From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AB06D14B953 for ; Fri, 15 Aug 2025 00:57:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219454; cv=none; b=qCLH9KOricqAG0wkziaT4ZsPQtsn/WprYpztEGEZbzD35hoxI4B1sUNUx7Sxl1nNG9sTTJRUvUT0UPEZyvRCmZaQpcHfU9xZecU9vv3XJHDr3kyoPBndcpdyZgxIDGPExZf7fCV/36XVu9KOR/Cbxo1iBFOWCJyHP2rklI6E0K8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219454; c=relaxed/simple; bh=usJ3ZMZnwNFZX0+CIa7aY1rGEPIY4X/4s0T7MhIPUac=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=W0JcbXdrsbfr33WXGMsYN9Gw/2LNTU4QkR117AaHFUCULXkv3zwCBOiSOzWm7XN5z9oAXgYfwZQHjRVh4SNewQkt9+9KcpyTjKr2N9sdKxkxqILCozX3nXsMOj/M31UPcflISBleqwSegKfRZPrtD4/YuWKbSIdh/IA7qqhBjB4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=p8NtLdbL; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="p8NtLdbL" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-24457f42254so32393505ad.0 for ; Thu, 14 Aug 2025 17:57:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755219451; x=1755824251; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=T8isbf31D4yLNs22AviaosgvI5FbO42vVP/HzHMq/CI=; b=p8NtLdbLvljn8meKiIyW6oj099sri+49XGOvViFZ5rkRaME0KBJbNGTFDn6MxcgS0r 2pwTlkYyvPuoxP+Y7wGJAlaALu2jucybXuxiuGk6ooTMnCPAD08z4qSmTe81s2y6KDhG 1HzkFrRfWdqlPpahsmeobPspVA6oz+qpMu3U1/k+UGFHNS3AwkLKEGFIk3HEM8xTNrrp 2o4CPAo+ZPycySPAmRg3lgZ4BuWm0SwNrTRIKSjyNz+ew2QN/0QropcXOtoJd5EbEYFG cqeaSQshqcoqjjqW2oYxcOSCFISK3yqih+YgLLEKhvUlCcyLqkfSx9S39P0OWpgFjJAI Mmuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755219451; x=1755824251; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=T8isbf31D4yLNs22AviaosgvI5FbO42vVP/HzHMq/CI=; b=lngJ9ceWl8kf+uJkkgrnbHguAly+9Rx1ZtNxLYoalUC7q6fNLpKjXBORxqB9JA4Kst 4LIN9lznrLUgASDTKp7MS57Odaw3/ddhyrIpN3FlmbUhBMx9F39+u2vZdug8/h9VZP9w OwI5V8fy8ZOZS1mrRMeP2GykXhRluFB2xff4yLgIPtoXYfFDOCUCHjJxSqhOoPcFfMWU 6alj9QBlTLPHzJMHF6CCiXaQDc69p05hwqf5aJZbmH5HTJl/GB+F1cMqnlGYo8AfNhk/ NnbBQkpvwhHQaHZ6Xyb8Y0b/Y4g2CWX/RB5EmcS2ZSFKTshexOlfpo7gZVJ5k6zUOT9e xQRg== X-Forwarded-Encrypted: i=1; AJvYcCWYg9yq5C0ZdoIFNOcQh1u4dn0TbFl3NkQeRjmho3cGzd2/WuhHIUEXf6gK4vJ0+pNJtmpGEjz3NYkaKdI=@vger.kernel.org X-Gm-Message-State: AOJu0YwnYo8jqaJK33aCPVG9P25plwvHkMMAwA0cN8R9euSWnfnCm70u +IhO6k/oLh4CwJ+95laGAnXPDz7OF75bLqoUEB+T5LnEmUcuzuKP55A2yzBSWkv8Lo+udREJQsl UG3a0Jg== X-Google-Smtp-Source: AGHT+IEniQwUVf1/FaYQXGQg/xMubHkAxjtQ6N1MTG2nHz/Y8QbMfCVqrFZ8y+7Me/fg7/Q+nX7IAGUOAn8= X-Received: from plij7.prod.google.com ([2002:a17:903:3807:b0:23f:c627:bd6d]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:950:b0:242:9bbc:c775 with SMTP id d9443c01a7336-2446d987fb6mr3074675ad.56.1755219451015; Thu, 14 Aug 2025 17:57:31 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:57:19 -0700 In-Reply-To: <20250815005725.2386187-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815005725.2386187-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815005725.2386187-2-seanjc@google.com> Subject: [PATCH 6.12.y 1/7] KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 2478b1b220c49d25cb1c3f061ec4f9b351d9a131 ] Convert kvm_x86_ops.vcpu_run()'s "force_immediate_exit" boolean parameter into an a generic bitmap so that similar "take action" information can be passed to vendor code without creating a pile of boolean parameters. This will allow dropping kvm_x86_ops.set_dr6() in favor of a new flag, and will also allow for adding similar functionality for re-loading debugctl in the active VMCS. Opportunistically massage the TDX WARN and comment to prepare for adding more run_flags, all of which are expected to be mutually exclusive with TDX, i.e. should be WARNed on. No functional change intended. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20250610232010.162191-3-seanjc@google.com Signed-off-by: Sean Christopherson [sean: drop TDX changes] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 6 +++++- arch/x86/kvm/svm/svm.c | 4 ++-- arch/x86/kvm/vmx/vmx.c | 3 ++- arch/x86/kvm/vmx/x86_ops.h | 2 +- arch/x86/kvm/x86.c | 11 ++++++++--- 5 files changed, 18 insertions(+), 8 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 0caa3293f6db..cccc8cbe72db 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1627,6 +1627,10 @@ static inline u16 kvm_lapic_irq_dest_mode(bool dest_= mode_logical) return dest_mode_logical ? APIC_DEST_LOGICAL : APIC_DEST_PHYSICAL; } =20 +enum kvm_x86_run_flags { + KVM_RUN_FORCE_IMMEDIATE_EXIT =3D BIT(0), +}; + struct kvm_x86_ops { const char *name; =20 @@ -1706,7 +1710,7 @@ struct kvm_x86_ops { =20 int (*vcpu_pre_run)(struct kvm_vcpu *vcpu); enum exit_fastpath_completion (*vcpu_run)(struct kvm_vcpu *vcpu, - bool force_immediate_exit); + u64 run_flags); int (*handle_exit)(struct kvm_vcpu *vcpu, enum exit_fastpath_completion exit_fastpath); int (*skip_emulated_instruction)(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 1f42a71b15c0..7d1b871cfc02 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4226,9 +4226,9 @@ static noinstr void svm_vcpu_enter_exit(struct kvm_vc= pu *vcpu, bool spec_ctrl_in guest_state_exit_irqoff(); } =20 -static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, - bool force_immediate_exit) +static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, u64 run_f= lags) { + bool force_immediate_exit =3D run_flags & KVM_RUN_FORCE_IMMEDIATE_EXIT; struct vcpu_svm *svm =3D to_svm(vcpu); bool spec_ctrl_intercepted =3D msr_write_intercepted(vcpu, MSR_IA32_SPEC_= CTRL); =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 9a4ebf3dfbfc..2a977cdfcd0c 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7353,8 +7353,9 @@ static noinstr void vmx_vcpu_enter_exit(struct kvm_vc= pu *vcpu, guest_state_exit_irqoff(); } =20 -fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate_exit) +fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 run_flags) { + bool force_immediate_exit =3D run_flags & KVM_RUN_FORCE_IMMEDIATE_EXIT; struct vcpu_vmx *vmx =3D to_vmx(vcpu); unsigned long cr3, cr4; =20 diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 4aba200f435d..5e4ce13ab305 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -21,7 +21,7 @@ void vmx_vm_destroy(struct kvm *kvm); int vmx_vcpu_precreate(struct kvm *kvm); int vmx_vcpu_create(struct kvm_vcpu *vcpu); int vmx_vcpu_pre_run(struct kvm_vcpu *vcpu); -fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate_exit); +fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 run_flags); void vmx_vcpu_free(struct kvm_vcpu *vcpu); void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event); void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 213af0fda768..44ab46f2a2d2 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10711,6 +10711,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) dm_request_for_irq_injection(vcpu) && kvm_cpu_accept_dm_intr(vcpu); fastpath_t exit_fastpath; + u64 run_flags; =20 bool req_immediate_exit =3D false; =20 @@ -10955,8 +10956,11 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) goto cancel_injection; } =20 - if (req_immediate_exit) + run_flags =3D 0; + if (req_immediate_exit) { + run_flags |=3D KVM_RUN_FORCE_IMMEDIATE_EXIT; kvm_make_request(KVM_REQ_EVENT, vcpu); + } =20 fpregs_assert_state_consistent(); if (test_thread_flag(TIF_NEED_FPU_LOAD)) @@ -10992,8 +10996,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) WARN_ON_ONCE((kvm_vcpu_apicv_activated(vcpu) !