Commits · a39888126bb6f88b3d1571cd3d446f183762a9b9 · Summer2022 / 22b970497

Jan 30, 2022

x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types · a3988812

Yazen Ghannam authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 8a5dd2cd
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Some SMCA bank types on future systems will report new error types even
though the bank type is not treated as a new version. These new error
types will reported by bits that are reserved in past systems.

Add the new error descriptions to the lists in edac_mce_amd.

Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-edac <linux-edac@vger.kernel.org>
Cc: Mauro Carvalho Chehab <mchehab@kernel.org>
Cc: Shirish S <Shirish.S@amd.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20190201225534.8177-4-Yazen.Ghannam@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

a3988812

x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units · 05563bd7

Yazen Ghannam authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 3ad7e748
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

The existing CS, PSP, and SMU SMCA bank types will see new versions (as
indicated by their McaTypes) in future SMCA systems.

Add the new (HWID, MCATYPE) tuples for these new versions. Reuse the
same names as the older versions, since they are logically the same to
the user. SMCA systems won't mix and match IP blocks with different
McaType versions in the same system, so there isn't a need to
distinguish them. The MCA_IPID register is saved when logging an MCA
error, and that can be used to triage the error.

Also, add the new error descriptions to edac_mce_amd. Some error types
(positions in the list) are overloaded compared to the previous
McaTypes. Therefore, just create new lists of the error descriptions to
keep things simple even if some of the error descriptions are the same
between versions.

Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-edac <linux-edac@vger.kernel.org>
Cc: Mauro Carvalho Chehab <mchehab@kernel.org>
Cc: Pu Wen <puwen@hygon.cn>
Cc: Qiuxu Zhuo <qiuxu.zhuo@intel.com>
Cc: Shirish S <Shirish.S@amd.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vishal Verma <vishal.l.verma@intel.com>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20190201225534.8177-3-Yazen.Ghannam@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

05563bd7

x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and PCIE SMCA bank types · 44c4f852

Yazen Ghannam authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit cbfa447e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Add the (HWID, MCATYPE) tuples and names for the new MP5, NBIO, and
PCIE SMCA bank types.

Also, add their respective error descriptions to the MCE decoding module
edac_mce_amd.

Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-edac <linux-edac@vger.kernel.org>
Cc: Mauro Carvalho Chehab <mchehab@kernel.org>
Cc: Pu Wen <puwen@hygon.cn>
Cc: Qiuxu Zhuo <qiuxu.zhuo@intel.com>
Cc: Shirish S <Shirish.S@amd.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vishal Verma <vishal.l.verma@intel.com>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/20190201225534.8177-2-Yazen.Ghannam@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

44c4f852

EDAC/mce_amd: Always load on SMCA systems · 8a43cca6

Yazen Ghannam authored 3 years ago

mainline inclusion
from mainline-v5.6-rc1
commit 9f6aef86
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

MCA error decoding on SMCA systems is not dependent on family. Return
success early if the system supports the SMCA feature.

Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200110015651.14887-3-Yazen.Ghannam@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

8a43cca6

x86/cpu/amd: Call init_amd_zn() om Family 19h processors too · 93afd941

Kim Phillips authored 3 years ago

mainline inclusion
from mainline-v5.7-rc1
commit 753039ef
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Family 19h CPUs are Zen-based and still share most architectural
features with Family 17h CPUs, and therefore still need to call
init_amd_zn() e.g., to set the RECLAIM_DISTANCE override.

init_amd_zn() also sets X86_FEATURE_ZEN, which today is only used
in amd_set_core_ssb_state(), which isn't called on some late
model Family 17h CPUs, nor on any Family 19h CPUs:
X86_FEATURE_AMD_SSBD replaces X86_FEATURE_LS_CFG_SSBD on those
later model CPUs, where the SSBD mitigation is done via the
SPEC_CTRL MSR instead of the LS_CFG MSR.

Family 19h CPUs also don't have the erratum where the CPB feature
bit isn't set, but that code can stay unchanged and run safely
on Family 19h.

Signed-off-by: Kim Phillips <kim.phillips@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200311191451.13221-1-kim.phillips@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Acked-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Wei Li <liwei391@huawei.com>
Reviewed-by: Xie XiuQi <xiexiuqi@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

93afd941

x86/amd_nb: Add Family 19h PCI IDs · 8d917fcf

Yazen Ghannam authored 3 years ago

mainline inclusion
from mainline-v5.6-rc1
commit b3f79ae4
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Add the new PCI Device 18h IDs for AMD Family 19h systems. Note that
Family 19h systems will not have a new PCI root device ID.

Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200110015651.14887-4-Yazen.Ghannam@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

8d917fcf

x86/amd_nb: Add PCI device IDs for family 17h, model 70h · ac43d37d

Marcel Bocu authored 3 years ago

mainline inclusion
from mainline-v5.4-rc1
commit af4e1c5e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

The AMD Ryzen gen 3 processors came with a different PCI IDs for the
function 3 & 4 which are used to access the SMN interface. The root
PCI address however remained at the same address as the model 30h.

Adding the F3/F4 PCI IDs respectively to the misc and link ids appear
to be sufficient for k10temp, so let's add them and follow up on the
patch if other functions need more tweaking.

Vicki Pfau sent an identical patch after I checked that no-one had
written this patch. I would have been happy about dropping my patch but
unlike for his patch series, I had already Cc:ed the x86 people and
they already reviewed the changes. Since Vicki has not answered to
any email after his initial series, let's assume she is on vacation
and let's avoid duplication of reviews from the maintainers and merge
my series. To acknowledge Vicki's anteriority, I added her S-o-b to
the patch.

v2, suggested by Guenter Roeck and Brian Woods:
 - rename from 71h to 70h

Signed-off-by: Vicki Pfau <vi@endrift.com>
Signed-off-by: Marcel Bocu <marcel.p.bocu@gmail.com>
Tested-by: Marcel Bocu <marcel.p.bocu@gmail.com>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Brian Woods <brian.woods@amd.com>
Acked-by: Bjorn Helgaas <bhelgaas@google.com>	# pci_ids.h

Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: x86@kernel.org
Cc: "Woods, Brian" <Brian.Woods@amd.com>
Cc: Clemens Ladisch <clemens@ladisch.de>
Cc: Jean Delvare <jdelvare@suse.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Cc: linux-hwmon@vger.kernel.org
Link: https://lore.kernel.org/r/20190722174510.2179-1-marcel.p.bocu@gmail.com


Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Acked-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Wei Li <liwei391@huawei.com>
Reviewed-by: Xie XiuQi <xiexiuqi@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

ac43d37d

x86/amd_nb: Add PCI device IDs for family 17h, model 30h · ee27dd5a

Woods, Brian authored 3 years ago

mainline inclusion
from mainline-v5.0-rc1
commit be3518a1
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Add the PCI device IDs for family 17h model 30h, since they are needed
for accessing various registers via the data fabric/SMN interface.

Signed-off-by: Brian Woods <brian.woods@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
CC: Bjorn Helgaas <bhelgaas@google.com>
CC: Clemens Ladisch <clemens@ladisch.de>
CC: Guenter Roeck <linux@roeck-us.net>
CC: "H. Peter Anvin" <hpa@zytor.com>
CC: Ingo Molnar <mingo@redhat.com>
CC: Jean Delvare <jdelvare@suse.com>
CC: Jia Zhang <qianyue.zj@alibaba-inc.com>
CC: <linux-hwmon@vger.kernel.org>
CC: <linux-pci@vger.kernel.org>
CC: Pu Wen <puwen@hygon.cn>
CC: Thomas Gleixner <tglx@linutronix.de>
CC: x86-ml <x86@kernel.org>
Link: http://lkml.kernel.org/r/20181106200754.60722-4-brian.woods@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Laibin Qiu <qiulaibin@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

ee27dd5a

hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs · bbfa3b6b

Woods, Brian authored 3 years ago

mainline inclusion
from mainline-v5.0-rc1
commit dedf7dce
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Consolidate shared PCI_DEVICE_IDs that were scattered through k10temp
and amd_nb, and move them into pci_ids.

Signed-off-by: Brian Woods <brian.woods@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Guenter Roeck <linux@roeck-us.net>
CC: Bjorn Helgaas <bhelgaas@google.com>
CC: Clemens Ladisch <clemens@ladisch.de>
CC: "H. Peter Anvin" <hpa@zytor.com>
CC: Ingo Molnar <mingo@redhat.com>
CC: Jean Delvare <jdelvare@suse.com>
CC: Jia Zhang <qianyue.zj@alibaba-inc.com>
CC: <linux-hwmon@vger.kernel.org>
CC: <linux-pci@vger.kernel.org>
CC: Pu Wen <puwen@hygon.cn>
CC: Thomas Gleixner <tglx@linutronix.de>
CC: x86-ml <x86@kernel.org>
Link: http://lkml.kernel.org/r/20181106200754.60722-2-brian.woods@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Laibin Qiu <qiulaibin@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

bbfa3b6b

EDAC/amd64: Drop some family checks for newer systems · e731db7d

Yazen Ghannam authored 3 years ago

mainline inclusion
from mainline-v5.6-rc1
commit dcd01394
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

In general, "pvt->umc != NULL" is used to check if the system is Family
17h+. However, there are a few places that are using direct family
checks.

