Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

+2

arch/arm64/include/asm/kvm_host.h

··· 118 118 */ 119 119 unsigned long *pmu_filter; 120 120 unsigned int pmuver; 121 + 122 + u8 pfr0_csv2; 121 123 }; 122 124 123 125 struct kvm_vcpu_fault_info {

+4

arch/arm64/include/asm/sysreg.h

··· 372 372 #define SYS_CONTEXTIDR_EL1 sys_reg(3, 0, 13, 0, 1) 373 373 #define SYS_TPIDR_EL1 sys_reg(3, 0, 13, 0, 4) 374 374 375 + #define SYS_SCXTNUM_EL1 sys_reg(3, 0, 13, 0, 7) 376 + 375 377 #define SYS_CNTKCTL_EL1 sys_reg(3, 0, 14, 1, 0) 376 378 377 379 #define SYS_CCSIDR_EL1 sys_reg(3, 1, 0, 0, 0) ··· 405 403 406 404 #define SYS_TPIDR_EL0 sys_reg(3, 3, 13, 0, 2) 407 405 #define SYS_TPIDRRO_EL0 sys_reg(3, 3, 13, 0, 3) 406 + 407 + #define SYS_SCXTNUM_EL0 sys_reg(3, 3, 13, 0, 7) 408 408 409 409 /* Definitions for system register interface to AMU for ARMv8.4 onwards */ 410 410 #define SYS_AM_EL0(crm, op2) sys_reg(3, 3, 13, (crm), (op2))

+16

arch/arm64/kvm/arm.c

··· 102 102 return vgic_present ? kvm_vgic_get_max_vcpus() : KVM_MAX_VCPUS; 103 103 } 104 104 105 + static void set_default_csv2(struct kvm *kvm) 106 + { 107 + /* 108 + * The default is to expose CSV2 == 1 if the HW isn't affected. 109 + * Although this is a per-CPU feature, we make it global because 110 + * asymmetric systems are just a nuisance. 111 + * 112 + * Userspace can override this as long as it doesn't promise 113 + * the impossible. 114 + */ 115 + if (arm64_get_spectre_v2_state() == SPECTRE_UNAFFECTED) 116 + kvm->arch.pfr0_csv2 = 1; 117 + } 118 + 105 119 /** 106 120 * kvm_arch_init_vm - initializes a VM data structure 107 121 * @kvm: pointer to the KVM struct ··· 140 126 141 127 /* The maximum number of VCPUs is limited by the host's GIC model */ 142 128 kvm->arch.max_vcpus = kvm_arm_default_max_vcpus(); 129 + 130 + set_default_csv2(kvm); 143 131 144 132 return ret; 145 133 out_free_stage2_pgd:

+67 -44

arch/arm64/kvm/sys_regs.c

··· 1038 1038 { SYS_DESC(SYS_PMEVTYPERn_EL0(n)), \ 1039 1039 access_pmu_evtyper, reset_unknown, (PMEVTYPER0_EL0 + n), } 1040 1040 1041 - static bool access_amu(struct kvm_vcpu *vcpu, struct sys_reg_params *p, 1042 - const struct sys_reg_desc *r) 1041 + static bool undef_access(struct kvm_vcpu *vcpu, struct sys_reg_params *p, 1042 + const struct sys_reg_desc *r) 1043 1043 { 1044 1044 kvm_inject_undefined(vcpu); 1045 1045 ··· 1047 1047 } 1048 1048 1049 1049 /* Macro to expand the AMU counter and type registers*/ 1050 - #define AMU_AMEVCNTR0_EL0(n) { SYS_DESC(SYS_AMEVCNTR0_EL0(n)), access_amu } 1051 - #define AMU_AMEVTYPER0_EL0(n) { SYS_DESC(SYS_AMEVTYPER0_EL0(n)), access_amu } 1052 - #define AMU_AMEVCNTR1_EL0(n) { SYS_DESC(SYS_AMEVCNTR1_EL0(n)), access_amu } 1053 - #define AMU_AMEVTYPER1_EL0(n) { SYS_DESC(SYS_AMEVTYPER1_EL0(n)), access_amu } 1054 - 1055 - static bool trap_ptrauth(struct kvm_vcpu *vcpu, 1056 - struct sys_reg_params *p, 1057 - const struct sys_reg_desc *rd) 1058 - { 1059 - /* 1060 - * If we land here, that is because we didn't fixup the access on exit 1061 - * by allowing the PtrAuth sysregs. The only way this happens is when 1062 - * the guest does not have PtrAuth support enabled. 1063 - */ 1064 - kvm_inject_undefined(vcpu); 1065 - 1066 - return false; 1067 - } 1050 + #define AMU_AMEVCNTR0_EL0(n) { SYS_DESC(SYS_AMEVCNTR0_EL0(n)), undef_access } 1051 + #define AMU_AMEVTYPER0_EL0(n) { SYS_DESC(SYS_AMEVTYPER0_EL0(n)), undef_access } 1052 + #define AMU_AMEVCNTR1_EL0(n) { SYS_DESC(SYS_AMEVCNTR1_EL0(n)), undef_access } 1053 + #define AMU_AMEVTYPER1_EL0(n) { SYS_DESC(SYS_AMEVTYPER1_EL0(n)), undef_access } 1068 1054 1069 1055 static unsigned int ptrauth_visibility(const struct kvm_vcpu *vcpu, 1070 1056 const struct sys_reg_desc *rd) ··· 1058 1072 return vcpu_has_ptrauth(vcpu) ? 0 : REG_HIDDEN; 1059 1073 } 1060 1074 1075 + /* 1076 + * If we land here on a PtrAuth access, that is because we didn't 1077 + * fixup the access on exit by allowing the PtrAuth sysregs. The only 1078 + * way this happens is when the guest does not have PtrAuth support 1079 + * enabled. 1080 + */ 1061 1081 #define __PTRAUTH_KEY(k) \ 1062 - { SYS_DESC(SYS_## k), trap_ptrauth, reset_unknown, k, \ 1082 + { SYS_DESC(SYS_## k), undef_access, reset_unknown, k, \ 1063 1083 .visibility = ptrauth_visibility} 1064 1084 1065 1085 #define PTRAUTH_KEY(k) \ ··· 1120 1128 if (!vcpu_has_sve(vcpu)) 1121 1129 val &= ~(0xfUL << ID_AA64PFR0_SVE_SHIFT); 1122 1130 val &= ~(0xfUL << ID_AA64PFR0_AMU_SHIFT); 1123 - if (!(val & (0xfUL << ID_AA64PFR0_CSV2_SHIFT)) && 1124 - arm64_get_spectre_v2_state() == SPECTRE_UNAFFECTED) 1125 - val |= (1UL << ID_AA64PFR0_CSV2_SHIFT); 1131 + val &= ~(0xfUL << ID_AA64PFR0_CSV2_SHIFT); 1132 + val |= ((u64)vcpu->kvm->arch.pfr0_csv2 << ID_AA64PFR0_CSV2_SHIFT); 1126 1133 } else if (id == SYS_ID_AA64PFR1_EL1) { 1127 1134 val &= ~(0xfUL << ID_AA64PFR1_MTE_SHIFT); 1128 1135 } else if (id == SYS_ID_AA64ISAR1_EL1 && !vcpu_has_ptrauth(vcpu)) { ··· 1202 1211 return 0; 1203 1212 1204 1213 return REG_HIDDEN; 1214 + } 1215 + 1216 + static int set_id_aa64pfr0_el1(struct kvm_vcpu *vcpu, 1217 + const struct sys_reg_desc *rd, 1218 + const struct kvm_one_reg *reg, void __user *uaddr) 1219 + { 1220 + const u64 id = sys_reg_to_index(rd); 1221 + int err; 1222 + u64 val; 1223 + u8 csv2; 1224 + 1225 + err = reg_from_user(&val, uaddr, id); 1226 + if (err) 1227 + return err; 1228 + 1229 + /* 1230 + * Allow AA64PFR0_EL1.CSV2 to be set from userspace as long as 1231 + * it doesn't promise more than what is actually provided (the 1232 + * guest could otherwise be covered in ectoplasmic residue). 