From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D0F39D27E for ; Fri, 15 Aug 2025 00:25:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217548; cv=none; b=EF52UTFPw5yP8VImOUMrMo4xV6mhYaQAf1Nprh+J1zChGXJ1G2uN/CadH9/J6B7pZfACvu2FlizYIgWKN9PYqpR3zbMNdXb5ZtosRZS2Oqoq9vSzLy2UzQp5fyow88acuRaHN0ryfZM/4ezShh6PM8p6bnoXjYOpkFa5LCZFrSY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217548; c=relaxed/simple; bh=lNrTG3ug7ln/k29T/kkm8iUv2vwABLIpyspckgsl/Wo=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=vEWDw9856LSfa5CzGfOXJyOBg0dT71fuTOAPZRWmM6Nkh0K4uIC1+u4aIUnCV/gJeD/IvoakxypbY5Bvj3/HTZMQxe4akszLm9spyCTHLPh5QLaAfKd+MxbSrdLFJmy70qyHvHNO3Ha0sNUPe9SxTjVK0iVXMR0fnocr4rQRWr0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=r3FB3rTs; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="r3FB3rTs" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-76e2e8fc814so1331768b3a.1 for ; Thu, 14 Aug 2025 17:25:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217546; x=1755822346; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=7ig53neGTMgA3a5TU6R5Q/bPz27KtuTvwJhepf6GScA=; b=r3FB3rTslRJzwaJlrbEK07gGZ4YIN1iTUBgEN8157Pe3aZ3R8OrP47DLNCwtA/f5K2 v5Wpmx09iAMaUmsJbjKAOhRtcXdy6itjoaPIl2tkgukqKwyAHTiXNK0F0Q3kVojJWpW1 9JDVrq2SykEE9WmPVySD0f9uwvdOBce2Dszv6uqZjskt20ZkkXMl3LAXFtZ/bjx6W06q AogcI+GylXg1/G54mjaqJYY/BakF9x7S2G9uBUBb2xngTclbSS0BMaVGcvqK9bXcwgrM Xc60+JSuTLl4l6Te21y6/3gBAzuvFd7iZmhhj4pEl46iph36wu1LZXcru3huKEFsc4Qk MyRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217546; x=1755822346; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7ig53neGTMgA3a5TU6R5Q/bPz27KtuTvwJhepf6GScA=; b=cTQJs6Bgak1vDJPM4iv26Vrs/UjF4GYy0DjkJ1IBbVwj9ijlD+RRXYJHv480G46owE iasgiOZ5SmM+Ff3g4K2uu0E+AIO41bmoSyPTMytCUCnFNaR1diDWr+mSg7srJSDB4Q9/ NVnOq/PLjnM0zNnWk97rfQsmSBj7C/FKSrz4Y6Lbm3B3GepwNPB9SIX4liCsFMitukjx Xg1Sdix5wg72n01lgJ56Mv1PYMIEr5KZ4WN0hVfHjmrKeJWl2OtICA0R1TMJ6GxN0mww hsxJaPocO3a0AvYBggcND4LYzELmtKdlr+iqzVFnGS9M5DE0+bSGGJWoS3u/itzYKEi9 Cygw== X-Forwarded-Encrypted: i=1; AJvYcCWLGhPhKvsnCV2jV5DRh1huSaPdAzgunfNo3cuszSSGasR1LgVY/G0LB8hPuBa/sH39ul9dPL032aRP8bQ=@vger.kernel.org X-Gm-Message-State: AOJu0YwKB7OllwpFW0L/b7bHlNOfo3sQmVVPCjzyqjcXfABZaRHI5uu8 1N/42QdxA/uehthFPhhlSid1kNK9Cp+rsCMZMtbd/J0v8YOhNi/TKq0uvIQns9en1aQldo0L5Zs 28QNRiw== X-Google-Smtp-Source: AGHT+IHjpVTcPVWerqqHUBx6ySGF71sq1mvsS8WJJPtYX/zo6Hu9hQzhi2GqqSK+vmUtRFPhlaVn/ZAbOXc= X-Received: from pfbfb7.prod.google.com ([2002:a05:6a00:2d87:b0:76b:b0c5:347c]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:3e1a:b0:76b:c9b9:a11b with SMTP id d2e1a72fcca58-76e446af2e1mr126654b3a.3.1755217545972; Thu, 14 Aug 2025 17:25:45 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:21 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-2-seanjc@google.com> Subject: [PATCH 6.6.y 01/20] KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Manuel Andreas [ Upstream commit fa787ac07b3ceb56dd88a62d1866038498e96230 ] In KVM guests with Hyper-V hypercalls enabled, the hypercalls HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX allow a guest to request invalidation of portions of a virtual TLB. For this, the hypercall parameter includes a list of GVAs that are supposed to be invalidated. However, when non-canonical GVAs are passed, there is currently no filtering in place and they are eventually passed to checked invocations of INVVPID on Intel / INVLPGA on AMD. While AMD's INVLPGA silently ignores non-canonical addresses (effectively a no-op), Intel's INVVPID explicitly signals VM-Fail and ultimately triggers the WARN_ONCE in invvpid_error(): invvpid failed: ext=3D0x0 vpid=3D1 gva=3D0xaaaaaaaaaaaaa000 WARNING: CPU: 6 PID: 326 at arch/x86/kvm/vmx/vmx.c:482 invvpid_error+0x91/0xa0 [kvm_intel] Modules linked in: kvm_intel kvm 9pnet_virtio irqbypass fuse CPU: 6 UID: 0 PID: 326 Comm: kvm-vm Not tainted 6.15.0 #14 PREEMPT(volunt= ary) RIP: 0010:invvpid_error+0x91/0xa0 [kvm_intel] Call Trace: vmx_flush_tlb_gva+0x320/0x490 [kvm_intel] kvm_hv_vcpu_flush_tlb+0x24f/0x4f0 [kvm] kvm_arch_vcpu_ioctl_run+0x3013/0x5810 [kvm] Hyper-V documents that invalid GVAs (those that are beyond a partition's GVA space) are to be ignored. While not completely clear whether this ruling also applies to non-canonical GVAs, it is likely fine to make that assumption, and manual testing on Azure confirms "real" Hyper-V interprets the specification in the same way. Skip non-canonical GVAs when processing the list of address to avoid tripping the INVVPID failure. Alternatively, KVM could filter out "bad" GVAs before inserting into the FIFO, but practically speaking the only downside of pushing validation to the final processing is that doing so is suboptimal for the guest, and no well-behaved guest will request TLB flushes for non-canonical addresses. Fixes: 260970862c88 ("KVM: x86: hyper-v: Handle HVCALL_FLUSH_VIRTUAL_ADDRES= S_LIST{,EX} calls gently") Cc: stable@vger.kernel.org Signed-off-by: Manuel Andreas Suggested-by: Vitaly Kuznetsov Link: https://lore.kernel.org/r/c090efb3-ef82-499f-a5e0-360fc8420fb7@tum.de Signed-off-by: Sean Christopherson [sean: use plain is_noncanonical_address()] Signed-off-by: Sean Christopherson --- arch/x86/kvm/hyperv.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c index bd3fbd5be5da..223f4fa6a849 100644 --- a/arch/x86/kvm/hyperv.c +++ b/arch/x86/kvm/hyperv.c @@ -1929,6 +1929,9 @@ int kvm_hv_vcpu_flush_tlb(struct kvm_vcpu *vcpu) if (entries[i] =3D=3D KVM_HV_TLB_FLUSHALL_ENTRY) goto out_flush_all; =20 + if (is_noncanonical_address(entries[i], vcpu)) + continue; + /* * Lower 12 bits of 'address' encode the number of additional * pages to flush. --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4BAED35962 for ; Fri, 15 Aug 2025 00:25:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217549; cv=none; b=S+FFzjxPd8wEJSipgeku5DjfdQRUwD4zxo/3VJp9slP9TPyNWvHCuRvHRmLpYsZl9RWiNbkktZFLi0TPXaVMHk84yPAWss0h4vxfVpRfvRMnpEIc5EeXO09t/xXdkw+9KYJHjjjhCytfRAKfFzEmI0mby+Ornsr5eeUYJoViOsU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217549; c=relaxed/simple; bh=zlXQ4ZU3VrvB4sXa+ComF+joHtt5NQVT6oPd7DEUt/w=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ow1cwDyVbArJlA80PZ/73wItjQAaDC6NBEUfPv4k0aQtkxIxKUJ/0oJXjF+OA+hAkFJNrzZ5fZ3AnPL8XXV3koSwg3DrMly0zADkgE7xhQoj1NQB5it+EELb5BIv3PDylTNzydwp1JvBhOdZ3wb5/7UaS8I8Jf/2E54rAkqX4xA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=qiimAUyz; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="qiimAUyz" Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-b47173a00e8so1010934a12.1 for ; Thu, 14 Aug 2025 17:25:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217547; x=1755822347; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=yJbizRUw+p2hqJq2yCwI8a4ldo76XC44biSplLoJEII=; b=qiimAUyzraPefwblgC5Yk+HekGKLYhJUZ1ZfwGQ2RXcu0j4RFkw6saA97zQcIEgs4+ 1qf8Qa+dNJHrPrd9DyES8bW0oCbFcLzn69Btip+UoT3p+a7LrPSwuXPUFoBVnAtdixSi +J51g0kbafbjpOP18AolvHyWgy/Ho7a++hJxFIRtcV5g9mV6lKg45i8cyOMebk8w15ZU bPZp6d835sehvlmnLCEbRrP89ZHad48zgF8KqtzRPOZtIbvMiR24mo4Xcc2Bt86U2Ej3 fkrkUlXZGxfiMVQ8SqSkMQr6TgCaaQScv3ia1m4zKpGvDRvtE/Ie6dva7c5hetelh0ej ejSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217548; x=1755822348; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=yJbizRUw+p2hqJq2yCwI8a4ldo76XC44biSplLoJEII=; b=mId+zCfatq367ZwUYRqy3z0a0Cu71CRdkYoWKM4yrpDqC+8ec5a5BpGucwDan9rD+I DOLeYR+yHxA6xgx5sD+v4dBfJp6BxDT0KGW0++8aRHaBT6Ro+vayVGWknZRZLzQCDPHo OCZTJkBLrGQUUFewxZ+v+O41713hSR+34PBb9wgUKmHw//1tVXjOjkD7FfCb+D9V4DrN 2uOqk09iX0vs1OjFd8JFsAHFGghmeQGRWusc74OafQ94pXoe9guVyPG9UULSwjtTfJSm yDhz+tHmowP85KwYjUmxPwAtlrdLJ18FMLwaM2HeO2bL1IZPYnQej+PM0bqCm7oVXr6H O/Eg== X-Forwarded-Encrypted: i=1; AJvYcCUDKNmlbAxSA/yr1Odi+ed2kdOx8cDgevh8p16YtWvkpFTBGpxA2D301XRz+qeTY9WbVlT1ykBs3k/9aSk=@vger.kernel.org X-Gm-Message-State: AOJu0Yw2ln1mFKsobye4qrpyzRjqLsSAtThee0+H3wUTUjQBdRqR17g7 PGe63EceUUFKtyCjAvuh7Rjv3hazD8jlxBXKP+mZtX3NaT3Q2UMNKojY2R8TBx9ixfXy0p1St47 XT6YvNg== X-Google-Smtp-Source: AGHT+IG6sETl/uXVyld3Bdf7Q1Ak70AHDx6bGGr2qU8sVh2rUEa7JPwLnAYaVKdFIqbssWVjeI35rrCmp5g= X-Received: from pgar2.prod.google.com ([2002:a05:6a02:2e82:b0:b2b:f469:cf78]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:1590:b0:240:356:f06e with SMTP id adf61e73a8af0-240d2dc43a8mr333204637.0.1755217547650; Thu, 14 Aug 2025 17:25:47 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:22 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-3-seanjc@google.com> Subject: [PATCH 6.6.y 02/20] KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit be45bc4eff33d9a7dae84a2150f242a91a617402 ] Enable/disable local IRQs, i.e. set/clear RFLAGS.IF, in the common svm_vcpu_enter_exit() just after/before guest_state_{enter,exit}_irqoff() so that VMRUN is not executed in an STI shadow. AMD CPUs have a quirk (some would say "bug"), where the STI shadow bleeds into the guest's intr_state field if a #VMEXIT occurs during injection of an event, i.e. if the VMRUN doesn't complete before the subsequent #VMEXIT. The spurious "interrupts masked" state is relatively benign, as it only occurs during event injection and is transient. Because KVM is already injecting an event, the guest can't be in HLT, and if KVM is querying IRQ blocking for injection, then KVM would need to force an immediate exit anyways since injecting multiple events is impossible. However, because KVM copies int_state verbatim from vmcb02 to vmcb12, the spurious STI shadow is visible to L1 when running a nested VM, which can trip sanity checks, e.g. in VMware's VMM. Hoist the STI+CLI all the way to C code, as the aforementioned calls to guest_state_{enter,exit}_irqoff() already inform lockdep that IRQs are enabled/disabled, and taking a fault on VMRUN with RFLAGS.IF=3D1 is already possible. I.e. if there's kernel code that is confused by running with RFLAGS.IF=3D1, then it's already a problem. In practice, since GIF=3D0 also blocks NMIs, the only change in exposure to non-KVM code (relative to surrounding VMRUN with STI+CLI) is exception handling code, and except for the kvm_rebooting=3D1 case, all exception in the core VM-Enter/VM-Exit path are fatal. Use the "raw" variants to enable/disable IRQs to avoid tracing in the "no instrumentation" code; the guest state helpers also take care of tracing IRQ state. Oppurtunstically document why KVM needs to do STI in the first place. Reported-by: Doug Covelli Closes: https://lore.kernel.org/all/CADH9ctBs1YPmE4aCfGPNBwA10cA8RuAk2gO754= 2DjMZgs4uzJQ@mail.gmail.com Fixes: f14eec0a3203 ("KVM: SVM: move more vmentry code to assembly") Cc: stable@vger.kernel.org Reviewed-by: Jim Mattson Link: https://lore.kernel.org/r/20250224165442.2338294-2-seanjc@google.com Signed-off-by: Sean Christopherson [sean: resolve minor syntatic conflict in __svm_sev_es_vcpu_run()] Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 14 ++++++++++++++ arch/x86/kvm/svm/vmenter.S | 9 +-------- 2 files changed, 15 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 86c50747e158..abbb84ddfe02 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4170,6 +4170,18 @@ static noinstr void svm_vcpu_enter_exit(struct kvm_v= cpu *vcpu, bool spec_ctrl_in =20 guest_state_enter_irqoff(); =20 + /* + * Set RFLAGS.IF prior to VMRUN, as the host's RFLAGS.IF at the time of + * VMRUN controls whether or not physical IRQs are masked (KVM always + * runs with V_INTR_MASKING_MASK). Toggle RFLAGS.IF here to avoid the + * temptation to do STI+VMRUN+CLI, as AMD CPUs bleed the STI shadow + * into guest state if delivery of an event during VMRUN triggers a + * #VMEXIT, and the guest_state transitions already tell lockdep that + * IRQs are being enabled/disabled. Note! GIF=3D0 for the entirety of + * this path, so IRQs aren't actually unmasked while running host code. + */ + raw_local_irq_enable(); + amd_clear_divider(); =20 if (sev_es_guest(vcpu->kvm)) @@ -4177,6 +4189,8 @@ static noinstr void svm_vcpu_enter_exit(struct kvm_vc= pu *vcpu, bool spec_ctrl_in else __svm_vcpu_run(svm, spec_ctrl_intercepted); =20 + raw_local_irq_disable(); + guest_state_exit_irqoff(); } =20 diff --git a/arch/x86/kvm/svm/vmenter.S b/arch/x86/kvm/svm/vmenter.S index 56fe34d9397f..81ecb9e1101d 100644 --- a/arch/x86/kvm/svm/vmenter.S +++ b/arch/x86/kvm/svm/vmenter.S @@ -171,12 +171,8 @@ SYM_FUNC_START(__svm_vcpu_run) VM_CLEAR_CPU_BUFFERS =20 /* Enter guest mode */ - sti - 3: vmrun %_ASM_AX 4: - cli - /* Pop @svm to RAX while it's the only available register. */ pop %_ASM_AX =20 @@ -341,11 +337,8 @@ SYM_FUNC_START(__svm_sev_es_vcpu_run) VM_CLEAR_CPU_BUFFERS =20 /* Enter guest mode */ - sti - 1: vmrun %_ASM_AX - -2: cli +2: =20 /* Pop @svm to RDI, guest registers have been saved already. */ pop %_ASM_DI --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CF111156237 for ; Fri, 15 Aug 2025 00:25:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217551; cv=none; b=GNCyv80jgWYE1wZ3yr+vRSL4WJAjlHOZEWu4NwudDk7mMCMUxOCyjzI+cEJF8nkzBMKCkq2OT1k0Bhkfp+XGxauKuT4tEyctB0SuN3/zwtT3DOT3lQEoJlNTe++VoBiQuQ489z4eXsBsLHY6Quy3jezj3PJoS5d/lc1tmklCFXw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217551; c=relaxed/simple; bh=wDYWWatnyATO4Eh2mM5XkXQ1kvjBt/+3TzesreC4PmM=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=VRbB0oIGBEd6Wn5iKkV2prMaxQpbI4AAklDiSJbtJvfPL2GvBHD9f5phR1rXW2ecCyxHblD/+wYKVteuY1zyQID8/3IyXAAYGDpcndBY6jDhTLVw9VXPaeLqaDlJF7oR00RhWDEgTwtD0qS6fknz+vC+JQj9LhKXWSRCdSPF5l4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=VTI5SR2D; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="VTI5SR2D" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-76e2e8afd68so1230446b3a.1 for ; Thu, 14 Aug 2025 17:25:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217549; x=1755822349; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=RKxaIWg0LMjjHqTEVpyc6fMwZ55OLhDLYqJId7CQr6s=; b=VTI5SR2DuCfPhsdPsXA4ChWBzlzsuzKGKCgja4mXlt0cqyj8SqzsjRL7YraQ2+feDB a3bf9SlKbLHX3XWqeC9EZ92ORgUNKBQsqG6i7hfD5XY/XsvaS0VQSY1UsILUV4hTDDnN AENPzWEPLN80zHY9VvvKceTFJ7ZMLCVN6mJGxnkbIc+utaqb23SvjOqhVSBBSHaHRlna UoprQvNpR3zS1Zn0vcDD4+uthhwRfIJvNU8NshOT9/ccwrFdENWZ8kFsWTCYxqRIn3+g 2fLi6qpXgum8BFGydnsn+873icJCnhuscXlwonkOIp20iBPs4xrscX2DPN63mqxaC2Db 1clQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217549; x=1755822349; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RKxaIWg0LMjjHqTEVpyc6fMwZ55OLhDLYqJId7CQr6s=; b=mlqX1oY9dqFMy/JL1o1SGUnKq9z3boDsiyQIgumedIhzP2QDq+K5QZmR+Sm8uTbQJU SMFSB+Fe3ixf4TehJqv4s2B3w1Vh2Tg9GSgnNItPizrw/TIfSk4A15X+1h8VeM5fP0EK yhiSQhELH9BfjvVivt3V//ob/z3D7iJl6eRh8a2pALiWrg6/Oxg5JanXPxzT7HPoIcEO 6rdUl6KG5gZm1aXs6grY5S2PtbMq/iPp2lZidFWpZ4Pj3HtMnchRY+vXiKj0fo9wDNAe uQrXgUs0FRwvNWv6mMWI8feTP+wC87coG8hR2Sdqu3M1XDXK9cWibs01SqwSCR5ui5Ax 6+3A== X-Forwarded-Encrypted: i=1; AJvYcCXIBI6L7MTKi+dakKVSAi8OtZfizimrWLYXpfPioK8boMznOiapiKMy07qcRxZ5IPE+/kjfcfe9W1R6bTs=@vger.kernel.org X-Gm-Message-State: AOJu0Yw1k86/hNrw467HRDqrwOJD3SonSdw/0TfmmreeMGaExaCe0K// dhY9SaqpGqovnyNtjRT/qwx8Mrfb6SHwT7YibkkXWBvmk8E1e4o0Qy1vW13Bzxp5rWf3YepzUGb O0HWIgg== X-Google-Smtp-Source: AGHT+IGHzexSNXukCre2Zz0F5woCd1hCPY+5qAAb65oZUM8TAMMzqSiCzgnuMcCVbkJpcZ9vAgqx6zlEWZk= X-Received: from pgbfe14.prod.google.com ([2002:a05:6a02:288e:b0:b42:189a:ccef]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:a11d:b0:23f:fbb1:c230 with SMTP id adf61e73a8af0-240d2eea4efmr355758637.21.1755217549254; Thu, 14 Aug 2025 17:25:49 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:23 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-4-seanjc@google.com> Subject: [PATCH 6.6.y 03/20] KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 76bce9f10162cd4b36ac0b7889649b22baf70ebd ] Pass the target vCPU to the hwapic_isr_update() vendor hook so that VMX can defer the update until after nested VM-Exit if an EOI for L1's vAPIC occurs while L2 is active. Note, commit d39850f57d21 ("KVM: x86: Drop @vcpu parameter from kvm_x86_ops.hwapic_isr_update()") removed the parameter with the justification that doing so "allows for a decent amount of (future) cleanup in the APIC code", but it's not at all clear what cleanup was intended, or if it was ever realized. No functional change intended. Cc: stable@vger.kernel.org Reviewed-by: Chao Gao Tested-by: Chao Gao Link: https://lore.kernel.org/r/20241128000010.4051275-2-seanjc@google.com Signed-off-by: Sean Christopherson [sean: account for lack of kvm_x86_call(), drop