Replace the remaining family checks with a check for "pvt->umc != NULL".

Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200110015651.14887-6-Yazen.Ghannam@amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Xiongfeng Wang <wangxiongfeng2@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

e731db7d

x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE · 74c3a7f8

John Allen authored 3 years ago

mainline inclusion
from mainline-v5.7-rc2
commit bdf89df3
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Future AMD CPUs will have microcode patches that exceed the default 4K
patch size. Raise our limit.

Signed-off-by: John Allen <john.allen@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: stable@vger.kernel.org # v4.14..
Link: https://lkml.kernel.org/r/20200409152931.GA685273@mojo.amd.com


Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Xie XiuQi <xiexiuqi@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

74c3a7f8

KVM: mmu: Fix SPTE encoding of MMIO generation upper half · b7b6b2ea

Maciej S. Szmigiero authored 3 years ago

mainline inclusion
from mainline-v5.10
commit 34c0f6f2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Commit cae7ed3c ("KVM: x86: Refactor the MMIO SPTE generation handling")
cleaned up the computation of MMIO generation SPTE masks, however it
introduced a bug how the upper part was encoded:
SPTE bits 52-61 were supposed to contain bits 10-19 of the current
generation number, however a missing shift encoded bits 1-10 there instead
(mostly duplicating the lower part of the encoded generation number that
then consisted of bits 1-9).

In the meantime, the upper part was shrunk by one bit and moved by
subsequent commits to become an upper half of the encoded generation number
(bits 9-17 of bits 0-17 encoded in a SPTE).

In addition to the above, commit 56871d44 ("KVM: x86: fix overlap between SPTE_MMIO_MASK and generation")
has changed the SPTE bit range assigned to encode the generation number and
the total number of bits encoded but did not update them in the comment
attached to their defines, nor in the KVM MMU doc.
Let's do it here, too, since it is too trivial thing to warrant a separate
commit.

Fixes: cae7ed3c ("KVM: x86: Refactor the MMIO SPTE generation handling")
Signed-off-by: Maciej S. Szmigiero <maciej.szmigiero@oracle.com>
Message-Id: <156700708db2a5296c5ed7a8b9ac71f1e9765c85.1607129096.git.maciej.szmigiero@oracle.com>
Cc: stable@vger.kernel.org
[Reorganize macros so that everything is computed from the bit ranges. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

b7b6b2ea

build_bug.h: add wrapper for _Static_assert · e29a6b56

Rasmus Villemoes authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 6bab69c6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4
CVE: NA

--------------------------------

BUILD_BUG_ON() is a little annoying, since it cannot be used outside
function scope.  So one cannot put assertions about the sizeof() a
struct next to the struct definition, but has to hide that in some more
or less arbitrary function.

Since gcc 4.6 (which is now also the required minimum), there is support
for the C11 _Static_assert in all C modes, including gnu89.  So add a
simple wrapper for that.

_Static_assert() requires a message argument, which is usually quite
redundant (and I believe that bug got fixed at least in newer C++
standards), but we can easily work around that with a little macro
magic, making it optional.

For example, adding

  static_assert(sizeof(struct printf_spec) == 8);

in vsprintf.c and modifying that struct to violate it, one gets

./include/linux/build_bug.h:78:41: error: static assertion failed: "sizeof(struct printf_spec) == 8"
 #define __static_assert(expr, msg, ...) _Static_assert(expr, "" msg "")

godbolt.org suggests that _Static_assert() has been support by clang
since at least 3.0.0.

Link: http://lkml.kernel.org/r/20190208203015.29702-1-linux@rasmusvillemoes.dk


Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Acked-by: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Wei Li <liwei391@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

e29a6b56

KVM: x86: fix overlap between SPTE_MMIO_MASK and generation · 75c63b42

Paolo Bonzini authored 3 years ago

mainline inclusion
from mainline-v5.6-rc1
commit 56871d44
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

The SPTE_MMIO_MASK overlaps with the bits used to track MMIO
generation number.  A high enough generation number would overwrite the
SPTE_SPECIAL_MASK region and cause the MMIO SPTE to be misinterpreted.

Likewise, setting bits 52 and 53 would also cause an incorrect generation
number to be read from the PTE, though this was partially mitigated by the
(useless if it weren't for the bug) removal of SPTE_SPECIAL_MASK from
the spte in get_mmio_spte_generation.  Drop that removal, and replace
it with a compile-time assertion.

