Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

+2 -1

arch/x86/include/asm/kvm_host.h

··· 702 702 703 703 struct kvm_pio_request pio; 704 704 void *pio_data; 705 - void *guest_ins_data; 705 + void *sev_pio_data; 706 + unsigned sev_pio_count; 706 707 707 708 u8 event_exit_inst_len; 708 709

+3 -3

arch/x86/kvm/mmu/mmu.c

··· 4596 4596 unsigned bit; 4597 4597 bool wp; 4598 4598 4599 - if (!is_cr4_pke(mmu)) { 4600 - mmu->pkru_mask = 0; 4599 + mmu->pkru_mask = 0; 4600 + 4601 + if (!is_cr4_pke(mmu)) 4601 4602 return; 4602 - } 4603 4603 4604 4604 wp = is_cr0_wp(mmu); 4605 4605

+7

arch/x86/kvm/svm/sev.c

··· 1484 1484 goto e_free_trans; 1485 1485 } 1486 1486 1487 + /* 1488 + * Flush (on non-coherent CPUs) before RECEIVE_UPDATE_DATA, the PSP 1489 + * encrypts the written data with the guest's key, and the cache may 1490 + * contain dirty, unencrypted data. 1491 + */ 1492 + sev_clflush_pages(guest_page, n); 1493 + 1487 1494 /* The RECEIVE_UPDATE_DATA command requires C-bit to be always set. */ 1488 1495 data.guest_address = (page_to_pfn(guest_page[0]) << PAGE_SHIFT) + offset; 1489 1496 data.guest_address |= sev_me_mask;

+6 -11

arch/x86/kvm/vmx/vmx.c

··· 6305 6305 6306 6306 /* 6307 6307 * If we are running L2 and L1 has a new pending interrupt 6308 - * which can be injected, we should re-evaluate 6309 - * what should be done with this new L1 interrupt. 6310 - * If L1 intercepts external-interrupts, we should 6311 - * exit from L2 to L1. Otherwise, interrupt should be 6312 - * delivered directly to L2. 6308 + * which can be injected, this may cause a vmexit or it may 6309 + * be injected into L2. Either way, this interrupt will be 6310 + * processed via KVM_REQ_EVENT, not RVI, because we do not use 6311 + * virtual interrupt delivery to inject L1 interrupts into L2. 6313 6312 */ 6314 - if (is_guest_mode(vcpu) && max_irr_updated) { 6315 - if (nested_exit_on_intr(vcpu)) 6316 - kvm_vcpu_exiting_guest_mode(vcpu); 6317 - else 6318 - kvm_make_request(KVM_REQ_EVENT, vcpu); 6319 - } 6313 + if (is_guest_mode(vcpu) && max_irr_updated) 6314 + kvm_make_request(KVM_REQ_EVENT, vcpu); 6320 6315 } else { 6321 6316 max_irr = kvm_lapic_find_highest_irr(vcpu); 6322 6317 }