vmx/x86_ops.h change] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/lapic.c | 8 ++++---- arch/x86/kvm/vmx/vmx.c | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 5dfb8cc9616e..5fc89d255550 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1657,7 +1657,7 @@ struct kvm_x86_ops { bool allow_apicv_in_x2apic_without_x2apic_virtualization; void (*refresh_apicv_exec_ctrl)(struct kvm_vcpu *vcpu); void (*hwapic_irr_update)(struct kvm_vcpu *vcpu, int max_irr); - void (*hwapic_isr_update)(int isr); + void (*hwapic_isr_update)(struct kvm_vcpu *vcpu, int isr); bool (*guest_apic_has_interrupt)(struct kvm_vcpu *vcpu); void (*load_eoi_exitmap)(struct kvm_vcpu *vcpu, u64 *eoi_exit_bitmap); void (*set_virtual_apic_mode)(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 66c7f2367bb3..cbf85a1ffb74 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -750,7 +750,7 @@ static inline void apic_set_isr(int vec, struct kvm_lap= ic *apic) * just set SVI. */ if (unlikely(apic->apicv_active)) - static_call_cond(kvm_x86_hwapic_isr_update)(vec); + static_call_cond(kvm_x86_hwapic_isr_update)(apic->vcpu, vec); else { ++apic->isr_count; BUG_ON(apic->isr_count > MAX_APIC_VECTOR); @@ -795,7 +795,7 @@ static inline void apic_clear_isr(int vec, struct kvm_l= apic *apic) * and must be left alone. */ if (unlikely(apic->apicv_active)) - static_call_cond(kvm_x86_hwapic_isr_update)(apic_find_highest_isr(apic)); + static_call_cond(kvm_x86_hwapic_isr_update)(apic->vcpu, apic_find_highes= t_isr(apic)); else { --apic->isr_count; BUG_ON(apic->isr_count < 0); @@ -2772,7 +2772,7 @@ void kvm_lapic_reset(struct kvm_vcpu *vcpu, bool init= _event) if (apic->apicv_active) { static_call_cond(kvm_x86_apicv_post_state_restore)(vcpu); static_call_cond(kvm_x86_hwapic_irr_update)(vcpu, -1); - static_call_cond(kvm_x86_hwapic_isr_update)(-1); + static_call_cond(kvm_x86_hwapic_isr_update)(vcpu, -1); } =20 vcpu->arch.apic_arb_prio =3D 0; @@ -3072,7 +3072,7 @@ int kvm_apic_set_state(struct kvm_vcpu *vcpu, struct = kvm_lapic_state *s) if (apic->apicv_active) { static_call_cond(kvm_x86_apicv_post_state_restore)(vcpu); static_call_cond(kvm_x86_hwapic_irr_update)(vcpu, apic_find_highest_irr(= apic)); - static_call_cond(kvm_x86_hwapic_isr_update)(apic_find_highest_isr(apic)); + static_call_cond(kvm_x86_hwapic_isr_update)(vcpu, apic_find_highest_isr(= apic)); } kvm_make_request(KVM_REQ_EVENT, vcpu); if (ioapic_in_kernel(vcpu->kvm)) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index e53620e18925..cde01eb1f5e3 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6834,7 +6834,7 @@ static void vmx_set_apic_access_page_addr(struct kvm_= vcpu *vcpu) kvm_release_pfn_clean(pfn); } =20 -static void vmx_hwapic_isr_update(int max_isr) +static void vmx_hwapic_isr_update(struct kvm_vcpu *vcpu, int max_isr) { u16 status; u8 old; --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A09CD19A288 for ; Fri, 15 Aug 2025 00:25:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217554; cv=none; b=NXMI3mSMG97o/HRHVY+JxOztXmzsTZrsCe38c+DKoAa3FTmJbfX94NqFODbHJL+2U7XENaK7rmU68cufDkOhRT8Q41ni3D22Z8hHnuZ8wI8o0XKomQ/aRLvmwIAwFEXig/4mjztFL/k0QDq+t9sst6GnYoAYJpROe3v6MONgPSQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217554; c=relaxed/simple; bh=CHCI/ngYYBC1COGAK8r8VM0IZNhXNZ2RzvpfNBDz1gg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=nH/vhes3LyWsrP95nLfE0IxrrBrVuiuIJOQ4ZV/kg9tO5JZRxlYpmrT7fJNoCRsCLmKN+iQj9q1usZ3Riva/neDEfYIaLYe0rQw9Rj/jqzhABKbc3e+d+5MfERqJOnw2SNTf+/8o1bxpTWjx9z2Z3d7iLIaJXcQSeHf7tgOrRYc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=TceXqJpC; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="TceXqJpC" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-24457f42254so31933035ad.0 for ; Thu, 14 Aug 2025 17:25:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217551; x=1755822351; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:from:to:cc:subject:date :message-id:reply-to; bh=M2ABSosJujOM+r1OH0MuqdS0SbZUaaviufYwXH1bqZI=; b=TceXqJpCbO9IhAvYW5T9LNeRtoFEJP96vmHRe7tkY8oyrmC9qnosnM82FtySBz8h+X I8zyIZabA6sQybzljTxJS/Ya31QD+hOoI3XERGoIX8JVKLA/2pKB832dFgtv1Ld99/aw zBVe6az3R3E/sJxTuiDg0EyZueVhn7Rf+eW3bAMJ2Ih1xUp70QdZK59iXX3/npLSUmaY jvFTwbfZ6pP6O0j61BOrv6lM7MSpKZWYzhqaXi3ZgMjsLjHG+N9EOGaDkhCzEsC46lji wejvddD5mbesBL3TbCF2Z19WF1oyhBwIClqJJqu24QaMvtidy0pDs02qoLzprmy1k/8G BeJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217551; x=1755822351; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=M2ABSosJujOM+r1OH0MuqdS0SbZUaaviufYwXH1bqZI=; b=UXLkiV/OOIfD0sgD508dOX+cxDDcQ8w+y5nhFWVTfvbgM6CwCmDCzDKymMTAYEl0lA K1cKPIVRzy16GAKH8xKvP4WC7NHP+68rYVkZGBNMaY4EN+ODmI4ixooVm1oKiwj/7MZO N5qxsnMT/axRQ8aThdCWav0Ai+9Gz1ZsoNbWTegHeCF582+GSINzu5a7Upj7uTj3+fWa l5rN/ZjvpsVwPsLRusOYrbryMnYEisC02OwNodae6K7qwZCKJZ0fszRkHmD06QU3bGUK ErpKbdA01S9GT7q2wyd+66QScxy0CItIEXcFcuDRff7nwJ3AYvr8MqFNHVQf6lb51D1V YdMw== X-Forwarded-Encrypted: i=1; AJvYcCUhCojFwM6xj9ZyijgdImTUCes7SGnLh5UrdG1+KAZQBQWWi/5gPb33HJyZdIsKuKgJU45ZnN8bUQPmTYM=@vger.kernel.org X-Gm-Message-State: AOJu0YxPm5yqYoNXBkQ1CL814Ni43r0dlKzPBsVsKKYyvlWSeboS+A6X Z0AgGu6MzibSjSpYo/s30f0keGavwCVo/baSR8q7qL772jVqAWSv9qMe4KZFUf4hyHVIhTzMLHT tiFZnlA== X-Google-Smtp-Source: AGHT+IF2i3npz9Mfljfj5wXFhjCB7HDgCwdS9LSNUmrUlj+mX8Afsqi1jKNWUKb0jaKGi5mvyIRSmy9e0M4= X-Received: from pjbsz15.prod.google.com ([2002:a17:90b:2d4f:b0:312:1e70:e233]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:2986:b0:240:7c39:9e25 with SMTP id d9443c01a7336-2446d889e8amr1786155ad.27.1755217551058; Thu, 14 Aug 2025 17:25:51 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:24 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-5-seanjc@google.com> Subject: [PATCH 6.6.y 04/20] KVM: nVMX: Defer SVI update to vmcs01 on EOI when L2 is active w/o VID From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Chao Gao [ Upstream commit 04bc93cf49d16d01753b95ddb5d4f230b809a991 ] If KVM emulates an EOI for L1's virtual APIC while L2 is active, defer updating GUEST_INTERUPT_STATUS.SVI, i.e. the VMCS's cache of the highest in-service IRQ, until L1 is active, as vmcs01, not vmcs02, needs to track vISR. The missed SVI update for vmcs01 can result in L1 interrupts being incorrectly blocked, e.g. if there is a pending interrupt with lower priority than the interrupt that was EOI'd. This bug only affects use cases where L1's vAPIC is effectively passed through to L2, e.g. in a pKVM scenario where L2 is L1's depriveleged host, as KVM will only emulate an EOI for L1's vAPIC if Virtual Interrupt Delivery (VID) is disabled in vmc12, and L1 isn't intercepting L2 accesses to its (virtual) APIC page (or if x2APIC is enabled, the EOI MSR). WARN() if KVM updates L1's ISR while L2 is active with VID enabled, as an EOI from L2 is supposed to affect L2's vAPIC, but still defer the update, to try to keep L1 alive. Specifically, KVM forwards all APICv-related VM-Exits to L1 via nested_vmx_l1_wants_exit(): case EXIT_REASON_APIC_ACCESS: case EXIT_REASON_APIC_WRITE: case EXIT_REASON_EOI_INDUCED: /* * The controls for "virtualize APIC accesses," "APIC- * register virtualization," and "virtual-interrupt * delivery" only come from vmcs12. */ return true; Fixes: c7c9c56ca26f ("x86, apicv: add virtual interrupt delivery support") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/kvm/20230312180048.1778187-1-jason.cj.chen@in= tel.com Reported-by: Markku Ahvenj=C3=A4rvi Closes: https://lore.kernel.org/all/20240920080012.74405-1-mankku@gmail.com Cc: Janne Karhunen Signed-off-by: Chao Gao [sean: drop request, handle in VMX, write changelog] Tested-by: Chao Gao Link: https://lore.kernel.org/r/20241128000010.4051275-3-seanjc@google.com Signed-off-by: Sean Christopherson [sean: resolve minor syntactic conflict in lapic.h, account for lack of kvm_x86_call(), drop sanity check due to lack of wants_to_run] Signed-off-by: Sean Christopherson --- arch/x86/kvm/lapic.c | 11 +++++++++++ arch/x86/kvm/lapic.h | 1 + arch/x86/kvm/vmx/nested.c | 5 +++++ arch/x86/kvm/vmx/vmx.c | 16 ++++++++++++++++ arch/x86/kvm/vmx/vmx.h | 1 + 5 files changed, 34 insertions(+) diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index cbf85a1ffb74..ba1c2a7f74f7 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -803,6 +803,17 @@ static inline void apic_clear_isr(int vec, struct kvm_= lapic *apic) } } =20 +void kvm_apic_update_hwapic_isr(struct kvm_vcpu *vcpu) +{ + struct kvm_lapic *apic =3D vcpu->arch.apic; + + if (WARN_ON_ONCE(!lapic_in_kernel(vcpu)) || !apic->apicv_active) + return; + + static_call(kvm_x86_hwapic_isr_update)(vcpu, apic_find_highest_isr(apic)); +} +EXPORT_SYMBOL_GPL(kvm_apic_update_hwapic_isr); + int kvm_lapic_find_highest_irr(struct kvm_vcpu *vcpu) { /* This may race with setting of irr in __apic_accept_irq() and diff --git a/arch/x86/kvm/lapic.h b/arch/x86/kvm/lapic.h index 0a0ea4b5dd8c..0dd069b8d6d1 100644 --- a/arch/x86/kvm/lapic.h +++ b/arch/x86/kvm/lapic.h @@ -124,6 +124,7 @@ int kvm_set_apic_base(struct kvm_vcpu *vcpu, struct msr= _data *msr_info); int kvm_apic_get_state(struct kvm_vcpu *vcpu, struct kvm_lapic_state *s); int kvm_apic_set_state(struct kvm_vcpu *vcpu, struct kvm_lapic_state *s); enum lapic_mode kvm_get_apic_mode(struct kvm_vcpu *vcpu); +void kvm_apic_update_hwapic_isr(struct kvm_vcpu *vcpu); int kvm_lapic_find_highest_irr(struct kvm_vcpu *vcpu); =20 u64 kvm_get_lapic_tscdeadline_msr(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index d3e346a574f1..fdf7503491f9 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -4900,6 +4900,11 @@ void nested_vmx_vmexit(struct kvm_vcpu *vcpu, u32 vm= _exit_reason, kvm_make_request(KVM_REQ_APICV_UPDATE, vcpu); } =20 + if (vmx->nested.update_vmcs01_hwapic_isr) { + vmx->nested.update_vmcs01_hwapic_isr =3D false; + kvm_apic_update_hwapic_isr(vcpu); + } + if ((vm_exit_reason !=3D -1) && (enable_shadow_vmcs || evmptr_is_valid(vmx->nested.hv_evmcs_vmptr))) vmx->nested.need_vmcs12_to_shadow_sync =3D true; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index cde01eb1f5e3..4563e7a9a851 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6839,6 +6839,22 @@ static void vmx_hwapic_isr_update(struct kvm_vcpu *v= cpu, int max_isr) u16 status; u8 old; =20 + /* + * If L2 is active, defer the SVI update until vmcs01 is loaded, as SVI + * is only relevant for if and only if Virtual Interrupt Delivery is + * enabled in vmcs12, and if VID is enabled then L2 EOIs affect L2's + * vAPIC, not L1's vAPIC. KVM must update vmcs01 on the next nested + * VM-Exit, otherwise L1 with run with a stale SVI. + */ + if (is_guest_mode(vcpu)) { + /* + * KVM is supposed to forward intercepted L2 EOIs to L1 if VID + * is enabled in vmcs12; as above, the EOIs affect L2's vAPIC. + */ + to_vmx(vcpu)->nested.update_vmcs01_hwapic_isr =3D true; + return; + } + if (max_isr =3D=3D -1) max_isr =3D 0; =20 diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 6be1627d888e..88c5b7ebf9d3 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -177,6 +177,7 @@ struct nested_vmx { bool reload_vmcs01_apic_access_page; bool update_vmcs01_cpu_dirty_logging; bool update_vmcs01_apicv_status; + bool update_vmcs01_hwapic_isr; =20 /* * Enlightened VMCS has been enabled. It does not mean that L1 has to --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B73081B0F23 for ; Fri, 15 Aug 2025 00:25:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217555; cv=none; b=iRKEQb6BYpxt5xR6aeY9h+jD9jhFMm8gHEzSTvFfUxgPUp11tMxCoPwdTxrH9d34fXiFVKqt3edSM23vo+2W13cLnwOcIWziBuny64OKxpSrTfwpzC6wwnIHt90qS5gtgILAK7X7dos+kBTL8ixKe5sYhDuNr2gFhRvtHderW+I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217555; c=relaxed/simple; bh=MmffWN1IQs8fm4dHi/LvLLzMxd/gkxVlq7LuwvLwRE0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=SA5OS6tqIvenoXkke1YZzBIvcGJ6zNBpPE2JRWQM8Q3c08J9SynVGXJWEx2r0s52+fNcXC07TIoFST1uFrG9WWKwrK+OAFS4JkDZJk+/pTUQo3m5VAuQXqXFgU5h084hgy3hrcYmIgoCellxCkHtqap8yj8XULYJ7kTtDUJx3F8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=hBNGcFqz; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="hBNGcFqz" Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-b47174c65b0so2253857a12.2 for ; Thu, 14 Aug 2025 17:25:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217553; x=1755822353; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=nyWRaldVBsqLHDSF1EOGTWo1xUQuV8Ie9MqemiUHrmw=; b=hBNGcFqztSLNcxelJE38pZKxuocW+MZiCwK1eG4nwqOn9894VsSYVV7gIXATo3E0Rp BslS3GKgdqX++9/6+7KKB7EhDjFenC08qsnnBv+pYw3Vxs5LrgFjCUjBd65Ua55LmVPj aNzH0NttehUdpEiPm8XrtFSiEw38HBLc3XUhD7GX2RVX9qcNVbahcXPnKnepgw++EB5L +k9x3g+SjUvAUdcvLEIalcvmnFmYoQ1WISHtF4GysZ4Trx3hLrsM//p23TaDKvJ9/g+J Mlb2FRqMHWqeUBL+1W+7vyrq0JJgTn6qmorIJtraSyMPRyPTaYUZm7cNDM9zh7IPkD/W Ki6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217553; x=1755822353; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=nyWRaldVBsqLHDSF1EOGTWo1xUQuV8Ie9MqemiUHrmw=; b=tZxyPlsK1mR+pqOU5lo2rw6T99iyQKy5DQt2pszYPHCczFwfBWHeF8f2WNj8lWLOGr hmOqUFZ303n9zuVo0IPPoEGoT46Zz6KJor7oxpK/YUUwJpwCw3sxbHguSVxFCDS81nYJ /z3CYa7VqZGG/vldUW7/fVjhH3YyqKTEBGOYCHkRU8WWojdlNNS/bAQkjxkC6U6Per6c cRyzUng/dRCRQKUyW/Bigqak3vdFkgHCsTICnUUIswMoXjFJthk8EDz2nwi0h99iJecR yhs7/9i3QUp6jEubDmnGIN1LnBDmyKYT1CAiJPt6hNedNB8lkJaUv5l2+RCGvOhYayj5 3xyA== X-Forwarded-Encrypted: i=1; AJvYcCWON8jpS8y/6AnsBwFr4qT7i5FyCKoIQz9AQGFdZ1qfOWrWw2/7SfplYb9bqNFvmH/9dGN+VAjS43hu+5w=@vger.kernel.org X-Gm-Message-State: AOJu0YwerZCpi9iWXX09K2U7gAPNgmDiwSnlKCt9kqo1tOVxbbB8e46P W2ns+LdzfexgRkD0x5BeQm7dhdWSTKTuu3tujJ+HDI72/h1EkTWmhurptp1dprrTpPMPTunRqsH MDjxx+w== X-Google-Smtp-Source: AGHT+IHMN0kKot/KzIH6X5phgioTA46PF0pTZ0MP0Bgz335zIDfL6xFv+c+JMRRQLmxK2iIcVLlRDteyZhs= X-Received: from pgc14.prod.google.com ([2002:a05:6a02:2f8e:b0:b42:1e34:a158]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:1592:b0:240:6dc:9164 with SMTP id adf61e73a8af0-240d2da1fe4mr351714637.15.1755217553034; Thu, 14 Aug 2025 17:25:53 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:25 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-6-seanjc@google.com> Subject: [PATCH 6.6.y 05/20] KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit f1fb088d9cecde5c3066d8ff8846789667519b7d ] Take irqfds.lock when adding/deleting an IRQ bypass producer to ensure irqfd->producer isn't modified while kvm_irq_routing_update() is running. The only lock held when a producer is added/removed is irqbypass's mutex. Fixes: 872768800652 ("KVM: x86: select IRQ_BYPASS_MANAGER") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Message-ID: <20250404193923.1413163-5-seanjc@google.com> Signed-off-by: Paolo Bonzini [sean: account for lack of kvm_x86_call()] Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 55185670e0e5..bc52e24f1dda 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13256,16 +13256,22 @@ int kvm_arch_irq_bypass_add_producer(struct irq_b= ypass_consumer *cons, { struct kvm_kernel_irqfd *irqfd =3D container_of(cons, struct kvm_kernel_irqfd, consumer); + struct kvm *kvm =3D irqfd->kvm; int ret; =20 - irqfd->producer =3D prod; kvm_arch_start_assignment(irqfd->kvm); + + spin_lock_irq(&kvm->irqfds.lock); + irqfd->producer =3D prod; + ret =3D static_call(kvm_x86_pi_update_irte)(irqfd->kvm, prod->irq, irqfd->gsi, 1); - if (ret) kvm_arch_end_assignment(irqfd->kvm); =20 + spin_unlock_irq(&kvm->irqfds.lock); + + return ret; } =20 @@ -13275,9 +13281,9 @@ void kvm_arch_irq_bypass_del_producer(struct irq_by= pass_consumer *cons, int ret; struct kvm_kernel_irqfd *irqfd =3D container_of(cons, struct kvm_kernel_irqfd, consumer); + struct kvm *kvm =3D irqfd->kvm; =20 WARN_ON(irqfd->producer !=3D prod); - irqfd->producer =3D NULL; =20 /* * When producer of consumer is unregistered, we change back to @@ -13285,11 +13291,17 @@ void kvm_arch_irq_bypass_del_producer(struct irq_= bypass_consumer *cons, * when the irq is masked/disabled or the consumer side (KVM * int this case doesn't want to receive the interrupts. */ + spin_lock_irq(&kvm->irqfds.lock); + irqfd->producer =3D NULL; + ret =3D static_call(kvm_x86_pi_update_irte)(irqfd->kvm, prod->irq, irqfd-= >gsi, 0); if (ret) printk(KERN_INFO "irq bypass consumer (token %p) unregistration" " fails: %d\n", irqfd->consumer.token, ret); =20 + spin_unlock_irq(&kvm->irqfds.lock); + + kvm_arch_end_assignment(irqfd->kvm); } =20 --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7F8581C5F23 for ; Fri, 15 Aug 2025 00:25:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217557; cv=none; b=NCs3j2spBus5BAUxGWrc93MRGzujHoG/esN5fkgLvfC0XqdmSo6XrAphfHR2+yGiU7IP+Z00io18diPdqJYAGFwK0qUvsJUUQniY/vWdwMn5sc4qoxNIWBF+kO2p9Ux6pChf/sidvGNREzwvesXfIDZXdI+bp1Vqtk0azfxzz30= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217557; c=relaxed/simple; bh=aKVZRG0JRLvF8phuQEYODZS7/hW6QX6UzV3hwELyHNk=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=K8VxYizj8A6SSKnFvMP2ZO5Z2E5OaWOiSDcX+7dAWS+uXwd6YhKLQe1xcN++NKstUlDfcSiyvw9ewDAw7mXUzlFqnkBLb/XPGrEXRLVIfmPn9dJTUPgzSXf3AgwRFQ1HdraRQ7fjn8GCOFsM5xRtTCLCi35eqsfTgcR3gYQ+wvY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=EWSl4Qba; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="EWSl4Qba" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-76e2e8ccecaso2381728b3a.1 for ; Thu, 14 Aug 2025 17:25:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217555; x=1755822355; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=rPOzKFPxGT9sPa6ldSUH//rHHKSpsCJXfaRkVH3vZ5A=; b=EWSl4QbakILTYwUZayN9raRw8scmsed3mAhZMwz+Cp8jNRhUNs90OWpyTm/iWgZEo8 kc+wIePy+Jd3enUxjT8XsMpnzn+JnkIjEHRtAmf3Px96iR427YrCHluFKeFUtvfL/tNJ 0m1S0W4QSkBW/cAKOyxFdkaAFkxqskPtXfH6WAXGKw3FuMPS8/n48070k/mbFwtsPefC pK4E5qDFWjwIYM+GTSkQOY/PFwzOP4UEzvfEsZdUQQhGsN7GMDdpvcOADvxEpmQvYc8T srmYDCfoONGz+ayOg9JOqnIPiIyElHljTN5U+UDXK/t+H9LRCrlQ5P6EJFJ7gcD/ATOP +T1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217555; x=1755822355; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rPOzKFPxGT9sPa6ldSUH//rHHKSpsCJXfaRkVH3vZ5A=; b=HMZHnwRHMPg/b9iTbl3AhfRMAKMAZbRjstd0wXZ+AaT55SdmbPT4gizhzLJFE+RVCU 2ezztOBtzw4JLRW6zCrfRTdT+GO0ViXCg9G5Us5bSqewL0aGCwCGgFV/FV27d3C/Mp0P 31TpRjx62ckNaGPN3woC3IWwSf3eOEBQs9ZK+QObjnTEJWwnl8T2YII29nM6bkdCpyO1 MaRoWZOdIUWtJSUyiUQL/Y0S5wMPu+fLcPXHPVHhqbPfPCEEoHMlTDBvoHg5n2bZeNG3 47bLFygSiYyr3KLEj252W2/DD7i3/b51CmVdU+vFPWH9we6lIYfBLdmUcaBgonmwFfnu H5og== X-Forwarded-Encrypted: i=1; AJvYcCXKdBxmkrQL80LxnXscMZuHWm0C6irYLgEnxVyqaOYpcwv6Kw7CFKdSQ/chqIocchHeCE2fuy8sBKUBru4=@vger.kernel.org X-Gm-Message-State: AOJu0Yznsn91EDPQ/QQOshmebx792ydWlBdF4WiYH1I9AydgtxNZBFWF Wqwe8jfCiDEERch7UUWdRw9EblnaDV/fB8AiFxjuj/BiGiTzsqZbdhe0vGG37luiprsMPOUL3am T9iXLwQ== X-Google-Smtp-Source: AGHT+IFSZNuzQO0n+8mCRIX/sYOuoT+ph9KSlhpuxnuhywFMOY0u8KDbxD0H/EWNUJ7Hk6ed7dDmCQ93ytY= X-Received: from pfrg12.prod.google.com ([2002:aa7:9f0c:0:b0:76c:33e1:be00]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:c91:b0:76e:3668:7b08 with SMTP id d2e1a72fcca58-76e4480b219mr66332b3a.16.1755217554742; Thu, 14 Aug 2025 17:25:54 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:26 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-7-seanjc@google.com> Subject: [PATCH 6.6.y 06/20] KVM: x86: Snapshot the host's DEBUGCTL in common x86 From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit fb71c795935652fa20eaf9517ca9547f5af99a76 ] Move KVM's snapshot of DEBUGCTL to kvm_vcpu_arch and take the snapshot in common x86, so that SVM can also use the snapshot. Opportunistically change the field to a u64. While bits 63:32 are reserved on AMD, not mentioned at all in Intel's SDM, and managed as an "unsigned long" by the kernel, DEBUGCTL is an MSR and therefore a 64-bit value. Reviewed-by: Xiaoyao Li Cc: stable@vger.kernel.org Reviewed-and-tested-by: Ravi Bangoria Link: https://lore.kernel.org/r/20250227222411.3490595-4-seanjc@google.com Signed-off-by: Sean Christopherson [sean: resolve minor syntatic conflict in vmx_vcpu_load()] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/vmx/vmx.c | 8 ++------ arch/x86/kvm/vmx/vmx.h | 2 -- arch/x86/kvm/x86.c | 1 + 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 5fc89d255550..b5210505abfa 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -733,6 +733,7 @@ struct kvm_vcpu_arch { u32 pkru; u32 hflags; u64 efer; + u64 host_debugctl; u64 apic_base; struct kvm_lapic *apic; /* kernel irqchip context */ bool load_eoi_exitmap_pending; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 4563e7a9a851..9ba4baf2a9e9 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -1499,13 +1499,9 @@ void vmx_vcpu_load_vmcs(struct kvm_vcpu *vcpu, int c= pu, */ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu) { - struct vcpu_vmx *vmx =3D to_vmx(vcpu); - vmx_vcpu_load_vmcs(vcpu, cpu, NULL); =20 vmx_vcpu_pi_load(vcpu, cpu); - - vmx->host_debugctlmsr =3D get_debugctlmsr(); } =20 static void vmx_vcpu_put(struct kvm_vcpu *vcpu) @@ -7414,8 +7410,8 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu) } =20 /* MSR_IA32_DEBUGCTLMSR is zeroed on vmexit. Restore it if needed */ - if (vmx->host_debugctlmsr) - update_debugctlmsr(vmx->host_debugctlmsr); + if (vcpu->arch.host_debugctl) + update_debugctlmsr(vcpu->arch.host_debugctl); =20 #ifndef CONFIG_X86_64 /* diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 88c5b7ebf9d3..fb36bde2dd87 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -340,8 +340,6 @@ struct vcpu_vmx { /* apic deadline value in host tsc */ u64 hv_deadline_tsc; =20 - unsigned long host_debugctlmsr; - /* * Only bits masked by msr_ia32_feature_control_valid_bits can be set in * msr_ia32_feature_control. FEAT_CTL_LOCKED is always included diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index bc52e24f1dda..ed16f97d1320 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4823,6 +4823,7 @@ void kvm_arch_vcpu_load(struct kvm_vcpu *vcpu, int cp= u) =20 /* Save host pkru register if supported */ vcpu->arch.host_pkru =3D read_pkru(); + vcpu->arch.host_debugctl =3D get_debugctlmsr(); =20 /* Apply any externally detected TSC adjustments (due to suspend) */ if (unlikely(vcpu->arch.tsc_offset_adjustment)) { --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A8E82745C for ; Fri, 15 Aug 2025 00:25:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217559; cv=none; b=YoxJbNXPQ9SOmIRc1aFL9Pr5g7w9RwXGee60abA0BYoSz2VLTsywjLQI3CgyhxJjkB2TWYviganZttiRij59sC1JiOsJTftbypMCNW3d4mZ8/7vxX+iwwSuveGFLj7g1qZrd8oeO81xhLeM+fC0LZeiuVm4pfrmt7SYIkfgjKrw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217559; c=relaxed/simple; bh=8dGhxK/JkgmBijADhNtAV6zAXFcteW9wwepKGar5Zv4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=mc8PmunMJmJaC8tPJFxhItvpO9LWGYKLpNB9x1B87JEgBMcnTZsbTH7NvURb+avAJfXoBiae33e4kz0VZRXF/OmVLi8TOH0BdpMHa5yrJXIYeEt0K9Rlw88DChFeCSkZVN2p4KYL4mh3/zRqQin55uVmg4TINbtAas9+l1m+UHQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=x/WYLAKy; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="x/WYLAKy" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b4716fb3aedso1005656a12.0 for ; Thu, 14 Aug 2025 17:25:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217557; x=1755822357; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=cctxdklEYGo3fsEjZ/qF2IryNO6hLou1BdjReTJ9XXQ=; b=x/WYLAKyPzs2CL6sPf0o7Ll0xvt5/KwbBtdEANFg3BKB9u39F511GvVNb0U86Pzlxg h4AaShVchL0WznGa4RG0EPyssNlikjIObdFzZZnCjaBIWKTgHvsteKuHKkrrXicA+fcp SYnrTatOAsxjv8h33TNrJYRJ9WfJRvhU3nxGOb97MuUzqU+v9QRniYyHwcHX4otIRLVl EIZPcRkR7ESWl50UxeCrUCmf35jlLuDzmXTBSZ1C0yRDjdCtwWR07zwLIOUWO4ZJ6zD3 Y1w+ONHFYGYi7M/yPU+q1+scZdaaed1Y8NXtT+uQiQPBzTsBCURoDRrJjVp0oc5qhfcg M43w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217557; x=1755822357; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cctxdklEYGo3fsEjZ/qF2IryNO6hLou1BdjReTJ9XXQ=; b=CZ0zeW/063zrV5S3sUvlX1n0j1utTHEM+L5BtfL5SAwjL6viDkD5N3IyscttfhbxOW pm1naRvkk9y+N+BhsD9MRp9zKG1Mk6Cxf3pZs6Z940ZTJUxA/XObnNzRQF0PIUuvsmCk c7mvBleyMU6UjGiaUs0Ygh0H28m/1MNrteJtKZEKzacQcUdXNmXTyIVmYiVwmZLI10wM LQeDA5zB8uBd868qAeUGN8XsflEgS4ujZM9HL0wuWHuUu5heSnasS4wh/ZEu0ulNc5XH odsOjXqsT8087yndLURhyBO0FMjP6mzow5NKe1F5rtIGDKaFN0AXTfbhZH25YXFdL2+B q9dQ== X-Forwarded-Encrypted: i=1; AJvYcCX+DUBbcdFPBlGSsekRi+oOb94NkHRCTrJ4ZochRNo0SdHxuIk7GQ17vwss/oGlmDQGfaxiunHV3NNJU7Q=@vger.kernel.org X-Gm-Message-State: AOJu0YzYXWH2hxuWHNI1+h2T1z+ybr3e26v3h9VrhtVqxsyliIxRPKBQ aTLBdoOJlxS0xmlfMQRbgWGKgrcLLAy/fepK4ut3YyFJT1ERuBlxjF+1JTZjf1cT1yYsYNpx57Q bshzRFw== X-Google-Smtp-Source: AGHT+IGvH9IFV195y28sIIwLG3aGx7vkoPdbO7saKYfTqg5i8QnHd16IdWLXrxZFrfkhUCUiw6yuZNROGVc= X-Received: from pghm22.prod.google.com ([2002:a63:f616:0:b0:b47:35f:5e80]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:748c:b0:23f:fd87:4279 with SMTP id adf61e73a8af0-240d2d889f8mr371554637.8.1755217556680; Thu, 14 Aug 2025 17:25:56 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:27 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-8-seanjc@google.com> Subject: [PATCH 6.6.y 07/20] KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 189ecdb3e112da703ac0699f4ec76aa78122f911 ] Snapshot the host's DEBUGCTL after disabling IRQs, as perf can toggle debugctl bits from IRQ context, e.g. when enabling/disabling events via smp_call_function_single(). Taking the snapshot (long) before IRQs are disabled could result in KVM effectively clobbering DEBUGCTL due to using a stale snapshot. Cc: stable@vger.kernel.org Reviewed-and-tested-by: Ravi Bangoria Link: https://lore.kernel.org/r/20250227222411.3490595-6-seanjc@google.com Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index ed16f97d1320..22a191a37e41 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4823,7 +4823,6 @@ void kvm_arch_vcpu_load(struct kvm_vcpu *vcpu, int cp= u) =20 /* Save host pkru register if supported */ vcpu->arch.host_pkru =3D read_pkru(); - vcpu->arch.host_debugctl =3D get_debugctlmsr(); =20 /* Apply any externally detected TSC adjustments (due to suspend) */ if (unlikely(vcpu->arch.tsc_offset_adjustment)) { @@ -10782,6 +10781,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) set_debugreg(0, 7); } =20 + vcpu->arch.host_debugctl =3D get_debugctlmsr(); + guest_timing_enter_irqoff(); =20 for (;;) { --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D55AA1B0F23 for ; Fri, 15 Aug 2025 00:25:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217560; cv=none; b=CgeMXOgWh2pKqZu23dmhNUJ4Ga0fhWxYST6OtuR6fH3vW2YxhnoGrOsnYinNd32xZQ78iR0AufeOG9umS/kVBpONnH3s1OeuF/bMDgFrF2SydggC8kV6MegxVKAOWncRZBl2LPG9nltejV6Nb1ygECsFmxXmgBrS1wT6awULuQg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217560; c=relaxed/simple; bh=N+hql3Qr4kBwfjiSAYejuhjwWUlHg5QqNsL/k41/IO8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Vie0idUjRRuj3r+2b9slz5cR/etCUiq/wtzKKJ0p+h2mr9ZI49YEgzGpV39dJWLV9NvsLaYpqXlKgIueSgJoad0POmlmq0kmqF3uCN9vrb4/oEzree56NeIEHY2pbLouLnT9v9BizxbUYaw89Ur//fbJSv+eEElxlAOoNjJJEHE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=tJ+u/wfr; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="tJ+u/wfr" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-32326e2f184so2773474a91.3 for ; Thu, 14 Aug 2025 17:25:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217558; x=1755822358; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=+/m1fuxWS0xyuQHwloyFiYOa5AY97HguPjFiFhAvGns=; b=tJ+u/wfr+qxJYyRybfxo2H3Lb7RPV4btY0H0HWfpQebjiGt3G4eQXGhR7oPA67xwCD ztziQQjOiGcur9apKrYNN4AHpEwGD0Py2gYJLgtX/A+t9qLs93efW6vHiaSpjE01p1L2 YIaeQoDLqVvaxtudeT9A6XH3dCPt8nLjUvGeraCC9hMwDqCepzOQ27UCUVnEfyQzpu6W C167Lgv0gIVWM26yeGU7ZaKMs3XQEr/x4YCKY/SQKFfPI2Da6NkL+6ozzvTVTDDLW13i lqcKB4kYktcEKGx7JKYcqeGMMT55lhvMQTDD6414sMHuf6V5Sbp0vhlEac2Z5l8NyiyG nBgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217558; x=1755822358; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+/m1fuxWS0xyuQHwloyFiYOa5AY97HguPjFiFhAvGns=; b=dgr+7/c2os6zLzpNhD9ZVbvMJdalBD5uMwdIkqpXg+nFNRmvGGheNN1GE6AjLvpbTG m+GojZrWJshb5Blq/ZEw/aRiMtq5uWCakAzcQOXrlGtPfbv4oUoyJkaHtP6mNU/0FZ7s IpW8S81Zb6uAeJESmbqjngr7HUhk64v0oDklUfy0YS2H2EWHEQBVIbhXIbvS7ycPaFt/ AY8wTVCeMuvgfr64gTCTK3WZdaY8F/e/aGp1WZ/qjnRedhww/aJkmlv4bYF03N7qL0RW jU2M03nPnO4XvdtbNgUaYcbHGivVN+4G4idm1Yj7zh2s+l/VNZJX09OKhdQDtfY6scQb 2kqg== X-Forwarded-Encrypted: i=1; AJvYcCXNB+1XzWZ1F8L/Z9FRdItGFu5c596p9EMXuFXIWW21m7cyziRrPassVKCc/rFFjVsG7dJ8M6PJTI9858k=@vger.kernel.org X-Gm-Message-State: AOJu0YwA7pH+w7H6KqequgXe7jtM9oN7rJt42tKYO1sbhCv8sCP5mEOY 2Bw0+DVJMSRfAh+shrzwNTBKJcCWpRfa1AIaVNzGJbmtYpHmkc8+9n7WYVDtODSbjciERi7lSUS VqhNwxA== X-Google-Smtp-Source: AGHT+IEfTFBHfHbYX85mwsEulWZDBhY4u6Mp7AGxTOZZ17dTGn++cm7gJ1lMfruySsop6YG+mNhLMBQzP4A= X-Received: from pjboi8.prod.google.com ([2002:a17:90b:3a08:b0:321:90c5:fc2b]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2784:b0:31f:210d:2e56 with SMTP id 98e67ed59e1d1-32341ef60bemr371333a91.28.1755217558217; Thu, 14 Aug 2025 17:25:58 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:28 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-9-seanjc@google.com> Subject: [PATCH 6.6.y 08/20] KVM: x86: Plumb "force_immediate_exit" into kvm_entry() tracepoint From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 9c9025ea003a03f967affd690f39b4ef3452c0f5 ] Annotate the kvm_entry() tracepoint with "immediate exit" when KVM is forcing a VM-Exit immediately after VM-Enter, e.g. when KVM wants to inject an event but needs to first complete some other operation. Knowing that KVM is (or isn't) forcing an exit is useful information when debugging issues related to event injection. Suggested-by: Maxim Levitsky Link: https://lore.kernel.org/r/20240110012705.506918-2-seanjc@google.com Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 3 ++- arch/x86/kvm/svm/svm.c | 5 +++-- arch/x86/kvm/trace.h | 9 ++++++--- arch/x86/kvm/vmx/vmx.c | 4 ++-- arch/x86/kvm/x86.c | 2 +- 5 files changed, 14 insertions(+), 9 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index b5210505abfa..5703600a454e 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1624,7 +1624,8 @@ struct kvm_x86_ops { void (*flush_tlb_guest)(struct kvm_vcpu *vcpu); =20 int (*vcpu_pre_run)(struct kvm_vcpu *vcpu); - enum exit_fastpath_completion (*vcpu_run)(struct kvm_vcpu *vcpu); + enum exit_fastpath_completion (*vcpu_run)(struct kvm_vcpu *vcpu, + bool force_immediate_exit); int (*handle_exit)(struct kvm_vcpu *vcpu, enum exit_fastpath_completion exit_fastpath); int (*skip_emulated_instruction)(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index abbb84ddfe02..5a230be224d1 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4194,12 +4194,13 @@ static noinstr void svm_vcpu_enter_exit(struct kvm_= vcpu *vcpu, bool spec_ctrl_in guest_state_exit_irqoff(); } =20 -static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu) +static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, + bool force_immediate_exit) { struct vcpu_svm *svm =3D to_svm(vcpu); bool spec_ctrl_intercepted =3D msr_write_intercepted(vcpu, MSR_IA32_SPEC_= CTRL); =20 - trace_kvm_entry(vcpu); + trace_kvm_entry(vcpu, force_immediate_exit); =20 svm->vmcb->save.rax =3D vcpu->arch.regs[VCPU_REGS_RAX]; svm->vmcb->save.rsp =3D vcpu->arch.regs[VCPU_REGS_RSP]; diff --git a/arch/x86/kvm/trace.h b/arch/x86/kvm/trace.h index b82e6ed4f024..c6b4b1728006 100644 --- a/arch/x86/kvm/trace.h +++ b/arch/x86/kvm/trace.h @@ -15,20 +15,23 @@ * Tracepoint for guest mode entry. */ TRACE_EVENT(kvm_entry, - TP_PROTO(struct kvm_vcpu *vcpu), - TP_ARGS(vcpu), + TP_PROTO(struct kvm_vcpu *vcpu, bool force_immediate_exit), + TP_ARGS(vcpu, force_immediate_exit), =20 TP_STRUCT__entry( __field( unsigned int, vcpu_id ) __field( unsigned long, rip ) + __field( bool, immediate_exit ) ), =20 TP_fast_assign( __entry->vcpu_id =3D vcpu->vcpu_id; __entry->rip =3D kvm_rip_read(vcpu); + __entry->immediate_exit =3D force_immediate_exit; ), =20 - TP_printk("vcpu %u, rip 0x%lx", __entry->vcpu_id, __entry->rip) + TP_printk("vcpu %u, rip 0x%lx%s", __entry->vcpu_id, __entry->rip, + __entry->immediate_exit ? "[immediate exit]" : "") ); =20 /* diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 9ba4baf2a9e9..ee501871ddb0 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7312,7 +7312,7 @@ static noinstr void vmx_vcpu_enter_exit(struct kvm_vc= pu *vcpu, guest_state_exit_irqoff(); } =20 -static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu) +static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate= _exit) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); unsigned long cr3, cr4; @@ -7339,7 +7339,7 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu) return EXIT_FASTPATH_NONE; } =20 - trace_kvm_entry(vcpu); + trace_kvm_entry(vcpu, force_immediate_exit); =20 if (vmx->ple_window_dirty) { vmx->ple_window_dirty =3D false; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 22a191a37e41..8a7a6cf4b4ec 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10795,7 +10795,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) WARN_ON_ONCE((kvm_vcpu_apicv_activated(vcpu) !