Fixes: 6eeb4ef0 ("KVM: x86: assign two bits to track SPTE kinds")
Reported-by: Ben Gardon <bgardon@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

75c63b42

KVM: x86: assign two bits to track SPTE kinds · 703b1298

Paolo Bonzini authored 3 years ago

mainline inclusion
from mainline-v5.4-rc2
commit 6eeb4ef0
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Currently, we are overloading SPTE_SPECIAL_MASK to mean both
"A/D bits unavailable" and MMIO, where the difference between the
two is determined by mio_mask and mmio_value.

However, the next patch will need two bits to distinguish
availability of A/D bits from write protection.  So, while at
it give MMIO its own bit pattern, and move the two bits from
bit 62 to bits 52..53 since Intel is allocating EPT page table
bits from the top.

Reviewed-by: Junaid Shahid <junaids@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

703b1298

KVM: Move the memslot update in-progress flag to bit 63 · e272dde6

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 164bf7e5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

...now that KVM won't explode by moving it out of bit 0.  Using bit 63
eliminates the need to jump over bit 0, e.g. when calculating a new
memslots generation or when propagating the memslots generation to an
MMIO spte.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

e272dde6

KVM: Remove the hack to trigger memslot generation wraparound · 53e9bbf6

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 0e32958e
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

x86 captures a subset of the memslot generation (19 bits) in its MMIO
sptes so that it can expedite emulated MMIO handling by checking only
the releveant spte, i.e. doesn't need to do a full page fault walk.

Because the MMIO sptes capture only 19 bits (due to limited space in
the sptes), there is a non-zero probability that the MMIO generation
could wrap, e.g. after 500k memslot updates.  Since normal usage is
extremely unlikely to result in 500k memslot updates, a hack was added
by commit 69c9ea93 ("KVM: MMU: init kvm generation close to mmio
wrap-around value") to offset the MMIO generation in order to trigger
a wraparound, e.g. after 150 memslot updates.

When separate memslot generation sequences were assigned to each
address space, commit 00f034a1 ("KVM: do not bias the generation
number in kvm_current_mmio_generation") moved the offset logic into the
initialization of the memslot generation itself so that the per-address
space bit(s) were not dropped/corrupted by the MMIO shenanigans.

Remove the offset hack for three reasons:

  - While it does exercise x86's kvm_mmu_invalidate_mmio_sptes(), simply
    wrapping the generation doesn't actually test the interesting case
    of having stale MMIO sptes with the new generation number, e.g. old
    sptes with a generation number of 0.

  - Triggering kvm_mmu_invalidate_mmio_sptes() prematurely makes its
    performance rather important since the probability of invalidating
    MMIO sptes jumps from "effectively never" to "fairly likely".  This
    limits what can be done in future patches, e.g. to simplify the
    invalidation code, as doing so without proper caution could lead to
    a noticeable performance regression.

  - Forcing the memslots generation, which is a 64-bit number, to wrap
    prevents KVM from assuming the memslots generation will never wrap.
    This in turn prevents KVM from using an arbitrary bit for the
    "update in-progress" flag, e.g. using bit 63 would immediately
    collide with using a large value as the starting generation number.
    The "update in-progress" flag is effectively forced into bit 0 so
    that it's (subtly) taken into account when incrementing the
    generation.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

53e9bbf6

KVM: x86: clflushopt should be treated as a no-op by emulation · bc992e6f

David Edmondson authored 3 years ago

mainline inclusion
from mainline-v5.10-rc4
commit 51b958e5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

The instruction emulator ignores clflush instructions, yet fails to
support clflushopt. Treat both similarly.

Fixes: 13e457e0 ("KVM: x86: Emulator does not decode clflush well")
Signed-off-by: David Edmondson <david.edmondson@oracle.com>
Message-Id: <20201103120400.240882-1-david.edmondson@oracle.com>
Reviewed-by: Joao Martins <joao.m.martins@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

bc992e6f

KVM: SVM: Clear the CR4 register on reset · 498a46f8

Babu Moger authored 3 years ago

mainline inclusion
from mainline-v5.12-rc2
commit 9e46f6c6c959d9bb45445c2e8f04a75324a0dfd0
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

This problem was reported on a SVM guest while executing kexec.
Kexec fails to load the new kernel when the PCID feature is enabled.

