From patchwork Wed Nov 2 23:19:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 1698633 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=kvm-riscv-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=qkOZOHjW; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=infradead.org header.i=@infradead.org header.a=rsa-sha256 header.s=desiato.20200630 header.b=l5hEvi1o; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.a=rsa-sha256 header.s=20210112 header.b=iDIyHkMK; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4N2l3n3WFPz1yqS for ; Thu, 3 Nov 2022 11:28:37 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help: List-Post:List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID :References:Mime-Version:In-Reply-To:Date:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=6DAbk1WnkcwEeQYxwH+QGiMC4Xn3DDVnQX+HGi+MTi4=; b=qkOZOHjWMIb9rW S/mw1s4H2hb3qIV/xjjUQVPsDjZGENjHhXB19pfcEPRdKlnnwY94XtZt/RNORJyz6Z8AW27aabsCh qpyZI2qlr4dnqv+SPhrvEc9zJjfk0q+9b0tDBQwEzachHvUE0+0IEx2zvy1FQHMsCZvhU2L679kh8 FLlbZUJX6nDoQQiB4uH5i0giyOsnwliH4h1b6yDAsU8kVd/sKgjlWmMzgSDrRa1dF3oudxS6mmd+x CuZUUAE/uMHInd6Jhad/oR7BJX+BMgiY6Zq5MnemjE63HivJABpo3Ls11llo76DuOXHNoebLJYeIW WESBUxi6TLJqSeG2O9eQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1oqO5w-00FJOs-KH; Thu, 03 Nov 2022 00:28:32 +0000 Received: from desiato.infradead.org ([2001:8b0:10b:1:d65d:64ff:fe57:4e05]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oqO5c-00FJ6v-5R for kvm-riscv@bombadil.infradead.org; Thu, 03 Nov 2022 00:28:12 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=Content-Type:Cc:To:From:Subject: Message-ID:References:Mime-Version:In-Reply-To:Date:Reply-To:Sender: Content-Transfer-Encoding:Content-ID:Content-Description; bh=hVDla26eytMn5VFnbgyTVPls5SmrgGd/F0K2RutwtIE=; b=l5hEvi1ok15FQvB83LHXC7Eima EgH13sdv2UgX36ozTQGyhCxBsT0+UgKP0hxXLMzKdXIlk16wsSwK7eEnkI1p7zzGHPAhgxJDZbGHv 2k3tJicb88eugjFxMPpbCTJtTjdhwcu8tbB4pJaV27/K7ah1Q0KSTutcv5+fhJVpuXQEJmeW4Lamb Q721GMGG8yMTPsz2T8WT5bgWgIbkxMV4e+LAYsQ2IBSTbe72R/Z2mKhEbPEbIYwF5ItF246snlJpS jTmwmq7Y6cUPJqM6BPuhb7Dhxr2+gCwCg3cM/WIflAMGVUqeaqBfic7aELfEuhInso/+Bcm7bQQfr YUMyWYaw==; Received: from mail-yw1-x1149.google.com ([2607:f8b0:4864:20::1149]) by desiato.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oqN1t-008X3T-IF for kvm-riscv@lists.infradead.org; Wed, 02 Nov 2022 23:20:20 +0000 Received: by mail-yw1-x1149.google.com with SMTP id 00721157ae682-348608c1cd3so881637b3.10 for ; Wed, 02 Nov 2022 16:20:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=hVDla26eytMn5VFnbgyTVPls5SmrgGd/F0K2RutwtIE=; b=iDIyHkMK4rG4gjhR62NbU2u6gdWGP2OsiuMyUm8igYAHn8Yp75bJ9TkqULzcOkedq9 lrMjOcoojkzBjBrlWbrxKO2hIi08hnG2vGMjy19X2fXFVzh41QfLnOmL8FwroxgO3U/9 M/y/STwQ9eY7WF8E0/2v/0v9jH+QmXpfdWTDy77I/CMIhnQwVipOJiVFqKmJ5knT8kO6 /eER3jJeTkGs/T4H5Ju8HiQ1eI0gIKHtbfqcKoWDK8SihPIEH+EjdUsL3+2iNE+kxZKc HsZJGEKFI4GV2S8b1QPqcice4sYcmqQ+Iksou1vJeTEdz8AoPZCMtO8nunZ43hRprA3N Kt5w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=hVDla26eytMn5VFnbgyTVPls5SmrgGd/F0K2RutwtIE=; b=QbRPzhf8JNH0FsiDxFatF4CZyySveck3lhXtoxhzD/8euZLGuN8QyQI181jgpt4RxY 