+104 -48

arch/x86/kvm/x86.c

··· 6906 6906 } 6907 6907 6908 6908 static int emulator_pio_in_out(struct kvm_vcpu *vcpu, int size, 6909 - unsigned short port, void *val, 6909 + unsigned short port, 6910 6910 unsigned int count, bool in) 6911 6911 { 6912 6912 vcpu->arch.pio.port = port; ··· 6914 6914 vcpu->arch.pio.count = count; 6915 6915 vcpu->arch.pio.size = size; 6916 6916 6917 - if (!kernel_pio(vcpu, vcpu->arch.pio_data)) { 6918 - vcpu->arch.pio.count = 0; 6917 + if (!kernel_pio(vcpu, vcpu->arch.pio_data)) 6919 6918 return 1; 6920 - } 6921 6919 6922 6920 vcpu->run->exit_reason = KVM_EXIT_IO; 6923 6921 vcpu->run->io.direction = in ? KVM_EXIT_IO_IN : KVM_EXIT_IO_OUT; ··· 6927 6929 return 0; 6928 6930 } 6929 6931 6932 + static int __emulator_pio_in(struct kvm_vcpu *vcpu, int size, 6933 + unsigned short port, unsigned int count) 6934 + { 6935 + WARN_ON(vcpu->arch.pio.count); 6936 + memset(vcpu->arch.pio_data, 0, size * count); 6937 + return emulator_pio_in_out(vcpu, size, port, count, true); 6938 + } 6939 + 6940 + static void complete_emulator_pio_in(struct kvm_vcpu *vcpu, void *val) 6941 + { 6942 + int size = vcpu->arch.pio.size; 6943 + unsigned count = vcpu->arch.pio.count; 6944 + memcpy(val, vcpu->arch.pio_data, size * count); 6945 + trace_kvm_pio(KVM_PIO_IN, vcpu->arch.pio.port, size, count, vcpu->arch.pio_data); 6946 + vcpu->arch.pio.count = 0; 6947 + } 6948 + 6930 6949 static int emulator_pio_in(struct kvm_vcpu *vcpu, int size, 6931 6950 unsigned short port, void *val, unsigned int count) 6932 6951 { 6933 - int ret; 6952 + if (vcpu->arch.pio.count) { 6953 + /* Complete previous iteration. */ 6954 + } else { 6955 + int r = __emulator_pio_in(vcpu, size, port, count); 6956 + if (!r) 6957 + return r; 6934 6958 6935 - if (vcpu->arch.pio.count) 6936 - goto data_avail; 6937 - 6938 - memset(vcpu->arch.pio_data, 0, size * count); 6939 - 6940 - ret = emulator_pio_in_out(vcpu, size, port, val, count, true); 6941 - if (ret) { 6942 - data_avail: 6943 - memcpy(val, vcpu->arch.pio_data, size * count); 6944 - trace_kvm_pio(KVM_PIO_IN, port, size, count, vcpu->arch.pio_data); 6945 - vcpu->arch.pio.count = 0; 6946 - return 1; 6959 + /* Results already available, fall through. */ 6947 6960 } 6948 6961 6949 - return 0; 6962 + WARN_ON(count != vcpu->arch.pio.count); 6963 + complete_emulator_pio_in(vcpu, val); 6964 + return 1; 6950 6965 } 6951 6966 6952 6967 static int emulator_pio_in_emulated(struct x86_emulate_ctxt *ctxt, ··· 6974 6963 unsigned short port, const void *val, 6975 6964 unsigned int count) 6976 6965 { 6966 + int ret; 6967 + 6977 6968 memcpy(vcpu->arch.pio_data, val, size * count); 6978 6969 trace_kvm_pio(KVM_PIO_OUT, port, size, count, vcpu->arch.pio_data); 6979 - return emulator_pio_in_out(vcpu, size, port, (void *)val, count, false); 6970 + ret = emulator_pio_in_out(vcpu, size, port, count, false); 6971 + if (ret) 6972 + vcpu->arch.pio.count = 0; 6973 + 6974 + return ret; 6980 6975 } 6981 6976 6982 6977 static int emulator_pio_out_emulated(struct x86_emulate_ctxt *ctxt, ··· 9660 9643 if (likely(exit_fastpath != EXIT_FASTPATH_REENTER_GUEST)) 9661 9644 break; 9662 9645 9663 - if (unlikely(kvm_vcpu_exit_request(vcpu))) { 9646 + if (vcpu->arch.apicv_active) 9647 + static_call(kvm_x86_sync_pir_to_irr)(vcpu); 9648 + 9649 + if (unlikely(kvm_vcpu_exit_request(vcpu))) { 9664 9650 exit_fastpath = EXIT_FASTPATH_EXIT_HANDLED; 9665 9651 break; 9666 9652 } 9667 - 9668 - if (vcpu->arch.apicv_active) 9669 - static_call(kvm_x86_sync_pir_to_irr)(vcpu); 9670 - } 9653 + } 9671 9654 9672 9655 /* 9673 9656 * Do this here before restoring debug registers on the host. And ··· 12385 12368 } 12386 12369 EXPORT_SYMBOL_GPL(kvm_sev_es_mmio_read); 12387 12370 12388 - static int complete_sev_es_emulated_ins(struct kvm_vcpu *vcpu) 12389 - { 12390 - memcpy(vcpu->arch.guest_ins_data, vcpu->arch.pio_data, 