When kexec starts loading the new kernel, it starts the process by
resetting the vCPU's and then bringing each vCPU online one by one.
The vCPU reset is supposed to reset all the register states before the
vCPUs are brought online. However, the CR4 register is not reset during
this process. If this register is already setup during the last boot,
all the flags can remain intact. The X86_CR4_PCIDE bit can only be
enabled in long mode. So, it must be enabled much later in SMP
initialization.  Having the X86_CR4_PCIDE bit set during SMP boot can
cause a boot failures.

Fix the issue by resetting the CR4 register in init_vmcb().

Signed-off-by: Babu Moger <babu.moger@amd.com>
Message-Id: <161471109108.30811.6392805173629704166.stgit@bmoger-ubuntu>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

498a46f8

KVM: SVM: Replace hard-coded value with #define · 18bae1cd

Krish Sadhukhan authored 3 years ago

mainline inclusion
from mainline-v5.12-rc1
commit 04548ed0206ca895c8edd6a078c20a218423890b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Replace the hard-coded value for bit# 1 in EFLAGS, with the available

Signed-off-by: Krish Sadhukhan <krish.sadhukhan@oracle.com>
Message-Id: <20210203012842.101447-2-krish.sadhukhan@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

18bae1cd

KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated · 75bc9b52

Sean Christopherson authored 3 years ago


mainline inclusion
from mainline-v5.8-rc1
commit 6129ed87
category: feature
bugzilla:
CVE: NA

--------------------------------

Set the mmio_value to '0' instead of simply clearing the present bit to
squash a benign warning in kvm_mmu_set_mmio_spte_mask() that complains
about the mmio_value overlapping the lower GFN mask on systems with 52
bits of PA space.

Opportunistically clean up the code and comments.

Cc: stable@vger.kernel.org
Fixes: d43e2675 ("KVM: x86: only do L1TF workaround on affected processors")
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20200527084909.23492-1-sean.j.christopherson@intel.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

75bc9b52

KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM · 41db5cfb

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.6-rc1
commit e30a7d62
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Remove the bogus 64-bit only condition from the check that disables MMIO
spte optimization when the system supports the max PA, i.e. doesn't have
any reserved PA bits.  32-bit KVM always uses PAE paging for the shadow
MMU, and per Intel's SDM:

  PAE paging translates 32-bit linear addresses to 52-bit physical
  addresses.

The kernel's restrictions on max physical addresses are limits on how
much memory the kernel can reasonably use, not what physical addresses
are supported by hardware.

Fixes: ce88decf ("KVM: MMU: mmio page fault support")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

41db5cfb

KVM: x86: only do L1TF workaround on affected processors · 730005c8

Paolo Bonzini authored 3 years ago

mainline inclusion
from mainline-v5.8-rc1
commit d43e2675
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

KVM stores the gfn in MMIO SPTEs as a caching optimization.  These are split
in two parts, as in "[high 11111 low]", to thwart any attempt to use these bits
in an L1TF attack.  This works as long as there are 5 free bits between
MAXPHYADDR and bit 50 (inclusive), leaving bit 51 free so that the MMIO
access triggers a reserved-bit-set page fault.

The bit positions however were computed wrongly for AMD processors that have
encryption support.  In this case, x86_phys_bits is reduced (for example
from 48 to 43, to account for the C bit at position 47 and four bits used
internally to store the SEV ASID and other stuff) while x86_cache_bits in
would remain set to 48, and _all_ bits between the reduced MAXPHYADDR
and bit 51 are set.  Then low_phys_bits would also cover some of the
bits that are set in the shadow_mmio_value, terribly confusing the gfn
caching mechanism.

To fix this, avoid splitting gfns as long as the processor does not have
the L1TF bug (which includes all AMD processors).  When there is no
splitting, low_phys_bits can be set to the reduced MAXPHYADDR removing
the overlap.  This fixes "npt=0" operation on EPYC processors.

Thanks to Maxim Levitsky for bisecting this bug.

Cc: stable@vger.kernel.org
Fixes: 52918ed5 ("KVM: SVM: Override default MMIO mask if memory encryption is enabled")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

730005c8

kvm: x86: Fix L1TF mitigation for shadow MMU · 4447deb5

Kai Huang authored 3 years ago

mainline inclusion
from mainline-v5.2-rc1
commit 61455bf2
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Currently KVM sets 5 most significant bits of physical address bits
reported by CPUID (boot_cpu_data.x86_phys_bits) for nonpresent or
reserved bits SPTE to mitigate L1TF attack from guest when using shadow
MMU. However for some particular Intel CPUs the physical address bits
of internal cache is greater than physical address bits reported by
CPUID.