1233 + */ 1234 + csv2 = cpuid_feature_extract_unsigned_field(val, ID_AA64PFR0_CSV2_SHIFT); 1235 + if (csv2 > 1 || 1236 + (csv2 && arm64_get_spectre_v2_state() != SPECTRE_UNAFFECTED)) 1237 + return -EINVAL; 1238 + 1239 + /* We can only differ with CSV2, and anything else is an error */ 1240 + val ^= read_id_reg(vcpu, rd, false); 1241 + val &= ~(0xFUL << ID_AA64PFR0_CSV2_SHIFT); 1242 + if (val) 1243 + return -EINVAL; 1244 + 1245 + vcpu->kvm->arch.pfr0_csv2 = csv2; 1246 + 1247 + return 0; 1205 1248 } 1206 1249 1207 1250 /* ··· 1366 1341 return true; 1367 1342 } 1368 1343 1369 - static bool access_mte_regs(struct kvm_vcpu *vcpu, struct sys_reg_params *p, 1370 - const struct sys_reg_desc *r) 1371 - { 1372 - kvm_inject_undefined(vcpu); 1373 - return false; 1374 - } 1375 - 1376 1344 /* sys_reg_desc initialiser for known cpufeature ID registers */ 1377 1345 #define ID_SANITISED(name) { \ 1378 1346 SYS_DESC(SYS_##name), \ ··· 1490 1472 1491 1473 /* AArch64 ID registers */ 1492 1474 /* CRm=4 */ 1493 - ID_SANITISED(ID_AA64PFR0_EL1), 1475 + { SYS_DESC(SYS_ID_AA64PFR0_EL1), .access = access_id_reg, 1476 + .get_user = get_id_reg, .set_user = set_id_aa64pfr0_el1, }, 1494 1477 ID_SANITISED(ID_AA64PFR1_EL1), 1495 1478 ID_UNALLOCATED(4,2), 1496 1479 ID_UNALLOCATED(4,3), ··· 1534 1515 { SYS_DESC(SYS_ACTLR_EL1), access_actlr, reset_actlr, ACTLR_EL1 }, 1535 1516 { SYS_DESC(SYS_CPACR_EL1), NULL, reset_val, CPACR_EL1, 0 }, 1536 1517 1537 - { SYS_DESC(SYS_RGSR_EL1), access_mte_regs }, 1538 - { SYS_DESC(SYS_GCR_EL1), access_mte_regs }, 1518 + { SYS_DESC(SYS_RGSR_EL1), undef_access }, 1519 + { SYS_DESC(SYS_GCR_EL1), undef_access }, 1539 1520 1540 1521 { SYS_DESC(SYS_ZCR_EL1), NULL, reset_val, ZCR_EL1, 0, .visibility = sve_visibility }, 1541 1522 { SYS_DESC(SYS_TTBR0_EL1), access_vm_reg, reset_unknown, TTBR0_EL1 }, ··· 1561 1542 { SYS_DESC(SYS_ERXMISC0_EL1), trap_raz_wi }, 1562 1543 { SYS_DESC(SYS_ERXMISC1_EL1), trap_raz_wi }, 1563 1544 1564 - { SYS_DESC(SYS_TFSR_EL1), access_mte_regs }, 1565 - { SYS_DESC(SYS_TFSRE0_EL1), access_mte_regs }, 1545 + { SYS_DESC(SYS_TFSR_EL1), undef_access }, 1546 + { SYS_DESC(SYS_TFSRE0_EL1), undef_access }, 1566 1547 1567 1548 { SYS_DESC(SYS_FAR_EL1), access_vm_reg, reset_unknown, FAR_EL1 }, 1568 1549 { SYS_DESC(SYS_PAR_EL1), NULL, reset_unknown, PAR_EL1 }, ··· 1598 1579 { SYS_DESC(SYS_CONTEXTIDR_EL1), access_vm_reg, reset_val, CONTEXTIDR_EL1, 0 }, 1599 1580 { SYS_DESC(SYS_TPIDR_EL1), NULL, reset_unknown, TPIDR_EL1 }, 1600 1581 1582 + { SYS_DESC(SYS_SCXTNUM_EL1), undef_access }, 1583 + 1601 1584 { SYS_DESC(SYS_CNTKCTL_EL1), NULL, reset_val, CNTKCTL_EL1, 0}, 1602 1585 1603 1586 { SYS_DESC(SYS_CCSIDR_EL1), access_ccsidr }, ··· 1628 1607 { SYS_DESC(SYS_TPIDR_EL0), NULL, reset_unknown, TPIDR_EL0 }, 1629 1608 { SYS_DESC(SYS_TPIDRRO_EL0), NULL, reset_unknown, TPIDRRO_EL0 }, 1630 1609 1631 - { SYS_DESC(SYS_AMCR_EL0), access_amu }, 1632 - { SYS_DESC(SYS_AMCFGR_EL0), access_amu }, 1633 - { SYS_DESC(SYS_AMCGCR_EL0), access_amu }, 1634 - { SYS_DESC(SYS_AMUSERENR_EL0), access_amu }, 1635 - { SYS_DESC(SYS_AMCNTENCLR0_EL0), access_amu }, 1636 - { SYS_DESC(SYS_AMCNTENSET0_EL0), access_amu }, 1637 - { SYS_DESC(SYS_AMCNTENCLR1_EL0), access_amu }, 1638 - { SYS_DESC(SYS_AMCNTENSET1_EL0), access_amu }, 1610 + { SYS_DESC(SYS_SCXTNUM_EL0), undef_access }, 1611 + 1612 + { SYS_DESC(SYS_AMCR_EL0), undef_access }, 1613 + { SYS_DESC(SYS_AMCFGR_EL0), undef_access }, 1614 + { SYS_DESC(SYS_AMCGCR_EL0), undef_access }, 1615 + { SYS_DESC(SYS_AMUSERENR_EL0), undef_access }, 1616 + { SYS_DESC(SYS_AMCNTENCLR0_EL0), undef_access }, 1617 + { SYS_DESC(SYS_AMCNTENSET0_EL0), undef_access }, 1618 + { SYS_DESC(SYS_AMCNTENCLR1_EL0), undef_access }, 1619 + { SYS_DESC(SYS_AMCNTENSET1_EL0), undef_access }, 1639 1620 AMU_AMEVCNTR0_EL0(0), 1640 1621 AMU_AMEVCNTR0_EL0(1), 1641 1622 AMU_AMEVCNTR0_EL0(2),

