1#define pr_fmt(fmt) "SVM: " fmt
2
3#include <linux/kvm_host.h>
4
5#include "irq.h"
6#include "mmu.h"
7#include "kvm_cache_regs.h"
8#include "x86.h"
9#include "cpuid.h"
10#include "pmu.h"
11
12#include <linux/module.h>
13#include <linux/mod_devicetable.h>
14#include <linux/kernel.h>
15#include <linux/vmalloc.h>
16#include <linux/highmem.h>
17#include <linux/amd-iommu.h>
18#include <linux/sched.h>
19#include <linux/trace_events.h>
20#include <linux/slab.h>
21#include <linux/hashtable.h>
22#include <linux/objtool.h>
23#include <linux/psp-sev.h>
24#include <linux/file.h>
25#include <linux/pagemap.h>
26#include <linux/swap.h>
27#include <linux/rwsem.h>
28
29#include <asm/apic.h>
30#include <asm/perf_event.h>
31#include <asm/tlbflush.h>
32#include <asm/desc.h>
33#include <asm/debugreg.h>
34#include <asm/kvm_para.h>
35#include <asm/irq_remapping.h>
36#include <asm/spec-ctrl.h>
37#include <asm/cpu_device_id.h>
38#include <asm/traps.h>
39
40#include <asm/virtext.h>
41#include "trace.h"
42
43#include "svm.h"
44#include "svm_ops.h"
45
46#define __ex(x) __kvm_handle_fault_on_reboot(x)
47
48MODULE_AUTHOR("Qumranet");
49MODULE_LICENSE("GPL");
50
51#ifdef MODULE
52static const struct x86_cpu_id svm_cpu_id[] = {
53 X86_MATCH_FEATURE(X86_FEATURE_SVM, NULL),
54 {}
55};
56MODULE_DEVICE_TABLE(x86cpu, svm_cpu_id);
57#endif
58
59#define SEG_TYPE_LDT 2
60#define SEG_TYPE_BUSY_TSS16 3
61
62#define SVM_FEATURE_LBRV (1 << 1)
63#define SVM_FEATURE_SVML (1 << 2)
64#define SVM_FEATURE_TSC_RATE (1 << 4)
65#define SVM_FEATURE_VMCB_CLEAN (1 << 5)
66#define SVM_FEATURE_FLUSH_ASID (1 << 6)
67#define SVM_FEATURE_DECODE_ASSIST (1 << 7)
68#define SVM_FEATURE_PAUSE_FILTER (1 << 10)
69
70#define DEBUGCTL_RESERVED_BITS (~(0x3fULL))
71
72#define TSC_RATIO_RSVD 0xffffff0000000000ULL
73#define TSC_RATIO_MIN 0x0000000000000001ULL
74#define TSC_RATIO_MAX 0x000000ffffffffffULL
75
76static bool erratum_383_found __read_mostly;
77
78u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly;
79
80
81
82
83
84static uint64_t osvw_len = 4, osvw_status;
85
86static DEFINE_PER_CPU(u64, current_tsc_ratio);
87#define TSC_RATIO_DEFAULT 0x0100000000ULL
88
89static const struct svm_direct_access_msrs {
90 u32 index;
91 bool always;
92} direct_access_msrs[MAX_DIRECT_ACCESS_MSRS] = {
93 { .index = MSR_STAR, .always = true },
94 { .index = MSR_IA32_SYSENTER_CS, .always = true },
95 { .index = MSR_IA32_SYSENTER_EIP, .always = false },
96 { .index = MSR_IA32_SYSENTER_ESP, .always = false },
97#ifdef CONFIG_X86_64
98 { .index = MSR_GS_BASE, .always = true },
99 { .index = MSR_FS_BASE, .always = true },
100 { .index = MSR_KERNEL_GS_BASE, .always = true },
101 { .index = MSR_LSTAR, .always = true },
102 { .index = MSR_CSTAR, .always = true },
103 { .index = MSR_SYSCALL_MASK, .always = true },
104#endif
105 { .index = MSR_IA32_SPEC_CTRL, .always = false },
106 { .index = MSR_IA32_PRED_CMD, .always = false },
107 { .index = MSR_IA32_LASTBRANCHFROMIP, .always = false },
108 { .index = MSR_IA32_LASTBRANCHTOIP, .always = false },
109 { .index = MSR_IA32_LASTINTFROMIP, .always = false },
110 { .index = MSR_IA32_LASTINTTOIP, .always = false },
111 { .index = MSR_EFER, .always = false },
112 { .index = MSR_IA32_CR_PAT, .always = false },
113 { .index = MSR_AMD64_SEV_ES_GHCB, .always = true },
114 { .index = MSR_INVALID, .always = false },
115};
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147static unsigned short pause_filter_thresh = KVM_DEFAULT_PLE_GAP;
148module_param(pause_filter_thresh, ushort, 0444);
149
150static unsigned short pause_filter_count = KVM_SVM_DEFAULT_PLE_WINDOW;
151module_param(pause_filter_count, ushort, 0444);
152
153
154static unsigned short pause_filter_count_grow = KVM_DEFAULT_PLE_WINDOW_GROW;
155module_param(pause_filter_count_grow, ushort, 0444);
156
157
158static unsigned short pause_filter_count_shrink = KVM_DEFAULT_PLE_WINDOW_SHRINK;
159module_param(pause_filter_count_shrink, ushort, 0444);
160
161
162static unsigned short pause_filter_count_max = KVM_SVM_DEFAULT_PLE_WINDOW_MAX;
163module_param(pause_filter_count_max, ushort, 0444);
164
165
166
167
168
169bool npt_enabled = true;
170module_param_named(npt, npt_enabled, bool, 0444);
171
172
173static int nested = true;
174module_param(nested, int, S_IRUGO);
175
176
177static int nrips = true;
178module_param(nrips, int, 0444);
179
180
181static int vls = true;
182module_param(vls, int, 0444);
183
184
185static int vgif = true;
186module_param(vgif, int, 0444);
187
188bool __read_mostly dump_invalid_vmcb;
189module_param(dump_invalid_vmcb, bool, 0644);
190
191
192bool intercept_smi = true;
193module_param(intercept_smi, bool, 0444);
194
195
196static bool svm_gp_erratum_intercept = true;
197
198static u8 rsm_ins_bytes[] = "\x0f\xaa";
199
200static unsigned long iopm_base;
201
202struct kvm_ldttss_desc {
203 u16 limit0;
204 u16 base0;
205 unsigned base1:8, type:5, dpl:2, p:1;
206 unsigned limit1:4, zero0:3, g:1, base2:8;
207 u32 base3;
208 u32 zero1;
209} __attribute__((packed));
210
211DEFINE_PER_CPU(struct svm_cpu_data *, svm_data);
212
213
214
215
216
217
218
219
220static int tsc_aux_uret_slot __read_mostly = -1;
221
222static const u32 msrpm_ranges[] = {0, 0xc0000000, 0xc0010000};
223
224#define NUM_MSR_MAPS ARRAY_SIZE(msrpm_ranges)
225#define MSRS_RANGE_SIZE 2048
226#define MSRS_IN_RANGE (MSRS_RANGE_SIZE * 8 / 2)
227
228u32 svm_msrpm_offset(u32 msr)
229{
230 u32 offset;
231 int i;
232
233 for (i = 0; i < NUM_MSR_MAPS; i++) {
234 if (msr < msrpm_ranges[i] ||
235 msr >= msrpm_ranges[i] + MSRS_IN_RANGE)
236 continue;
237
238 offset = (msr - msrpm_ranges[i]) / 4;
239 offset += (i * MSRS_RANGE_SIZE);
240
241
242 return offset / 4;
243 }
244
245
246 return MSR_INVALID;
247}
248
249#define MAX_INST_SIZE 15
250
251static int get_max_npt_level(void)
252{
253#ifdef CONFIG_X86_64
254 return PT64_ROOT_4LEVEL;
255#else
256 return PT32E_ROOT_LEVEL;
257#endif
258}
259
260int svm_set_efer(struct kvm_vcpu *vcpu, u64 efer)
261{
262 struct vcpu_svm *svm = to_svm(vcpu);
263 u64 old_efer = vcpu->arch.efer;
264 vcpu->arch.efer = efer;
265
266 if (!npt_enabled) {
267
268 efer |= EFER_NX;
269
270 if (!(efer & EFER_LMA))
271 efer &= ~EFER_LME;
272 }
273
274 if ((old_efer & EFER_SVME) != (efer & EFER_SVME)) {
275 if (!(efer & EFER_SVME)) {
276 svm_leave_nested(svm);
277 svm_set_gif(svm, true);
278
279 if (!enable_vmware_backdoor)
280 clr_exception_intercept(svm, GP_VECTOR);
281
282
283
284
285
286
287 if (!is_smm(vcpu))
288 svm_free_nested(svm);
289
290 } else {