Use the kernel's existing boot_cpu_data.x86_cache_bits to determine the
five most significant bits. Doing so improves KVM's L1TF mitigation in
the unlikely scenario that system RAM overlaps the high order bits of
the "real" physical address space as reported by CPUID. This aligns with
the kernel's warnings regarding L1TF mitigation, e.g. in the above
scenario the kernel won't warn the user about lack of L1TF mitigation
if x86_cache_bits is greater than x86_phys_bits.

Also initialize shadow_nonpresent_or_rsvd_mask explicitly to make it
consistent with other 'shadow_{xxx}_mask', and opportunistically add a
WARN once if KVM's L1TF mitigation cannot be applied on a system that
is marked as being susceptible to L1TF.

Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

4447deb5

KVM: x86/mmu: Consolidate "is MMIO SPTE" code · 363d8715

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.4-rc1
commit 26c44a63
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Replace the open-coded "is MMIO SPTE" checks in the MMU warnings
related to software-based access/dirty tracking to make the code
slightly more self-documenting.

No functional change intended.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

363d8715

KVM: SVM: Override default MMIO mask if memory encryption is enabled · 70d656f8

Tom Lendacky authored 3 years ago

mainline inclusion
from mainline-v5.6-rc1
commit 52918ed5
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

The KVM MMIO support uses bit 51 as the reserved bit to cause nested page
faults when a guest performs MMIO. The AMD memory encryption support uses
a CPUID function to define the encryption bit position. Given this, it is
possible that these bits can conflict.

Use svm_hardware_setup() to override the MMIO mask if memory encryption
support is enabled. Various checks are performed to ensure that the mask
is properly defined and rsvd_bits() is used to generate the new mask (as
was done prior to the change that necessitated this patch).

Fixes: 28a1f3ac ("kvm: x86: Set highest physical address bits in non-present/reserved SPTEs")
Suggested-by: Sean Christopherson <sean.j.christopherson@intel.com>
Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

70d656f8

KVM: x86/mmu: Add explicit access mask for MMIO SPTEs · 6ee08db2

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.4-rc1
commit 4af77151
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

When shadow paging is enabled, KVM tracks the allowed access type for
MMIO SPTEs so that it can do a permission check on a MMIO GVA cache hit
without having to walk the guest's page tables.  The tracking is done
by retaining the WRITE and USER bits of the access when inserting the
MMIO SPTE (read access is implicitly allowed), which allows the MMIO
page fault handler to retrieve and cache the WRITE/USER bits from the
SPTE.

Unfortunately for EPT, the mask used to retain the WRITE/USER bits is
hardcoded using the x86 paging versions of the bits.  This funkiness
happens to work because KVM uses a completely different mask/value for
MMIO SPTEs when EPT is enabled, and the EPT mask/value just happens to
overlap exactly with the x86 WRITE/USER bits[*].

Explicitly define the access mask for MMIO SPTEs to accurately reflect
that EPT does not want to incorporate any access bits into the SPTE, and
so that KVM isn't subtly relying on EPT's WX bits always being set in
MMIO SPTEs, e.g. attempting to use other bits for experimentation breaks
horribly.

Note, vcpu_match_mmio_gva() explicits prevents matching GVA==0, and all
TDP flows explicit set mmio_gva to 0, i.e. zeroing vcpu->arch.access for
EPT has no (known) functional impact.

[*] Using WX to generate EPT misconfigurations (equivalent to reserved
    bit page fault) ensures KVM can employ its MMIO page fault tricks
    even platforms without reserved address bits.

Fixes: ce88decf ("KVM: MMU: mmio page fault support")
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

6ee08db2

kvm: x86: Fix reserved bits related calculation errors caused by MKTME · 7fc5b19f

Kai Huang authored 3 years ago

mainline inclusion
from mainline-v5.3-rc1
commit f3ecb59d
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Intel MKTME repurposes several high bits of physical address as 'keyID'
for memory encryption thus effectively reduces platform's maximum
physical address bits. Exactly how many bits are reduced is configured
by BIOS. To honor such HW behavior, the repurposed bits are reduced from
cpuinfo_x86->x86_phys_bits when MKTME is detected in CPU detection.
Similarly, AMD SME/SEV also reduces physical address bits for memory
encryption, and cpuinfo->x86_phys_bits is reduced too when SME/SEV is
detected, so for both MKTME and SME/SEV, boot_cpu_data.x86_phys_bits
doesn't hold physical address bits reported by CPUID anymore.