=3D kvm_vcpu_apicv_active(= vcpu)) && (kvm_get_apic_mode(vcpu) !=3D LAPIC_MODE_DISABLED)); =20 - exit_fastpath =3D kvm_x86_call(vcpu_run)(vcpu, - req_immediate_exit); + exit_fastpath =3D kvm_x86_call(vcpu_run)(vcpu, run_flags); if (likely(exit_fastpath !=3D EXIT_FASTPATH_REENTER_GUEST)) break; =20 @@ -11005,6 +11008,8 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) break; } =20 + run_flags =3D 0; + /* Note, VM-Exits that go down the "slow" path are accounted below. */ ++vcpu->stat.exits; } --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 60DF4189F43 for ; Fri, 15 Aug 2025 00:57:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219455; cv=none; b=H8YnT+TbUmw5uTr5sOrxaR77CpWkbLUNPlyoaneXYmw7aYApnuGZspqCKnMqlUum+PbFgabp5/OO1ycnIWrvq5jz9hQMhkhrgCffzTNKQ0z9V7w69jA5CJJNOB2CGIoloIhZNjjaWoaLp7jtW+dAraIjmOXy8NuRujjmEyrBAIM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219455; c=relaxed/simple; bh=CEVBW4WVbt8Lnu/3tYJRzLW233Zr94AiOicIUItOI/c=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Q1n1hLuyD6m2N8Ow8Cuy18xIN2VKcWUGxeIhnBb7XVvUAsOOYLJTZPfOzmn7RQw37BLoy1OrRUMtgQ1TEnNRZWe0i00kwDbLSzua5dDSP8B+jefD0dczBrBCy4yf0SwkFnK6C0Ht6slzxQhzEfsnccz3zoORZ/cBKbfqEXpLd7s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=W9UJZWLA; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="W9UJZWLA" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-244581950a1so17529685ad.2 for ; Thu, 14 Aug 2025 17:57:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755219453; x=1755824253; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=0uUsJ4w557iIRI1+Xq47LADMF7Kam5FO29De9FYVnNM=; b=W9UJZWLAJNI+BfwSzOJ62BgM/aTO8sA/dxQh7bz56/fg3qH5m+bKaV2Cci5Lav638t 2KZhvZHFRIsyXXoAwrMrTM9lCXfX9NlW3wAuBqeTffg5jed2TlE7MerMlIyMQeVBpw8J AlneuABJ7PceUJNHNJcYjiuvN/LHYGxctmicVcm9FRcEZ+VlFqa4lpt7Q0y9H1W5D3+t xBjzR9YGjx4VWm+bluVzYTazO+/133a0SZXVenRDShJpTcDjxDUUPqRoO2omaIn2n22+ XlQb6AHzj4AT1jWHzH80TMbglu2h8UOc9apBJi/oRtxQF8PgNdYVgCKwasCunJnlLGOq 0j+w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755219453; x=1755824253; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0uUsJ4w557iIRI1+Xq47LADMF7Kam5FO29De9FYVnNM=; b=gXc7e+tQOMupdmbMJ1FTmp+8K/jRt1P+BFFw420fzAWjGd9S52+3BXrpwvKKxmAa09 zde5M/EVJRGK01/gV/hvAydIie2IYQKaNCdu62XQSU6pRobQRXYUfTQYFESgREICR++v XQSx8lEvLOpm9QntYS2cAaNENLThoRI8UgXginSR5NgLWt6GSRXVHMGjzS/9EbGiFpAV JxgI/M2Mdutr2Zl+Wg6o29MCbKvRZRzNa0cNXEbhrGk+dVfx8f1VWayPED0/2JuEZ06/ AEkgXRBZeJ7gGi8KdKamSLk6G9HFULwSRfA+a1nVxGuiVUMQ+N8QO5nhPuCbfUd5IsaO g03A== X-Forwarded-Encrypted: i=1; AJvYcCVHjJWBp9RSJ0hNUr7mSClclg+M2sfSngTRW3vgRF/1KBcUEZ6Wevth9zNbTgj2sE7w4+3jYO2U2ZgxmxE=@vger.kernel.org X-Gm-Message-State: AOJu0Yxq0pqaLsKQtkObnicSXkFqMuRXKib6K+35UziL9wudS4kVwu0b f4rKsgL0w/8/UO74/I1w5CtVcVzUreWoz7g27jB6ikeELm4k4k8MW07pCIVAWC9+IQMYPfpehi1 BdJFBnw== X-Google-Smtp-Source: AGHT+IFWenSfmvpmGV9Uvy5VzE86vLvZMuLNMRdB3X6t/lZx2YcZPhmYgNcEp3Mb/9LKOQ1XlpftJN6lvyM= X-Received: from pjbqc5.prod.google.com ([2002:a17:90b:2885:b0:31c:4a51:8b75]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:e84b:b0:240:5523:6658 with SMTP id d9443c01a7336-2446d89d22cmr3619125ad.29.1755219452737; Thu, 14 Aug 2025 17:57:32 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:57:20 -0700 In-Reply-To: <20250815005725.2386187-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815005725.2386187-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815005725.2386187-3-seanjc@google.com> Subject: [PATCH 6.12.y 2/7] KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 80c64c7afea1da6a93ebe88d3d29d8a60377ef80 ] Instruct vendor code to load the guest's DR6 into hardware via a new KVM_RUN flag, and remove kvm_x86_ops.set_dr6(), whose sole purpose was to load vcpu->arch.dr6 into hardware when DR6 can be read/written directly by the guest. Note, TDX already WARNs on any run_flag being set, i.e. will yell if KVM thinks DR6 needs to be reloaded. TDX vCPUs force KVM_DEBUGREG_AUTO_SWITCH and never clear the flag, i.e. should never observe KVM_RUN_LOAD_GUEST_DR6. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20250610232010.162191-4-seanjc@google.com Signed-off-by: Sean Christopherson [sean: drop TDX changes] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm-x86-ops.h | 1 - arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/svm/svm.c | 10 ++++++---- arch/x86/kvm/vmx/main.c | 1 - arch/x86/kvm/vmx/vmx.c | 9 +++------ arch/x86/kvm/x86.c | 2 +- 6 files changed, 11 insertions(+), 14 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index cfb22f8c451a..861d080ed4c6 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -47,7 +47,6 @@ KVM_X86_OP(set_idt) KVM_X86_OP(get_gdt) KVM_X86_OP(set_gdt) KVM_X86_OP(sync_dirty_debug_regs) -KVM_X86_OP(set_dr6) KVM_X86_OP(set_dr7) KVM_X86_OP(cache_reg) KVM_X86_OP(get_rflags) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index cccc8cbe72db..2ed05925d9d5 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1629,6 +1629,7 @@ static inline u16 kvm_lapic_irq_dest_mode(bool dest_m= ode_logical) =20 enum kvm_x86_run_flags { KVM_RUN_FORCE_IMMEDIATE_EXIT =3D BIT(0), + KVM_RUN_LOAD_GUEST_DR6 =3D BIT(1), }; =20 struct kvm_x86_ops { @@ -1679,7 +1680,6 @@ struct kvm_x86_ops { void (*get_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt); void (*set_gdt)(struct kvm_vcpu *vcpu, struct desc_ptr *dt); void (*sync_dirty_debug_regs)(struct kvm_vcpu *vcpu); - void (*set_dr6)(struct kvm_vcpu *vcpu, unsigned long value); void (*set_dr7)(struct kvm_vcpu *vcpu, unsigned long value); void (*cache_reg)(struct kvm_vcpu *vcpu, enum kvm_reg reg); unsigned long (*get_rflags)(struct kvm_vcpu *vcpu); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 7d1b871cfc02..800f781475c0 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4270,10 +4270,13 @@ static __no_kcsan fastpath_t svm_vcpu_run(struct kv= m_vcpu *vcpu, u64 run_flags) svm_hv_update_vp_id(svm->vmcb, vcpu); =20 /* - * Run with all-zero DR6 unless needed, so that we can get the exact cause - * of a #DB. + * Run with all-zero DR6 unless the guest can write DR6 freely, so that + * KVM can get the exact cause of a #DB. Note, loading guest DR6 from + * KVM's snapshot is only necessary when DR accesses won't exit. */ - if (likely(!