291 int ret = svm_allocate_nested(svm);
292
293 if (ret) {
294 vcpu->arch.efer = old_efer;
295 return ret;
296 }
297
298 if (svm_gp_erratum_intercept)
299 set_exception_intercept(svm, GP_VECTOR);
300 }
301 }
302
303 svm->vmcb->save.efer = efer | EFER_SVME;
304 vmcb_mark_dirty(svm->vmcb, VMCB_CR);
305 return 0;
306}
307
308static int is_external_interrupt(u32 info)
309{
310 info &= SVM_EVTINJ_TYPE_MASK | SVM_EVTINJ_VALID;
311 return info == (SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_INTR);
312}
313
314static u32 svm_get_interrupt_shadow(struct kvm_vcpu *vcpu)
315{
316 struct vcpu_svm *svm = to_svm(vcpu);
317 u32 ret = 0;
318
319 if (svm->vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK)
320 ret = KVM_X86_SHADOW_INT_STI | KVM_X86_SHADOW_INT_MOV_SS;
321 return ret;
322}
323
324static void svm_set_interrupt_shadow(struct kvm_vcpu *vcpu, int mask)
325{
326 struct vcpu_svm *svm = to_svm(vcpu);
327
328 if (mask == 0)
329 svm->vmcb->control.int_state &= ~SVM_INTERRUPT_SHADOW_MASK;
330 else
331 svm->vmcb->control.int_state |= SVM_INTERRUPT_SHADOW_MASK;
332
333}
334
335static int skip_emulated_instruction(struct kvm_vcpu *vcpu)
336{
337 struct vcpu_svm *svm = to_svm(vcpu);
338
339
340
341
342
343 if (sev_es_guest(vcpu->kvm))
344 goto done;
345
346 if (nrips && svm->vmcb->control.next_rip != 0) {
347 WARN_ON_ONCE(!static_cpu_has(X86_FEATURE_NRIPS));
348 svm->next_rip = svm->vmcb->control.next_rip;
349 }
350
351 if (!svm->next_rip) {
352 if (!kvm_emulate_instruction(vcpu, EMULTYPE_SKIP))
353 return 0;
354 } else {
355 kvm_rip_write(vcpu, svm->next_rip);
356 }
357
358done:
359 svm_set_interrupt_shadow(vcpu, 0);
360
361 return 1;
362}
363
364static void svm_queue_exception(struct kvm_vcpu *vcpu)
365{
366 struct vcpu_svm *svm = to_svm(vcpu);
367 unsigned nr = vcpu->arch.exception.nr;
368 bool has_error_code = vcpu->arch.exception.has_error_code;
369 u32 error_code = vcpu->arch.exception.error_code;
370
371 kvm_deliver_exception_payload(vcpu);
372
373 if (nr == BP_VECTOR && !nrips) {
374 unsigned long rip, old_rip = kvm_rip_read(vcpu);
375
376
377
378
379
380
381
382
383 (void)skip_emulated_instruction(vcpu);
384 rip = kvm_rip_read(vcpu);
385 svm->int3_rip = rip + svm->vmcb->save.cs.base;
386 svm->int3_injected = rip - old_rip;
387 }
388
389 svm->vmcb->control.event_inj = nr
390 | SVM_EVTINJ_VALID
391 | (has_error_code ? SVM_EVTINJ_VALID_ERR : 0)
392 | SVM_EVTINJ_TYPE_EXEPT;
393 svm->vmcb->control.event_inj_err = error_code;
394}
395
396static void svm_init_erratum_383(void)
397{
398 u32 low, high;
399 int err;
400 u64 val;
401
402 if (!static_cpu_has_bug(X86_BUG_AMD_TLB_MMATCH))
403 return;
404
405
406 val = native_read_msr_safe(MSR_AMD64_DC_CFG, &err);
407 if (err)
408 return;
409
410 val |= (1ULL << 47);
411
412 low = lower_32_bits(val);
413 high = upper_32_bits(val);
414
415 native_write_msr_safe(MSR_AMD64_DC_CFG, low, high);
416
417 erratum_383_found = true;
418}
419
420static void svm_init_osvw(struct kvm_vcpu *vcpu)
421{
422
423
424
425
426 vcpu->arch.osvw.length = (osvw_len >= 3) ? (osvw_len) : 3;
427 vcpu->arch.osvw.status = osvw_status & ~(6ULL);
428
429
430
431
432
433
434
435
436
437 if (osvw_len == 0 && boot_cpu_data.x86 == 0x10)
438 vcpu->arch.osvw.status |= 1;
439}
440
441static int has_svm(void)