Currently KVM treats bits from boot_cpu_data.x86_phys_bits to 51 as
reserved bits, but it's not true anymore for MKTME, since MKTME treats
those reduced bits as 'keyID', but not reserved bits. Therefore
boot_cpu_data.x86_phys_bits cannot be used to calculate reserved bits
anymore, although we can still use it for AMD SME/SEV since SME/SEV
treats the reduced bits differently -- they are treated as reserved
bits, the same as other reserved bits in page table entity [1].

Fix by introducing a new 'shadow_phys_bits' variable in KVM x86 MMU code
to store the effective physical bits w/o reserved bits -- for MKTME,
it equals to physical address reported by CPUID, and for SME/SEV, it is
boot_cpu_data.x86_phys_bits.

Note that for the physical address bits reported to guest should remain
unchanged -- KVM should report physical address reported by CPUID to
guest, but not boot_cpu_data.x86_phys_bits. Because for Intel MKTME,
there's no harm if guest sets up 'keyID' bits in guest page table (since
MKTME only works at physical address level), and KVM doesn't even expose
MKTME to guest. Arguably, for AMD SME/SEV, guest is aware of SEV thus it
should adjust boot_cpu_data.x86_phys_bits when it detects SEV, therefore
KVM should still reports physcial address reported by CPUID to guest.

Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

7fc5b19f

KVM: x86: Rename access permissions cache member in struct kvm_vcpu_arch · 9855f2e6

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.4-rc1
commit 871bd034
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Rename "access" to "mmio_access" to match the other MMIO cache members
and to make it more obvious that it's tracking the access permissions
for the MMIO cache.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

9855f2e6

kvm: x86: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c · cb81fc1d

Kai Huang authored 3 years ago

mainline inclusion
from mainline-v5.3-rc1
commit 7b6f8a06
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

As a prerequisite to fix several SPTE reserved bits related calculation
errors caused by MKTME, which requires kvm_set_mmio_spte_mask() to use
local static variable defined in mmu.c.

Also move call site of kvm_set_mmio_spte_mask() from kvm_arch_init() to
kvm_mmu_module_init() so that kvm_set_mmio_spte_mask() can be static.

Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

cb81fc1d

kvm/svm: PKU not currently supported · dd347f10

John Allen authored 3 years ago

mainline inclusion
from mainline-v5.6-rc1
commit a47970ed
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Current SVM implementation does not have support for handling PKU. Guests
running on a host with future AMD cpus that support the feature will read
garbage from the PKRU register and will hit segmentation faults on boot as
memory is getting marked as protected that should not be. Ensure that cpuid
from SVM does not advertise the feature.

Signed-off-by: John Allen <john.allen@amd.com>
Cc: stable@vger.kernel.org
Fixes: 0556cbdc ("x86/pkeys: Don't check if PKRU is zero before writing it")
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

dd347f10

kvm: x86: Expose RDPID in KVM_GET_SUPPORTED_CPUID · ad4f62d5

Jim Mattson authored 3 years ago

mainline inclusion
from mainline-v5.4-rc5
commit 41cd02c6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

When the RDPID instruction is supported on the host, enumerate it in
KVM_GET_SUPPORTED_CPUID.

Signed-off-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 41cd02c6)

K2CI-Arch: All
Cc: kylinos-next
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

ad4f62d5

KVM: x86: Refactor the MMIO SPTE generation handling · 4e834ea7

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit cae7ed3c
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

The code to propagate the memslots generation number into MMIO sptes is
a bit convoluted.  The "what" is relatively straightfoward, e.g. the
comment explaining which bits go where is quite readable, but the "how"
requires a lot of staring to understand what is happening.  For example,
'MMIO_GEN_LOW_SHIFT' is actually used to calculate the high bits of the
spte, while 'MMIO_SPTE_GEN_LOW_SHIFT' is used to calculate the low bits.

Refactor the code to:

  - use #defines whose values align with the bits defined in the comment
  - use consistent code for both the high and low mask
  - explicitly highlight the handling of bit 0 (update in-progress flag)
  - explicitly call out that the defines are for MMIO sptes (to avoid
    confusion with the per-vCPU MMIO cache, which uses the full memslots
    generation)

In addition to making the code a little less magical, this paves the way
for moving the update in-progress flag to bit 63 without having to
simultaneously rewrite all of the MMIO spte code.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

K2CI-Arch: All
Cc: kylinos-next
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

4e834ea7

KVM: Explicitly define the "memslot update in-progress" bit · 6cd5d909

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 361209e0
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

KVM uses bit 0 of the memslots generation as an "update in-progress"
flag, which is used by x86 to prevent caching MMIO access while the
memslots are changing.  Although the intended behavior is flag-like,
e.g. MMIO sptes intentionally drop the in-progress bit so as to avoid
caching data from in-flux memslots, the implementation oftentimes treats
the bit as part of the generation number itself, e.g. incrementing the
generation increments twice, once to set the flag and once to clear it.