=3D kvm_vcpu_apicv_active(= vcpu)) && (kvm_get_apic_mode(vcpu) !=3D LAPIC_MODE_DISABLED)); =20 - exit_fastpath =3D static_call(kvm_x86_vcpu_run)(vcpu); + exit_fastpath =3D static_call(kvm_x86_vcpu_run)(vcpu, req_immediate_exit= ); if (likely(exit_fastpath !=3D EXIT_FASTPATH_REENTER_GUEST)) break; =20 --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 381551EF39E for ; Fri, 15 Aug 2025 00:26:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217562; cv=none; b=k9MqeRjx0ehzY325B7ikEKxEzUYSxIfkPCqnPg0zq8e5stcwH0b/qGl3GuMqNucABE8w06vTgu9OORT8/jJ9Wv8hy1i184jJ2ErbEL6cBWU5gXgShNKIH/pn8CYF1KfTOsWClSJdm5GVhYQhpQWdZd1MyWsI7MmyWKfue09ZoEY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217562; c=relaxed/simple; bh=Q/JHGW57EuoJgXK91IfmuNQ8KxhAOb1XQxaQXnOBkn8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=fPQuyCc78ThtM/3e216rRlTkhNZJaiFGn76FTVS9Xo1tJR6woEe1onVTitkBDsEIf400H4XJWTt0nekDodMtMksdt2d7WR454Lykyt0HnKi3C/PnLJ3XJN3d8utbk26pKor/omVbRduIvM9rceMZC16LiX0vo8z/0ONl9AG8Hlo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ybiQ1E84; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ybiQ1E84" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-323267c0292so1438481a91.1 for ; Thu, 14 Aug 2025 17:26:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217560; x=1755822360; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=4mlGOKyaWuNfcpdQevvY9rMQD5UW3bPI01VSmQ330+0=; b=ybiQ1E84Y3hKpD4ZpfyQ/O1oKoslk6N7vqdgIL9EXl5pb4i9V5DL3OK8i1IPAdlITb 0ulJJ4p6klB0U+arh/nKVWn+dCocatkRusRKjT50VS9c42WAL0S6ywgWBEUQC0+6a3n9 inJW9mI0Nkph7ja2HqtKMxo8W+guhxiKmsILcL70a7hDTqmZmGx9/ew7G+bCZei8lFbW z+rqkGcgueO8eTZf8q5w6mLsK9dGvccZ1kArNkRxMtHr0ScGW3LPFPwFRtTtypwuqFc1 dc7C3e4BYDK3vh2eQ4JEeZts7KHKF1+o07Y7z57En/AD98vBqW1SACvSDfz3bUZPL9RF irzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217560; x=1755822360; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=4mlGOKyaWuNfcpdQevvY9rMQD5UW3bPI01VSmQ330+0=; b=DwkEGSR4tXjBriUXcLUzqE/7c1hIEL96eH7v+ivIfCza8oAtkkNwqpV/xpIB/Gc0Lk k6T7f8wH9+P8+3fb/k+33fNDfB2UsNVnbrybnNNm6/tyl4botKB36dHSrxHIcsh/LEVO bqT0a0U3mNwnBveHy4EFxB2nFQIP6QtH03ULdyxdO4FneHjpqnVoR25U1cf/jxWc5D17 x7zLcs1Z4IyW43JEqiKr80OGzUGo1A2gQCl16eONUYKtgKOlqRg/O6Mxxc6UfHeeZ4IE HA+2pleXKLi8MVHwhIi4rJchDI+5ru+nB3lXz64Ub0+h5Xre+H+2z4yL4w0zxLQepwLC l6LQ== X-Forwarded-Encrypted: i=1; AJvYcCVIdztfMutkJxQDQiZeFawkezk1mfNMVHMz/K75GJWSCV1tW6BlxsKqCA5/DNcej+7EN/SN0aa9and6ULY=@vger.kernel.org X-Gm-Message-State: AOJu0YziUFWdqLe+eseXi19o+Xh63+msLlkCd8F+E9vwpFk2YKf8VyDK coKltNOh0y+8FQ5vZfCnRRXz/O5NhScZ7VG1dYVfeSMSqUE/95vCbVuoMvUG25xc2YtCx6R5LId gFaHMmQ== X-Google-Smtp-Source: AGHT+IFjfpyiGFmFU4A8fVbY8HVbYLaMXLnxr98ykfXT3ShMDpAtm6QKzQ4bmfCIms/Lng092ujyzrsTcVs= X-Received: from pjuw7.prod.google.com ([2002:a17:90a:d607:b0:31f:6965:f3e6]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:3948:b0:31f:12f:ffaa with SMTP id 98e67ed59e1d1-32342163830mr293347a91.6.1755217560575; Thu, 14 Aug 2025 17:26:00 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:29 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-10-seanjc@google.com> Subject: [PATCH 6.6.y 09/20] KVM: VMX: Re-enter guest in fastpath for "spurious" preemption timer exits From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit e6b5d16bbd2d4c8259ad76aa33de80d561aba5f9 ] Re-enter the guest in the fast path if VMX preeemption timer VM-Exit was "spurious", i.e. if KVM "soft disabled" the timer by writing -1u and by some miracle the timer expired before any other VM-Exit occurred. This is just an intermediate step to cleaning up the preemption timer handling, optimizing these types of spurious VM-Exits is not interesting as they are extremely rare/infrequent. Link: https://lore.kernel.org/r/20240110012705.506918-3-seanjc@google.com Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index ee501871ddb0..32b792387271 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6019,8 +6019,15 @@ static fastpath_t handle_fastpath_preemption_timer(s= truct kvm_vcpu *vcpu) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 - if (!vmx->req_immediate_exit && - !unlikely(vmx->loaded_vmcs->hv_timer_soft_disabled)) { + /* + * In the *extremely* unlikely scenario that this is a spurious VM-Exit + * due to the timer expiring while it was "soft" disabled, just eat the + * exit and re-enter the guest. + */ + if (unlikely(vmx->loaded_vmcs->hv_timer_soft_disabled)) + return EXIT_FASTPATH_REENTER_GUEST; + + if (!vmx->req_immediate_exit) { kvm_lapic_expired_hv_timer(vcpu); return EXIT_FASTPATH_REENTER_GUEST; } --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 37BF61F541E for ; Fri, 15 Aug 2025 00:26:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217564; cv=none; b=odQ/LLYTmNQkhxwkCDSltozvICyF3+f0WciLOS5oziA1aocLkRfShgdDLxXwk/a2AbK6cCdQHUOFJPU8JW9SVUHlHw8CrJiEQvr+TSNnHPm6yEf3GCQKuRfdMCLjD0Gc3VDxleT5hLy8Pt+GTphqQy+itt8wnrghzk+Qii2PSP8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217564; c=relaxed/simple; bh=YkeK0+sBHNvehHuXgNtAfc5wNbib/MDo60witDlyAkg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=KXf7drVOQJD4pjV5ajXRPrhad9MkB/xWYM38l0QIzkMCzE1a/1fFNQ+wHYZosSfXyMsrW4T0dig/WZ/BgVwg0swNugkHLFm8SiATaQwE42u0ffPYijyrlNAV4pJHYn/fWdDahSllPOq9EGrpg1U8qiLQxkpHGf0XGZgE8XLbZCM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=CWXGti+D; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="CWXGti+D" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2445806dc88so32811395ad.1 for ; Thu, 14 Aug 2025 17:26:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217562; x=1755822362; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=PYvY2Sr9Oc1f4jEaee72DUuWJudzSEujeEG9ujSrm7g=; b=CWXGti+D8ZcDuhxw3XIR12QnZHGlPooENjo0EX+nTu1ErQ2V73B7EwOjNWtzv7R9gH ib/qzDQ12lBgTXC3f73DBvie0K8cDqGJ9mm1pkjS/lB3FAPOVR9wbnRVB7K1X4vX275w XHvD0u9C3ZsMY7TBYCdCK3Q28uiMJ9Ph7ej0QwO4OVRGSBxMuHFf9mUPMzTOEWN/hFdm 5UjU3n/BsFmx1JoAbA1Sja8sKEpMdSupvBL3s/JZ9Cwp7F8l0JUS69j9cMm7hG3w9rcj bo2PZhnLOUSsuWHryHgsPTxkeYaxF5woF85s6iP/HIEUc7JaQTrIRfUO5Yoo/7Iz8SRh Sx7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217562; x=1755822362; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=PYvY2Sr9Oc1f4jEaee72DUuWJudzSEujeEG9ujSrm7g=; b=nbhGiXVoMWSZEKMKzw6f13uFihOGCLouRR7ixwfyR7RjVXQdbhddK6mcrYQANkwcIX OrGNyKngbAdYwlrHP1Wz5f56dop4f/GQKS/EMg413V8W0fxyKlB90jGIk0+OCJMjGR9d MwmRV6EfZSzkVk4RfHBbviiGZR1DPJQxDrmbSocAN8oEmn+EJWjzrmBvI7zXomAtIUoa +7AdddQIr58xVO89V0VKfKLl2pvNzQm8JGNi6gxTVWDeyPjNX1htdkyPheQmVNCYbW9T OX2Ri0LVfoLBSfcN6Er1a3tvck7NPxiHYlFUm+NVMjOxBQM7hsN2nQvQlB6oCMyB1uca NXGg== X-Forwarded-Encrypted: i=1; AJvYcCXr4aXPR47YPWcC2/pdcGfvLk7Ve8UW0WfPNgK7nZuyA7BZMmVl67jJKemPyXragRfNBx69dvfIZuZ8w6g=@vger.kernel.org X-Gm-Message-State: AOJu0YwtMGL3kHsph9YPxYT640B2MM8MIHBIXYqpS/EHNLA5TEIvTHsO BeB9UeolcZEFMQgNY5FGzU1DkIO1yg0AeNKDYhsxZxuw/kq/9LQgW3oahZqdrn3kFP4vnGclX7z ttZ0ACw== X-Google-Smtp-Source: AGHT+IHsjF30T9KKGUIEbxZ0Ho5Yny/Gtu6qUWgWc0dpfdUesJGzLVo8k9vpXMQxwjUaaSSe7yJ3zq8qLk0= X-Received: from pjc7.prod.google.com ([2002:a17:90b:2f47:b0:313:274d:3007]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:4b4c:b0:23f:f3e1:7363 with SMTP id d9443c01a7336-2446d73e7c9mr1820395ad.23.1755217562684; Thu, 14 Aug 2025 17:26:02 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:30 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-11-seanjc@google.com> Subject: [PATCH 6.6.y 10/20] KVM: VMX: Handle forced exit due to preemption timer in fastpath From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 11776aa0cfa7d007ad1799b1553bdcbd830e5010 ] Handle VMX preemption timer VM-Exits due to KVM forcing an exit in the exit fastpath, i.e. avoid calling back into handle_preemption_timer() for the same exit. There is no work to be done for forced exits, as the name suggests the goal is purely to get control back in KVM. In addition to shaving a few cycles, this will allow cleanly separating handle_fastpath_preemption_timer() from handle_preemption_timer(), e.g. it's not immediately obvious why _apparently_ calling handle_fastpath_preemption_timer() twice on a "slow" exit is necessary: the "slow" call is necessary to handle exits from L2, which are excluded from the fastpath by vmx_vcpu_run(). Link: https://lore.kernel.org/r/20240110012705.506918-4-seanjc@google.com Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 32b792387271..631fdd4a575a 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6027,12 +6027,15 @@ static fastpath_t handle_fastpath_preemption_timer(= struct kvm_vcpu *vcpu) if (unlikely(vmx->loaded_vmcs->hv_timer_soft_disabled)) return EXIT_FASTPATH_REENTER_GUEST; =20 - if (!vmx->req_immediate_exit) { - kvm_lapic_expired_hv_timer(vcpu); - return EXIT_FASTPATH_REENTER_GUEST; - } + /* + * If the timer expired because KVM used it to force an immediate exit, + * then mission accomplished. + */ + if (vmx->req_immediate_exit) + return EXIT_FASTPATH_EXIT_HANDLED; =20 - return EXIT_FASTPATH_NONE; + kvm_lapic_expired_hv_timer(vcpu); + return EXIT_FASTPATH_REENTER_GUEST; } =20 static int handle_preemption_timer(struct kvm_vcpu *vcpu) --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 02BD51FF5EC for ; Fri, 15 Aug 2025 00:26:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217567; cv=none; b=E3hNRMiceboDMmlj9U9+MymWr0bEwMUx+vbIQZh+xPbPVXPU5yBa19WJ6P+hbg3kQvU0P4Aq2AeiWgn5pLpmjXWNj4Weh9rgwnEVCGIRKkF5sYLjrxaew5HRhA2nXtl3+4mPhaNKqCrc8Xgt+6Hn/unwbc+1IuV60fPpEkJLAKo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217567; c=relaxed/simple; bh=4HLcCjbausA3eoVQrOGl1gO2kwc168ccN7lc3Po/lf0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=BplapEJ3U0izPzOg1mRCf+LoPsXPZiN7OeFOI28UrCstp72yf3qYdbi6avgcj7cjkTKaS9WWctXHv89vO1qeBMhT3dNB52kjE5Tq+kOEe8YRggFaoSdKbzcYrilg/hjDphMxhYVBcdiOcdhNei4OehkoDp75oqLPAUhuS1tEDNI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=h4BO9ag9; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="h4BO9ag9" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-32326e017eeso1544339a91.3 for ; Thu, 14 Aug 2025 17:26:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217564; x=1755822364; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=IMEGPXNdBJlGJ8bO8wbUcUjLikv8xvB0yfWaV9VU0Go=; b=h4BO9ag9sxLQ8qJ3HC9HZDSwXzBKDMB1nvsG5x/Eb/6RmV3kzyVYCTLgaQ6Y5dbFQy QYEPdh7MDtQgNVTP0mZBkVR8fylb34V3jWN9BHnyOQnhcoXRgM9Y20aRdScT5RUPzPjD jsIEnLvpv7DZqKalT6n/bn8m9LlGid3lZkdipxf0Jms6fw7LvZQleaDmqRgrrhDkbbLP dYY2O3nL+rtqgIWCJFOwwvbsQ6w+KEHzr18M55gWfU7OaFqIS9mtFXzDJcI0jYwxmhPZ u+J0rN3E8vHlOlpMRDu546TbNmkSYLHq69CPXmRufMiJ+/IToURY9K1swz7HHbOiaOHq jxfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217564; x=1755822364; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=IMEGPXNdBJlGJ8bO8wbUcUjLikv8xvB0yfWaV9VU0Go=; b=dcquDBo0BNYe6RbgdW/Ml1GiC1azRKUSH9gBZEV7x8h4xNKqpsQxsMVu/WKRxWpIfl zPizWEV+g48qg61zanDjg9ih5oArkvEUifd4uHEEN2lal/q4cCrC3HuhMBPDCIsWZpGY VRS6Dg5JoEDVl4eX2ebG/gwJXs/stf14Z1uo+qtBNItdcYqAi896lbRM8vxq5n17j+7/ IWyHsCnMrkjG1CqO0Mhdye6ryXLNn0JOtmmB+tC/t97bv4rjB2KGvzYmNbcwQEHtwn4S /zcsoulVcZmld7CVt3luQGgsgbeJPrFB2KZoUSlzi75Eaq2Z2ND3SzLmi7aG21/ZHco7 wmyg== X-Forwarded-Encrypted: i=1; AJvYcCXsq7NDd2XUFJ53sRwJpuraZ0Bd/lgurCopVRsHMn8pMkWZ0gaDxQGgdX8cvLNPtYJfqydeY9rfunbPzjM=@vger.kernel.org X-Gm-Message-State: AOJu0Yyp/CuqOqkmUiRWjtd92x35A5RlcxBRy0RN1c9uHCgWRxVocHIe HQZE2CxrCzWYe+ssVaI0Bfq6YHKhf9h45k7e+a1ESd9oiGIwt8cADJJFSHySqlWyjLetWJZ/5as zEabMyQ== X-Google-Smtp-Source: AGHT+IEa5l9DZtDfSQ2yyw8HyBbrhYk/nGXUVV1TCU+KUfQUicM7eFfRl07ZUYWp5hXfhJ/1H+E8hTPVXRA= X-Received: from pjv7.prod.google.com ([2002:a17:90b:5647:b0:321:a6cc:51c3]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:254a:b0:31f:335d:3424 with SMTP id 98e67ed59e1d1-3234215b4c2mr294304a91.27.1755217564473; Thu, 14 Aug 2025 17:26:04 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:31 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-12-seanjc@google.com> Subject: [PATCH 6.6.y 11/20] KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit bf1a49436ea37b98dd2f37c57608951d0e28eecc ] Let the fastpath code decide which exits can/can't be handled in the fastpath when L2 is active, e.g. when KVM generates a VMX preemption timer exit to forcefully regain control, there is no "work" to be done and so such exits can be handled in the fastpath regardless of whether L1 or L2 is active. Moving the is_guest_mode() check into the fastpath code also makes it easier to see that L2 isn't allowed to use the fastpath in most cases, e.g. it's not immediately obvious why handle_fastpath_preemption_timer() is called from the fastpath and the normal path. Link: https://lore.kernel.org/r/20240110012705.506918-5-seanjc@google.com Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 6 +++--- arch/x86/kvm/vmx/vmx.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 5a230be224d1..f42c6ef7dc20 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4157,6 +4157,9 @@ static int svm_vcpu_pre_run(struct kvm_vcpu *vcpu) =20 static fastpath_t svm_exit_handlers_fastpath(struct kvm_vcpu *vcpu) { + if (is_guest_mode(vcpu)) + return EXIT_FASTPATH_NONE; + if (to_svm(vcpu)->vmcb->control.exit_code =3D=3D SVM_EXIT_MSR && to_svm(vcpu)->vmcb->control.exit_info_1) return handle_fastpath_set_msr_irqoff(vcpu); @@ -4315,9 +4318,6 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_= vcpu *vcpu, =20 svm_complete_interrupts(vcpu); =20 - if (is_guest_mode(vcpu)) - return EXIT_FASTPATH_NONE; - return svm_exit_handlers_fastpath(vcpu); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 631fdd4a575a..4c991d514015 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7258,6 +7258,9 @@ void noinstr vmx_spec_ctrl_restore_host(struct vcpu_v= mx *vmx, =20 static fastpath_t vmx_exit_handlers_fastpath(struct kvm_vcpu *vcpu) { + if (is_guest_mode(vcpu)) + return EXIT_FASTPATH_NONE; + switch (to_vmx(vcpu)->exit_reason.basic) { case EXIT_REASON_MSR_WRITE: return handle_fastpath_set_msr_irqoff(vcpu); @@ -7468,9 +7471,6 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu,= bool force_immediate_exit) vmx_recover_nmi_blocking(vmx); vmx_complete_interrupts(vmx); =20 - if (is_guest_mode(vcpu)) - return EXIT_FASTPATH_NONE; - return vmx_exit_handlers_fastpath(vcpu); } =20 --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7F44D20B7F4 for ; Fri, 15 Aug 2025 00:26:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217568; cv=none; b=L81uLHsu54QyWQO749NOEIYWgebvdvOpbPKctgN5UIhr8lN7Oa3anh8qvXH7SIhLlgTCNjRi5cJyqVZdB6eiAwcitgDcjDildcH3GHUkzjH3SeCR5wCcqA4HDwIU6iTbQ0CYl1AzuhlZbT0BEOSsZ1BTtnguUhNsgzrCH6ILMoc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217568; c=relaxed/simple; bh=VztUK3cHn4S41Id+RLhikf3i5GOn/hYUcLl1EXozI3A=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=rmB4aeZaINAuUNVCWHP5HfjdCKpI/yJsegR9KxcRdVnrp+ApGrq3ILrc/CwheGl3HwD9s5/dqrzOLDalCXy/WjN92YAtHVVQDnpJqWdOok2Oh1BizAlQtjTP1DmmhHjtp3CYhZXff50t3oMLZ0e+RQ24vcA9UbDZVvvLpVyhoac= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=utoFyZjD; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="utoFyZjD" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-32326bed374so1440948a91.2 for ; Thu, 14 Aug 2025 17:26:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217567; x=1755822367; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=j1EiiIuXzEcLgmSMmRJCG/oZIaaJYFDTMiB+4WGMfiE=; b=utoFyZjD0WuMFLSewnubw4yuLPoOncj7Z9+s9vPpqzJYkN5aaVfN0Mh5cGr9gM8AS7 7z75O6+DWN0y3mh9sZL0Oltj+PfN8faAs+7JxPiGbLsLQ+eiOr3eYsdNwAKHv8VnwPhE xqtRCqMtaigIyV1hvdh+MdZ3kesESVLYWEKgFto1i0FUsqu2lqkMfvYZarI1UH/j40cM 0Yy/NgsBvVsZ/84gDO/GT3VZARnD6TRedYiv/iy3JptoGYzkrw0cGqhPyDP54lacI/Is qn5HyfEYAd/KP1ciqyR4vyEyQo8lZDW+9LQMqgocFZneNhRUY3BIfT4zf1ga/WKgFccu oMMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217567; x=1755822367; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=j1EiiIuXzEcLgmSMmRJCG/oZIaaJYFDTMiB+4WGMfiE=; b=esa/iueLtW6VyAQ+6ZAClN5WQNFHHwQtohTsopVewXWm4c4p/YQoS6985Te7Rf0U1z VeBlr0UzRI7OEZT7q014j+vJ44ePG5dX4wFi+T+tavsko0r+qNpkiiWHPORdO6HMHvyZ EOBHqAtztfdcmV/Ze71NT1wRNKMaXWa4ENhgMu8e0jBYhVz3WBV8UuHhuuvbBLpCwx3N J7mDc3lSQ07j4Czt2p4YaDgYddmLvrgvEq8S7mCOO5o7fJNwToThnlVDafTx0rWjO7o1 KVgj9WzFj1eoVoJIsNgyl+S75HxfhJSFk6wTFb7iCmRCzMjhSIbMXtDp38zekHPAn+UT iiEg== X-Forwarded-Encrypted: i=1; AJvYcCW3O2ILoBWkZ8bCEaiKmBMwzStTybRKMSW0VEyFKley8az8uoC9UBRKg55MWrWbO9n5tvwphJ/bQ/TAaMk=@vger.kernel.org X-Gm-Message-State: AOJu0YynWLnDvSUtVyCU8Qeizmg5IWtquYhoiM0o+M++9/XaBEgMg3pH hyU3E+aJSJBU2Ct2VKe52XHZdlCpgftiHNSpENUVy32eBCt78pN39k4brpytVOg/DDXNl8TiL1H B/qmJ+g== X-Google-Smtp-Source: AGHT+IG3kNEPHVCTNCK6yFSl3v8wik71a42TL6j71aEhPq+q7dxE8jY14oeYIuRYtUdjc7Whn45/mLCZPpo= X-Received: from pjbsc9.prod.google.com ([2002:a17:90b:5109:b0:31f:6644:4725]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:4ad2:b0:312:2bb:aa89 with SMTP id 98e67ed59e1d1-32341ee92abmr346654a91.20.1755217566760; Thu, 14 Aug 2025 17:26:06 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:32 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-13-seanjc@google.com> Subject: [PATCH 6.6.y 12/20] KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 7b3d1bbf8d68d76fb21210932a5e8ed8ea80dbcc ] Eat VMX treemption timer exits in the fastpath regardless of whether L1 or L2 is active. The VM-Exit is 100% KVM-induced, i.e. there is nothing directly related to the exit that KVM needs to do on behalf of the guest, thus there is no reason to wait until the slow path to do nothing. Opportunistically add comments explaining why preemption timer exits for emulating the guest's APIC timer need to go down the slow path. Link: https://lore.kernel.org/r/20240110012705.506918-6-seanjc@google.com Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 4c991d514015..0ecc0e996386 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -6034,13 +6034,26 @@ static fastpath_t handle_fastpath_preemption_timer(= struct kvm_vcpu *vcpu) if (vmx->req_immediate_exit) return EXIT_FASTPATH_EXIT_HANDLED; =20 + /* + * If L2 is active, go down the slow path as emulating the guest timer + * expiration likely requires synthesizing a nested VM-Exit. + */ + if (is_guest_mode(vcpu)) + return EXIT_FASTPATH_NONE; + kvm_lapic_expired_hv_timer(vcpu); return EXIT_FASTPATH_REENTER_GUEST; } =20 static int handle_preemption_timer(struct kvm_vcpu *vcpu) { - handle_fastpath_preemption_timer(vcpu); + /* + * This non-fastpath handler is reached if and only if the preemption + * timer was being used to emulate a guest timer while L2 is active. + * All other scenarios are supposed to be handled in the fastpath. + */ + WARN_ON_ONCE(!is_guest_mode(vcpu)); + kvm_lapic_expired_hv_timer(vcpu); return 1; } =20 @@ -7258,7 +7271,12 @@ void noinstr vmx_spec_ctrl_restore_host(struct vcpu_= vmx *vmx, =20 static fastpath_t vmx_exit_handlers_fastpath(struct kvm_vcpu *vcpu) { - if (is_guest_mode(vcpu)) + /* + * If L2 is active, some VMX preemption timer exits can be handled in + * the fastpath even, all other exits must use the slow path. + */ + if (is_guest_mode(vcpu) && + to_vmx(vcpu)->exit_reason.basic !=3D EXIT_REASON_PREEMPTION_TIMER) return EXIT_FASTPATH_NONE; =20 switch (to_vmx(vcpu)->exit_reason.basic) { --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3056C212B2B for ; Fri, 15 Aug 2025 00:26:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217570; cv=none; b=qfNCPrBW2BJ2QBS3kfRoSQwmI8v6dzMtalnlJ/M6R1y6zu6hOdJS087zpBo2aUxPqARe2V+Xy3TbkUlGx63h45Ippwg5UeiTRVqFRlreVhLdqZFSsvZkzp+PMv/zWNOOp2dRoMhZMUuOvgGnclYiemaxS4UPkMflVS0QQOsE4Ao= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217570; c=relaxed/simple; bh=qmL9NrmtiXC3HK88dDM+5zUIzt7pM8rk2E5vbAlLZ6g=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=trMCj9snhQyNOoiEzxw703QUYPAZPMgMvfCR0NvBc9sGPM2Cu+oi/DBga69L36qsembPqaRWislfNqQzUMJ+J5bk3RnfnutI9LfB8qt8BnddiUtHtq2A0LGdAOw9o/8sFuDRJ2ATKeOp3z4wqd/U0PKTqyUsN1FVzNFssOd5v/s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=2SMBNvUh; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="2SMBNvUh" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-321cf7549afso2081606a91.0 for ; Thu, 14 Aug 2025 17:26:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217569; x=1755822369; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=0eUCS0Bqt57t3+SFOXzW9pVxMUOmtV+wP/2egB/EzGA=; b=2SMBNvUhMFQYEiIiQrjkjaIHSNfTf1pr3c+I+sDP+V95HtWQFEzdTPjyFO7KtJ3jrK yok3QRDzk0FRq+3CqAsd0iriwa36PtuWllkcShL6IsxUM6kl2sWwBBqATfovLhAdaoqD Q1G6WZqgXp7nt7nIrh8stoJWxmee/40v8z0KIiazc8hNN1aR4fBgvNjMKRYV9gcBzTpk aS1vKQl3qfAsMT/zOyWORRo4Ejno4DQ4N0R5tpmgL9vD55laDS09v8gYeeBGGwWopoua 0zH8CgH32/Au3GkoMwCsJ39pw6DzSc5B/6oRiTbBa8e3hNYxFVfmZTM6E4obNYb/G6co jDtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217569; x=1755822369; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0eUCS0Bqt57t3+SFOXzW9pVxMUOmtV+wP/2egB/EzGA=; b=wnxzVfGaPBpDi0ZnWX4aXYczIPWVhOJTptpauGu81vPbG/0RPF7W/Wfb2y+DUf4DYG pY5zkL22G5hXZECxS9j65grWWTDxNYaF+wORFnM9g/22Eq0FMlhx3OP6mc2BMhjpqycD Ey6kD2QWBXiJ8UBaq6MCuE9NWCV5U1Z8tZ2qm/AzsR8iq7xaTo+fWNUBFHjjeRaz5dew jEBY7+ND+Xtl46vKU2SMenx+vionWfluFrivYD7ywai4qjV8seXn2tyt33xVl5feTgEu mmZQBw/CTBGWpD3V2VYYx5ZlAgcQrYzCLVazntdxs/4ZtsFx0y38MhS6T0peaGmAFW3k UV5Q== X-Forwarded-Encrypted: i=1; AJvYcCW8PNxbh9nzPM52acqOzl0u7Xj1DErD75cKpkzDRGH68/VRkpH0AMSqF5DvfO6Q05rsyCL1qJFDi7HR4OY=@vger.kernel.org X-Gm-Message-State: AOJu0YwiEXUvnNTNxFqT2/2wO/qaNtPClwE2tF5OTu12AYzB9SWl7dY2 SbGnFtj41MFxk10DAcT2s8PdtN93IFE0KqS3Oyr4tHdi7or9Aqih1UZJiPdm+iMXsstQ1WqpaAf LbAT3UQ== X-Google-Smtp-Source: AGHT+IHNEO/6ctMp9BDujnLiKXXKG05Q/ECbAKzWkRd0I0EnYabFWDHpgpKuHdxcom2gzRTTIyDfWqa1DfI= X-Received: from pjbos14.prod.google.com ([2002:a17:90b:1cce:b0:31f:3227:1724]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:3f85:b0:31f:35f:96a1 with SMTP id 98e67ed59e1d1-323407b888fmr487019a91.15.1755217568723; Thu, 14 Aug 2025 17:26:08 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:33 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-14-seanjc@google.com> Subject: [PATCH 6.6.y 13/20] KVM: x86: Fully defer to vendor code to decide how to force immediate exit From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 0ec3d6d1f169baa7fc512ae4b78d17e7c94b7763 ] Now that vmx->req_immediate_exit is used only in the scope of vmx_vcpu_run(), use force_immediate_exit to detect that KVM should usurp the VMX preemption to force a VM-Exit and let vendor code fully handle forcing a VM-Exit. Opportunsitically drop __kvm_request_immediate_exit() and just have vendor code call smp_send_reschedule() directly. SVM already does this when injecting an event while also trying to single-step an IRET, i.e. it's not exactly secret knowledge that KVM uses a reschedule IPI to force an exit. Link: https://lore.kernel.org/r/20240110012705.506918-7-seanjc@google.com Signed-off-by: Sean Christopherson [sean: resolve absurd conflict due to funky kvm_x86_ops.sched_in prototype] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm-x86-ops.h | 1 - arch/x86/include/asm/kvm_host.h | 3 --- arch/x86/kvm/svm/svm.c | 7 ++++--- arch/x86/kvm/vmx/vmx.c | 32 +++++++++++++----------------- arch/x86/kvm/vmx/vmx.h | 2 -- arch/x86/kvm/x86.c | 10 +--------- 6 files changed, 19 insertions(+), 36 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index e59ded976166..8fe6667d945f 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -102,7 +102,6 @@ KVM_X86_OP(write_tsc_multiplier) KVM_X86_OP(get_exit_info) KVM_X86_OP(check_intercept) KVM_X86_OP(handle_exit_irqoff) -KVM_X86_OP(request_immediate_exit) KVM_X86_OP(sched_in) KVM_X86_OP_OPTIONAL(update_cpu_dirty_logging) KVM_X86_OP_OPTIONAL(vcpu_blocking) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 5703600a454e..8898ad8cb3de 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1695,8 +1695,6 @@ struct kvm_x86_ops { struct x86_exception *exception); void (*handle_exit_irqoff)(struct kvm_vcpu *vcpu); =20 - void (*request_immediate_exit)(struct kvm_vcpu *vcpu); - void (*sched_in)(struct kvm_vcpu *kvm, int cpu); =20 /* @@ -2182,7 +2180,6 @@ extern bool kvm_find_async_pf_gfn(struct kvm_vcpu *vc= pu, gfn_t gfn); =20 int kvm_skip_emulated_instruction(struct kvm_vcpu *vcpu); int kvm_complete_insn_gp(struct kvm_vcpu *vcpu, int err); -void __kvm_request_immediate_exit(struct kvm_vcpu *vcpu); =20 void __user *__x86_set_memory_region(struct kvm *kvm, int id, gpa_t gpa, u32 size); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f42c6ef7dc20..4a53b38ea386 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4222,8 +4222,11 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kvm= _vcpu *vcpu, * is enough to force an immediate vmexit. */ disable_nmi_singlestep(svm); + force_immediate_exit =3D true; + } + + if (force_immediate_exit) smp_send_reschedule(vcpu->cpu); - } =20 pre_svm_run(vcpu); =20 @@ -5075,8 +5078,6 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .check_intercept =3D svm_check_intercept, .handle_exit_irqoff =3D svm_handle_exit_irqoff, =20 - .request_immediate_exit =3D __kvm_request_immediate_exit, - .sched_in =3D svm_sched_in, =20 .nested_ops =3D &svm_nested_ops, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 0ecc0e996386..704e5a552b4f 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -49,6 +49,8 @@ #include #include =20 +#include + #include "capabilities.h" #include "cpuid.h" #include "hyperv.h" @@ -1304,8 +1306,6 @@ void vmx_prepare_switch_to_guest(struct kvm_vcpu *vcp= u) u16 fs_sel, gs_sel; int i; =20 - vmx->req_immediate_exit =3D false; - /* * Note that guest MSRs to be saved/restored can also be changed * when guest state is loaded. This happens when guest transitions @@ -6015,7 +6015,8 @@ static int handle_pml_full(struct kvm_vcpu *vcpu) return 1; } =20 -static fastpath_t handle_fastpath_preemption_timer(struct kvm_vcpu *vcpu) +static fastpath_t handle_fastpath_preemption_timer(struct kvm_vcpu *vcpu, + bool force_immediate_exit) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); =20 @@ -6031,7 +6032,7 @@ static fastpath_t handle_fastpath_preemption_timer(st= ruct kvm_vcpu *vcpu) * If the timer expired because KVM used it to force an immediate exit, * then mission accomplished. */ - if (vmx->req_immediate_exit) + if (force_immediate_exit) return EXIT_FASTPATH_EXIT_HANDLED; =20 /* @@ -7210,13 +7211,13 @@ static void atomic_switch_perf_msrs(struct vcpu_vmx= *vmx) msrs[i].host, false); } =20 -static void vmx_update_hv_timer(struct kvm_vcpu *vcpu) +static void vmx_update_hv_timer(struct kvm_vcpu *vcpu, bool force_immediat= e_exit) { struct vcpu_vmx *vmx =3D to_vmx(vcpu); u64 tscl; u32 delta_tsc; =20 - if (vmx->req_immediate_exit) { + if (force_immediate_exit) { vmcs_write32(VMX_PREEMPTION_TIMER_VALUE, 0); vmx->loaded_vmcs->hv_timer_soft_disabled =3D false; } else if (vmx->hv_deadline_tsc !=3D -1) { @@ -7269,7 +7270,8 @@ void noinstr vmx_spec_ctrl_restore_host(struct vcpu_v= mx *vmx, barrier_nospec(); } =20 -static fastpath_t vmx_exit_handlers_fastpath(struct kvm_vcpu *vcpu) +static fastpath_t vmx_exit_handlers_fastpath(struct kvm_vcpu *vcpu, + bool force_immediate_exit) { /* * If L2 is active, some VMX preemption timer exits can be handled in @@ -7283,7 +7285,7 @@ static fastpath_t vmx_exit_handlers_fastpath(struct k= vm_vcpu *vcpu) case EXIT_REASON_MSR_WRITE: return handle_fastpath_set_msr_irqoff(vcpu); case EXIT_REASON_PREEMPTION_TIMER: - return handle_fastpath_preemption_timer(vcpu); + return handle_fastpath_preemption_timer(vcpu, force_immediate_exit); default: return EXIT_FASTPATH_NONE; } @@ -7425,7 +7427,9 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu,= bool force_immediate_exit) vmx_passthrough_lbr_msrs(vcpu); =20 if (enable_preemption_timer) - vmx_update_hv_timer(vcpu); + vmx_update_hv_timer(vcpu, force_immediate_exit); + else if (force_immediate_exit) + smp_send_reschedule(vcpu->cpu); =20 kvm_wait_lapic_expire(vcpu); =20 @@ -7489,7 +7493,7 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu,= bool force_immediate_exit) vmx_recover_nmi_blocking(vmx); vmx_complete_interrupts(vmx); =20 - return vmx_exit_handlers_fastpath(vcpu); + return vmx_exit_handlers_fastpath(vcpu, force_immediate_exit); } =20 static void vmx_vcpu_free(struct kvm_vcpu *vcpu) @@ -7988,11 +7992,6 @@ static __init void vmx_set_cpu_caps(void) kvm_cpu_cap_check_and_set(X86_FEATURE_WAITPKG); } =20 -static void vmx_request_immediate_exit(struct kvm_vcpu *vcpu) -{ - to_vmx(vcpu)->req_immediate_exit =3D true; -} - static int vmx_check_intercept_io(struct kvm_vcpu *vcpu, struct x86_instruction_info *info) { @@ -8404,8 +8403,6 @@ static struct kvm_x86_ops vmx_x86_ops __initdata =3D { .check_intercept =3D vmx_check_intercept, .handle_exit_irqoff =3D vmx_handle_exit_irqoff, =20 - .request_immediate_exit =3D vmx_request_immediate_exit, - .sched_in =3D vmx_sched_in, =20 .cpu_dirty_log_size =3D PML_ENTITY_NUM, @@ -8663,7 +8660,6 @@ static __init int hardware_setup(void) if (!enable_preemption_timer) { vmx_x86_ops.set_hv_timer =3D NULL; vmx_x86_ops.cancel_hv_timer =3D NULL; - vmx_x86_ops.request_immediate_exit =3D __kvm_request_immediate_exit; } =20 kvm_caps.supported_mce_cap |=3D MCG_LMCE_P; diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index fb36bde2dd87..50d32d830890 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -331,8 +331,6 @@ struct vcpu_vmx { unsigned int ple_window; bool ple_window_dirty; =20 - bool req_immediate_exit; - /* Support for PML */ #define PML_ENTITY_NUM 512 struct page *pml_pg; diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 8a7a6cf4b4ec..44784ad244c6 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10505,12 +10505,6 @@ static void kvm_vcpu_reload_apic_access_page(struc= t kvm_vcpu *vcpu) static_call_cond(kvm_x86_set_apic_access_page_addr)(vcpu); } =20 -void __kvm_request_immediate_exit(struct kvm_vcpu *vcpu) -{ - smp_send_reschedule(vcpu->cpu); -} -EXPORT_SYMBOL_GPL(__kvm_request_immediate_exit); - /* * Called within kvm->srcu read side. * Returns 1 to let vcpu_run() continue the guest execution loop without @@ -10756,10 +10750,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) goto cancel_injection; } =20 - if (req_immediate_exit) { + if (req_immediate_exit) kvm_make_request(KVM_REQ_EVENT, vcpu); - static_call(kvm_x86_request_immediate_exit)(vcpu); - } =20 fpregs_assert_state_consistent(); if (test_thread_flag(TIF_NEED_FPU_LOAD)) --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 26D64217705 for ; Fri, 15 Aug 2025 00:26:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217572; cv=none; b=uJ7HZjgJ8zpT3TT3WjREMC7S04wIlQ41kVN3SIS/ZQ18RW8thdW4J9fIKH+pwj5PntxqYXU2sqju2cJRkZiHv7YAme3m3d+GMokPRkZW0NToRjX2a/H8aYdp0RuCvKjbmjwpJb9waKuMDLPcK5TYKLgq37XFdqDyFBZN3oqm14o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217572; c=relaxed/simple; bh=G23S4kNqIwEsQRVADerKeIDf6O0t9XWndToh77VNu98=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=LtUUlj4vTYP7TTBw/x1qjEXkF/OBp7pC7x1ClUDgmAP7gCFDYxW+RmWCXONoVFlS1Dz77hnK71SDYJ8exkQG4lPVkzVZa5dL27XJQ2uOyv9wVv05R1J534MuVCusQQEfKyVF1CPopcIbvrQZVuFnS/GB2oAfMnn9FRxJucoM8Do= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=hkpI39D0; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="hkpI39D0" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2445805d386so15616735ad.1 for ; Thu, 14 Aug 2025 17:26:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217570; x=1755822370; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=b3Ex4BhCqTclsBZTxw66rQdaiSPLXQ9JFOBRn+0+cL0=; b=hkpI39D0ofWusd+rI3w88ZQ0nrnUC2GqR+bJreSPPHaJvNyhg7yNrrqjydv7o7IbVl JGK3U6jH+sb8I+fSCifZvrgBDWaFFYgIUqC7Q7uTrSFFttReFNi5v+rpQthnNGtDEa3r f7fFcGr9ec48l4ruCClv1/IQe08Jpfy3RKljYA6EjLhPwpeN4cjNDFtQZPYNfAFMSB9U RuG5/xtQS8QVL7rr2tn3BRvRyZnOEX8mmnlVYcNll6Us2sgpZog58fSf86uNAejZpZg9 fLzUvgDkaZ0o1oXVlNm+lGT53svwHEYMQDxM+p256VTDdPQet7aND3KetAISqSgbMELv zoYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217570; x=1755822370; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=b3Ex4BhCqTclsBZTxw66rQdaiSPLXQ9JFOBRn+0+cL0=; b=sYBRg5r32mIe9eFOZwQoCqoRVmtiiaQ6sROxtN+fWGvvsUyyOb8fOamXUhqiIXJoSQ rCsIXXMFwLkrzEY66fPL3Re3luhGPP9MNLTaLb+1X2mh0KHZeKrhjhz7eIcG4pxAaPbv fm7usI9ztJWABRQMgfeU0G3EgRuVUEvIJADxgKpWN137h8ygxyfKITgDxM3GaUCbEQm8 18bqY9az2zRi/OFmpZpsuoTHKtmpZxdPuz2rTF2U1U7mxlOKzwrIaEW3kABHEPrQzCsX R87cA7n8X1xl5fLGdA5OS8sCXuEKJy1rbLxpl/ay0HFdnxoDZj0pfOo+G3JC/L6tbW5Q 7Bbw== X-Forwarded-Encrypted: i=1; AJvYcCX67LZeXvnc8ugRprIgqU/qGIr3UDAcdQoLRjTgSOEqAeowkIC/PM5hdOWcrzcZfDzk2JDeDV62YvTmAcg=@vger.kernel.org X-Gm-Message-State: AOJu0YxjQZeBIuTkIITYJ02pR70fzmZsaIPpfz8MSKxkU8l3rY9gxEol 6qW3GWgbWNKwUcasFpBxv++HIIX5WbOCB1qQlEd7Mi+O/7RDOe1+JEgascjyMuxCEy9pWajOrM4 dhkh14Q== X-Google-Smtp-Source: AGHT+IEVbOY5aRbEI6Ttg/wSMQ7ASZVe+c20PkZNWtxZFSYT5D7jsz8719NZTSboYv5vr3CpWFkKtdeI4mE= X-Received: from plhq10.prod.google.com ([2002:a17:903:11ca:b0:23f:fd13:e74d]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:f708:b0:234:c8ec:51b5 with SMTP id d9443c01a7336-2446d9a0045mr1553265ad.53.1755217570536; Thu, 14 Aug 2025 17:26:10 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:34 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-15-seanjc@google.com> Subject: [PATCH 6.6.y 14/20] KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 2478b1b220c49d25cb1c3f061ec4f9b351d9a131 ] Convert kvm_x86_ops.vcpu_run()'s "force_immediate_exit" boolean parameter into an a generic bitmap so that similar "take action" information can be passed to vendor code without creating a pile of boolean parameters. This will allow dropping kvm_x86_ops.set_dr6() in favor of a new flag, and will also allow for adding similar functionality for re-loading debugctl in the active VMCS. Opportunistically massage the TDX WARN and comment to prepare for adding more run_flags, all of which are expected to be mutually exclusive with TDX, i.e. should be WARNed on. No functional change intended. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20250610232010.162191-3-seanjc@google.com Signed-off-by: Sean Christopherson [sean: drop TDX crud, account for lack of kvm_x86_call()] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 6 +++++- arch/x86/kvm/svm/svm.c | 4 ++-- arch/x86/kvm/vmx/vmx.c | 3 ++- arch/x86/kvm/x86.c | 10 ++++++++-- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 8898ad8cb3de..aa6d04cd9ee6 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1550,6 +1550,10 @@ static inline u16 kvm_lapic_irq_dest_mode(bool dest_= mode_logical) return dest_mode_logical ? APIC_DEST_LOGICAL : APIC_DEST_PHYSICAL; } =20 +enum kvm_x86_run_flags { + KVM_RUN_FORCE_IMMEDIATE_EXIT =3D BIT(0), +}; + struct kvm_x86_ops { const char *name; =20 @@ -1625,7 +1629,7 @@ struct kvm_x86_ops { =20 int (*vcpu_pre_run)(struct kvm_vcpu *vcpu); enum exit_fastpath_completion (*vcpu_run)(struct kvm_vcpu *vcpu, - bool force_immediate_exit); + u64 run_flags); int (*handle_exit)(struct kvm_vcpu *vcpu, enum exit_fastpath_completion exit_fastpath); int (*skip_emulated_instruction)(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 4a53b38ea386..61e5e261cde2 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4197,9 +4197,9 @@ static noinstr void svm_vcpu_enter_exit(struct kvm_vc= pu *vcpu, bool spec_ctrl_in guest_state_exit_irqoff(); } =20 -static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, - bool force_immediate_exit) +static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, u64 run_f= lags) { + bool force_immediate_exit =3D run_flags & KVM_RUN_FORCE_IMMEDIATE_EXIT; struct vcpu_svm *svm =3D to_svm(vcpu); bool spec_ctrl_intercepted =3D msr_write_intercepted(vcpu, MSR_IA32_SPEC_= CTRL); =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 704e5a552b4f..065aac2f4bce 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7345,8 +7345,9 @@ static noinstr void vmx_vcpu_enter_exit(struct kvm_vc= pu *vcpu, guest_state_exit_irqoff(); } =20 -static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate= _exit) +static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 run_flags) { + bool force_immediate_exit =3D run_flags & KVM_RUN_FORCE_IMMEDIATE_EXIT; struct vcpu_vmx *vmx =3D to_vmx(vcpu); unsigned long cr3, cr4; =20 diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 44784ad244c6..342e666a0d13 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10518,6 +10518,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) dm_request_for_irq_injection(vcpu) && kvm_cpu_accept_dm_intr(vcpu); fastpath_t exit_fastpath; + u64 run_flags; =20 bool req_immediate_exit =3D false; =20 @@ -10750,8 +10751,11 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) goto cancel_injection; } =20 - if (req_immediate_exit) + run_flags =3D 0; + if (req_immediate_exit) { + run_flags |=3D KVM_RUN_FORCE_IMMEDIATE_EXIT; kvm_make_request(KVM_REQ_EVENT, vcpu); + } =20 fpregs_assert_state_consistent(); if (test_thread_flag(TIF_NEED_FPU_LOAD)) @@ -10787,7 +10791,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) WARN_ON_ONCE((kvm_vcpu_apicv_activated(vcpu) !=3D kvm_vcpu_apicv_active(= vcpu)) && (kvm_get_apic_mode(vcpu) !=3D LAPIC_MODE_DISABLED)); =20 - exit_fastpath =3D static_call(kvm_x86_vcpu_run)(vcpu, req_immediate_exit= ); + exit_fastpath =3D static_call(kvm_x86_vcpu_run)(vcpu, run_flags); if (likely(exit_fastpath !=3D EXIT_FASTPATH_REENTER_GUEST)) break; =20 @@ -10799,6 +10803,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) break; } =20 + run_flags =3D 0; + /* Note, VM-Exits that go down the "slow" path are accounted below. */ ++vcpu->stat.exits; } --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EFFEF7080D for ; Fri, 15 Aug 2025 00:26:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217576; cv=none; b=qgPs7HNvbvLnS1rdo1l4dubu/anKL972Itfo3W09rfkCU0oTdpSzQnazO2gJGvMu6PoC5L4ysbyLOm9gkXuCUMx4Vuxu77B/EfPTJIBVv9aaOUHdBzgtve4Np9ZGTEKZzuutzDxyOynu+IsEZ+7TPIwdAeo7+XQ14oqMeUewgNI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217576; c=relaxed/simple; bh=G0NDwdIsj2ihwhmwFEESAYrV0+xgoRspOIEsyi/reJ0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Gq60HShNUlHRk/kaxlnBKnWefufjPdpTg/nfCqbbUBKoDlKJqve9B0nh0JhRoX3GF3vuSngDt6X1y/bgZeVUZxczSx5LvdiMAGuXKKSg9YieNQuzD+RYQ+EK26lbeBZFPJ8sAWsz2qXCUSOP3K9OPIPkRRbesuk2M049wLuUP9Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Ak3PZNyt; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Ak3PZNyt" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b4716fb3aedso1005791a12.0 for ; Thu, 14 Aug 2025 17:26:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217572; x=1755822372; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=1NmwxF8lRbh39Vs4VzCJzcU0jFcojuDEO3hNXRHfjBo=; b=Ak3PZNytJKQVCSZF7Y/bA2TlSsYzuK7b0RmyUBczC5BMBFa3ozcYzHJVovHoeioFWW lsT84Afg/J3nmwq0Wc/0CA6iKzCTTRatYuqxPIaDbNqfKHQZSdIE1LzQuwHwkdZcjWJm VoAl0RTw+6opHnjBsUHIIfhfMhhD+1dmvI12xgrqptleTMAvSUh59JQFsQe4qsfuDLsG MiYsCgQavge8Gxwqv+gsWtOwlAWkdxwo5bVgAHEJAGFsqzISrwPQiPf9VU+IbnQnag2A gb/y4G8EazzBGGtNYvJegTCKqFyNWfxnK/4TGhQuVyacWGTPFc8qmi66LF4X48D5VZZp WWHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217572; x=1755822372; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1NmwxF8lRbh39Vs4VzCJzcU0jFcojuDEO3hNXRHfjBo=; b=EuxHy3iTO/saDz5DaOAGhEAoZDQ5sPqVNFTe9d+t7/gCHRWZKOUoX/4yige7GUuGX0 RItW2CrHZ9vW2tnGR2NXR+zwpLStug0v51WXzxQCn6knDsMtH1nC/1aKh/rbwCgCU9Zo JbCkMEh+BCZfQZ6V0nKmUqBgVF1HSJziwsCSVnoPeTAp0EFUwhHSJms1tHR2vrp/SbyC bx7ZTKHI/26+1czZxNmC8ZfpYKwBufH8hjajqMqp7818BHy90vPUrinVJz+MHgEF3fxo ASBtfRbS46cHC76AuShyWf3lgPZgk5RUrTNgB6VgPDQkwW+Mhrw4jvzqgMM0rJQccdyz FT6Q== X-Forwarded-Encrypted: i=1; AJvYcCXeWOwQYn+YPEXJw0Yx6LMkztU2tlQYhEpCe2dUDpSGafuuYR/SOKZuFcjKN3/yHdwoH6/Ayo+b7KYOtiE=@vger.kernel.org X-Gm-Message-State: AOJu0Yw2EbHUmjyONFP2+f3XU6r4sT+ZQeMU4vCgu4WCSIHE7mWuKBn9 4c0IciIzhBHftOq94KURkCw/73LOesL8LsxB0lqCHeavVHF02tWtv3jFBAkOzGXywH029ChVLJM 0Rg+znw== X-Google-Smtp-Source: AGHT+IH2BIHh4aF3U2IC72sjj70AoxLnpMAEq15LWoYKP66FH7E3+j4ib0fRj/VB4ZEYKYDvyceF1SCk+u8= X-Received: from pjyp16.prod.google.com ([2002:a17:90a:e710:b0:31c:160d:e3be]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5450:b0:323:284a:5c3f with SMTP id 98e67ed59e1d1-32341e0f372mr363134a91.8.1755217572354; Thu, 14 Aug 2025 17:26:12 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:35 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-16-seanjc@google.com> Subject: [PATCH 6.6.y 15/20] KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 80c64c7afea1da6a93ebe88d3d29d8a60377ef80 ] Instruct vendor code to load the guest's DR6 into hardware via a new KVM_RUN flag, and remove kvm_x86_ops.set_dr6(), whose sole purpose was to load vcpu->arch.dr6 into hardware when DR6 can be read/written directly by the guest. Note, TDX already WARNs on any run_flag being set, i.e. will yell if KVM thinks DR6 needs to be reloaded. TDX vCPUs force KVM_DEBUGREG_AUTO_SWITCH and never clear the flag, i.e. should never observe KVM_RUN_LOAD_GUEST_DR6. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20250610232010.162191-4-seanjc@google.com Signed-off-by: Sean Christopherson [sean: account for lack of vmx/main.c] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm-x86-ops.h | 1 - arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/svm/svm.c | 10 ++++++---- arch/x86/kvm/vmx/vmx.c | 10 +++------- arch/x86/kvm/x86.c | 2 +- 5 files changed, 11 insertions(+), 14 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index 8fe6667d945f..a0a4fc684e63 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -48,7 +48,6 @@ KVM_X86_OP(set_idt) KVM_X86_OP(get_gdt) KVM_X86_OP(set_gdt) KVM_X86_OP(sync_dirty_debug_regs) -KVM_X86_OP(set_dr6) KVM_X86_OP(set_dr7) KVM_X86_OP(cache_reg) KVM_X86_OP(get_rflags) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index aa6d04cd9ee6..7373b22c02a7 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1552,6 +1552,7 @@ static inline u16 kvm_lapic_irq_dest_mode(bool dest_m= ode_logical) =20 enum kvm_x86_run_flags { KVM_RUN_FORCE_IMMEDIATE_EXIT =3D BIT(0), + KVM_RUN_LOAD_GUEST_DR6 =3D BIT(1), }; =20 struct kvm_x86_ops { @@ -1600,7 +1601,6 @@ struct kvm_x86_ops { void (*get_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt); void (*set_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt); void (*sync_dirty_debug_regs)(struct kvm_vcpu *vcpu); - void (*set_dr6)(struct kvm_vcpu *vcpu, unsigned long value); void (*set_dr7)(struct kvm_vcpu *vcpu, unsigned long value); void (*cache_reg)(struct kvm_vcpu *vcpu, enum kvm_reg reg); unsigned long (*get_rflags)(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 61e5e261cde2..abff6d45ae33 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4241,10 +4241,13 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kv= m_vcpu *vcpu, u64 run_flags) svm_hv_update_vp_id(svm->vmcb, vcpu); =20 /* - * Run with all-zero DR6 unless needed, so that we can get the exact cause - * of a #DB. + * Run with all-zero DR6 unless the guest can write DR6 freely, so that + * KVM can get the exact cause of a #DB. Note, loading guest DR6 from + * KVM's snapshot is only necessary when DR accesses won't exit. */ - if (likely(!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))) + if (unlikely(run_flags & KVM_RUN_LOAD_GUEST_DR6)) + svm_set_dr6(vcpu, vcpu->arch.dr6); + else if (likely(!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))) svm_set_dr6(vcpu, DR6_ACTIVE_LOW); =20 clgi(); @@ -5021,7 +5024,6 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .set_idt =3D svm_set_idt, .get_gdt =3D svm_get_gdt, .set_gdt =3D svm_set_gdt, - .set_dr6 =3D svm_set_dr6, .set_dr7 =3D svm_set_dr7, .sync_dirty_debug_regs =3D svm_sync_dirty_debug_regs, .cache_reg =3D svm_cache_reg, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 065aac2f4bce..08ca218ee858 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -5616,12 +5616,6 @@ static void vmx_sync_dirty_debug_regs(struct kvm_vcp= u *vcpu) set_debugreg(DR6_RESERVED, 6); } =20 -static void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val) -{ - lockdep_assert_irqs_disabled(); - set_debugreg(vcpu->arch.dr6, 6); -} - static void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val) { vmcs_writel(GUEST_DR7, val); @@ -7392,6 +7386,9 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu,= u64 run_flags) vmcs_writel(GUEST_RIP, vcpu->arch.regs[VCPU_REGS_RIP]); vcpu->arch.regs_dirty =3D 0; =20 + if (run_flags & KVM_RUN_LOAD_GUEST_DR6) + set_debugreg(vcpu->arch.dr6, 6); + /* * Refresh vmcs.HOST_CR3 if necessary. This must be done immediately * prior to VM-Enter, as the kernel may load a new ASID (PCID) any time @@ -8337,7 +8334,6 @@ static struct kvm_x86_ops vmx_x86_ops __initdata =3D { .set_idt =3D vmx_set_idt, .get_gdt =3D vmx_get_gdt, .set_gdt =3D vmx_set_gdt, - .set_dr6 =3D vmx_set_dr6, .set_dr7 =3D vmx_set_dr7, .sync_dirty_debug_regs =3D vmx_sync_dirty_debug_regs, .cache_reg =3D vmx_cache_reg, diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 342e666a0d13..07207d8126b4 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10772,7 +10772,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) set_debugreg(vcpu->arch.eff_db[3], 3); /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)) - static_call(kvm_x86_set_dr6)(vcpu, vcpu->arch.dr6); + run_flags |=3D KVM_RUN_LOAD_GUEST_DR6; } else if (unlikely(hw_breakpoint_active())) { set_debugreg(0, 7); } --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com [209.85.215.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DF16521D3C9 for ; Fri, 15 Aug 2025 00:26:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217576; cv=none; b=REo4YTQuy4u6n+vOuJ/XKlic79E4H4/xw+4dPzyZyX+Ht6vdDpMhvgLF46D/so7fAM8A2SUG7enTBpR6Ep4ZMhTAvBye/hdyrOz/GhtE2rjOTWQw+1hTw2IfYVibzZICztj6bc2BRXrm3mQIfbcXvl2Iwi2CqgAkBjixYjhiMpM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217576; c=relaxed/simple; bh=/IiKb2UN6NIrbOOa08VQXgMrzpDFlocGasn1XlZEIGg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=kbHeWMSQtJ3VfRjg6p8BIjggF8T++u4L3EqzNElqRZ654B2HWXr9z5s1JwaP6hJb/tOJZGz6XT0pKwotu3I9BKNUNlIvJBikrwifAkr/xz86hv2VlbdzZvFh/mSL+uSJ5lcYXJKaAovQojAvjS2AmuuH+3chxKU+Ulen6iGrXrI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=knv0Q+Ou; arc=none smtp.client-ip=209.85.215.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="knv0Q+Ou" Received: by mail-pg1-f201.google.com with SMTP id 41be03b00d2f7-b4716fb7f2aso990850a12.0 for ; Thu, 14 Aug 2025 17:26:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217574; x=1755822374; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=zWqf+ODUewWqtQUwrkc1cIbhsaF3K9K+427e32UUWjo=; b=knv0Q+OurA2Cx/CDIokpEESNN+Nfg0FCsySgkNE6cNiPQeRcZihiRjL6nJ48MnI55p cekl/GciviF9+ld39okyOvl0YOosE2yPCKqhKG51khZbjrU0muc3P5PmIJzRIhpY7z3J YX3jJ9if+WnIu6Ubg2eQrP5KSXJ3CEFiCX8OAQiBTzJrbe0nUIpc1r/oW+GQCXwEdZ6w +AEnJfEHfAffdO/9vtfqgAbQJbB1+I8sAkSd7eetezWE/or2waWRmJZ3F52XtcgyVzG9 0r29a3xPzAD7N4H0N3V5HkPlWGXkBTbnsLDtBrWx7FwrqVOgxNVuoalmp2WL52D3rQik 5WIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217574; x=1755822374; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zWqf+ODUewWqtQUwrkc1cIbhsaF3K9K+427e32UUWjo=; b=lK3is6FeNV0CT4M02tDXH/gFtF5KBRbwHbqjPheUfpy7xqZ11gFIenxMvWIlrlv3Ay x9frHLjPk32qeRwxFrautTvKuv4qDTFR04u1pn3imtp0B3oeB9lZMOgQyueUEoY5zrnl WTihe4U3swnKQS1KFDCGBbW9WccMzkYVCnqh3Aoeyj0vWsxTKd7vCgXRWdbcjbUh1G1B QHq7tUR/ZvTqMUXPlc67+6UBn5xLCmCXUai2ilELS76S5CE0LmC1RGmPaiuMH5xiyyAi ClX1MT6Jd1aJVyLYRtEQu/QJE84EeiOZMOGCTfPDlGLMSSclG6cMPmULxAjaxk2lBfh9 EZIQ== X-Forwarded-Encrypted: i=1; AJvYcCWyB8dFOG/5DNcEZNRKv/TkxT9dE6mkTS76D9C4mb094140J8jOQaOtHG+Q4yk1F4wDS8HcotUBeC16+Fo=@vger.kernel.org X-Gm-Message-State: AOJu0YyzeXLRAgpMoGDKBDeGULBy3zBd1HoPNbXPo3bCXvZJeEE/VXgp Z59oZIo6a96d2tnz2UnMZR4emnlEc47MIPZJ1yz4FOjw9Ji8IHH7/StKd7TBgdzlxxJ1Klc//dA /VboBZw== X-Google-Smtp-Source: AGHT+IHabHEkDiu3aHpCxhpBkfZt77DDXCcXMkgWTbHMtwvNhlVRz3tRq+jdWNuZp9kMhjiWHZ4O6g7zjRQ= X-Received: from pjbsm2.prod.google.com ([2002:a17:90b:2e42:b0:31e:c61e:663b]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:e84b:b0:240:5523:6658 with SMTP id d9443c01a7336-2446d89d22cmr2336095ad.29.1755217574277; Thu, 14 Aug 2025 17:26:14 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:36 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-17-seanjc@google.com> Subject: [PATCH 6.6.y 16/20] KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 17ec2f965344ee3fd6620bef7ef68792f4ac3af0 ] Let the guest set DEBUGCTL.RTM_DEBUG if RTM is supported according to the guest CPUID model, as debug support is supposed to be available if RTM is supported, and there are no known downsides to letting the guest debug RTM aborts. Note, there are no known bug reports related to RTM_DEBUG, the primary motivation is to reduce the probability of breaking existing guests when a future change adds a missing consistency check on vmcs12.GUEST_DEBUGCTL (KVM currently lets L2 run with whatever hardware supports; whoops). Note #2, KVM already emulates DR6.RTM, and doesn't restrict access to DR7.RTM. Fixes: 83c529151ab0 ("KVM: x86: expose Intel cpu new features (HLE, RTM) to= guest") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20250610232010.162191-5-seanjc@google.com Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/include/asm/msr-index.h | 1 + arch/x86/kvm/vmx/vmx.