442{
443 const char *msg;
444
445 if (!cpu_has_svm(&msg)) {
446 printk(KERN_INFO "has_svm: %s\n", msg);
447 return 0;
448 }
449
450 if (sev_active()) {
451 pr_info("KVM is unsupported when running as an SEV guest\n");
452 return 0;
453 }
454
455 if (pgtable_l5_enabled()) {
456 pr_info("KVM doesn't yet support 5-level paging on AMD SVM\n");
457 return 0;
458 }
459
460 return 1;
461}
462
463static void svm_hardware_disable(void)
464{
465
466 if (static_cpu_has(X86_FEATURE_TSCRATEMSR))
467 wrmsrl(MSR_AMD64_TSC_RATIO, TSC_RATIO_DEFAULT);
468
469 cpu_svm_disable();
470
471 amd_pmu_disable_virt();
472}
473
474static int svm_hardware_enable(void)
475{
476
477 struct svm_cpu_data *sd;
478 uint64_t efer;
479 struct desc_struct *gdt;
480 int me = raw_smp_processor_id();
481
482 rdmsrl(MSR_EFER, efer);
483 if (efer & EFER_SVME)
484 return -EBUSY;
485
486 if (!has_svm()) {
487 pr_err("%s: err EOPNOTSUPP on %d\n", __func__, me);
488 return -EINVAL;
489 }
490 sd = per_cpu(svm_data, me);
491 if (!sd) {
492 pr_err("%s: svm_data is NULL on %d\n", __func__, me);
493 return -EINVAL;
494 }
495
496 sd->asid_generation = 1;
497 sd->max_asid = cpuid_ebx(SVM_CPUID_FUNC) - 1;
498 sd->next_asid = sd->max_asid + 1;
499 sd->min_asid = max_sev_asid + 1;
500
501 gdt = get_current_gdt_rw();
502 sd->tss_desc = (struct kvm_ldttss_desc *)(gdt + GDT_ENTRY_TSS);
503
504 wrmsrl(MSR_EFER, efer | EFER_SVME);
505
506 wrmsrl(MSR_VM_HSAVE_PA, __sme_page_pa(sd->save_area));
507
508 if (static_cpu_has(X86_FEATURE_TSCRATEMSR)) {
509 wrmsrl(MSR_AMD64_TSC_RATIO, TSC_RATIO_DEFAULT);
510 __this_cpu_write(current_tsc_ratio, TSC_RATIO_DEFAULT);
511 }
512
513
514
515
516
517
518
519
520
521
522
523 if (cpu_has(&boot_cpu_data, X86_FEATURE_OSVW)) {
524 uint64_t len, status = 0;
525 int err;
526
527 len = native_read_msr_safe(MSR_AMD64_OSVW_ID_LENGTH, &err);
528 if (!err)
529 status = native_read_msr_safe(MSR_AMD64_OSVW_STATUS,
530 &err);
531
532 if (err)
533 osvw_status = osvw_len = 0;
534 else {
535 if (len < osvw_len)
536 osvw_len = len;
537 osvw_status |= status;
538 osvw_status &= (1ULL << osvw_len) - 1;
539 }
540 } else
541 osvw_status = osvw_len = 0;
542
543 svm_init_erratum_383();
544
545 amd_pmu_enable_virt();
546
547 return 0;
548}
549
550static void svm_cpu_uninit(int cpu)
551{
552 struct svm_cpu_data *sd = per_cpu(svm_data, cpu);
553
554 if (!sd)
555 return;
556
557 per_cpu(svm_data, cpu) = NULL;
558 kfree(sd->sev_vmcbs);
559 __free_page(sd->save_area);
560 kfree(sd);
561}
562
563static int svm_cpu_init(int cpu)
564{
565 struct svm_cpu_data *sd;
566 int ret = -ENOMEM;
567
568 sd = kzalloc(sizeof(struct svm_cpu_data), GFP_KERNEL);
569 if (!sd)
570 return ret;
571 sd->cpu = cpu;
572 sd->save_area = alloc_page(GFP_KERNEL);
573 if (!sd->save_area)
574 goto free_cpu_data;
575
576 clear_page(page_address(sd->save_area));
577
578 ret = sev_cpu_init(sd);
579 if (ret)
580 goto free_save_area;
581
582 per_cpu(svm_data, cpu) = sd;
583
584 return 0;
585
586free_save_area:
587 __free_page(sd->save_area);
588free_cpu_data:
589 kfree(sd);
590 return ret;
591
592}
593
594static int direct_access_msr_slot(u32 msr)
595{
596 u32 i;
597
598 for (i = 0; direct_access_msrs[i].index != MSR_INVALID; i++)
599 if (direct_access_msrs[i].index == msr)