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))) + if (unlikely(run_flags & KVM_RUN_LOAD_GUEST_DR6)) + svm_set_dr6(vcpu, vcpu->arch.dr6); + else if (likely(!(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))) svm_set_dr6(vcpu, DR6_ACTIVE_LOW); =20 clgi(); @@ -5084,7 +5087,6 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { .set_idt =3D svm_set_idt, .get_gdt =3D svm_get_gdt, .set_gdt =3D svm_set_gdt, - .set_dr6 =3D svm_set_dr6, .set_dr7 =3D svm_set_dr7, .sync_dirty_debug_regs =3D svm_sync_dirty_debug_regs, .cache_reg =3D svm_cache_reg, diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 47476fcc179a..7668e2fb8043 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -60,7 +60,6 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .set_idt =3D vmx_set_idt, .get_gdt =3D vmx_get_gdt, .set_gdt =3D vmx_set_gdt, - .set_dr6 =3D vmx_set_dr6, .set_dr7 =3D vmx_set_dr7, .sync_dirty_debug_regs =3D vmx_sync_dirty_debug_regs, .cache_reg =3D vmx_cache_reg, diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 2a977cdfcd0c..b9c7940feac6 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -5630,12 +5630,6 @@ void vmx_sync_dirty_debug_regs(struct kvm_vcpu *vcpu) set_debugreg(DR6_RESERVED, 6); } =20 -void vmx_set_dr6(struct kvm_vcpu *vcpu, unsigned long val) -{ - lockdep_assert_irqs_disabled(); - set_debugreg(vcpu->arch.dr6, 6); -} - void vmx_set_dr7(struct kvm_vcpu *vcpu, unsigned long val) { vmcs_writel(GUEST_DR7, val); @@ -7400,6 +7394,9 @@ fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 ru= n_flags) vmcs_writel(GUEST_RIP, vcpu->arch.regs[VCPU_REGS_RIP]); vcpu->arch.regs_dirty =3D 0; =20 + if (run_flags & KVM_RUN_LOAD_GUEST_DR6) + set_debugreg(vcpu->arch.dr6, 6); + /* * Refresh vmcs.HOST_CR3 if necessary. This must be done immediately * prior to VM-Enter, as the kernel may load a new ASID (PCID) any time diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 44ab46f2a2d2..7beea8fb6ea6 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10977,7 +10977,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) set_debugreg(vcpu->arch.eff_db[3], 3); /* When KVM_DEBUGREG_WONT_EXIT, dr6 is accessible in guest. */ if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT)) - kvm_x86_call(set_dr6)(vcpu, vcpu->arch.dr6); + run_flags |=3D KVM_RUN_LOAD_GUEST_DR6; } else if (unlikely(hw_breakpoint_active())) { set_debugreg(DR7_FIXED_1, 7); } --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D914B19D087 for ; Fri, 15 Aug 2025 00:57:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219457; cv=none; b=nnSuE+H0042kS5ozAca7mK5rGfXpkJVqxwnFQBXS6MHH88bEtXfU5EidoyjB2apfz2vXA91sW4uarsmbRe8dDeFYEpCkK1XjbtsSvq/VGc2uuCDJoQvsZgwTWxezsdOtFXOrTEdkWgH+GjON+KxEhR+CQ9UjSAKSbONjOWSoMn8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219457; c=relaxed/simple; bh=TXJ2X85YFocPqa+0zEr21K2R3q6PmeINWu5+zoL0tCI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=uf7kAktFrqOa/Tj7/+fDSA1sIbIIwwWm/wyDcMzvhtGiRmRHqeSq7LREXHmJ6UIp19YprU+nnYF+xH5h/7LexwMakBJCJnSTBuVtsJKfAt5ORVlbvZoseVzIqIZMd7Z+jmQm15ocdSFqkbpKKOPe/89c0ezKp0kJZryHQW3bD/A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=vqPGhqsz; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="vqPGhqsz" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-76e2eac9faaso1290458b3a.2 for ; Thu, 14 Aug 2025 17:57:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755219454; x=1755824254; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=IsZpbkhX5MqnYq0KyZ5GB4Mk6gnPhn07/9u1mPEC7EI=; b=vqPGhqszToW6NtcggnZokyjuSJQca/JdYn4DMsyRQvwZDJbZ4KUgOa4uNHh9/FAEyE WZFTkSUxT8s8nv17L54bHm2bIiv1BZvLKNTvPYHu20LudehH1iGFjXXc/s0SO3j6x1nn C/fWTy6sLkDK5VYWHTA8ybkgSczES8EitdLx5tS6jklDDVQOCPg8xq5goKVbIkLfoGuI HHZ4/Wz2dNjM3nsu02+jj+Hckuyxyutet5GxwN77YKsBNDaI0wltNqKwBUiUJxn1mqB5 8+4sqCV3azDNllRHgdNXAix8gY9ZOLeP60tKZiiIkPZ/Uk8/Tn9Hg874TdLxl0zcogwF 9nNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755219454; x=1755824254; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=IsZpbkhX5MqnYq0KyZ5GB4Mk6gnPhn07/9u1mPEC7EI=; b=RhDPi+OzQ4rvHFO0R5APQ+oPL6LwUY3Q7tpO/PGBGcuqi2/4YRxhk83Ytl62PSPn0e hLvkabaLZE20wgef6BHdy468wbPLUYH6rLz7sO+wE2w2HAoOPWDD6Tmar23IR5A2MiMl U0yhBN06WT5EuPybfNTA6t6pRt36+2tkH+tMcd9P+RFphDz2sZ+fP0LZIqE212Mw6DYb /RQZayrzdmA1JRj0tR3sgfzdTlALw+LOn/EZOp/5H2Bd5/XVld1Huo3LZ3+XQYGHDFno mxsbbdqqxXexEsHb75DOF8U/TIVy0SMH/jsdCvSwHq4x36Uto4JU/sAXvwcnAwxvvAF/ okcg== X-Forwarded-Encrypted: i=1; AJvYcCUPmQCL7CXrqEv1w+U3S/lArsDALJ6+KqDX2SlGPCyb5CpOwD8sokEWrP/Sa+iwmJeOZGh3CEb1VRbrzwE=@vger.kernel.org X-Gm-Message-State: AOJu0YxO4X6lq7ZyKYDVAuVxQwfwKi71so8fcLGUSI0M7cswZZtq2Zpr VPWDv1YqDV6qW2GXM8qQAHNS+965e27kcjV+gRdURbzeqxmiMe/7CP9Dim8p+IuUsPmf0iPBaUu uvlPs2g== X-Google-Smtp-Source: AGHT+IH+or5YDIHHNrmIsvXJ1577coTnf6xAqbqWIbdl/OyYWkW8UyDl0dwXFEHdZ0O1Uralx54l0daxwQY= X-Received: from pgbee14.prod.google.com ([2002:a05:6a02:458e:b0:b42:c74:a4c8]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:42a3:b0:206:a9bd:a3a3 with SMTP id adf61e73a8af0-240d2fbf950mr418739637.24.1755219454202; Thu, 14 Aug 2025 17:57:34 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:57:21 -0700 In-Reply-To: <20250815005725.2386187-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815005725.2386187-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815005725.2386187-4-seanjc@google.com> Subject: [PATCH 6.12.y 3/7] KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 17ec2f965344ee3fd6620bef7ef68792f4ac3af0 ] Let the guest set DEBUGCTL.RTM_DEBUG if RTM is supported according to the guest CPUID model, as debug support is supposed to be available if RTM is supported, and there are no known downsides to letting the guest debug RTM aborts. Note, there are no known bug reports related to RTM_DEBUG, the primary motivation is to reduce the probability of breaking existing guests when a future change adds a missing consistency check on vmcs12.GUEST_DEBUGCTL (KVM currently lets L2 run with whatever hardware supports; whoops). Note #2, KVM already emulates DR6.RTM, and doesn't restrict access to DR7.RTM. Fixes: 83c529151ab0 ("KVM: x86: expose Intel cpu new features (HLE, RTM) to= guest") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20250610232010.162191-5-seanjc@google.com Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/include/asm/msr-index.h | 1 + arch/x86/kvm/vmx/vmx.