ke3VK49rRdHTnAOWUAqYpsNallt69/fnwto5JTzBq7LNaZjvmhE5SH6YRFLy84v85/SvQi8Q8C72GKqCwEGhwyrT/xbVFZ2BgEXzgcyneVuo77iolXNByOpMfrBPZVCpWcb9nlSuefc5PQJFfefFtp2HUP7YAUJfbSXYeTCQGHY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721929963; c=relaxed/simple; bh=bF/RmDC1muiFR8b68LnasEDMNOGIh57mHfNhH/TZ9IA=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=TvqS8Esnx5QTXF3PaqTaqZrXpNLy7vN4xynk+2KpJleVrqqtiH+cGYROzv/ahHy6p+Gg4oxMQpU4j7COa5R4ph3fgu4Z+yIfZXqaKsS5fOsmv2RoN5HttUMps3dv45yV4kSKRKowcPcoQXVt0nXM3xQvN+DWTimsMQqmEJr0A/U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=EUgLYSbA; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="EUgLYSbA" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721929960; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=G0JDlgx4JpEKNjMRaudEG0UhuNLw5CjvqTILvNGGv58=; b=EUgLYSbAtONrXeA3WLVZPEj1NygcmMYFqt+d3th2dlBGm9ZcxBl7ukQ/yxaJy202A2RMN1 ooz29BRDN7lwBmhylQlkPi1C05VCKaQiaZB8GlC+vTeduiEa/0j9Sr4qIXtIFM3FplVbmP 0jgbewkifeGQ54Ap3jfbgxsdgy13fWg= Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-632-Wz2a5VeHOWeFiTS8-v5N9A-1; Thu, 25 Jul 2024 13:52:39 -0400 X-MC-Unique: Wz2a5VeHOWeFiTS8-v5N9A-1 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 014D61944B2E; Thu, 25 Jul 2024 17:52:38 +0000 (UTC) Received: from starship.lan (unknown [10.22.8.132]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 927383000194; Thu, 25 Jul 2024 17:52:35 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Sean Christopherson , Dave Hansen , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , linux-kernel@vger.kernel.org, Paolo Bonzini , x86@kernel.org, Maxim Levitsky Subject: [PATCH v3 1/2] KVM: nVMX: use vmx_segment_cache_clear Date: Thu, 25 Jul 2024 13:52:31 -0400 Message-Id: <20240725175232.337266-2-mlevitsk@redhat.com> In-Reply-To: <20240725175232.337266-1-mlevitsk@redhat.com> References: <20240725175232.337266-1-mlevitsk@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 Content-Type: text/plain; charset="utf-8" in prepare_vmcs02_rare, call vmx_segment_cache_clear instead of setting segment_cache.bitmask directly. No functional change intended. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/vmx/nested.c | 3 ++- arch/x86/kvm/vmx/vmx.c | 4 ---- arch/x86/kvm/vmx/vmx.h | 5 +++++ 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 643935a0f70a..b0e5d80da941 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2469,6 +2469,7 @@ static void prepare_vmcs02_rare(struct vcpu_vmx *vmx,= struct vmcs12 *vmcs12) =20 if (!hv_evmcs || !(hv_evmcs->hv_clean_fields & HV_VMX_ENLIGHTENED_CLEAN_FIELD_GUEST_GRP2)) { + vmcs_write16(GUEST_ES_SELECTOR, vmcs12->guest_es_selector); vmcs_write16(GUEST_CS_SELECTOR, vmcs12->guest_cs_selector); vmcs_write16(GUEST_SS_SELECTOR, vmcs12->guest_ss_selector); @@ -2506,7 +2507,7 @@ static void prepare_vmcs02_rare(struct vcpu_vmx *vmx,= struct vmcs12 *vmcs12) vmcs_writel(GUEST_GDTR_BASE, vmcs12->guest_gdtr_base); vmcs_writel(GUEST_IDTR_BASE, vmcs12->guest_idtr_base); =20 - vmx->segment_cache.bitmask =3D 0; + vmx_segment_cache_clear(vmx); } =20 if (!hv_evmcs || !(hv_evmcs->hv_clean_fields & diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index b3c83c06f826..fa9f307d9b18 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -524,10 +524,6 @@ static const struct kvm_vmx_segment_field { VMX_SEGMENT_FIELD(LDTR), }; =20 -static inline void vmx_segment_cache_clear(struct vcpu_vmx *vmx) -{ - vmx->segment_cache.bitmask =3D 0; -} =20 static unsigned long host_idt_base; =20 diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 7b64e271a931..1689f0d59f43 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -755,4 +755,9 @@ static inline bool vmx_can_use_ipiv(struct kvm_vcpu *vc= pu) return lapic_in_kernel(vcpu) && enable_ipiv; } =20 +static inline void vmx_segment_cache_clear(struct vcpu_vmx *vmx) +{ + vmx->segment_cache.bitmask =3D 0; +} + #endif /* __KVM_X86_VMX_H */ --=20 2.26.3 From nobody Mon Sep 16 19:39:23 2024 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 85E4219DF62 for ; Thu, 25 Jul 2024 