mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
7d390a9da8
Use the kvm_arch_vcpu.host_debugctl snapshot to restore DEBUGCTL after running a TD vCPU. The final TDX series rebase was mishandled, likely due to commitfb71c79593("KVM: x86: Snapshot the host's DEBUGCTL in common x86") deleting the same line of code from vmx.h, i.e. creating a semantic conflict of sorts, but no syntactic conflict. Using the version in kvm_vcpu_arch picks up the ulong => u64 fix (which isn't relevant to TDX) as well as the IRQ fix from commit189ecdb3e1("KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs"). Link: https://lore.kernel.org/all/20250307212053.2948340-10-pbonzini@redhat.com Cc: Adrian Hunter <adrian.hunter@intel.com> Fixes:8af0990375("KVM: TDX: Save and restore IA32_DEBUGCTL") Reviewed-by: Adrian Hunter <adrian.hunter@intel.com> Link: https://lore.kernel.org/r/20250610232010.162191-2-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
180 lines
5.1 KiB
C
180 lines
5.1 KiB
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
#ifndef __KVM_X86_VMX_COMMON_H
|
|
#define __KVM_X86_VMX_COMMON_H
|
|
|
|
#include <linux/kvm_host.h>
|
|
#include <asm/posted_intr.h>
|
|
|
|
#include "mmu.h"
|
|
|
|
union vmx_exit_reason {
|
|
struct {
|
|
u32 basic : 16;
|
|
u32 reserved16 : 1;
|
|
u32 reserved17 : 1;
|
|
u32 reserved18 : 1;
|
|
u32 reserved19 : 1;
|
|
u32 reserved20 : 1;
|
|
u32 reserved21 : 1;
|
|
u32 reserved22 : 1;
|
|
u32 reserved23 : 1;
|
|
u32 reserved24 : 1;
|
|
u32 reserved25 : 1;
|
|
u32 bus_lock_detected : 1;
|
|
u32 enclave_mode : 1;
|
|
u32 smi_pending_mtf : 1;
|
|
u32 smi_from_vmx_root : 1;
|
|
u32 reserved30 : 1;
|
|
u32 failed_vmentry : 1;
|
|
};
|
|
u32 full;
|
|
};
|
|
|
|
struct vcpu_vt {
|
|
/* Posted interrupt descriptor */
|
|
struct pi_desc pi_desc;
|
|
|
|
/* Used if this vCPU is waiting for PI notification wakeup. */
|
|
struct list_head pi_wakeup_list;
|
|
|
|
union vmx_exit_reason exit_reason;
|
|
|
|
unsigned long exit_qualification;
|
|
u32 exit_intr_info;
|
|
|
|
/*
|
|
* If true, guest state has been loaded into hardware, and host state
|
|
* saved into vcpu_{vt,vmx,tdx}. If false, host state is loaded into
|
|
* hardware.
|
|
*/
|
|
bool guest_state_loaded;
|
|
bool emulation_required;
|
|
|
|
#ifdef CONFIG_X86_64
|
|
u64 msr_host_kernel_gs_base;
|
|
#endif
|
|
};
|
|
|
|
#ifdef CONFIG_KVM_INTEL_TDX
|
|
|
|
static __always_inline bool is_td(struct kvm *kvm)
|
|
{
|
|
return kvm->arch.vm_type == KVM_X86_TDX_VM;
|
|
}
|
|
|
|
static __always_inline bool is_td_vcpu(struct kvm_vcpu *vcpu)
|
|
{
|
|
return is_td(vcpu->kvm);
|
|
}
|
|
|
|
#else
|
|
|
|
static __always_inline bool is_td(struct kvm *kvm) { return false; }
|
|
static __always_inline bool is_td_vcpu(struct kvm_vcpu *vcpu) { return false; }
|
|
|
|
#endif
|
|
|
|
static inline bool vt_is_tdx_private_gpa(struct kvm *kvm, gpa_t gpa)
|
|
{
|
|
/* For TDX the direct mask is the shared mask. */
|
|
return !kvm_is_addr_direct(kvm, gpa);
|
|
}
|
|
|
|
static inline int __vmx_handle_ept_violation(struct kvm_vcpu *vcpu, gpa_t gpa,
|
|
unsigned long exit_qualification)
|
|
{
|
|
u64 error_code;
|
|
|
|
/* Is it a read fault? */
|
|
error_code = (exit_qualification & EPT_VIOLATION_ACC_READ)
|
|
? PFERR_USER_MASK : 0;
|
|
/* Is it a write fault? */
|
|
error_code |= (exit_qualification & EPT_VIOLATION_ACC_WRITE)
|
|
? PFERR_WRITE_MASK : 0;
|
|
/* Is it a fetch fault? */
|
|
error_code |= (exit_qualification & EPT_VIOLATION_ACC_INSTR)
|
|
? PFERR_FETCH_MASK : 0;
|
|
/* ept page table entry is present? */
|
|
error_code |= (exit_qualification & EPT_VIOLATION_PROT_MASK)
|
|
? PFERR_PRESENT_MASK : 0;
|
|
|
|
if (error_code & EPT_VIOLATION_GVA_IS_VALID)
|
|
error_code |= (exit_qualification & EPT_VIOLATION_GVA_TRANSLATED) ?
|
|
PFERR_GUEST_FINAL_MASK : PFERR_GUEST_PAGE_MASK;
|
|
|
|
if (vt_is_tdx_private_gpa(vcpu->kvm, gpa))
|
|
error_code |= PFERR_PRIVATE_ACCESS;
|
|
|
|
return kvm_mmu_page_fault(vcpu, gpa, error_code, NULL, 0);
|
|
}
|
|
|
|
static inline void kvm_vcpu_trigger_posted_interrupt(struct kvm_vcpu *vcpu,
|
|
int pi_vec)
|
|
{
|
|
#ifdef CONFIG_SMP
|
|
if (vcpu->mode == IN_GUEST_MODE) {
|
|
/*
|
|
* The vector of the virtual has already been set in the PIR.
|
|
* Send a notification event to deliver the virtual interrupt
|
|
* unless the vCPU is the currently running vCPU, i.e. the
|
|
* event is being sent from a fastpath VM-Exit handler, in
|
|
* which case the PIR will be synced to the vIRR before
|
|
* re-entering the guest.
|
|
*
|
|
* When the target is not the running vCPU, the following
|
|
* possibilities emerge:
|
|
*
|
|
* Case 1: vCPU stays in non-root mode. Sending a notification
|
|
* event posts the interrupt to the vCPU.
|
|
*
|
|
* Case 2: vCPU exits to root mode and is still runnable. The
|
|
* PIR will be synced to the vIRR before re-entering the guest.
|
|
* Sending a notification event is ok as the host IRQ handler
|
|
* will ignore the spurious event.
|
|
*
|
|
* Case 3: vCPU exits to root mode and is blocked. vcpu_block()
|
|
* has already synced PIR to vIRR and never blocks the vCPU if
|
|
* the vIRR is not empty. Therefore, a blocked vCPU here does
|
|
* not wait for any requested interrupts in PIR, and sending a
|
|
* notification event also results in a benign, spurious event.
|
|
*/
|
|
|
|
if (vcpu != kvm_get_running_vcpu())
|
|
__apic_send_IPI_mask(get_cpu_mask(vcpu->cpu), pi_vec);
|
|
return;
|
|
}
|
|
#endif
|
|
/*
|
|
* The vCPU isn't in the guest; wake the vCPU in case it is blocking,
|
|
* otherwise do nothing as KVM will grab the highest priority pending
|
|
* IRQ via ->sync_pir_to_irr() in vcpu_enter_guest().
|
|
*/
|
|
kvm_vcpu_wake_up(vcpu);
|
|
}
|
|
|
|
/*
|
|
* Post an interrupt to a vCPU's PIR and trigger the vCPU to process the
|
|
* interrupt if necessary.
|
|
*/
|
|
static inline void __vmx_deliver_posted_interrupt(struct kvm_vcpu *vcpu,
|
|
struct pi_desc *pi_desc, int vector)
|
|
{
|
|
if (pi_test_and_set_pir(vector, pi_desc))
|
|
return;
|
|
|
|
/* If a previous notification has sent the IPI, nothing to do. */
|
|
if (pi_test_and_set_on(pi_desc))
|
|
return;
|
|
|
|
/*
|
|
* The implied barrier in pi_test_and_set_on() pairs with the smp_mb_*()
|
|
* after setting vcpu->mode in vcpu_enter_guest(), thus the vCPU is
|
|
* guaranteed to see PID.ON=1 and sync the PIR to IRR if triggering a
|
|
* posted interrupt "fails" because vcpu->mode != IN_GUEST_MODE.
|
|
*/
|
|
kvm_vcpu_trigger_posted_interrupt(vcpu, POSTED_INTR_VECTOR);
|
|
}
|
|
|
|
noinstr void vmx_handle_nmi(struct kvm_vcpu *vcpu);
|
|
|
|
#endif /* __KVM_X86_VMX_COMMON_H */
|