Prior to commit 4bd518f1 ("KVM: use separate generations for
each address space"), incorporating the "update in-progress" bit into
the generation number largely made sense, e.g. "real" generations are
even, "bogus" generations are odd, most code doesn't need to be aware of
the bit, etc...

Now that unique memslots generation numbers are assigned to each address
space, stealthing the in-progress status into the generation number
results in a wide variety of subtle code, e.g. kvm_create_vm() jumps
over bit 0 when initializing the memslots generation without any hint as
to why.

Explicitly define the flag and convert as much code as possible (which
isn't much) to actually treat it like a flag.  This paves the way for
eventually using a different bit for "update in-progress" so that it can
be a flag in truth instead of a awkward extension to the generation
number.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

6cd5d909

KVM: x86: Use a u64 when passing the MMIO gen around · 2fb4be6a

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 5192f9b9
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

KVM currently uses an 'unsigned int' for the MMIO generation number
despite it being derived from the 64-bit memslots generation and
being propagated to (potentially) 64-bit sptes.  There is no hidden
agenda behind using an 'unsigned int', it's done simply because the
MMIO generation will never set bits above bit 19.

Passing a u64 will allow the "update in-progress" flag to be relocated
from bit 0 to bit 63 and removes the need to cast the generation back
to a u64 when propagating it to a spte.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

2fb4be6a

KVM: x86: expose MOVDIR64B CPU feature into VM. · 34e23705

Liu Jingqi authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit c029b5de
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4
CVE: NA

--------------------------------

MOVDIR64B moves 64-bytes as direct-store with 64-bytes write atomicity.
Direct store is implemented by using write combining (WC) for writing
data directly into memory without caching the data.

Availability of the MOVDIR64B instruction is indicated by the presence
of the CPUID feature flag MOVDIR64B (CPUID.0x07.0x0:ECX[bit 28]).

This patch exposes the movdir64b feature to the guest.

The release document ref below link:
https://software.intel.com/sites/default/files/managed/c5/15/\


architecture-instruction-set-extensions-programming-reference.pdf

Signed-off-by: Liu Jingqi <jingqi.liu@intel.com>
Cc: Xu Tao <tao3.xu@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

34e23705

KVM: x86: expose MOVDIRI CPU feature into VM. · 6373445e

Liu Jingqi authored 3 years ago

mainline inclusion
from mainline-v5.1-rc1
commit 74f2370b
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4
CVE: NA

--------------------------------

MOVDIRI moves doubleword or quadword from register to memory through
direct store which is implemented by using write combining (WC) for
writing data directly into memory without caching the data.

Availability of the MOVDIRI instruction is indicated by the presence of
the CPUID feature flag MOVDIRI(CPUID.0x07.0x0:ECX[bit 27]).

This patch exposes the movdiri feature to the guest.

The release document ref below link:
https://software.intel.com/sites/default/files/managed/c5/15/\


architecture-instruction-set-extensions-programming-reference.pdf

Signed-off-by: Liu Jingqi <jingqi.liu@intel.com>
Cc: Xu Tao <tao3.xu@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

6373445e

KVM: x86: Add requisite includes to hyperv.h · b6a22c55

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.0-rc1
commit 3592cda6
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Until this point vmx.c has been the only consumer and included the
file after many others.  Prepare for multiple consumers, i.e. the
shattering of vmx.c

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

b6a22c55

KVM: x86: Add requisite includes to kvm_cache_regs.h · a196c0f9

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.0-rc1
commit 8ba2e525
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

Until this point vmx.c has been the only consumer and included the
file after many others.  Prepare for multiple consumers, i.e. the
shattering of vmx.c

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 8ba2e525)

K2CI-Arch: All
Cc: kylinos-next
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

a196c0f9

KVM: nVMX: Allocate and configure VM{READ,WRITE} bitmaps iff enable_shadow_vmcs · c67f2ef5

Sean Christopherson authored 3 years ago

mainline inclusion
from mainline-v5.0-rc1
commit dfae3c03
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I4MKP4


CVE: NA

--------------------------------

...and make enable_shadow_vmcs depend on nested.  Aside from the obvious
memory savings, this will allow moving the relevant code out of vmx.c in
the future, e.g. to a nested specific file.

Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jackie Liu <liuyun01@kylinos.cn> #openEuler_contributor
Signed-off-by: Laibin Qiu <qiulaibin@huawei.com>
Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>

c67f2ef5