Merge branch 'kvm-hv-xmm-hypercall-fixes' into HEAD

};

static u64 kvm_get_sparse_vp_set(struct kvm *kvm, struct kvm_hv_hcall *hc,

				 int consumed_xmm_halves,

				 u64 *sparse_banks, gpa_t offset)

{

	u16 var_cnt;

	int i;

	if (hc->var_cnt > 64)

		return -EINVAL;

	/* Ignore banks that cannot possibly contain a legal VP index. */

	var_cnt = min_t(u16, hc->var_cnt, KVM_HV_MAX_SPARSE_VCPU_SET_BITS);

	if (hc->fast) {

		/*

		 * Each XMM holds two sparse banks, but do not count halves that

		 * have already been consumed for hypercall parameters.

		 */

		if (hc->var_cnt > 2 * HV_HYPERCALL_MAX_XMM_REGISTERS - consumed_xmm_halves)

			return HV_STATUS_INVALID_HYPERCALL_INPUT;

		for (i = 0; i < var_cnt; i++) {

			int j = i + consumed_xmm_halves;

			if (j % 2)

				sparse_banks[i] = sse128_hi(hc->xmm[j / 2]);

			else

				sparse_banks[i] = sse128_lo(hc->xmm[j / 2]);

		}

		return 0;

	}

	return kvm_read_guest(kvm, hc->ingpa + offset, sparse_banks,

			      var_cnt * sizeof(*sparse_banks));

}

static u64 kvm_hv_flush_tlb(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool ex)

static u64 kvm_hv_flush_tlb(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc)

{

	int i;

	struct kvm *kvm = vcpu->kvm;

	struct hv_tlb_flush_ex flush_ex;

	struct hv_tlb_flush flush;

	 */

	BUILD_BUG_ON(KVM_HV_MAX_SPARSE_VCPU_SET_BITS > 64);

	if (!ex) {

	if (hc->code == HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST ||

	    hc->code == HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE) {

		if (hc->fast) {

			flush.address_space = hc->ingpa;

			flush.flags = hc->outgpa;

		if (!hc->var_cnt)

			goto ret_success;

		if (hc->fast) {

			if (hc->var_cnt > HV_HYPERCALL_MAX_XMM_REGISTERS - 1)

				return HV_STATUS_INVALID_HYPERCALL_INPUT;

			for (i = 0; i < hc->var_cnt; i += 2) {

				sparse_banks[i] = sse128_lo(hc->xmm[i / 2 + 1]);

				sparse_banks[i + 1] = sse128_hi(hc->xmm[i / 2 + 1]);

			}

			goto do_flush;

		}

		if (kvm_get_sparse_vp_set(kvm, hc, sparse_banks,

		if (kvm_get_sparse_vp_set(kvm, hc, 2, sparse_banks,

					  offsetof(struct hv_tlb_flush_ex,

						   hv_vp_set.bank_contents)))

			return HV_STATUS_INVALID_HYPERCALL_INPUT;

	}

}

static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc, bool ex)

static u64 kvm_hv_send_ipi(struct kvm_vcpu *vcpu, struct kvm_hv_hcall *hc)

{

	struct kvm *kvm = vcpu->kvm;

	struct hv_send_ipi_ex send_ipi_ex;

	u32 vector;

	bool all_cpus;

	if (!ex) {

	if (hc->code == HVCALL_SEND_IPI) {

		if (!hc->fast) {

			if (unlikely(kvm_read_guest(kvm, hc->ingpa, &send_ipi,

						    sizeof(send_ipi))))

		trace_kvm_hv_send_ipi(vector, sparse_banks[0]);

	} else {

		if (!hc->fast) {

			if (unlikely(kvm_read_guest(kvm, hc->ingpa, &send_ipi_ex,

						    sizeof(send_ipi_ex))))

				return HV_STATUS_INVALID_HYPERCALL_INPUT;

		} else {

			send_ipi_ex.vector = (u32)hc->ingpa;

			send_ipi_ex.vp_set.format = hc->outgpa;

			send_ipi_ex.vp_set.valid_bank_mask = sse128_lo(hc->xmm[0]);

		}

		trace_kvm_hv_send_ipi_ex(send_ipi_ex.vector,

					 send_ipi_ex.vp_set.format,

		if (!hc->var_cnt)

			goto ret_success;

		if (kvm_get_sparse_vp_set(kvm, hc, sparse_banks,

		if (kvm_get_sparse_vp_set(kvm, hc, 1, sparse_banks,

					  offsetof(struct hv_send_ipi_ex,

						   vp_set.bank_contents)))

			return HV_STATUS_INVALID_HYPERCALL_INPUT;

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE:

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX:

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE_EX:

	case HVCALL_SEND_IPI_EX:

		return true;

	}

				kvm_hv_hypercall_complete_userspace;

		return 0;

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST:

		if (unlikely(!hc.rep_cnt || hc.rep_idx || hc.var_cnt)) {

		if (unlikely(hc.var_cnt)) {

			ret = HV_STATUS_INVALID_HYPERCALL_INPUT;

			break;

		}

		ret = kvm_hv_flush_tlb(vcpu, &hc, false);

		break;

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE:

		if (unlikely(hc.rep || hc.var_cnt)) {

		fallthrough;

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX:

		if (unlikely(!hc.rep_cnt || hc.rep_idx)) {

			ret = HV_STATUS_INVALID_HYPERCALL_INPUT;

			break;

		}

		ret = kvm_hv_flush_tlb(vcpu, &hc, false);

		ret = kvm_hv_flush_tlb(vcpu, &hc);

		break;

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX:

		if (unlikely(!hc.rep_cnt || hc.rep_idx)) {

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE:

		if (unlikely(hc.var_cnt)) {

			ret = HV_STATUS_INVALID_HYPERCALL_INPUT;

			break;

		}

		ret = kvm_hv_flush_tlb(vcpu, &hc, true);

		break;

		fallthrough;

	case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE_EX:

		if (unlikely(hc.rep)) {

			ret = HV_STATUS_INVALID_HYPERCALL_INPUT;

			break;

		}

		ret = kvm_hv_flush_tlb(vcpu, &hc, true);

		ret = kvm_hv_flush_tlb(vcpu, &hc);

		break;

	case HVCALL_SEND_IPI:

		if (unlikely(hc.rep || hc.var_cnt)) {

		if (unlikely(hc.var_cnt)) {

			ret = HV_STATUS_INVALID_HYPERCALL_INPUT;

			break;

		}

		ret = kvm_hv_send_ipi(vcpu, &hc, false);

		break;

		fallthrough;

	case HVCALL_SEND_IPI_EX:

		if (unlikely(hc.fast || hc.rep)) {

		if (unlikely(hc.rep)) {

			ret = HV_STATUS_INVALID_HYPERCALL_INPUT;

			break;

		}

		ret = kvm_hv_send_ipi(vcpu, &hc, true);

		ret = kvm_hv_send_ipi(vcpu, &hc);

		break;

	case HVCALL_POST_DEBUG_DATA:

	case HVCALL_RETRIEVE_DEBUG_DATA: