ホーム エクスプローラ ヘルプ
登録 サインイン
Apq
/
pve-edge-kernel
同期ミラー https://github.com/fabianishere/pve-edge-kernel.git
1
0
フォーク 0
ファイル 課題 0 Wiki
ツリー: ba318f6e4e
ブランチ タグ
pve-edge-kernel
/
debian
/
patches
/
pve
/
0030-KVM-x86-smm-preserve-interrupt-shadow-in-SMRAM.patch

0030-KVM-x86-smm-preserve-interrupt-shadow-in-SMRAM.patch 4.5 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138 
  1. From 810253988e9e317d6e576ebe608a5454f274b8fc Mon Sep 17 00:00:00 2001
    2. 

  2. From: Maxim Levitsky <[email protected]>
    3. 

  3. Date: Tue, 25 Oct 2022 15:47:41 +0300
    4. 

  4. Subject: [PATCH] KVM: x86: smm: preserve interrupt shadow in SMRAM
    5. 

  5. 

  6. When #SMI is asserted, the CPU can be in interrupt shadow due to sti or
    7. 

  7. mov ss.
    8. 

  8. 

  9. It is not mandatory in  Intel/AMD prm to have the #SMI blocked during the
    10. 

  10. shadow, and on top of that, since neither SVM nor VMX has true support
    11. 

  11. for SMI window, waiting for one instruction would mean single stepping
    12. 

  12. the guest.
    13. 

  13. 

  14. Instead, allow #SMI in this case, but both reset the interrupt window and
    15. 

  15. stash its value in SMRAM to restore it on exit from SMM.
    16. 

  16. 

  17. This fixes rare failures seen mostly on windows guests on VMX, when #SMI
    18. 

  18. falls on the sti instruction which mainfest in VM entry failure due
    19. 

  19. to EFLAGS.IF not being set, but STI interrupt window still being set
    20. 

  20. in the VMCS.
    21. 

  21. 

  22. Signed-off-by: Maxim Levitsky <[email protected]>
    23. 

  23. ---
    24. 

  24.  arch/x86/kvm/smm.c | 24 +++++++++++++++++++++---
    25. 

  25.  arch/x86/kvm/smm.h |  5 +++--
    26. 

  26.  2 files changed, 24 insertions(+), 5 deletions(-)
    27. 

  27. 

  28. diff --git a/arch/x86/kvm/smm.c b/arch/x86/kvm/smm.c
    29. 

  29. index 82761384a866..46d2656937a7 100644
    30. 

  30. --- a/arch/x86/kvm/smm.c
    31. 

  31. +++ b/arch/x86/kvm/smm.c
    32. 

  32. @@ -21,6 +21,7 @@ static void check_smram_offsets(void)
    33. 

  33.  	CHECK_SMRAM32_OFFSET(smbase,			0xFEF8);
    34. 

  34.  	CHECK_SMRAM32_OFFSET(smm_revision,		0xFEFC);
    35. 

  35.  	CHECK_SMRAM32_OFFSET(reserved2,			0xFF00);
    36. 

  36. +	CHECK_SMRAM32_OFFSET(int_shadow,		0xFF10);
    37. 

  37.  	CHECK_SMRAM32_OFFSET(cr4,			0xFF14);
    38. 

  38.  	CHECK_SMRAM32_OFFSET(reserved3,			0xFF18);
    39. 

  39.  	CHECK_SMRAM32_OFFSET(ds,			0xFF2C);
    40. 

  40. @@ -65,7 +66,7 @@ static void check_smram_offsets(void)
    41. 

  41.  	CHECK_SMRAM64_OFFSET(io_restart_rsi,		0xFEB0);
    42. 

  42.  	CHECK_SMRAM64_OFFSET(io_restart_rdi,		0xFEB8);
    43. 

  43.  	CHECK_SMRAM64_OFFSET(io_restart_dword,		0xFEC0);
    44. 

  44. -	CHECK_SMRAM64_OFFSET(reserved1,			0xFEC4);
    45. 

  45. +	CHECK_SMRAM64_OFFSET(int_shadow,		0xFEC4);
    46. 

  46.  	CHECK_SMRAM64_OFFSET(io_inst_restart,		0xFEC8);
    47. 

  47.  	CHECK_SMRAM64_OFFSET(auto_hlt_restart,		0xFEC9);
    48. 

  48.  	CHECK_SMRAM64_OFFSET(reserved2,			0xFECA);
    49. 

  49. @@ -212,6 +213,8 @@ static void enter_smm_save_state_32(struct kvm_vcpu *vcpu,
    50. 

  50.  	smram->cr4 = kvm_read_cr4(vcpu);
    51. 

  51.  	smram->smm_revision = 0x00020000;
    52. 

  52.  	smram->smbase = vcpu->arch.smbase;
    53. 

  53. +
    54. 

  54. +	smram->int_shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu);
    55. 

  55.  }
    56. 

  56.  
    57. 

  57.  #ifdef CONFIG_X86_64
    58. 

  58. @@ -261,6 +264,8 @@ static void enter_smm_save_state_64(struct kvm_vcpu *vcpu,
    59. 

  59.  	enter_smm_save_seg_64(vcpu, &smram->ds, VCPU_SREG_DS);
    60. 

  60.  	enter_smm_save_seg_64(vcpu, &smram->fs, VCPU_SREG_FS);
    61. 

  61.  	enter_smm_save_seg_64(vcpu, &smram->gs, VCPU_SREG_GS);
    62. 

  62. +
    63. 

  63. +	smram->int_shadow = static_call(kvm_x86_get_interrupt_shadow)(vcpu);
    64. 

  64.  }
    65. 

  65.  #endif
    66. 

  66.  
    67. 

  67. @@ -306,6 +311,8 @@ void enter_smm(struct kvm_vcpu *vcpu)
    68. 

  68.  	kvm_set_rflags(vcpu, X86_EFLAGS_FIXED);
    69. 

  69.  	kvm_rip_write(vcpu, 0x8000);
    70. 

  70.  
    71. 

  71. +	static_call(kvm_x86_set_interrupt_shadow)(vcpu, 0);
    72. 

  72. +
    73. 

  73.  	cr0 = vcpu->arch.cr0 & ~(X86_CR0_PE | X86_CR0_EM | X86_CR0_TS | X86_CR0_PG);
    74. 

  74.  	static_call(kvm_x86_set_cr0)(vcpu, cr0);
    75. 

  75.  	vcpu->arch.cr0 = cr0;
    76. 

  76. @@ -453,7 +460,7 @@ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt,
    77. 

  77.  {
    78. 

  78.  	struct kvm_vcpu *vcpu = ctxt->vcpu;
    79. 

  79.  	struct desc_ptr dt;
    80. 

  80. -	int i;
    81. 

  81. +	int i, r;
    82. 

  82.  
    83. 

  83.  	ctxt->eflags =  smstate->eflags | X86_EFLAGS_FIXED;
    84. 

  84.  	ctxt->_eip =  smstate->eip;
    85. 

  85. @@ -487,8 +494,16 @@ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt,
    86. 

  86.  
    87. 

  87.  	vcpu->arch.smbase = smstate->smbase;
    88. 

  88.  
    89. 

  89. -	return rsm_enter_protected_mode(vcpu, smstate->cr0,
    90. 

  90. +	r = rsm_enter_protected_mode(vcpu, smstate->cr0,
    91. 

  91.  					smstate->cr3, smstate->cr4);
    92. 

  92. +
    93. 

  93. +	if (r != X86EMUL_CONTINUE)
    94. 

  94. +		return r;
    95. 

  95. +
    96. 

  96. +	static_call(kvm_x86_set_interrupt_shadow)(vcpu, 0);
    97. 

  97. +	ctxt->interruptibility = (u8)smstate->int_shadow;
    98. 

  98. +
    99. 

  99. +	return r;
    100. 

  100.  }
    101. 

  101.  
    102. 

  102.  #ifdef CONFIG_X86_64
    103. 

  103. @@ -539,6 +554,9 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt,
    104. 

  104.  	rsm_load_seg_64(vcpu, &smstate->fs, VCPU_SREG_FS);
    105. 

  105.  	rsm_load_seg_64(vcpu, &smstate->gs, VCPU_SREG_GS);
    106. 

  106.  
    107. 

  107. +	static_call(kvm_x86_set_interrupt_shadow)(vcpu, 0);
    108. 

  108. +	ctxt->interruptibility = (u8)smstate->int_shadow;
    109. 

  109. +
    110. 

  110.  	return X86EMUL_CONTINUE;
    111. 

  111.  }
    112. 

  112.  #endif
    113. 

  113. diff --git a/arch/x86/kvm/smm.h b/arch/x86/kvm/smm.h
    114. 

  114. index 8d96bff3f4d5..2eaec53bcc95 100644
    115. 

  115. --- a/arch/x86/kvm/smm.h
    116. 

  116. +++ b/arch/x86/kvm/smm.h
    117. 

  117. @@ -19,7 +19,8 @@ struct kvm_smram_state_32 {
    118. 

  118.  	u32 reserved1[62];
    119. 

  119.  	u32 smbase;
    120. 

  120.  	u32 smm_revision;
    121. 

  121. -	u32 reserved2[5];
    122. 

  122. +	u32 reserved2[4];
    123. 

  123. +	u32 int_shadow; /* KVM extension */
    124. 

  124.  	u32 cr4; /* CR4 is not present in Intel/AMD SMRAM image */
    125. 

  125.  	u32 reserved3[5];
    126. 

  126.  
    127. 

  127. @@ -86,7 +87,7 @@ struct kvm_smram_state_64 {
    128. 

  128.  	u64 io_restart_rsi;
    129. 

  129.  	u64 io_restart_rdi;
    130. 

  130.  	u32 io_restart_dword;
    131. 

  131. -	u32 reserved1;
    132. 

  132. +	u32 int_shadow;
    133. 

  133.  	u8 io_inst_restart;
    134. 

  134.  	u8 auto_hlt_restart;
    135. 

  135.  	u8 reserved2[6];
    136. 

  136. -- 
    137. 

  137. 2.38.1
    138. 

  138.