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-in= dex.h index 033855457581..723e48b57bd0 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -380,6 +380,7 @@ #define DEBUGCTLMSR_FREEZE_PERFMON_ON_PMI (1UL << 12) #define DEBUGCTLMSR_FREEZE_IN_SMM_BIT 14 #define DEBUGCTLMSR_FREEZE_IN_SMM (1UL << DEBUGCTLMSR_FREEZE_IN_SMM_BIT) +#define DEBUGCTLMSR_RTM_DEBUG BIT(15) =20 #define MSR_PEBS_FRONTEND 0x000003f7 =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 08ca218ee858..359c3b7f52a1 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2161,6 +2161,10 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcp= u *vcpu, bool host_initiated (host_initiated || intel_pmu_lbr_is_enabled(vcpu))) debugctl |=3D DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI; =20 + if (boot_cpu_has(X86_FEATURE_RTM) && + (host_initiated || guest_cpuid_has(vcpu, X86_FEATURE_RTM))) + debugctl |=3D DEBUGCTLMSR_RTM_DEBUG; + return debugctl; } =20 --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC6DB220F33 for ; Fri, 15 Aug 2025 00:26:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217578; cv=none; b=nx4WcJ/zzWhs/3UY40WL8wCrQ2UFA4DlT5HJiAQxZgJR6AfjiRr9W2lGFuBQYsTyxBjoWAN/AiejhR/J4/BT2Han2oLeHJs5WPwMuke4CmeBBUBVa9+xIqWKPSZUsSRJykKnSslNeGKQetQqIc1Yc679Ydoy/zwSdq7xiP342E8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217578; c=relaxed/simple; bh=7IriJ40V1j1AUUsE3s5Zz2JGaaCPbVDvJPGSHI+Yk30=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=jOJM2F66U+O8RThIta4VhZlm8cLAp/EZU1cKMsatWWfYLkQk/t8lQAQIjKo7pKYvxPLZPBczixoB8JV0fTkQ25TeRF8y3/6blCodGhd9+ZiDZ2IUN0Y9LfG0akGV1R348MPKKm0sv8xnuBUzImm+a4Dcj0h+CKfaFtO2C+Vo010= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=tFeLi6HD; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="tFeLi6HD" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-76e2e614c60so1300357b3a.0 for ; Thu, 14 Aug 2025 17:26:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217576; x=1755822376; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=vy+pQa1LXNegts2iousNQs5afcQ/B6emlO1wnkFSccE=; b=tFeLi6HDHCiZE2UINs459SGQpo7Bc4mUdgC9d5zpvuPR9OSHrvwg3bE7Kvf+G5dQO2 BH4u2C434IKFHJ4HA5HomKmM/doLVhL0+M0mkVIQPBQRmAT4SEknQuHbIEfezF/sb89S HL4RfwZZ1hNjRvwtU+6cBbguMv28QE/IFVO0+UJX6+I51K1/55NpMHFTCi0Q7NmFelib b9pCEzfmFesrBhyJW7ZlVxzt1GmKvwz8xFKAVuFadu7ujrGOjvzO0MXHk52/GmJ38z3N ILk6ZqaphTgCfwphv45Ee+/BI2h6UyPmdQ9QKSfQkO4ITbHEec0IO0xRUr0gR25/LKmJ 84qQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217576; x=1755822376; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vy+pQa1LXNegts2iousNQs5afcQ/B6emlO1wnkFSccE=; b=CFodk1vCnZOl3Kxv7b0qPipNhflu2MpEFaD/yaOxehd8XTwTh9qf+vas+MS5Ps3MGC WHO1UA5vSauxizQmeOBZIVVth6VHuqQRrBeZ5JYJaz8IFmWmswGYPXthPi53FfZAGbui XUO12cZfHN0HByvIC16lepBfee7DULCLu97kEOTU+5uTngPdrRNtwIMM6qRBd7HDDf3l rgBY2oRhK0uNYHen57HM8PPNYpl4exBtk4nMSm6oUsbQ3nAFnjB/J9DKy5QV989sInIA bI7JhVRklaVMX2w9PolXRa/8gNzQlz9crA6of6Jo+yBUU+AEA+RfHD8kd8HODguIIpuJ EWWA== X-Forwarded-Encrypted: i=1; AJvYcCX2gMClnYgiXx07AVkCXj5vLOjCT/enXUnFjuPVlKNK7fYCgioynAT2Id2LY2ijt+sB4pwQfe4gsqz7LSo=@vger.kernel.org X-Gm-Message-State: AOJu0YxiNCyi/Ly+ya8YEYrHk+bD0oTFgaKAlCadtCO7QU0p68LRpCYs 9eG07VVBBWZplRW9NLqKeR2oPv34kAHuKGN+TkF1Aa3sISSV7p8jUpOaAZgOrKmuWWkUIsl/xdn YtYCw6A== X-Google-Smtp-Source: AGHT+IEt5p1TsxVfZkMSIbkV8aIEvprJyW9Aj4RcIjmeJYSyl8GYBGBA/2LJV6KbjYb1EAX79+L0y4bNkaA= X-Received: from pgbfe14.prod.google.com ([2002:a05:6a02:288e:b0:b42:189a:ccef]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:3944:b0:240:1a3a:d7ec with SMTP id adf61e73a8af0-240d2dec806mr403454637.4.1755217576079; Thu, 14 Aug 2025 17:26:16 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:37 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-18-seanjc@google.com> Subject: [PATCH 6.6.y 17/20] KVM: VMX: Extract checking of guest's DEBUGCTL into helper From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 8a4351ac302cd8c19729ba2636acfd0467c22ae8 ] Move VMX's logic to check DEBUGCTL values into a standalone helper so that the code can be used by nested VM-Enter to apply the same logic to the value being loaded from vmcs12. KVM needs to explicitly check vmcs12->guest_ia32_debugctl on nested VM-Enter, as hardware may support features that KVM does not, i.e. relying on hardware to detect invalid guest state will result in false negatives. Unfortunately, that means applying KVM's funky suppression of BTF and LBR to vmcs12 so as not to break existing guests. No functional change intended. Reviewed-by: Dapeng Mi Link: https://lore.kernel.org/r/20250610232010.162191-6-seanjc@google.com Stable-dep-of: 7d0cce6cbe71 ("KVM: VMX: Wrap all accesses to IA32_DEBUGCTL = with getter/setter APIs") Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 359c3b7f52a1..aaa767ed170e 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2168,6 +2168,19 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcp= u *vcpu, bool host_initiated return debugctl; } =20 +static bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, + bool host_initiated) +{ + u64 invalid; + + invalid =3D data & ~vmx_get_supported_debugctl(vcpu, host_initiated); + if (invalid & (DEBUGCTLMSR_BTF | DEBUGCTLMSR_LBR)) { + kvm_pr_unimpl_wrmsr(vcpu, MSR_IA32_DEBUGCTLMSR, data); + invalid &=3D ~(DEBUGCTLMSR_BTF | DEBUGCTLMSR_LBR); + } + return !invalid; +} + /* * Writes msr value into the appropriate "register". * Returns 0 on success, non-0 otherwise. @@ -2236,19 +2249,12 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struc= t msr_data *msr_info) } vmcs_writel(GUEST_SYSENTER_ESP, data); break; - case MSR_IA32_DEBUGCTLMSR: { - u64 invalid; - - invalid =3D data & ~vmx_get_supported_debugctl(vcpu, msr_info->host_init= iated); - if (invalid & (DEBUGCTLMSR_BTF|DEBUGCTLMSR_LBR)) { - kvm_pr_unimpl_wrmsr(vcpu, msr_index, data); - data &=3D ~(DEBUGCTLMSR_BTF|DEBUGCTLMSR_LBR); - invalid &=3D ~(DEBUGCTLMSR_BTF|DEBUGCTLMSR_LBR); - } - - if (invalid) + case MSR_IA32_DEBUGCTLMSR: + if (!vmx_is_valid_debugctl(vcpu, data, msr_info->host_initiated)) return 1; =20 + data &=3D vmx_get_supported_debugctl(vcpu, msr_info->host_initiated); + if (is_guest_mode(vcpu) && get_vmcs12(vcpu)->vm_exit_controls & VM_EXIT_SAVE_DEBUG_CONTROLS) get_vmcs12(vcpu)->guest_ia32_debugctl =3D data; @@ -2258,7 +2264,6 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) (data & DEBUGCTLMSR_LBR)) intel_pmu_create_guest_lbr_event(vcpu); return 0; - } case MSR_IA32_BNDCFGS: if (!kvm_mpx_supported() || (!msr_info->host_initiated && --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1CAE2221F2D for ; Fri, 15 Aug 2025 00:26:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217579; cv=none; b=amX8C37wf37aohZGGGSehrSMygR/Dw5SFgIrk6hHdzp2qXfrTFsYjN26ANdsbINtVFYHOxWXHVj75CP3MpkQROkAxXcOqUQ/fNcjJXmfTu22f19W/MRIdIxICL84wSR9Vw9LXRjCKq39K4Q+WBAk3dzYMUjMnnyJDLulx/Es4QE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217579; c=relaxed/simple; bh=p4dCvAd4mXflRzfHtzDKLcCTHS3SRtNyCPfKuoiaNV0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ck5MvY8JHkRqJQCj+M2oNjZXtu7Gb84oe7jzG95oYES8IJ/00G2qU0m6dHrB5KR14YoXSN/odFJRxuVGgoeQXl02Q5fNt5CWph8Wcwrf+c7EmVQvNrUuWLt65vdFbicp2vcEwCpsUlVGOLSIuUSD/XAtBGSP7HR9zrso4QsVngg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3ObSOpn7; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3ObSOpn7" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2445823e49fso15112955ad.3 for ; Thu, 14 Aug 2025 17:26:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217577; x=1755822377; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=53vBTDF7RBPTpZSGrh0yYlNu6XtU0moZ/utYZKMKn/0=; b=3ObSOpn7u06Efr/XsUm0b3kMrB+IcWIww4ZymZSwupOa37b4sFALvKxFJWlC49FdNv /+AZsmANM8gkwDHNLGamN3CMpy79gzqv+ac4p2zaXA7MNLrmWf7KIYfRNd6Ekt5jQD65 jVGH+FwHuWlqP746pYOzAEKNfJ2U9SuFui1ROuPm7nj6+SYiV9Sy3Wyedos/Sf15BeOs WsLGBqctOSDRbZw+eicI7N1NmFJfgMc6Do80MUcZAfLJXxBDsxl2Peg5sSunya176UWd nMlWJcloGXXIR1SzMmlhTIOuflioOrRLxQvz9wgdxiSlit78t1To7ik/9RuwWTli/ijA AMkw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217577; x=1755822377; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=53vBTDF7RBPTpZSGrh0yYlNu6XtU0moZ/utYZKMKn/0=; b=cK4lOA+1FkNzwXYkNg2A3cjnme3cmQ55k5SVtsmJwa5EUXRdwrE0RHpaQrMFVAlcFA B6iNOKoDKrdWamekUyhoH2mszhM2kl+HudfQCnlBdnzOutqxJ755Tf7/7/JF2Paq5yP6 PsEceSd3MCGlDBRJWP3SW1w0uNBsQ2XYt/FjjDFTAa0mYbuIWeZoGB8jKwg/vpSSxRTE Gm5EXzNT+0Ra3K8fKXSrP6GNLtIKAXolBJeGSuJYxLo51pLg5mUZqskNdl5Ox9TgAWQ+ uA9vW1b1w4NWon2oitik8DgET7K7+HWCV+1sifNy08XGStUlQkYm8rBpPAHYHEWuck4P MMIQ== X-Forwarded-Encrypted: i=1; AJvYcCXHPFimjJ+xZG5px2aliGaQ9hfSNrxxQAahSVCuVeeN6dQYdEgB3AJ7AVmdBK745K8EAs7QmPbSAvNuJI8=@vger.kernel.org X-Gm-Message-State: AOJu0YzJcHYoLf4xy+nS6o0gzdu7ij8SIfmzEXj5OwZYtXckF9nFBRnr eQYFgpg8g+VqLw+zLSzs8aRS9unTWiVEWlBM7g2+KnEa0BVDQl2nEz6/DbS59EUIl9D2fnmtORj Cj9AeEQ== X-Google-Smtp-Source: AGHT+IFOIJKPVE47U4qWIYKeZH+SExckdDMu3G+YvWlwxwowM/FH/K/CYfYghZsPjsdzr4Ye3PB5MEllrSw= X-Received: from pjbpm11.prod.google.com ([2002:a17:90b:3c4b:b0:314:d44:4108]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:2a86:b0:240:c678:c1ee with SMTP id d9443c01a7336-2446d5ae9bfmr2413235ad.11.1755217577663; Thu, 14 Aug 2025 17:26:17 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:38 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-19-seanjc@google.com> Subject: [PATCH 6.6.y 18/20] KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maxim Levitsky [ Upstream commit 095686e6fcb4150f0a55b1a25987fad3d8af58d6 ] Add a consistency check for L2's guest_ia32_debugctl, as KVM only supports a subset of hardware functionality, i.e. KVM can't rely on hardware to detect illegal/unsupported values. Failure to check the vmcs12 value would allow the guest to load any harware-supported value while running L2. Take care to exempt BTF and LBR from the validity check in order to match KVM's behavior for writes via WRMSR, but without clobbering vmcs12. Even if VM_EXIT_SAVE_DEBUG_CONTROLS is set in vmcs12, L1 can reasonably expect that vmcs12->guest_ia32_debugctl will not be modified if writes to the MSR are being intercepted. Arguably, KVM _should_ update vmcs12 if VM_EXIT_SAVE_DEBUG_CONTROLS is set *and* writes to MSR_IA32_DEBUGCTLMSR are not being intercepted by L1, but that would incur non-trivial complexity and wouldn't change the fact that KVM's handling of DEBUGCTL is blatantly broken. I.e. the extra complexity is not worth carrying. Cc: stable@vger.kernel.org Signed-off-by: Maxim Levitsky Co-developed-by: Sean Christopherson Link: https://lore.kernel.org/r/20250610232010.162191-7-seanjc@google.com Stable-dep-of: 7d0cce6cbe71 ("KVM: VMX: Wrap all accesses to IA32_DEBUGCTL = with getter/setter APIs") Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 12 ++++++++++-- arch/x86/kvm/vmx/vmx.c | 5 ++--- arch/x86/kvm/vmx/vmx.h | 3 +++ 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index fdf7503491f9..10236ecdad95 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2564,7 +2564,8 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, stru= ct vmcs12 *vmcs12, if (vmx->nested.nested_run_pending && (vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) { kvm_set_dr(vcpu, 7, vmcs12->guest_dr7); - vmcs_write64(GUEST_IA32_DEBUGCTL, vmcs12->guest_ia32_debugctl); + vmcs_write64(GUEST_IA32_DEBUGCTL, vmcs12->guest_ia32_debugctl & + vmx_get_supported_debugctl(vcpu, false)); } else { kvm_set_dr(vcpu, 7, vcpu->arch.dr7); vmcs_write64(GUEST_IA32_DEBUGCTL, vmx->nested.pre_vmenter_debugctl); @@ -3045,7 +3046,8 @@ static int nested_vmx_check_guest_state(struct kvm_vc= pu *vcpu, return -EINVAL; =20 if ((vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS) && - CC(!kvm_dr7_valid(vmcs12->guest_dr7))) + (CC(!kvm_dr7_valid(vmcs12->guest_dr7)) || + CC(!vmx_is_valid_debugctl(vcpu, vmcs12->guest_ia32_debugctl, false))= )) return -EINVAL; =20 if ((vmcs12->vm_entry_controls & VM_ENTRY_LOAD_IA32_PAT) && @@ -4435,6 +4437,12 @@ static void sync_vmcs02_to_vmcs12(struct kvm_vcpu *v= cpu, struct vmcs12 *vmcs12) (vmcs12->vm_entry_controls & ~VM_ENTRY_IA32E_MODE) | (vm_entry_controls_get(to_vmx(vcpu)) & VM_ENTRY_IA32E_MODE); =20 + /* + * Note! Save DR7, but intentionally don't grab DEBUGCTL from vmcs02. + * Writes to DEBUGCTL that aren't intercepted by L1 are immediately + * propagated to vmcs12 (see vmx_set_msr()), as the value loaded into + * vmcs02 doesn't strictly track vmcs12. + */ if (vmcs12->vm_exit_controls & VM_EXIT_SAVE_DEBUG_CONTROLS) kvm_get_dr(vcpu, 7, (unsigned long *)&vmcs12->guest_dr7); =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index aaa767ed170e..32f1a38a1010 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2149,7 +2149,7 @@ static u64 nested_vmx_truncate_sysenter_addr(struct k= vm_vcpu *vcpu, return (unsigned long)data; } =20 -static u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_ini= tiated) +u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated) { u64 debugctl =3D 0; =20 @@ -2168,8 +2168,7 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcpu= *vcpu, bool host_initiated return debugctl; } =20 -static bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, - bool host_initiated) +bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, bool host_init= iated) { u64 invalid; =20 diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 50d32d830890..5816fdd2dfa8 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -429,6 +429,9 @@ static inline void vmx_set_intercept_for_msr(struct kvm= _vcpu *vcpu, u32 msr, =20 void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcpu); =20 +u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated); +bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, bool host_init= iated); + /* * Note, early Intel manuals have the write-low and read-high bitmap offse= ts * the wrong way round. The bitmaps control MSRs 0x00000000-0x00001fff and --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0A13B22C355 for ; Fri, 15 Aug 2025 00:26:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217581; cv=none; b=WoyqeYPqKjySMQ6sNQq5gUbuXney1FyUO89TWLFD2gYS0c/bAXZU3iz37meaYd+yyY9RHIApM8YsP+yrSBwVdVH+y5sK3mb3mU5Swrfxri/9FJUs4yted3I9eVfZHnFrMUAnUzgjTpuREjZzb0Hlc2h+whb+2Yp6q/HVaWIGnwQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217581; c=relaxed/simple; bh=1lxck3juNnlYZYqrbbAcn+KEh9Ac4GyB3fAHTVwsVUg=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=M891xYbSE94RH8oJM/uQAlIyUV+Xf7UbE+C/0bsA3v1s1LKltTt85itobbBIUI6M64lboc1au3juuXN1371L2A5dxtoGYkeVuIRi0Q0U+RDm09OjF/N4fKeDndaB2XM04nFL2fSeXJtM3WHFw9FVo51UuA864uuJg/fDWz/n1hY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=OVYB7jPY; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="OVYB7jPY" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-24458264c5aso14265105ad.3 for ; Thu, 14 Aug 2025 17:26:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217579; x=1755822379; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=dp680Q5VlQBMlftPIvF9phnbJ0ICumE0Bjq/O86JVFw=; b=OVYB7jPYMm+orptj5OQ2SgkBcXrQF8agNmTF6LWk5pIHh5PWd9rpSGQ3pRd8wzt3Tl m3iIW9dSliu3/SJMnZ6okfZEayRNAtbGWet+YmgoEUx3fBL+5O33HMSBqMvTHji5pXFs PajzCsg/8/xmD5iWIYWTs8GD6n+I+pDq9tJ/WXa3r4lfVk4KztYbZI6P1IUc4CU/dbmc QJjXflN7VA2HD1b3QLeTrJA4PtwhPkosHqZ2d+SQA6gqnF84cDLK1MpM6/VWyriD/mXX NAroiXVKmcqT2C6HyRKDDB+6a9M+UwaWBRTmS+1AIElC0pyGzfa+yjRd6xcc6vSouSLn vQmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217579; x=1755822379; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=dp680Q5VlQBMlftPIvF9phnbJ0ICumE0Bjq/O86JVFw=; b=guWlsHFKSUwmhwi0Yvz1Zq/10Ck4guIiRya/v8gqbnV+yq6FUFLX1PhO36U+0S6HL8 /3LHgtArvLUUphzIJeCE+tbWAJDu/W6ggdAaBRa3lrous/tdVJUn3uVmnUlhvGfjJ6sb ueijw4+AsL5348+BTlEiFP7qX2i6XhEf6Srscuv4j2PsLaRiiQ9G9/UdsBTSDoYu3upI F/3T1rMjMJl0P/JWkt9vJ/ZKEv/9iKddB/wdgPU3ZvjUbvQQ3H1ceRIUjSMcnQ1x0/7f lG8J5SBqJm9KDus0b5BmNwv9nAxRwDM962WtzNw0oXVrZoSLvNFo1paDKNDYmGmSsxxg 7d3w== X-Forwarded-Encrypted: i=1; AJvYcCVabuUn5W83s+Ljy1CKFziqWqPn5rXsWmhYardsuu+mNbWJkaoubuC2Xcvm2I+ZRUA1iZ4H+kjQtSUCKJs=@vger.kernel.org X-Gm-Message-State: AOJu0YxN6/24U5f4/+0bLr436Pfj4+7X3WUwzRRdkJynIKKDkqlqdP2G IjnWCJ/NoUDWyVZNhpLMukYSXX60CNP1U6Kq6rQ0leJE1Dc2mJEzkbEVqHbtajYLoyhXy1ohEVC gCbzdEQ== X-Google-Smtp-Source: AGHT+IHjNX/uTjzzYIl0CQrOOHQ3/PYHGL3ZmqcxxCUHkQHd5BO4uufPzUUvm3h/s9LNwlXLq34tbVWbe6Q= X-Received: from pjbkl4.prod.google.com ([2002:a17:90b:4984:b0:321:c93b:20e8]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:e943:b0:242:b03f:8b24 with SMTP id d9443c01a7336-2446d6e4b64mr2617115ad.2.1755217579422; Thu, 14 Aug 2025 17:26:19 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:39 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-20-seanjc@google.com> Subject: [PATCH 6.6.y 19/20] KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maxim Levitsky [ Upstream commit 7d0cce6cbe71af6e9c1831bff101a2b9c249c4a2 ] Introduce vmx_guest_debugctl_{read,write}() to handle all accesses to vmcs.GUEST_IA32_DEBUGCTL. This will allow stuffing FREEZE_IN_SMM into GUEST_IA32_DEBUGCTL based on the host setting without bleeding the state into the guest, and without needing to copy+paste the FREEZE_IN_SMM logic into every patch that accesses GUEST_IA32_DEBUGCTL. No functional change intended. Cc: stable@vger.kernel.org Signed-off-by: Maxim Levitsky [sean: massage changelog, make inline, use in all prepare_vmcs02() cases] Reviewed-by: Dapeng Mi Link: https://lore.kernel.org/r/20250610232010.162191-8-seanjc@google.com Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 10 +++++----- arch/x86/kvm/vmx/pmu_intel.c | 8 ++++---- arch/x86/kvm/vmx/vmx.c | 8 +++++--- arch/x86/kvm/vmx/vmx.h | 10 ++++++++++ 4 files changed, 24 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 10236ecdad95..2ce39ffbcefb 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2564,11 +2564,11 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, st= ruct vmcs12 *vmcs12, if (vmx->nested.nested_run_pending && (vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) { kvm_set_dr(vcpu, 7, vmcs12->guest_dr7); - vmcs_write64(GUEST_IA32_DEBUGCTL, vmcs12->guest_ia32_debugctl & - vmx_get_supported_debugctl(vcpu, false)); + vmx_guest_debugctl_write(vcpu, vmcs12->guest_ia32_debugctl & + vmx_get_supported_debugctl(vcpu, false)); } else { kvm_set_dr(vcpu, 7, vcpu->arch.dr7); - vmcs_write64(GUEST_IA32_DEBUGCTL, vmx->nested.pre_vmenter_debugctl); + vmx_guest_debugctl_write(vcpu, vmx->nested.pre_vmenter_debugctl); } if (kvm_mpx_supported() && (!vmx->nested.nested_run_pending || !