12391 - vcpu->arch.pio.count * vcpu->arch.pio.size); 12392 - vcpu->arch.pio.count = 0; 12371 + static int kvm_sev_es_outs(struct kvm_vcpu *vcpu, unsigned int size, 12372 + unsigned int port); 12393 12373 12374 + static int complete_sev_es_emulated_outs(struct kvm_vcpu *vcpu) 12375 + { 12376 + int size = vcpu->arch.pio.size; 12377 + int port = vcpu->arch.pio.port; 12378 + 12379 + vcpu->arch.pio.count = 0; 12380 + if (vcpu->arch.sev_pio_count) 12381 + return kvm_sev_es_outs(vcpu, size, port); 12394 12382 return 1; 12395 12383 } 12396 12384 12397 12385 static int kvm_sev_es_outs(struct kvm_vcpu *vcpu, unsigned int size, 12398 - unsigned int port, void *data, unsigned int count) 12386 + unsigned int port) 12399 12387 { 12400 - int ret; 12388 + for (;;) { 12389 + unsigned int count = 12390 + min_t(unsigned int, PAGE_SIZE / size, vcpu->arch.sev_pio_count); 12391 + int ret = emulator_pio_out(vcpu, size, port, vcpu->arch.sev_pio_data, count); 12401 12392 12402 - ret = emulator_pio_out_emulated(vcpu->arch.emulate_ctxt, size, port, 12403 - data, count); 12404 - if (ret) 12405 - return ret; 12393 + /* memcpy done already by emulator_pio_out. */ 12394 + vcpu->arch.sev_pio_count -= count; 12395 + vcpu->arch.sev_pio_data += count * vcpu->arch.pio.size; 12396 + if (!ret) 12397 + break; 12406 12398 12407 - vcpu->arch.pio.count = 0; 12399 + /* Emulation done by the kernel. */ 12400 + if (!vcpu->arch.sev_pio_count) 12401 + return 1; 12402 + } 12408 12403 12404 + vcpu->arch.complete_userspace_io = complete_sev_es_emulated_outs; 12409 12405 return 0; 12410 12406 } 12411 12407 12412 12408 static int kvm_sev_es_ins(struct kvm_vcpu *vcpu, unsigned int size, 12413 - unsigned int port, void *data, unsigned int count) 12414 - { 12415 - int ret; 12409 + unsigned int port); 12416 12410 12417 - ret = emulator_pio_in_emulated(vcpu->arch.emulate_ctxt, size, port, 12418 - data, count); 12419 - if (ret) { 12420 - vcpu->arch.pio.count = 0; 12421 - } else { 12422 - vcpu->arch.guest_ins_data = data; 12423 - vcpu->arch.complete_userspace_io = complete_sev_es_emulated_ins; 12411 + static void advance_sev_es_emulated_ins(struct kvm_vcpu *vcpu) 12412 + { 12413 + unsigned count = vcpu->arch.pio.count; 12414 + complete_emulator_pio_in(vcpu, vcpu->arch.sev_pio_data); 12415 + vcpu->arch.sev_pio_count -= count; 12416 + vcpu->arch.sev_pio_data += count * vcpu->arch.pio.size; 12417 + } 12418 + 12419 + static int complete_sev_es_emulated_ins(struct kvm_vcpu *vcpu) 12420 + { 12421 + int size = vcpu->arch.pio.size; 12422 + int port = vcpu->arch.pio.port; 12423 + 12424 + advance_sev_es_emulated_ins(vcpu); 12425 + if (vcpu->arch.sev_pio_count) 12426 + return kvm_sev_es_ins(vcpu, size, port); 12427 + return 1; 12428 + } 12429 + 12430 + static int kvm_sev_es_ins(struct kvm_vcpu *vcpu, unsigned int size, 12431 + unsigned int port) 12432 + { 12433 + for (;;) { 12434 + unsigned int count = 12435 + min_t(unsigned int, PAGE_SIZE / size, vcpu->arch.sev_pio_count); 12436 + if (!__emulator_pio_in(vcpu, size, port, count)) 12437 + break; 12438 + 12439 + /* Emulation done by the kernel. */ 12440 + advance_sev_es_emulated_ins(vcpu); 12441 + if (!vcpu->arch.sev_pio_count) 12442 + return 1; 12424 12443 } 12425 12444 12445 + vcpu->arch.complete_userspace_io = complete_sev_es_emulated_ins; 12426 12446 return 0; 12427 12447 } 12428 12448 ··· 12467 12413 unsigned int port, void *data, unsigned int count, 12468 12414 int in) 12469 12415 { 12470 - return in ? kvm_sev_es_ins(vcpu, size, port, data, count) 12471 - : kvm_sev_es_outs(vcpu, size, port, data, count); 12416 + vcpu->arch.sev_pio_data = data; 12417 + vcpu->arch.sev_pio_count = count; 12418 + return in ? kvm_sev_es_ins(vcpu, size, port) 12419 + : kvm_sev_es_outs(vcpu, size, port); 12472 12420 } 12473 12421 EXPORT_SYMBOL_GPL(kvm_sev_es_string_io); 12474 12422

Configure Feed

Configure Feed