9WRYKenpzP3oyuxaRUrxsWnB+jFSe05ZmbRP6cs6iQWsioa/sycnp1ZKdzSaXkW379Se l9PQujW1T4+yFre/XwsUf7KiBgvj+V00tqfcMxWwq5L6H5s1mHrybNls/tmmAbdSARbl i7oxYlxs4ipKF98dKjCHtBWtuCRbmXno5OQVQsq6km99K/M4H6s2IxxvHtcQ9Kmn2qgM +/uHLrnHtUx0U+p4VBO+RsS//4cI5pHXl2AMfBqE7NnIJJgNC2tRi5GRYINTSIitFJRV ro6Q== X-Gm-Message-State: ACrzQf0Vb0ZuyPQk/PaTc9J+xKVcm3N1csBmQG40tYcoSBEGMln7rdnq Gj6vbP+4uK5Fm2UCx6ZPGsH3KCGTylg= X-Google-Smtp-Source: AMsMyM6yoiTEPBcJzZyJoKfkq9RPyOM1vrXjFEM4y195PpXNkSIWWHhhXy8+p52Rv2+c/CoREZHcmA1s9zk= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:b10d:0:b0:6cc:3aa3:8cf2 with SMTP id g13-20020a25b10d000000b006cc3aa38cf2mr22841832ybj.261.1667431216148; Wed, 02 Nov 2022 16:20:16 -0700 (PDT) Date: Wed, 2 Nov 2022 23:19:03 +0000 In-Reply-To: <20221102231911.3107438-1-seanjc@google.com> Mime-Version: 1.0 References: <20221102231911.3107438-1-seanjc@google.com> X-Mailer: git-send-email 2.38.1.431.g37b22c650d-goog Message-ID: <20221102231911.3107438-37-seanjc@google.com> Subject: [PATCH 36/44] KVM: x86: Do compatibility checks when onlining CPU From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Huacai Chen , Aleksandar Markovic , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Christian Borntraeger , Janosch Frank , Claudio Imbrenda , Matthew Rosato , Eric Farman , Sean Christopherson , Vitaly Kuznetsov Cc: James Morse , Alexandru Elisei , Suzuki K Poulose , Oliver Upton , Atish Patra , David Hildenbrand , kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, kvmarm@lists.cs.columbia.edu, linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, Isaku Yamahata , Fabiano Rosas , Michael Ellerman , Chao Gao , Thomas Gleixner , Yuan Yao X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221102_232018_165414_16147025 X-CRM114-Status: GOOD ( 19.40 ) X-Spam-Score: -7.7 (-------) X-Spam-Report: Spam detection software, running on the system "desiato.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Chao Gao Do compatibility checks when enabling hardware to effectively add compatibility checks when onlining a CPU. Abort enabling, i.e. the online process, if the (hotplugged) CPU is incompatible with the kn [...] Content analysis details: (-7.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:1149 listed in] [list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -7.5 USER_IN_DEF_DKIM_WL From: address is in the default DKIM welcome-list -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.0 T_SCC_BODY_TEXT_LINE No description available. -0.0 DKIMWL_WL_MED DKIMwl.org - Medium trust sender X-BeenThere: kvm-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Sean Christopherson Sender: "kvm-riscv" Errors-To: kvm-riscv-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org From: Chao Gao Do compatibility checks when enabling hardware to effectively add compatibility checks when onlining a CPU. Abort enabling, i.e. the online process, if the (hotplugged) CPU is incompatible with the known good setup. At init time, KVM does compatibility checks to ensure that all online CPUs support hardware virtualization and a common set of features. But