+1

arch/x86/include/asm/kvm_host.h

··· 639 639 int cpuid_nent; 640 640 struct kvm_cpuid_entry2 *cpuid_entries; 641 641 642 + unsigned long cr3_lm_rsvd_bits; 642 643 int maxphyaddr; 643 644 int max_tdp_level; 644 645

+2

arch/x86/kvm/cpuid.c

··· 178 178 vcpu->arch.cr4_guest_rsvd_bits = 179 179 __cr4_reserved_bits(guest_cpuid_has, vcpu); 180 180 181 + vcpu->arch.cr3_lm_rsvd_bits = rsvd_bits(cpuid_maxphyaddr(vcpu), 63); 182 + 181 183 /* Invoke the vendor callback only after the above state is updated. */ 182 184 kvm_x86_ops.vcpu_after_set_cpuid(vcpu); 183 185 }

+7 -1

arch/x86/kvm/emulate.c

··· 4046 4046 return X86EMUL_CONTINUE; 4047 4047 } 4048 4048 4049 + static int em_clflushopt(struct x86_emulate_ctxt *ctxt) 4050 + { 4051 + /* emulating clflushopt regardless of cpuid */ 4052 + return X86EMUL_CONTINUE; 4053 + } 4054 + 4049 4055 static int em_movsxd(struct x86_emulate_ctxt *ctxt) 4050 4056 { 4051 4057 ctxt->dst.val = (s32) ctxt->src.val; ··· 4591 4585 }; 4592 4586 4593 4587 static const struct gprefix pfx_0f_ae_7 = { 4594 - I(SrcMem | ByteOp, em_clflush), N, N, N, 4588 + I(SrcMem | ByteOp, em_clflush), I(SrcMem | ByteOp, em_clflushopt), N, N, 4595 4589 }; 4596 4590 4597 4591 static const struct group_dual group15 = { {

+7

arch/x86/kvm/mmu/tdp_mmu.c

··· 49 49 { 50 50 struct kvm_mmu_page *sp; 51 51 52 + if (!kvm->arch.tdp_mmu_enabled) 53 + return false; 54 + if (WARN_ON(!VALID_PAGE(hpa))) 55 + return false; 56 + 52 57 sp = to_shadow_page(hpa); 58 + if (WARN_ON(!sp)) 59 + return false; 53 60 54 61 return sp->tdp_mmu_page && sp->root_count; 55 62 }

+8

arch/x86/kvm/svm/svm.c

··· 3741 3741 static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) 3742 3742 { 3743 3743 struct vcpu_svm *svm = to_svm(vcpu); 3744 + struct kvm_cpuid_entry2 *best; 3744 3745 3745 3746 vcpu->arch.xsaves_enabled = guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) && 3746 3747 boot_cpu_has(X86_FEATURE_XSAVE) && ··· 3753 3752 3754 3753 /* Check again if INVPCID interception if required */ 3755 3754 svm_check_invpcid(svm); 3755 + 3756 + /* For sev guests, the memory encryption bit is not reserved in CR3. */ 3757 + if (sev_guest(vcpu->kvm)) { 3758 + best = kvm_find_cpuid_entry(vcpu, 0x8000001F, 0); 3759 + if (best) 3760 + vcpu->arch.cr3_lm_rsvd_bits &= ~(1UL << (best->ebx & 0x3f)); 3761 + } 3756 3762 3757 3763 if (!kvm_vcpu_apicv_active(vcpu)) 3758 3764 return;

+1 -1

arch/x86/kvm/x86.c

··· 1041 1041 } 1042 1042 1043 1043 if (is_long_mode(vcpu) && 1044 - (cr3 & rsvd_bits(cpuid_maxphyaddr(vcpu), 63))) 1044 + (cr3 & vcpu->arch.cr3_lm_rsvd_bits)) 1045 1045 return 1; 1046 1046 else if (is_pae_paging(vcpu) && 1047 1047 !load_pdptrs(vcpu, vcpu->arch.walk_mmu, cr3))

Configure Feed

Configure Feed