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-in= dex.h index 7ebe76f69417..2b6e3127ef4e 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -417,6 +417,7 @@ #define DEBUGCTLMSR_FREEZE_PERFMON_ON_PMI (1UL << 12) #define DEBUGCTLMSR_FREEZE_IN_SMM_BIT 14 #define DEBUGCTLMSR_FREEZE_IN_SMM (1UL << DEBUGCTLMSR_FREEZE_IN_SMM_BIT) +#define DEBUGCTLMSR_RTM_DEBUG BIT(15) =20 #define MSR_PEBS_FRONTEND 0x000003f7 =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index b9c7940feac6..529a10bba056 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2185,6 +2185,10 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcp= u *vcpu, bool host_initiated (host_initiated || intel_pmu_lbr_is_enabled(vcpu))) debugctl |=3D DEBUGCTLMSR_LBR | DEBUGCTLMSR_FREEZE_LBRS_ON_PMI; =20 + if (boot_cpu_has(X86_FEATURE_RTM) && + (host_initiated || guest_cpuid_has(vcpu, X86_FEATURE_RTM))) + debugctl |=3D DEBUGCTLMSR_RTM_DEBUG; + return debugctl; } =20 --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 984441C5F10 for ; Fri, 15 Aug 2025 00:57:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219459; cv=none; b=nre1D/BQs5KpMBcnf40bfy3lgD8vW3N41EeKpY6e5UocbRPwlrd3qxAq8XHVtJfRguO1TE17aP9O5sKBMaSY7iUrG2G+MF/r1oD5H4X/jFXsZrQSr40wYF25yXj/BWgb5NzPQJTrTsNsVjUm/JvqcTSvFoZAwyJcxZINMOvm91Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219459; c=relaxed/simple; bh=j/1Lr+UronIgRZzRhuMgqCzyJ+s+Y1BrEcIfq0eFCQ8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=qPxuIzlkwuDWNgrmirk5XzYcP8aoxyrHII+bMMRzM7Q/KcVLB7Wr9EYtCF1y59T70RtbZC1POHvqSYfECr3qaVCOQJasE+shDs44c/n1g1m4soSz9QrHSFORGsWINVj8G1BWOta3ALr4jbdzewJ1KckVO6N41y1ouoOkoD8IMJ0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=drO4Nayo; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="drO4Nayo" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-76e2e8b4ab7so1257538b3a.1 for ; Thu, 14 Aug 2025 17:57:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755219456; x=1755824256; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=yn2/hQHtLRcblfHHYK8i9PorExs5KUNMzDzB5HQI7e0=; b=drO4Nayo3eiKFeBnW8i0c8OW9xBwxe4t8szIpNQuoSj7DpPIU8qjwOM/Smy6uHXqTa T9UBBgu3s6du9Wqt8QMwZtP2NeeiFEX9ha8XfwBIHPSOab1wjyUg+2jZ9fBlxuEHcjsj +tqdS3ng1Fjw64I8HHmCJLjMJcYVfqjy6+vRvFugt6RXT2dYoaRFno+j0WVdCL1ffNDI fb9iqq8szs36vemosCAQp6nWwiYtqxmPG1YXcaBknDort/c0gFV7PIbyRkf+Fm4RKJHR HcUKIZR6qXITFBk/izxKjOdh6/5CjHtRxVy+ONZIW1XVws6DGumgN3PYD94jxbPkv4dr C7iQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755219456; x=1755824256; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=yn2/hQHtLRcblfHHYK8i9PorExs5KUNMzDzB5HQI7e0=; b=c5d/9+WdoUvWsLrs6MnsDjg4bEkFdgcpRAIgi5VosXGyyk4qF9lmHq4QiBnSS081WC GgI2RdUBGt277MBvTacOoqVUoO+l6xwa2dhqKwHJIvSXi7GWuYIR8p2VCqtUtBUGNv7p 5arUQ/oRx5JhRfvIstXfHy6ur1WnvdnT2Rrojny1ljT0u8f1RyJ7CcpyfjWp9x9oyYkt N8QzQSMnpt+63ijP7cJp+C+NREIZK6b14JVGAwpzi4Yo1wRa1cJOgt+217QDRACT3iw7 LvsAMmWoEX4x9K7dKQjA8It0Urx9i2gefURYYaEhcbHd7yY0Q55d8Pdoik7O5Rh2VMU8 mDmA== X-Forwarded-Encrypted: i=1; AJvYcCUxxuh4Nwax7WfXsnTnBR/euVfvSHScTb01mmgoU8yzJMsN59F6rKR0Tv+n5kHgRKInj15FP8Oup/uPzco=@vger.kernel.org X-Gm-Message-State: AOJu0YwdbgPlYoC1U6EuahE6JfM5xdHjPZJJbjJwVFXD9zQfoYxDx2L1 Ahida5LDGJBKTEf3a5ld6X9yTQU43hBQX4/vcrYIBL7KNPoSI2v4TQHikUSo7rNoWRcFuHX8Fwf xxFbQlw== X-Google-Smtp-Source: AGHT+IFZL2tPxvArwSPUwK98zfaa8xkAH1W3s5f0rydb+BXhSEJ8YZvFix+N5zVp7GN4wzi4lQHdrQKHjGY= X-Received: from pglv6.prod.google.com ([2002:a63:1506:0:b0:b47:4ef:fcee]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a21:6d85:b0:23d:c4c6:f406 with SMTP id adf61e73a8af0-240d2f43f2emr449311637.43.1755219455963; Thu, 14 Aug 2025 17:57:35 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:57:22 -0700 In-Reply-To: <20250815005725.2386187-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815005725.2386187-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815005725.2386187-5-seanjc@google.com> Subject: [PATCH 6.12.y 4/7] KVM: VMX: Extract checking of guest's DEBUGCTL into helper From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" [ Upstream commit 8a4351ac302cd8c19729ba2636acfd0467c22ae8 ] Move VMX's logic to check DEBUGCTL values into a standalone helper so that the code can be used by nested VM-Enter to apply the same logic to the value being loaded from vmcs12. KVM needs to explicitly check vmcs12->guest_ia32_debugctl on nested VM-Enter, as hardware may support features that KVM does not, i.e. relying on hardware to detect invalid guest state will result in false negatives. Unfortunately, that means applying KVM's funky suppression of BTF and LBR to vmcs12 so as not to break existing guests. No functional change intended. Reviewed-by: Dapeng Mi Link: https://lore.kernel.org/r/20250610232010.162191-6-seanjc@google.com Stable-dep-of: 7d0cce6cbe71 ("KVM: VMX: Wrap all accesses to IA32_DEBUGCTL = with getter/setter APIs") Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/vmx.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 529a10bba056..ff61093e9af7 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2192,6 +2192,19 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcp= u *vcpu, bool host_initiated return debugctl; } =20 +static bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, + bool host_initiated) +{ + u64 invalid; + + invalid =3D data & ~vmx_get_supported_debugctl(vcpu, host_initiated); + if (invalid & (DEBUGCTLMSR_BTF | DEBUGCTLMSR_LBR)) { + kvm_pr_unimpl_wrmsr(vcpu, MSR_IA32_DEBUGCTLMSR, data); + invalid &=3D ~(DEBUGCTLMSR_BTF | DEBUGCTLMSR_LBR); + } + return !invalid; +} + /* * Writes msr value into the appropriate "register". * Returns 0 on success, non-0 otherwise. @@ -2260,19 +2273,12 @@ int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_d= ata *msr_info) } vmcs_writel(GUEST_SYSENTER_ESP, data); break; - case MSR_IA32_DEBUGCTLMSR: { - u64 invalid; - - invalid =3D data & ~vmx_get_supported_debugctl(vcpu, msr_info->host_init= iated); - if (invalid & (DEBUGCTLMSR_BTF|DEBUGCTLMSR_LBR)) { - kvm_pr_unimpl_wrmsr(vcpu, msr_index, data); - data &=3D ~(DEBUGCTLMSR_BTF|DEBUGCTLMSR_LBR); - invalid &=3D ~(DEBUGCTLMSR_BTF|DEBUGCTLMSR_LBR); - } - - if (invalid) + case MSR_IA32_DEBUGCTLMSR: + if (!vmx_is_valid_debugctl(vcpu, data, msr_info->host_initiated)) return 1; =20 + data &=3D vmx_get_supported_debugctl(vcpu, msr_info->host_initiated); + if (is_guest_mode(vcpu) && get_vmcs12(vcpu)->vm_exit_controls & VM_EXIT_SAVE_DEBUG_CONTROLS) get_vmcs12(vcpu)->guest_ia32_debugctl =3D data; @@ -2282,7 +2288,6 @@ int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_dat= a *msr_info) (data & DEBUGCTLMSR_LBR)) intel_pmu_create_guest_lbr_event(vcpu); return 0; - } case MSR_IA32_BNDCFGS: if (!kvm_mpx_supported() || (!msr_info->host_initiated && --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EEF141448E0 for ; Fri, 15 Aug 2025 