Commit af5a4488 authored by Chenyi Qiang's avatar Chenyi Qiang Committed by Aichun Shi
Browse files

KVM: x86: Extend KVM_{G,S}ET_VCPU_EVENTS to support pending triple fault 

mainline inclusion
from mainline-v6.0-rc1
commit ed235117
category: feature
feature: Notify VM exit
bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I5PAJ5
CVE: N/A
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/


commit/?id=ed235117

Intel-SIG: commit ed235117 ("KVM: x86: Extend KVM_{G,S}ET_VCPU_EVENTS to support pending triple fault")

-------------------------------------

KVM: x86: Extend KVM_{G,S}ET_VCPU_EVENTS to support pending triple fault

For the triple fault sythesized by KVM, e.g. the RSM path or
nested_vmx_abort(), if KVM exits to userspace before the request is
serviced, userspace could migrate the VM and lose the triple fault.

Extend KVM_{G,S}ET_VCPU_EVENTS to support pending triple fault with a
new event KVM_VCPUEVENT_VALID_FAULT_FAULT so that userspace can save and
restore the triple fault event. This extension is guarded by a new KVM
capability KVM_CAP_TRIPLE_FAULT_EVENT.

Note that in the set_vcpu_events path, userspace is able to set/clear
the triple fault request through triple_fault.pending field.

Signed-off-by: default avatarChenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20220524135624.22988-2-chenyi.qiang@intel.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: default avatarAichun Shi <aichun.shi@intel.com>
parent 265cc29f

Documentation/virt/kvm/api.rst

+8 −0
Original line number Diff line number Diff line
@@ -1084,6 +1084,10 @@ The following bits are defined in the flags field: 
  fields contain a valid state. This bit will be set whenever

  KVM_CAP_EXCEPTION_PAYLOAD is enabled.



- KVM_VCPUEVENT_VALID_TRIPLE_FAULT may be set to signal that the

  triple_fault_pending field contains a valid state. This bit will

  be set whenever KVM_CAP_TRIPLE_FAULT_EVENT is enabled.



ARM/ARM64:

^^^^^^^^^^
@@ -1179,6 +1183,10 @@ can be set in the flags field to signal that the 
exception_has_payload, exception_payload, and exception.pending fields

contain a valid state and shall be written into the VCPU.



If KVM_CAP_TRIPLE_FAULT_EVENT is enabled, KVM_VCPUEVENT_VALID_TRIPLE_FAULT

can be set in flags field to signal that the triple_fault field contains

a valid state and shall be written into the VCPU.



ARM/ARM64:

^^^^^^^^^^

arch/x86/include/asm/kvm_host.h

+2 −0
Original line number Diff line number Diff line
@@ -997,6 +997,8 @@ struct kvm_arch { 
	bool guest_can_read_msr_platform_info;

	bool exception_payload_enabled;



	bool triple_fault_event;



	bool bus_lock_detection_enabled;



	/* Guest can access the SGX PROVISIONKEY. */

arch/x86/include/uapi/asm/kvm.h

+5 −1
Original line number Diff line number Diff line
@@ -310,6 +310,7 @@ struct kvm_reinject_control { 
#define KVM_VCPUEVENT_VALID_SHADOW	0x00000004

#define KVM_VCPUEVENT_VALID_SMM		0x00000008

#define KVM_VCPUEVENT_VALID_PAYLOAD	0x00000010

#define KVM_VCPUEVENT_VALID_TRIPLE_FAULT	0x00000020



/* Interrupt shadow states */

#define KVM_X86_SHADOW_INT_MOV_SS	0x01
@@ -344,7 +345,10 @@ struct kvm_vcpu_events { 
		__u8 smm_inside_nmi;

		__u8 latched_init;

	} smi;

	__u8 reserved[27];

	struct {

		__u8 pending;

	} triple_fault;

	__u8 reserved[26];

	__u8 exception_has_payload;

	__u64 exception_payload;

};

arch/x86/kvm/x86.c

+20 −1
Original line number Diff line number Diff line
@@ -3844,6 +3844,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) 
	case KVM_CAP_GET_MSR_FEATURES:

	case KVM_CAP_MSR_PLATFORM_INFO:

	case KVM_CAP_EXCEPTION_PAYLOAD:

	case KVM_CAP_X86_TRIPLE_FAULT_EVENT:

	case KVM_CAP_SET_GUEST_DEBUG:

	case KVM_CAP_LAST_CPU:

	case KVM_CAP_X86_USER_SPACE_MSR:
@@ -4415,6 +4416,10 @@ static void kvm_vcpu_ioctl_x86_get_vcpu_events(struct kvm_vcpu *vcpu, 
			 | KVM_VCPUEVENT_VALID_SMM);

	if (vcpu->kvm->arch.exception_payload_enabled)

		events->flags |= KVM_VCPUEVENT_VALID_PAYLOAD;

	if (vcpu->kvm->arch.triple_fault_event) {

		events->triple_fault.pending = kvm_test_request(KVM_REQ_TRIPLE_FAULT, vcpu);

		events->flags |= KVM_VCPUEVENT_VALID_TRIPLE_FAULT;

	}



	memset(&events->reserved, 0, sizeof(events->reserved));

}
@@ -4428,7 +4433,8 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, 
			      | KVM_VCPUEVENT_VALID_SIPI_VECTOR

			      | KVM_VCPUEVENT_VALID_SHADOW

			      | KVM_VCPUEVENT_VALID_SMM

			      | KVM_VCPUEVENT_VALID_PAYLOAD))

			      | KVM_VCPUEVENT_VALID_PAYLOAD

			      | KVM_VCPUEVENT_VALID_TRIPLE_FAULT))

		return -EINVAL;



	if (events->flags & KVM_VCPUEVENT_VALID_PAYLOAD) {
@@ -4506,6 +4512,15 @@ static int kvm_vcpu_ioctl_x86_set_vcpu_events(struct kvm_vcpu *vcpu, 
		}

	}



	if (events->flags & KVM_VCPUEVENT_VALID_TRIPLE_FAULT) {

		if (!vcpu->kvm->arch.triple_fault_event)

			return -EINVAL;

		if (events->triple_fault.pending)

			kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);

		else

			kvm_clear_request(KVM_REQ_TRIPLE_FAULT, vcpu);

	}



	kvm_make_request(KVM_REQ_EVENT, vcpu);



	return 0;
@@ -5420,6 +5435,10 @@ int kvm_vm_ioctl_enable_cap(struct kvm *kvm, 
		kvm->arch.exception_payload_enabled = cap->args[0];

		r = 0;

		break;

	case KVM_CAP_X86_TRIPLE_FAULT_EVENT:

		kvm->arch.triple_fault_event = cap->args[0];

		r = 0;

		break;

	case KVM_CAP_X86_USER_SPACE_MSR:

		kvm->arch.user_space_msr_mask = cap->args[0];

		r = 0;

include/uapi/linux/kvm.h

+1 −0
Original line number Diff line number Diff line
@@ -1064,6 +1064,7 @@ struct kvm_ppc_resize_hpt { 
#define KVM_CAP_ENFORCE_PV_FEATURE_CPUID 190

#define KVM_CAP_X86_BUS_LOCK_EXIT 193

#define KVM_CAP_SGX_ATTRIBUTE 196

#define KVM_CAP_X86_TRIPLE_FAULT_EVENT 218



#define KVM_CAP_ARM_CPU_FEATURE 555