KVM uses hotplugged CPUs without such compatibility checks. On Intel CPUs, this leads to #GP if the hotplugged CPU doesn't support VMX, or VM-Entry failure if the hotplugged CPU doesn't support all features enabled by KVM. Note, this is little more than a NOP on SVM, as SVM already checks for full SVM support during hardware enabling. Opportunistically add a pr_err() if setup_vmcs_config() fails, and tweak all error messages to output which CPU failed. Signed-off-by: Chao Gao Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/svm/svm.c | 20 +++++++++++--------- arch/x86/kvm/vmx/vmx.c | 33 +++++++++++++++++++-------------- arch/x86/kvm/x86.c | 5 +++-- 4 files changed, 34 insertions(+), 26 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index f223c845ed6e..c99222b71fcc 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1666,7 +1666,7 @@ struct kvm_x86_nested_ops { }; struct kvm_x86_init_ops { - int (*check_processor_compatibility)(void); + int (*check_processor_compatibility)(int cpu); int (*hardware_setup)(void); unsigned int (*handle_intel_pt_intr)(void); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index efda384d29d4..4772835174dd 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -525,13 +525,13 @@ static void svm_init_osvw(struct kvm_vcpu *vcpu) vcpu->arch.osvw.status |= 1; } -static bool kvm_is_svm_supported(void) +static bool kvm_is_svm_supported(int cpu) { const char *msg; u64 vm_cr; if (!cpu_has_svm(&msg)) { - pr_err("SVM not supported, %s\n", msg); + pr_err("SVM not supported by CPU %d, %s\n", cpu, msg); return false; } @@ -542,16 +542,16 @@ static bool kvm_is_svm_supported(void) rdmsrl(MSR_VM_CR, vm_cr); if (vm_cr & (1 << SVM_VM_CR_SVM_DISABLE)) { - pr_err("SVM disabled in MSR_VM_CR\n"); + pr_err("SVM disabled in MSR_VM_CR on CPU %d\n", cpu); return false; } return true; } -static int __init svm_check_processor_compat(void) +static int svm_check_processor_compat(int cpu) { - if (!kvm_is_svm_supported()) + if (!kvm_is_svm_supported(cpu)) return -EIO; return 0; @@ -588,14 +588,16 @@ static int svm_hardware_enable(void) uint64_t efer; struct desc_struct *gdt; int me = raw_smp_processor_id(); + int r; + + r = svm_check_processor_compat(me); + if (r) + return r; rdmsrl(MSR_EFER, efer); if (efer & EFER_SVME) return -EBUSY; - if (!kvm_is_svm_supported()) - return -EINVAL; - sd = per_cpu(svm_data, me); if (!sd) { pr_err("%s: svm_data is NULL on %d\n", __func__, me); @@ -5132,7 +5134,7 @@ static int __init svm_init(void) __unused_size_checks(); - if (!kvm_is_svm_supported()) + if (!kvm_is_svm_supported(raw_smp_processor_id())) return -EOPNOTSUPP; r = kvm_x86_vendor_init(&svm_init_ops); diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index 07d86535c032..2729de93e0ea 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -2520,8 +2520,7 @@ static bool cpu_has_perf_global_ctrl_bug(void) return false; } -static __init int adjust_vmx_controls(u32 ctl_min, u32 ctl_opt, - u32 msr, u32 *result) +static int adjust_vmx_controls(u32 ctl_min, u32 ctl_opt, u32 msr, u32 *result) { u32 vmx_msr_low, vmx_msr_high; u32 ctl = ctl_min | ctl_opt; @@ -2539,7 +2538,7 @@ static __init int adjust_vmx_controls(u32 ctl_min, u32 ctl_opt, return 0; } -static __init u64 adjust_vmx_controls64(u64 ctl_opt, u32 msr) +static u64 adjust_vmx_controls64(u64 ctl_opt, u32 msr) { u64 allowed; @@ -2548,8 +2547,8 @@ static __init u64 adjust_vmx_controls64(u64 ctl_opt, u32 msr) return ctl_opt & allowed; } -static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, - struct vmx_capability *vmx_cap) +static int setup_vmcs_config(struct vmcs_config *vmcs_conf, + struct vmx_capability *vmx_cap) { u32 vmx_msr_low, vmx_msr_high; u32 _pin_based_exec_control = 0; @@ -2710,36 +2709,38 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf, return 0; } -static bool __init kvm_is_vmx_supported(void) +static bool kvm_is_vmx_supported(int cpu) { if (!cpu_has_vmx()) { - pr_err("CPU doesn't support VMX\n"); + pr_err("VMX not supported by CPU %d\n", cpu); return false; } if (!boot_cpu_has(X86_FEATURE_MSR_IA32_FEAT_CTL) || !boot_cpu_has(X86_FEATURE_VMX)) { - pr_err("VMX not enabled in MSR_IA32_FEAT_CTL\n"); + pr_err("VMX not enabled in MSR_IA32_FEAT_CTL on CPU %d\n", cpu); return false; } return true; } -static int __init vmx_check_processor_compat(void) +static int vmx_check_processor_compat(int cpu) { struct vmcs_config vmcs_conf; struct vmx_capability vmx_cap; - if (!kvm_is_vmx_supported()) + if (!kvm_is_vmx_supported(cpu)) return -EIO; - if (setup_vmcs_config(&vmcs_conf, &vmx_cap) < 0) + if (setup_vmcs_config(&vmcs_conf, &vmx_cap) < 0) { + pr_err("Failed to setup VMCS config on CPU %d\n", cpu); return -EIO; + } if (nested) nested_vmx_setup_ctls_msrs(&vmcs_conf, vmx_cap.ept); - if (memcmp(&vmcs_config, &vmcs_conf, sizeof(struct vmcs_config)) != 0) { - pr_err("CPU %d feature inconsistency!\n", smp_processor_id()); + if (memcmp(&vmcs_config, &vmcs_conf, sizeof(struct vmcs_config))) { + pr_err("Inconsistent VMCS config on CPU %d\n", cpu); return -EIO; } return 0; @@ -2771,6 +2772,10 @@ static int vmx_hardware_enable(void) u64 phys_addr = __pa(per_cpu(vmxarea, cpu)); int r; + r = vmx_check_processor_compat(cpu); + if (r) + return r; + if (cr4_read_shadow() & X86_CR4_VMXE) return -EBUSY; @@ -8517,7 +8522,7 @@ static int __init vmx_init(void) { int r, cpu; - if (!kvm_is_vmx_supported()) + if (!kvm_is_vmx_supported(raw_smp_processor_id())) return -EOPNOTSUPP; hv_setup_evmcs(); diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 0c1778f3308a..a7b1d916ecb2 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -9280,7 +9280,8 @@ struct kvm_cpu_compat_check { static int kvm_x86_check_processor_compatibility(struct kvm_x86_init_ops *ops) { - struct cpuinfo_x86 *c = &cpu_data(smp_processor_id()); + int cpu = smp_processor_id(); + struct cpuinfo_x86 *c = &cpu_data(cpu); WARN_ON(!irqs_disabled()); @@ -9288,7 +9289,7 @@ static int kvm_x86_check_processor_compatibility(struct kvm_x86_init_ops *ops) __cr4_reserved_bits(cpu_has, &boot_cpu_data)) return -EIO; - return ops->check_processor_compatibility(); + return ops->check_processor_compatibility(cpu); } static void kvm_x86_check_cpu_compat(void *data)