00:57:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219459; cv=none; b=HYQuYBj/y7n6QP3IlWv6nVNCzOGwFkH+8H+xm3mPksGV2YT8Z4Wwhc+pGZYZ9J3m+iY0G44xDrOuXSeda1rdgXw+wjjWrXEBpD3uSYerQE5zwSCIHF4FshFrE9vqPdQAR8psDYKSdF025sbHT+WwMTUqLBrol7GVcV6PmXMdMD4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219459; c=relaxed/simple; bh=dBlHTlIAJfX5eawiwMNpv72twz60gql05QR73AbznkU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=njCKUxEkIvB/mFYVeYKw1jMWwhJ4O4JObj8qbRBgjv4V8OY/IX8hY6iGCgNB73mIkK3LoshculSQxkjqyuNw5nPsT8PIUG+Drn61GvnBoy1GjcebMO82wOfgDNHP4FT0H4haeBv/K4H/tTjuTqmAgiB88EEfFEUsITOy1b/Fl/A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=xMEr3CQH; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="xMEr3CQH" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-2445823e49fso15324405ad.3 for ; Thu, 14 Aug 2025 17:57:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755219457; x=1755824257; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=pt6AG6fFgzvWmcsWMwVWOAjsGddZcqy4y6FZVOShyzA=; b=xMEr3CQH5gQ9g8PaQSvmxP3zxXU2pFay6t6n+kcEfRZFODhZ8YnUC3swz2KAYNawbR IcXvFz7dESmLYx6SykDfZItbY6g5jOYjf0ltcO4gNk5HYcOn6BvPs9teqTF34CsoDzwN /npa57kohy5XzuW9pBwGG1/8sGjePI2ZQDu3ViSz7b2mcB2MrEKToH9DXurbYQpnPUAI dxVnTweIUXTnpbEqLn6jZLpV/gfItIiManYDyrVNDBOL9FnZiTsh61goIi7kOpGoTs8O P9VWvRohyWRiFD9YhgPfQP9cwOuwBInSAVItHR9sXxyWcDXpY6egmM4JDLT4wGEaj2Uv PGNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755219457; x=1755824257; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=pt6AG6fFgzvWmcsWMwVWOAjsGddZcqy4y6FZVOShyzA=; b=W3QxN4BqRBprJQNLKZjnr+NivUImmVY36itlZMDUdqESsjgf+h1nG7maqzfhXyGsIJ SOUFjJ4vZDCAwZCYZKSYePvLJAd3ETX2qb9V2MP0ZzzAcxoe5grEP9/WjmJw1w6WzlVk eE7zy5Nb0A8AHfljwAyPM5P7IOTIXkJx+koIC864pFj0pExE5gDw05wCTyzHHFu1ZWqG ucEWurAYaCRAyoNmFCbbQy/Dw/6sw0HON33ypH9pxjS4OFZbp9GuB0CqeCqcQ94nppxR VqjtGxcsTG30dJANO63f0CUlxVflECY2YwoQgOXcymX3CeLoKdtiBt85iBCON+hXAoaK 9hww== X-Forwarded-Encrypted: i=1; AJvYcCUaSyAsRKI3nW3TfTI6dHkm+7Ry3DHzr+9Tgdu7F2Di78fa5lE04K21nmawmGcnQFeY5AtuW8GYEo1UiJ8=@vger.kernel.org X-Gm-Message-State: AOJu0YzjEHJ3g7Fi7gK/t58gBWCtVlDRNrRK085J6yD4uFX7uoDdGO19 oREZkh5mNDHi10JW+/MP0gbncguizeHCo18sCD07cEvDhApYjW6zquhWQvVCKgeoPjlN1ZJy1Bd EzqpyWQ== X-Google-Smtp-Source: AGHT+IH/WMVYo8K4atT6PPBxzG/jMa+y6G7NdNEfFkox+VvMIEdJw99ziDIIvUfceGqDxBL2DRsVeW69wlk= X-Received: from plhy2.prod.google.com ([2002:a17:902:d642:b0:240:770f:72cb]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:cec3:b0:23f:dc56:66e2 with SMTP id d9443c01a7336-2446d8d25b3mr3852235ad.38.1755219457431; Thu, 14 Aug 2025 17:57:37 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:57:23 -0700 In-Reply-To: <20250815005725.2386187-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815005725.2386187-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815005725.2386187-6-seanjc@google.com> Subject: [PATCH 6.12.y 5/7] KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maxim Levitsky [ Upstream commit 095686e6fcb4150f0a55b1a25987fad3d8af58d6 ] Add a consistency check for L2's guest_ia32_debugctl, as KVM only supports a subset of hardware functionality, i.e. KVM can't rely on hardware to detect illegal/unsupported values. Failure to check the vmcs12 value would allow the guest to load any harware-supported value while running L2. Take care to exempt BTF and LBR from the validity check in order to match KVM's behavior for writes via WRMSR, but without clobbering vmcs12. Even if VM_EXIT_SAVE_DEBUG_CONTROLS is set in vmcs12, L1 can reasonably expect that vmcs12->guest_ia32_debugctl will not be modified if writes to the MSR are being intercepted. Arguably, KVM _should_ update vmcs12 if VM_EXIT_SAVE_DEBUG_CONTROLS is set *and* writes to MSR_IA32_DEBUGCTLMSR are not being intercepted by L1, but that would incur non-trivial complexity and wouldn't change the fact that KVM's handling of DEBUGCTL is blatantly broken. I.e. the extra complexity is not worth carrying. Cc: stable@vger.kernel.org Signed-off-by: Maxim Levitsky Co-developed-by: Sean Christopherson Link: https://lore.kernel.org/r/20250610232010.162191-7-seanjc@google.com Stable-dep-of: 7d0cce6cbe71 ("KVM: VMX: Wrap all accesses to IA32_DEBUGCTL = with getter/setter APIs") Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 12 ++++++++++-- arch/x86/kvm/vmx/vmx.c | 5 ++--- arch/x86/kvm/vmx/vmx.h | 3 +++ 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 903e874041ac..1e0b9f92ff18 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2653,7 +2653,8 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, stru= ct vmcs12 *vmcs12, if (vmx->nested.nested_run_pending && (vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) { kvm_set_dr(vcpu, 7, vmcs12->guest_dr7); - vmcs_write64(GUEST_IA32_DEBUGCTL, vmcs12->guest_ia32_debugctl); + vmcs_write64(GUEST_IA32_DEBUGCTL, vmcs12->guest_ia32_debugctl & + vmx_get_supported_debugctl(vcpu, false)); } else { kvm_set_dr(vcpu, 7, vcpu->arch.dr7); vmcs_write64(GUEST_IA32_DEBUGCTL, vmx->nested.pre_vmenter_debugctl); @@ -3135,7 +3136,8 @@ static int nested_vmx_check_guest_state(struct kvm_vc= pu *vcpu, return -EINVAL; =20 if ((vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS) && - CC(!kvm_dr7_valid(vmcs12->guest_dr7))) + (CC(!kvm_dr7_valid(vmcs12->guest_dr7)) || + CC(!vmx_is_valid_debugctl(vcpu, vmcs12->guest_ia32_debugctl, false))= )) return -EINVAL; =20 if ((vmcs12->vm_entry_controls & VM_ENTRY_LOAD_IA32_PAT) && @@ -4576,6 +4578,12 @@ static void sync_vmcs02_to_vmcs12(struct kvm_vcpu *v= cpu, struct vmcs12 *vmcs12) (vmcs12->vm_entry_controls & ~VM_ENTRY_IA32E_MODE) | (vm_entry_controls_get(to_vmx(vcpu)) & VM_ENTRY_IA32E_MODE); =20 + /* + * Note! Save DR7, but intentionally don't grab DEBUGCTL from vmcs02. + * Writes to DEBUGCTL that aren't intercepted by L1 are immediately + * propagated to vmcs12 (see vmx_set_msr()), as the value loaded into + * vmcs02 doesn't strictly track vmcs12. + */ if (vmcs12->vm_exit_controls & VM_EXIT_SAVE_DEBUG_CONTROLS) vmcs12->guest_dr7 =3D vcpu->arch.dr7; =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index ff61093e9af7..50d45c18fce9 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2173,7 +2173,7 @@ static u64 nested_vmx_truncate_sysenter_addr(struct k= vm_vcpu *vcpu, return (unsigned long)data; } =20 -static u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_ini= tiated) +u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated) { u64 debugctl =3D 0; =20 @@ -2192,8 +2192,7 @@ static u64 vmx_get_supported_debugctl(struct kvm_vcpu= *vcpu, bool host_initiated return debugctl; } =20 -static bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, - bool host_initiated) +bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, bool