17:52:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721929969; cv=none; b=VMcvhqhe0EpGhNJIsO3KUedCEslpadSDqoq7r0tlKI7ITMpGrBN62XAUxA0RbAVfg2X0uEin1kdEcZDcv/rXgZQVLb6lUXs5p0NQN1SHiY/XmsXXU7R+4N7nEiayKvIP1GmuqbQOY/xQwzX6F7PVuWvP3UEF6CusqzID3AnL/8c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1721929969; c=relaxed/simple; bh=kogYHPCgxN7fVrHV2V6WfLHhmvshqqvcwuBfjpINjn4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=CNLrczaxC4bpTXArAKQ94lBzMreqwRRMa/tpHVRA2uOlC3ZZNrHYn5l9K+ijQpNG2kvohUy0NMLO5TZGw+/A+dxJvcMBSs4+DqvXrEFC3P0ecHWRkKMWbF9HAdChzjCB25ChUcf19w/YDla8Xc5uunaejm1Vf8wLNhR+w6Eh4Ys= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=h5hR0SG7; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="h5hR0SG7" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1721929965; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=n4xS6yIc5oxvEfAdcJ79xBrXoA14Q486xMadqCJ+TwM=; b=h5hR0SG7Y4VUP9jHVMMaPccGnaWN6yv/FZ1anveo54AAQhWYxPuspZ+REyQ/igIfUOOevX Gn+tbEf1cynR1FIY6A2ZPHJqXG1w5wd40G8fLTxggiycfeDSjHPzr/Vz0o/uD5y+shlBfk P0DqV49kZmbP/y90VY8i2mbXj2zDSCE= Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-217-uX3tpQZUOi2OqskcgXN3cg-1; Thu, 25 Jul 2024 13:52:42 -0400 X-MC-Unique: uX3tpQZUOi2OqskcgXN3cg-1 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 909E91955EB3; Thu, 25 Jul 2024 17:52:40 +0000 (UTC) Received: from starship.lan (unknown [10.22.8.132]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id F1C52300019A; Thu, 25 Jul 2024 17:52:37 +0000 (UTC) From: Maxim Levitsky To: kvm@vger.kernel.org Cc: Sean Christopherson , Dave Hansen , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , linux-kernel@vger.kernel.org, Paolo Bonzini , x86@kernel.org, Maxim Levitsky Subject: [PATCH v3 2/2] VMX: reset the segment cache after segment initialization in vmx_vcpu_reset Date: Thu, 25 Jul 2024 13:52:32 -0400 Message-Id: <20240725175232.337266-3-mlevitsk@redhat.com> In-Reply-To: <20240725175232.337266-1-mlevitsk@redhat.com> References: <20240725175232.337266-1-mlevitsk@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 Content-Type: text/plain; charset="utf-8" reset the segment cache after segment initialization in vmx_vcpu_reset to avoid stale uninitialized data being cached in the segment cache. In particular the following scenario is possible when full preemption is enabled: - vCPU is just created, and the vCPU thread is preempted before SS.AR_BYTES is written in vmx_vcpu_reset. - During preemption, the kvm_arch_vcpu_in_kernel is called which reads SS's segment AR byte to determine if the CPU was in the kernel. That caches 0 value of SS.AR_BYTES, then eventually the vCPU thread will be preempted back, then set the correct SS.AR_BYTES value in the vmcs and the cached value will remain stale, and could be read e.g via KVM_GET_SREGS. Usually this is not a problem because VMX segment cache is reset on each vCPU run, but if the userspace (e.g KVM selftests do) reads the segment registers just after the vCPU was created, and modifies some of them but passes through other registers and in this case SS.AR_BYTES, the stale value of it will make it into the vmcs, and later lead to a VM entry failure due to incorrect SS segment type. Fix this by moving the vmx_segment_cache_clear() call to be after the segments are initialized. Note that this still doesn't fix the issue of kvm_arch_vcpu_in_kernel getting stale data during the segment setup, and that issue will be addressed later. Signed-off-by: Maxim Levitsky --- arch/x86/kvm/vmx/vmx.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index fa9f307d9b18..d43bb755e15c 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -4870,9 +4870,6 @@ void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_= event) vmx->hv_deadline_tsc =3D -1; kvm_set_cr8(vcpu, 0); =20 - vmx_segment_cache_clear(vmx); - kvm_register_mark_available(vcpu, VCPU_EXREG_SEGMENTS); - seg_setup(VCPU_SREG_CS); vmcs_write16(GUEST_CS_SELECTOR, 0xf000); vmcs_writel(GUEST_CS_BASE, 0xffff0000ul); @@ -4899,6 +4896,9 @@ void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_= event) vmcs_writel(GUEST_IDTR_BASE, 0); vmcs_write32(GUEST_IDTR_LIMIT, 0xffff); =20 + vmx_segment_cache_clear(vmx); + kvm_register_mark_available(vcpu, VCPU_EXREG_SEGMENTS); + vmcs_write32(GUEST_ACTIVITY_STATE, GUEST_ACTIVITY_ACTIVE); vmcs_write32(GUEST_INTERRUPTIBILITY_INFO, 0); vmcs_writel(GUEST_PENDING_DBG_EXCEPTIONS, 0); --=20 2.26.3