(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS))) @@ -3433,7 +3433,7 @@ enum nvmx_vmentry_status nested_vmx_enter_non_root_mo= de(struct kvm_vcpu *vcpu, =20 if (!vmx->nested.nested_run_pending || !(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) - vmx->nested.pre_vmenter_debugctl =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + vmx->nested.pre_vmenter_debugctl =3D vmx_guest_debugctl_read(); if (kvm_mpx_supported() && (!vmx->nested.nested_run_pending || !(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS))) @@ -4633,7 +4633,7 @@ static void load_vmcs12_host_state(struct kvm_vcpu *v= cpu, __vmx_set_segment(vcpu, &seg, VCPU_SREG_LDTR); =20 kvm_set_dr(vcpu, 7, 0x400); - vmcs_write64(GUEST_IA32_DEBUGCTL, 0); + vmx_guest_debugctl_write(vcpu, 0); =20 if (nested_vmx_load_msr(vcpu, vmcs12->vm_exit_msr_load_addr, vmcs12->vm_exit_msr_load_count)) diff --git a/arch/x86/kvm/vmx/pmu_intel.c b/arch/x86/kvm/vmx/pmu_intel.c index 48a2f77f62ef..50364e00e4e9 100644 --- a/arch/x86/kvm/vmx/pmu_intel.c +++ b/arch/x86/kvm/vmx/pmu_intel.c @@ -633,11 +633,11 @@ static void intel_pmu_reset(struct kvm_vcpu *vcpu) */ static void intel_pmu_legacy_freezing_lbrs_on_pmi(struct kvm_vcpu *vcpu) { - u64 data =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + u64 data =3D vmx_guest_debugctl_read(); =20 if (data & DEBUGCTLMSR_FREEZE_LBRS_ON_PMI) { data &=3D ~DEBUGCTLMSR_LBR; - vmcs_write64(GUEST_IA32_DEBUGCTL, data); + vmx_guest_debugctl_write(vcpu, data); } } =20 @@ -707,7 +707,7 @@ void vmx_passthrough_lbr_msrs(struct kvm_vcpu *vcpu) =20 if (!lbr_desc->event) { vmx_disable_lbr_msrs_passthrough(vcpu); - if (vmcs_read64(GUEST_IA32_DEBUGCTL) & DEBUGCTLMSR_LBR) + if (vmx_guest_debugctl_read() & DEBUGCTLMSR_LBR) goto warn; if (test_bit(INTEL_PMC_IDX_FIXED_VLBR, pmu->pmc_in_use)) goto warn; @@ -729,7 +729,7 @@ void vmx_passthrough_lbr_msrs(struct kvm_vcpu *vcpu) =20 static void intel_pmu_cleanup(struct kvm_vcpu *vcpu) { - if (!(vmcs_read64(GUEST_IA32_DEBUGCTL) & DEBUGCTLMSR_LBR)) + if (!(vmx_guest_debugctl_read() & DEBUGCTLMSR_LBR)) intel_pmu_release_guest_lbr_event(vcpu); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 32f1a38a1010..d0973bd7853c 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2124,7 +2124,7 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) msr_info->data =3D vmx->pt_desc.guest.addr_a[index / 2]; break; case MSR_IA32_DEBUGCTLMSR: - msr_info->data =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + msr_info->data =3D vmx_guest_debugctl_read(); break; default: find_uret_msr: @@ -2258,7 +2258,8 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct = msr_data *msr_info) VM_EXIT_SAVE_DEBUG_CONTROLS) get_vmcs12(vcpu)->guest_ia32_debugctl =3D data; =20 - vmcs_write64(GUEST_IA32_DEBUGCTL, data); + vmx_guest_debugctl_write(vcpu, data); + if (intel_pmu_lbr_is_enabled(vcpu) && !to_vmx(vcpu)->lbr_desc.event && (data & DEBUGCTLMSR_LBR)) intel_pmu_create_guest_lbr_event(vcpu); @@ -4826,7 +4827,8 @@ static void init_vmcs(struct vcpu_vmx *vmx) vmcs_write32(GUEST_SYSENTER_CS, 0); vmcs_writel(GUEST_SYSENTER_ESP, 0); vmcs_writel(GUEST_SYSENTER_EIP, 0); - vmcs_write64(GUEST_IA32_DEBUGCTL, 0); + + vmx_guest_debugctl_write(&vmx->vcpu, 0); =20 if (cpu_has_vmx_tpr_shadow()) { vmcs_write64(VIRTUAL_APIC_PAGE_ADDR, 0); diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 5816fdd2dfa8..769e70fd142c 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -432,6 +432,16 @@ void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcp= u); u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated); bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, bool host_init= iated); =20 +static inline void vmx_guest_debugctl_write(struct kvm_vcpu *vcpu, u64 val) +{ + vmcs_write64(GUEST_IA32_DEBUGCTL, val); +} + +static inline u64 vmx_guest_debugctl_read(void) +{ + return vmcs_read64(GUEST_IA32_DEBUGCTL); +} + /* * Note, early Intel manuals have the write-low and read-high bitmap offse= ts * the wrong way round. The bitmaps control MSRs 0x00000000-0x00001fff and --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DC687236457 for ; Fri, 15 Aug 2025 00:26:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217583; cv=none; b=Em7XFBgT+LSe4nQP3mW73krDt73oX5VOZfJnXRAzAH5BJ/cUjS1JHarbt6SnkNXBFXFkCowwuo+plWUOesbMzT0Dv6RWlTVY03P6RP5/ZsHbxGxOrBnEXlxgQ9SRa1eo9wDXZOYlsjSydR4/ne4Kxc8uVwtlTKNkt8Sg+l/1j6E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755217583; c=relaxed/simple; bh=tSxnN4InUIVD7D/q15JOgDmCPiIY9B6B5sarM+K8O58=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=GHlurCFAmo+PfL9v+LuID977yGD7tYHmqB0djQiFnicYEj3xyffDdvMeH7Edb9YqyKTul6HKptmo/49C3RZPFpRgg4HvO2ctrwLG9b7qr0ZD6LrlSb75AoXmcEeEXZ95FQzPG9jhVaMua5SJrh/XuL2g1983w/75NFrXsPTG5Zo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=wNxUYaPE; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="wNxUYaPE" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-323267c0292so1438706a91.1 for ; Thu, 14 Aug 2025 17:26:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755217581; x=1755822381; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=RmdRRSXfWYLt7Y3oCZwldZc/EeDUMdt6fP/F4SZL2Q4=; b=wNxUYaPEF+rc58WhsT02GfuR1sjAndO6qC5hTfxpeAze8hye5mwObXtR2IvK9n6D2T RrJctjUYa4SgZB2kJCK/6Z0bS93Gh8Wd3PnrXHTJ1PksPWm7SXFNp5JAm02EU5vbB2Nj 0PqdfFbsykbuC4mjuW1x7gH6+g3gNpGfKRGYTB21h+bB+KWTJXtCXrDzb+A7eLyFnDcO ioRFjNr67DjnmyoKRlyFm/jcx3nt1g9pQL/eQKn/FNX7BpazkYByjNW0aW2LDoY5oJEr T2ymQ+dUz0Nl2wcyrjJQZ4QsxJpkYEFBoWQNW0j4nFyM69bJjH3i1hBl5VI2OTyEqb2C 27MQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755217581; x=1755822381; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=RmdRRSXfWYLt7Y3oCZwldZc/EeDUMdt6fP/F4SZL2Q4=; b=Pq9j6c/Dr0sOqvA3nrPYJLa69L4c9fq630UcbtRxVeAFc6cbslkevJjjVRLdsUVlkN bzwAzXncM4SjtqjGcqLkjYMCmvz7S65WvJ1gmz0owZ/AYNx3TwffKYa/UyYWERngsWb5 +8uB2kTCG904L3Mwoh7T5xBA5K2cRqfEbUFoAnMRK/yR9Q4cil3r7gxh3WXtb9Lu/NOZ wUTTGL+hi3YNJr2WM4/iOpoeUDHTSwGtsMuzDwGZ8UCsyrPdP/i8lI6dP30+RzLmpC5f IsoHswxGt973Ykc8gbUAO+jWq74/ehrdfBM7MWnVRnJ39kcfaGIGLQ496WZlpbzBCmgH M8uA== X-Forwarded-Encrypted: i=1; AJvYcCVzt1W/IIXlIf6L/1vLmE2RPSZluG1OcJQ3ou7SuT2xd1/7ct2hDV2PAlzhH8IKr/f37MYib3xC2fAcUjg=@vger.kernel.org X-Gm-Message-State: AOJu0YxoCuRnmxMo1ahDsda9ydXEzaibP8vMY/mDB0QpMfs0ljCosFrd 6pfeB5Ak4eHwagxiHzQ914HRIuso996nVB99GuVKnrPxZKNkL7YFkld5UbUM0v1hktBhxbL3cHQ 6mTEKCg== X-Google-Smtp-Source: AGHT+IEpakHRIzRHWBrSdnkOTo2ICcrcknc/nqDyv63mqLeYibZ2NJIczCRHKLZvXXoQ5sAiPqejhAFCClw= X-Received: from pjv12.prod.google.com ([2002:a17:90b:564c:b0:312:1900:72e2]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:4f81:b0:31f:36da:3f85 with SMTP id 98e67ed59e1d1-32342227b18mr295391a91.17.1755217581357; Thu, 14 Aug 2025 17:26:21 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:25:40 -0700 In-Reply-To: <20250815002540.2375664-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815002540.2375664-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815002540.2375664-21-seanjc@google.com> Subject: [PATCH 6.6.y 20/20] KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maxim Levitsky [ Upstream commit 6b1dd26544d045f6a79e8c73572c0c0db3ef3c1a ] Set/clear DEBUGCTLMSR_FREEZE_IN_SMM in GUEST_IA32_DEBUGCTL based on the host's pre-VM-Enter value, i.e. preserve the host's FREEZE_IN_SMM setting while running the guest. When running with the "default treatment of SMIs" in effect (the only mode KVM supports), SMIs do not generate a VM-Exit that is visible to host (non-SMM) software, and instead transitions directly from VMX non-root to SMM. And critically, DEBUGCTL isn't context switched by hardware on SMI or RSM, i.e. SMM will run with whatever value was resident in hardware at the time of the SMI. Failure to preserve FREEZE_IN_SMM results in the PMU unexpectedly counting events while the CPU is executing in SMM, which can pollute profiling and potentially leak information into the guest. Check for changes in FREEZE_IN_SMM prior to every entry into KVM's inner run loop, as the bit can be toggled in IRQ context via IPI callback (SMP function call), by way of /sys/devices/cpu/freeze_on_smi. Add a field in kvm_x86_ops to communicate which DEBUGCTL bits need to be preserved, as FREEZE_IN_SMM is only supported and defined for Intel CPUs, i.e. explicitly checking FREEZE_IN_SMM in common x86 is at best weird, and at worst could lead to undesirable behavior in the future if AMD CPUs ever happened to pick up a collision with the bit. Exempt TDX vCPUs, i.e. protected guests, from the check, as the TDX Module owns and controls GUEST_IA32_DEBUGCTL. WARN in SVM if KVM_RUN_LOAD_DEBUGCTL is set, mostly to document that the lack of handling isn't a KVM bug (TDX already WARNs on any run_flag). Lastly, explicitly reload GUEST_IA32_DEBUGCTL on a VM-Fail that is missed by KVM but detected by hardware, i.e. in nested_vmx_restore_host_state(). Doing so avoids the need to track host_debugctl on a per-VMCS basis, as GUEST_IA32_DEBUGCTL is unconditionally written by prepare_vmcs02() and load_vmcs12_host_state(). For the VM-Fail case, even though KVM won't have actually entered the guest, vcpu_enter_guest() will have run with vmcs02 active and thus could result in vmcs01 being run with a stale value. Cc: stable@vger.kernel.org Signed-off-by: Maxim Levitsky Co-developed-by: Sean Christopherson Link: https://lore.kernel.org/r/20250610232010.162191-9-seanjc@google.com Signed-off-by: Sean Christopherson [sean: move vmx/main.c change to vmx/vmx.c] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 7 +++++++ arch/x86/kvm/vmx/nested.c | 3 +++ arch/x86/kvm/vmx/vmx.c | 5 +++++ arch/x86/kvm/vmx/vmx.h | 15 ++++++++++++++- arch/x86/kvm/x86.c | 14 ++++++++++++-- 5 files changed, 41 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 7373b22c02a7..813887324d52 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1553,6 +1553,7 @@ static inline u16 kvm_lapic_irq_dest_mode(bool dest_m= ode_logical) enum kvm_x86_run_flags { KVM_RUN_FORCE_IMMEDIATE_EXIT =3D BIT(0), KVM_RUN_LOAD_GUEST_DR6 =3D BIT(1), + KVM_RUN_LOAD_DEBUGCTL =3D BIT(2), }; =20 struct kvm_x86_ops { @@ -1580,6 +1581,12 @@ struct kvm_x86_ops { void (*vcpu_load)(struct kvm_vcpu *vcpu, int cpu); void (*vcpu_put)(struct kvm_vcpu *vcpu); =20 + /* + * Mask of DEBUGCTL bits that are owned by the host, i.e. that need to + * match the host's value even while the guest is active. + */ + const u64 HOST_OWNED_DEBUGCTL; + void (*update_exception_bitmap)(struct kvm_vcpu *vcpu); int (*get_msr)(struct kvm_vcpu *vcpu, struct msr_data *msr); int (*set_msr)(struct kvm_vcpu *vcpu, struct msr_data *msr); diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 2ce39ffbcefb..d2fa192d7ce7 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -4688,6 +4688,9 @@ static void nested_vmx_restore_host_state(struct kvm_= vcpu *vcpu) WARN_ON(kvm_set_dr(vcpu, 7, vmcs_readl(GUEST_DR7))); } =20 + /* Reload DEBUGCTL to ensure vmcs01 has a fresh FREEZE_IN_SMM value. */ + vmx_reload_guest_debugctl(vcpu); + /* * Note that calling vmx_set_{efer,cr0,cr4} is important as they * handle a variety of side effects to KVM's software model. diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index d0973bd7853c..9b1f22bcb716 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7399,6 +7399,9 @@ static fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu,= u64 run_flags) if (run_flags & KVM_RUN_LOAD_GUEST_DR6) set_debugreg(vcpu->arch.dr6, 6); =20 + if (run_flags & KVM_RUN_LOAD_DEBUGCTL) + vmx_reload_guest_debugctl(vcpu); + /* * Refresh vmcs.HOST_CR3 if necessary. This must be done immediately * prior to VM-Enter, as the kernel may load a new ASID (PCID) any time @@ -8326,6 +8329,8 @@ static struct kvm_x86_ops vmx_x86_ops __initdata =3D { .vcpu_load =3D vmx_vcpu_load, .vcpu_put =3D vmx_vcpu_put, =20 + .HOST_OWNED_DEBUGCTL =3D DEBUGCTLMSR_FREEZE_IN_SMM, + .update_exception_bitmap =3D vmx_update_exception_bitmap, .get_msr_feature =3D vmx_get_msr_feature, .get_msr =3D vmx_get_msr, diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 769e70fd142c..5d73d3e570d7 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -434,12 +434,25 @@ bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64= data, bool host_initiated) =20 static inline void vmx_guest_debugctl_write(struct kvm_vcpu *vcpu, u64 val) { + WARN_ON_ONCE(val & DEBUGCTLMSR_FREEZE_IN_SMM); + + val |=3D vcpu->arch.host_debugctl & DEBUGCTLMSR_FREEZE_IN_SMM; vmcs_write64(GUEST_IA32_DEBUGCTL, val); } =20 static inline u64 vmx_guest_debugctl_read(void) { - return vmcs_read64(GUEST_IA32_DEBUGCTL); + return vmcs_read64(GUEST_IA32_DEBUGCTL) & ~DEBUGCTLMSR_FREEZE_IN_SMM; +} + +static inline void vmx_reload_guest_debugctl(struct kvm_vcpu *vcpu) +{ + u64 val =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + + if (!((val ^ vcpu->arch.host_debugctl) & DEBUGCTLMSR_FREEZE_IN_SMM)) + return; + + vmx_guest_debugctl_write(vcpu, val & ~DEBUGCTLMSR_FREEZE_IN_SMM); } =20 /* diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 07207d8126b4..af0b2b3bc991 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10518,7 +10518,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) dm_request_for_irq_injection(vcpu) && kvm_cpu_accept_dm_intr(vcpu); fastpath_t exit_fastpath; - u64 run_flags; + u64 run_flags, debug_ctl; =20 bool req_immediate_exit =3D false; =20 @@ -10777,7 +10777,17 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) set_debugreg(0, 7); } =20 - vcpu->arch.host_debugctl =3D get_debugctlmsr(); + /* + * Refresh the host DEBUGCTL snapshot after disabling IRQs, as DEBUGCTL + * can be modified in IRQ context, e.g. via SMP function calls. Inform + * vendor code if any host-owned bits were changed, e.g. so that the + * value loaded into hardware while running the guest can be updated. + */ + debug_ctl =3D get_debugctlmsr(); + if ((debug_ctl ^ vcpu->arch.host_debugctl) & kvm_x86_ops.HOST_OWNED_DEBUG= CTL && + !vcpu->arch.guest_state_protected) + run_flags |=3D KVM_RUN_LOAD_DEBUGCTL; + vcpu->arch.host_debugctl =3D debug_ctl; =20 guest_timing_enter_irqoff(); =20 --=20 2.51.0.rc1.163.g2494970778-goog