host_init= iated) { u64 invalid; =20 diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index cf57fbf12104..ee330d14089d 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -435,6 +435,9 @@ static inline void vmx_set_intercept_for_msr(struct kvm= _vcpu *vcpu, u32 msr, =20 void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcpu); =20 +u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated); +bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, bool host_init= iated); + /* * Note, early Intel manuals have the write-low and read-high bitmap offse= ts * the wrong way round. The bitmaps control MSRs 0x00000000-0x00001fff and --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7ADDA1D5AB7 for ; Fri, 15 Aug 2025 00:57:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219461; cv=none; b=EruvRqWD3hJs/VYvVrTELZJ1/eecC4ZmLb96rJxRCbRfYTmFIHQjdzif44NXG8z3pDsxi5o0VFbGl4xactKDCPXy8MzZPvBRudj9rL8hNvgowSVvx5p7oJW5kL+6XNxS+BQgFzEfQ2takYZ4SisCScy92rcjdZ7xvtr1V9shErM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219461; c=relaxed/simple; bh=acupdItiM00zXTbSL7afxnZgWaSaF5vm4X2MzIzWel8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Isg5dtkI9piGs49fPtZq8S13d2qyLNlUTfzXXv3IgxTcP92S/kAJAzV5LZWTpU6PxXKE9TOf1/ssMK5xd1bDgJNMiqmObKGlx1aVYI96UyxVJDYqR+EfMxZqv22M+3uVtMR2dFH1xDIk2Rfw96c96saDMovhqy7PMv9K2OaOgwI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Csjh7DJl; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Csjh7DJl" Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-b471757d82fso964261a12.3 for ; Thu, 14 Aug 2025 17:57:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755219459; x=1755824259; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=1JfEBV+RqdWQTKTUmxyMJdZjY18L3dhuoWkp760e118=; b=Csjh7DJl50Pr3TuY/lZXOV/AIawH03+8AmcfDSTFbCOMc3jFeWLWf5J6yN/ndhVXaP +vv98ZZ/FZV+AWbIcHwy4OAswAVZmQ3StA3pyiN1j4EjCj6FZ2rJgCdVqa3WsrbPlrad KOLbRIYUaSnD7wxRxqa2Hh51SzqF4FBRKhNKNI0UJ6OECnha8IZ6EtJ8EhGPug/ZC2YK gI2+A/fKOlxw3aDoHQuym9+B9xRplC8ejhPogsiRXehb0qSp0yxjvuT69QAxg3OC08xI hQxxS9x2Audv+X01LJPmb28hguVCQuBclf0jvhsFTbOvm4hM/RKwIicZ4jO+CLMvzWC1 SCcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755219459; x=1755824259; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1JfEBV+RqdWQTKTUmxyMJdZjY18L3dhuoWkp760e118=; b=vxvhME+E0LNT3dXSVePks+FjbtYDUS3XqRtUnBV4RBpgAEjMd5bNjt2sIC3jr4Pl7Z pHKJzDey1+5N7iaf+8HYEK5PLRszpS7/b8qvb8v2xhEK+Ki0Eo1DDzsrYf5VasWZiZIo YJtISsv9SyQm6U1YFB/JxMvKXvHW/D05ZJfvrmQl/75t/zV7yXmr1e4fbMDn4oQqrAKO U1Fl7SAHC3To7jF+kAJLE/AWdjw6Qb2TiPt+K8xcus+x46PQJZ5DtGjf6MbeX5foGWNy 7M2fZEWy0mzo11j5WXulY1ZMqfBqQGcllKwVYaBl3TpEYDIwXsMQrsC1+No6rLqedSqY hGmw== X-Forwarded-Encrypted: i=1; AJvYcCW4LuAWB8A2jRJ4RfgvRKELDBJNREczkyKOSZ/uKHtbONBWCD/+wSZPBjg/quQy71Jq4m339Z5y488QdVU=@vger.kernel.org X-Gm-Message-State: AOJu0YyLAMNfq9yHUrpqZ00dNIhbG9E1HWdPMCkpWYCIjdc0EONAumDa hdaAHXkHkgQ+sie9A4f+uEcno6SwXXIwtdhbNNfSndVbDG1s3rT/apDPZoDsivmUt3NK9yO/Obi tNyVqeQ== X-Google-Smtp-Source: AGHT+IE4b9qnBD0CXnNtJR3iMB6EUQmbGXbp+EFwY6DQVJKiokHzLfqyofaeF0/3OdUjmLXVBfnwRWkP2pw= X-Received: from plxd6.prod.google.com ([2002:a17:902:ef06:b0:240:72ee:421a]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:8d0:b0:234:c8f6:1afb with SMTP id d9443c01a7336-2446cbab3c3mr4228895ad.0.1755219459036; Thu, 14 Aug 2025 17:57:39 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:57:24 -0700 In-Reply-To: <20250815005725.2386187-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815005725.2386187-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815005725.2386187-7-seanjc@google.com> Subject: [PATCH 6.12.y 6/7] KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maxim Levitsky [ Upstream commit 7d0cce6cbe71af6e9c1831bff101a2b9c249c4a2 ] Introduce vmx_guest_debugctl_{read,write}() to handle all accesses to vmcs.GUEST_IA32_DEBUGCTL. This will allow stuffing FREEZE_IN_SMM into GUEST_IA32_DEBUGCTL based on the host setting without bleeding the state into the guest, and without needing to copy+paste the FREEZE_IN_SMM logic into every patch that accesses GUEST_IA32_DEBUGCTL. No functional change intended. Cc: stable@vger.kernel.org Signed-off-by: Maxim Levitsky [sean: massage changelog, make inline, use in all prepare_vmcs02() cases] Reviewed-by: Dapeng Mi Link: https://lore.kernel.org/r/20250610232010.162191-8-seanjc@google.com Signed-off-by: Sasha Levin Signed-off-by: Sean Christopherson --- arch/x86/kvm/vmx/nested.c | 10 +++++----- arch/x86/kvm/vmx/pmu_intel.c | 8 ++++---- arch/x86/kvm/vmx/vmx.c | 8 +++++--- arch/x86/kvm/vmx/vmx.h | 10 ++++++++++ 4 files changed, 24 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 1e0b9f92ff18..9a336f661fc6 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -2653,11 +2653,11 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, st= ruct vmcs12 *vmcs12, if (vmx->nested.nested_run_pending && (vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) { kvm_set_dr(vcpu, 7, vmcs12->guest_dr7); - vmcs_write64(GUEST_IA32_DEBUGCTL, vmcs12->guest_ia32_debugctl & - vmx_get_supported_debugctl(vcpu, false)); + vmx_guest_debugctl_write(vcpu, vmcs12->guest_ia32_debugctl & + vmx_get_supported_debugctl(vcpu, false)); } else { kvm_set_dr(vcpu, 7, vcpu->arch.dr7); - vmcs_write64(GUEST_IA32_DEBUGCTL, vmx->nested.pre_vmenter_debugctl); + vmx_guest_debugctl_write(vcpu, vmx->nested.pre_vmenter_debugctl); } if (kvm_mpx_supported() && (!vmx->nested.nested_run_pending || !(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS))) @@ -3527,7 +3527,7 @@ enum nvmx_vmentry_status nested_vmx_enter_non_root_mo= de(struct kvm_vcpu *vcpu, =20 if (!vmx->nested.nested_run_pending || !(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_DEBUG_CONTROLS)) - vmx->nested.pre_vmenter_debugctl =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + vmx->nested.pre_vmenter_debugctl =3D vmx_guest_debugctl_read(); if (kvm_mpx_supported() && (!vmx->nested.nested_run_pending || !(vmcs12->vm_entry_controls & VM_ENTRY_LOAD_BNDCFGS))) @@ -4774,7 +4774,7 @@ static void load_vmcs12_host_state(struct kvm_vcpu *v= cpu, __vmx_set_segment(vcpu, &seg, VCPU_SREG_LDTR); =20 kvm_set_dr(vcpu, 7, 0x400); - vmcs_write64(GUEST_IA32_DEBUGCTL, 0); + vmx_guest_debugctl_write(vcpu, 0); =20 if (nested_vmx_load_msr(vcpu, vmcs12->vm_exit_msr_load_addr, vmcs12->vm_exit_msr_load_count)) diff --git a/arch/x86/kvm/vmx/pmu_intel.c b/arch/x86/kvm/vmx/pmu_intel.c index 9c9d4a336166..a5edc623166a 100644 --- a/arch/x86/kvm/vmx/pmu_intel.c +++ b/arch/x86/kvm/vmx/pmu_intel.c @@ -605,11 +605,11 @@ static void intel_pmu_reset(struct kvm_vcpu *vcpu) */ static void intel_pmu_legacy_freezing_lbrs_on_pmi(struct kvm_vcpu *vcpu) { - u64 data =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + u64 data =3D vmx_guest_debugctl_read(); =20 if (data & DEBUGCTLMSR_FREEZE_LBRS_ON_PMI) { data &=3D ~DEBUGCTLMSR_LBR; - vmcs_write64(GUEST_IA32_DEBUGCTL, data); + vmx_guest_debugctl_write(vcpu, data); } } =20 @@ -679,7 +679,7 @@ void vmx_passthrough_lbr_msrs(struct kvm_vcpu *vcpu) =20 if (!lbr_desc->event) { vmx_disable_lbr_msrs_passthrough(vcpu); - if (vmcs_read64(GUEST_IA32_DEBUGCTL) & DEBUGCTLMSR_LBR) + if (vmx_guest_debugctl_read() & DEBUGCTLMSR_LBR) goto warn; if (test_bit(INTEL_PMC_IDX_FIXED_VLBR, pmu->pmc_in_use)) goto warn; @@ -701,7 +701,7 @@ void vmx_passthrough_lbr_msrs(struct kvm_vcpu *vcpu) =20 static void intel_pmu_cleanup(struct kvm_vcpu *vcpu) { - if (!(vmcs_read64(GUEST_IA32_DEBUGCTL) & DEBUGCTLMSR_LBR)) + if (!(vmx_guest_debugctl_read() & DEBUGCTLMSR_LBR)) intel_pmu_release_guest_lbr_event(vcpu); } =20 diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 50d45c18fce9..4bb25519e7ce 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2148,7 +2148,7 @@ int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_dat= a *msr_info) msr_info->data =3D vmx->pt_desc.guest.addr_a[index / 2]; break; case MSR_IA32_DEBUGCTLMSR: - msr_info->data =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + msr_info->data =3D vmx_guest_debugctl_read(); break; default: find_uret_msr: @@ -2282,7 +2282,8 @@ int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_dat= a *msr_info) VM_EXIT_SAVE_DEBUG_CONTROLS) get_vmcs12(vcpu)->guest_ia32_debugctl =3D data; =20 - vmcs_write64(GUEST_IA32_DEBUGCTL, data); + vmx_guest_debugctl_write(vcpu, data); + if (intel_pmu_lbr_is_enabled(vcpu) && !to_vmx(vcpu)->lbr_desc.event && (data & DEBUGCTLMSR_LBR)) intel_pmu_create_guest_lbr_event(vcpu); @@ -4831,7 +4832,8 @@ static void init_vmcs(struct vcpu_vmx *vmx) vmcs_write32(GUEST_SYSENTER_CS, 0); vmcs_writel(GUEST_SYSENTER_ESP, 0); vmcs_writel(GUEST_SYSENTER_EIP, 0); - vmcs_write64(GUEST_IA32_DEBUGCTL, 0); + + vmx_guest_debugctl_write(&vmx->vcpu, 0); =20 if (cpu_has_vmx_tpr_shadow()) { vmcs_write64(VIRTUAL_APIC_PAGE_ADDR, 0); diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index ee330d14089d..5b2c5cb5e32e 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -438,6 +438,16 @@ void vmx_update_cpu_dirty_logging(struct kvm_vcpu *vcp= u); u64 vmx_get_supported_debugctl(struct kvm_vcpu *vcpu, bool host_initiated); bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64 data, bool host_init= iated); =20 +static inline void vmx_guest_debugctl_write(struct kvm_vcpu *vcpu, u64 val) +{ + vmcs_write64(GUEST_IA32_DEBUGCTL, val); +} + +static inline u64 vmx_guest_debugctl_read(void) +{ + return vmcs_read64(GUEST_IA32_DEBUGCTL); +} + /* * Note, early Intel manuals have the write-low and read-high bitmap offse= ts * the wrong way round. The bitmaps control MSRs 0x00000000-0x00001fff and --=20 2.51.0.rc1.163.g2494970778-goog From nobody Sat Oct 4 14:35:16 2025 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A10A61E520F for ; Fri, 15 Aug 2025 00:57:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219463; cv=none; b=Z6q7VpoV5L+w8Op3LHKobNqei5cQ60DafOLvc5Cyo6YDA3bVjmkn3kKPF5ha9cs5/1AFj9Pn836FZ9kgMJZr64SCKKNztsWX9XEQzZUaN8OxzUJ5eSDNUvj8HSTDEBwYa10B1uCJKeqpI/S6WECNWr76vGiuxXfMLQc4GbSKi8k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1755219463; c=relaxed/simple; bh=D3SCzJLx7z3/xuvZe7P1l+Hc98pS/XxswTMwxFnhSas=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=nxccfSBh/TT5Wl2N440J8HPTwNrhBRju76uh9OAE8HXDWh16Xm1B6M1fKAwmFeAY00zMsr8Ghx9mYK4dPgQMYTTnMj9ZwgzMA/Zpv35XWP2v/NMLuzcTQjNf3x1++3DpED3X6mLtpDjVqCq31HKp9kh9MP+ibWtFjXks9ec7LaM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=LWW35Fdr; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="LWW35Fdr" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-76e2eb6d2baso2985246b3a.3 for ; Thu, 14 Aug 2025 17:57:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1755219461; x=1755824261; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=KJQ/Bc06ZBSNQpA/+1i2e1EgCyr29JOoXKc+Br8C5UA=; b=LWW35FdrH9U5XdVuisL8oEnOnJw1p7fZMEWepj2mPwDYJPNrtsH6Pk2Te2pFQuEPlg 5oWL6TlwCr6QdPwZuKu81cKt1xlmWOXI2AM6r9DowXTgWjSLuAIdcfzUf4mq4pq26AJX Lwdlu60gPsKtHgGUNk3S8xfCC997PbxxW9Uy2xvniCuakhUXPN4P/AD42wFAAjc/aZIn /wjBn40L/rSOFOpZlASYa2CibzxcPklX8B38NZzF1wh4JKi2zEd+YHEeP72jNkqLi7t9 IYb/BaA53YDWmbWB6je7HW3mvLH9GzBT/PYvgAAW9H5f2+aAiLkQvUjeCW0dab402bSx CVKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755219461; x=1755824261; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KJQ/Bc06ZBSNQpA/+1i2e1EgCyr29JOoXKc+Br8C5UA=; b=Yd0o0qioGXhTNm4qABIK9V7Gcy1UjBzFv6mOzdmnsGzC597XnMvNiLgIwvmn499c4Z l+SiEZ9jnTu5ca1TZbCpgKr7mkqZHtawHmAbUFGX2hkgW84tmKGM6z5k24XVEEBEYpjl n9F9pE3YBgBopBs0RveUnzh5vr0OdwOesyCKAmP88jVJownqKebcdqtln7aATXAmW2dn IWVv/1RtYOrUrm3wsrHrx7B/FeaEl8mGYYzgPBeDAYmBOawYEoSKUwDK1hZ/3tjLLxc8 X1/O912mX1RBOT1u5aZI0ydgBK8ElzK3U/QzvK6jFg7vPuUufhCkrTMZ9ADWT8Lk4DMQ Dtng== X-Forwarded-Encrypted: i=1; AJvYcCV58cWbUGaa8JtRq7b9eTZ1n3Z7TPyOywR7MpaE/9/NlGf6C8qljbhVgLpR7SpCy5kTWwRG6AG0eS5Py1k=@vger.kernel.org X-Gm-Message-State: AOJu0Yz8YTus/UBSmJ8AdZQ9eI64tWca0V42iEzOW9i4jRKkVXSkMolk WeaKP47PxqxHYoDX7eCARNZWV6beGn0rzoZQYwHrWJEFu9Ovz3q2h/7m5DHFGi2o6+j40K9xW4d v32hv8A== X-Google-Smtp-Source: AGHT+IGZ4VntDzaqy3qfZtCDACj8O+RSKqOB5NRBlo4nW7dJOpqHPhO34Cy3RdpV/3eMeBJuwMFcmtrg+/A= X-Received: from pghc21.prod.google.com ([2002:a63:da15:0:b0:b2d:aac5:e874]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:244f:b0:240:1d9a:4c95 with SMTP id adf61e73a8af0-240d2d88145mr418868637.2.1755219460800; Thu, 14 Aug 2025 17:57:40 -0700 (PDT) Reply-To: Sean Christopherson Date: Thu, 14 Aug 2025 17:57:25 -0700 In-Reply-To: <20250815005725.2386187-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250815005725.2386187-1-seanjc@google.com> X-Mailer: git-send-email 2.51.0.rc1.163.g2494970778-goog Message-ID: <20250815005725.2386187-8-seanjc@google.com> Subject: [PATCH 6.12.y 7/7] KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest From: Sean Christopherson To: stable@vger.kernel.org, Greg Kroah-Hartman , Sasha Levin Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Maxim Levitsky [ Upstream commit 6b1dd26544d045f6a79e8c73572c0c0db3ef3c1a ] Set/clear DEBUGCTLMSR_FREEZE_IN_SMM in GUEST_IA32_DEBUGCTL based on the host's pre-VM-Enter value, i.e. preserve the host's FREEZE_IN_SMM setting while running the guest. When running with the "default treatment of SMIs" in effect (the only mode KVM supports), SMIs do not generate a VM-Exit that is visible to host (non-SMM) software, and instead transitions directly from VMX non-root to SMM. And critically, DEBUGCTL isn't context switched by hardware on SMI or RSM, i.e. SMM will run with whatever value was resident in hardware at the time of the SMI. Failure to preserve FREEZE_IN_SMM results in the PMU unexpectedly counting events while the CPU is executing in SMM, which can pollute profiling and potentially leak information into the guest. Check for changes in FREEZE_IN_SMM prior to every entry into KVM's inner run loop, as the bit can be toggled in IRQ context via IPI callback (SMP function call), by way of /sys/devices/cpu/freeze_on_smi. Add a field in kvm_x86_ops to communicate which DEBUGCTL bits need to be preserved, as FREEZE_IN_SMM is only supported and defined for Intel CPUs, i.e. explicitly checking FREEZE_IN_SMM in common x86 is at best weird, and at worst could lead to undesirable behavior in the future if AMD CPUs ever happened to pick up a collision with the bit. Exempt TDX vCPUs, i.e. protected guests, from the check, as the TDX Module owns and controls GUEST_IA32_DEBUGCTL. WARN in SVM if KVM_RUN_LOAD_DEBUGCTL is set, mostly to document that the lack of handling isn't a KVM bug (TDX already WARNs on any run_flag). Lastly, explicitly reload GUEST_IA32_DEBUGCTL on a VM-Fail that is missed by KVM but detected by hardware, i.e. in nested_vmx_restore_host_state(). Doing so avoids the need to track host_debugctl on a per-VMCS basis, as GUEST_IA32_DEBUGCTL is unconditionally written by prepare_vmcs02() and load_vmcs12_host_state(). For the VM-Fail case, even though KVM won't have actually entered the guest, vcpu_enter_guest() will have run with vmcs02 active and thus could result in vmcs01 being run with a stale value. Cc: stable@vger.kernel.org Signed-off-by: Maxim Levitsky Co-developed-by: Sean Christopherson Link: https://lore.kernel.org/r/20250610232010.162191-9-seanjc@google.com Signed-off-by: Sean Christopherson [sean: resolve syntactic conflict in vt_x86_ops definition] Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 7 +++++++ arch/x86/kvm/vmx/main.c | 2 ++ arch/x86/kvm/vmx/nested.c | 3 +++ arch/x86/kvm/vmx/vmx.c | 3 +++ arch/x86/kvm/vmx/vmx.h | 15 ++++++++++++++- arch/x86/kvm/x86.c | 14 ++++++++++++-- 6 files changed, 41 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 2ed05925d9d5..d27df86aa62c 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1630,6 +1630,7 @@ static inline u16 kvm_lapic_irq_dest_mode(bool dest_m= ode_logical) enum kvm_x86_run_flags { KVM_RUN_FORCE_IMMEDIATE_EXIT =3D BIT(0), KVM_RUN_LOAD_GUEST_DR6 =3D BIT(1), + KVM_RUN_LOAD_DEBUGCTL =3D BIT(2), }; =20 struct kvm_x86_ops { @@ -1659,6 +1660,12 @@ struct kvm_x86_ops { void (*vcpu_load)(struct kvm_vcpu *vcpu, int cpu); void (*vcpu_put)(struct kvm_vcpu *vcpu); =20 + /* + * Mask of DEBUGCTL bits that are owned by the host, i.e. that need to + * match the host's value even while the guest is active. + */ + const u64 HOST_OWNED_DEBUGCTL; + void (*update_exception_bitmap)(struct kvm_vcpu *vcpu); int (*get_msr)(struct kvm_vcpu *vcpu, struct msr_data *msr); int (*set_msr)(struct kvm_vcpu *vcpu, struct msr_data *msr); diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 7668e2fb8043..3f83e36a657b 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -42,6 +42,8 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .vcpu_load =3D vmx_vcpu_load, .vcpu_put =3D vmx_vcpu_put, =20 + .HOST_OWNED_DEBUGCTL =3D DEBUGCTLMSR_FREEZE_IN_SMM, + .update_exception_bitmap =3D vmx_update_exception_bitmap, .get_feature_msr =3D vmx_get_feature_msr, .get_msr =3D vmx_get_msr, diff --git a/arch/x86/kvm/vmx/nested.c b/arch/x86/kvm/vmx/nested.c index 9a336f661fc6..60bd2791d933 100644 --- a/arch/x86/kvm/vmx/nested.c +++ b/arch/x86/kvm/vmx/nested.c @@ -4829,6 +4829,9 @@ static void nested_vmx_restore_host_state(struct kvm_= vcpu *vcpu) WARN_ON(kvm_set_dr(vcpu, 7, vmcs_readl(GUEST_DR7))); } =20 + /* Reload DEBUGCTL to ensure vmcs01 has a fresh FREEZE_IN_SMM value. */ + vmx_reload_guest_debugctl(vcpu); + /* * Note that calling vmx_set_{efer,cr0,cr4} is important as they * handle a variety of side effects to KVM's software model. diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 4bb25519e7ce..6c185a260c5b 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7407,6 +7407,9 @@ fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 ru= n_flags) if (run_flags & KVM_RUN_LOAD_GUEST_DR6) set_debugreg(vcpu->arch.dr6, 6); =20 + if (run_flags & KVM_RUN_LOAD_DEBUGCTL) + vmx_reload_guest_debugctl(vcpu); + /* * Refresh vmcs.HOST_CR3 if necessary. This must be done immediately * prior to VM-Enter, as the kernel may load a new ASID (PCID) any time diff --git a/arch/x86/kvm/vmx/vmx.h b/arch/x86/kvm/vmx/vmx.h index 5b2c5cb5e32e..a7e2de50d27f 100644 --- a/arch/x86/kvm/vmx/vmx.h +++ b/arch/x86/kvm/vmx/vmx.h @@ -440,12 +440,25 @@ bool vmx_is_valid_debugctl(struct kvm_vcpu *vcpu, u64= data, bool host_initiated) =20 static inline void vmx_guest_debugctl_write(struct kvm_vcpu *vcpu, u64 val) { + WARN_ON_ONCE(val & DEBUGCTLMSR_FREEZE_IN_SMM); + + val |=3D vcpu->arch.host_debugctl & DEBUGCTLMSR_FREEZE_IN_SMM; vmcs_write64(GUEST_IA32_DEBUGCTL, val); } =20 static inline u64 vmx_guest_debugctl_read(void) { - return vmcs_read64(GUEST_IA32_DEBUGCTL); + return vmcs_read64(GUEST_IA32_DEBUGCTL) & ~DEBUGCTLMSR_FREEZE_IN_SMM; +} + +static inline void vmx_reload_guest_debugctl(struct kvm_vcpu *vcpu) +{ + u64 val =3D vmcs_read64(GUEST_IA32_DEBUGCTL); + + if (!((val ^ vcpu->arch.host_debugctl) & DEBUGCTLMSR_FREEZE_IN_SMM)) + return; + + vmx_guest_debugctl_write(vcpu, val & ~DEBUGCTLMSR_FREEZE_IN_SMM); } =20 /* diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 7beea8fb6ea6..dbd295ef3eba 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10711,7 +10711,7 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) dm_request_for_irq_injection(vcpu) && kvm_cpu_accept_dm_intr(vcpu); fastpath_t exit_fastpath; - u64 run_flags; + u64 run_flags, debug_ctl; =20 bool req_immediate_exit =3D false; =20 @@ -10982,7 +10982,17 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) set_debugreg(DR7_FIXED_1, 7); } =20 - vcpu->arch.host_debugctl =3D get_debugctlmsr(); + /* + * Refresh the host DEBUGCTL snapshot after disabling IRQs, as DEBUGCTL + * can be modified in IRQ context, e.g. via SMP function calls. Inform + * vendor code if any host-owned bits were changed, e.g. so that the + * value loaded into hardware while running the guest can be updated. + */ + debug_ctl =3D get_debugctlmsr(); + if ((debug_ctl ^ vcpu->arch.host_debugctl) & kvm_x86_ops.HOST_OWNED_DEBUG= CTL && + !vcpu->arch.guest_state_protected) + run_flags |=3D KVM_RUN_LOAD_DEBUGCTL; + vcpu->arch.host_debugctl =3D debug_ctl; =20 guest_timing_enter_irqoff(); =20 --=20 2.51.0.rc1.163.g2494970778-goog