600 return i;
601
602 return -ENOENT;
603}
604
605static void set_shadow_msr_intercept(struct kvm_vcpu *vcpu, u32 msr, int read,
606 int write)
607{
608 struct vcpu_svm *svm = to_svm(vcpu);
609 int slot = direct_access_msr_slot(msr);
610
611 if (slot == -ENOENT)
612 return;
613
614
615 if (read)
616 set_bit(slot, svm->shadow_msr_intercept.read);
617 else
618 clear_bit(slot, svm->shadow_msr_intercept.read);
619
620 if (write)
621 set_bit(slot, svm->shadow_msr_intercept.write);
622 else
623 clear_bit(slot, svm->shadow_msr_intercept.write);
624}
625
626static bool valid_msr_intercept(u32 index)
627{
628 return direct_access_msr_slot(index) != -ENOENT;
629}
630
631static bool msr_write_intercepted(struct kvm_vcpu *vcpu, u32 msr)
632{
633 u8 bit_write;
634 unsigned long tmp;
635 u32 offset;
636 u32 *msrpm;
637
638 msrpm = is_guest_mode(vcpu) ? to_svm(vcpu)->nested.msrpm:
639 to_svm(vcpu)->msrpm;
640
641 offset = svm_msrpm_offset(msr);
642 bit_write = 2 * (msr & 0x0f) + 1;
643 tmp = msrpm[offset];
644
645 BUG_ON(offset == MSR_INVALID);
646
647 return !!test_bit(bit_write, &tmp);
648}
649
650static void set_msr_interception_bitmap(struct kvm_vcpu *vcpu, u32 *msrpm,
651 u32 msr, int read, int write)
652{
653 u8 bit_read, bit_write;
654 unsigned long tmp;
655 u32 offset;
656
657
658
659
660
661 WARN_ON(!valid_msr_intercept(msr));
662
663
664 if (read && !kvm_msr_allowed(vcpu, msr, KVM_MSR_FILTER_READ))
665 read = 0;
666
667 if (write && !kvm_msr_allowed(vcpu, msr, KVM_MSR_FILTER_WRITE))
668 write = 0;
669
670 offset = svm_msrpm_offset(msr);
671 bit_read = 2 * (msr & 0x0f);
672 bit_write = 2 * (msr & 0x0f) + 1;
673 tmp = msrpm[offset];
674
675 BUG_ON(offset == MSR_INVALID);
676
677 read ? clear_bit(bit_read, &tmp) : set_bit(bit_read, &tmp);
678 write ? clear_bit(bit_write, &tmp) : set_bit(bit_write, &tmp);
679
680 msrpm[offset] = tmp;
681}
682
683void set_msr_interception(struct kvm_vcpu *vcpu, u32 *msrpm, u32 msr,
684 int read, int write)
685{
686 set_shadow_msr_intercept(vcpu, msr, read, write);
687 set_msr_interception_bitmap(vcpu, msrpm, msr, read, write);
688}
689
690u32 *svm_vcpu_alloc_msrpm(void)
691{
692 unsigned int order = get_order(MSRPM_SIZE);
693 struct page *pages = alloc_pages(GFP_KERNEL_ACCOUNT, order);
694 u32 *msrpm;
695
696 if (!pages)
697 return NULL;
698
699 msrpm = page_address(pages);
700 memset(msrpm, 0xff, PAGE_SIZE * (1 << order));
701
702 return msrpm;
703}
704
705void svm_vcpu_init_msrpm(struct kvm_vcpu *vcpu, u32 *msrpm)
706{
707 int i;
708
709 for (i = 0; direct_access_msrs[i].index != MSR_INVALID; i++) {
710 if (!direct_access_msrs[i].always)
711 continue;
712 set_msr_interception(vcpu, msrpm, direct_access_msrs[i].index, 1, 1);
713 }
714}
715
716
717void svm_vcpu_free_msrpm(u32 *msrpm)
718{
719 __free_pages(virt_to_page(msrpm), get_order(MSRPM_SIZE));
720}
721
722static void svm_msr_filter_changed(struct kvm_vcpu *vcpu)
723{
724 struct vcpu_svm *svm = to_svm(vcpu);
725 u32 i;
726
727
728
729
730
731
732 for (i = 0; direct_access_msrs[i].index != MSR_INVALID; i++) {
733 u32 msr = direct_access_msrs[i].index;
734 u32 read = test_bit(i, svm->shadow_msr_intercept.read);
735 u32 write = test_bit(i, svm->shadow_msr_intercept.write);
736
737 set_msr_interception_bitmap(vcpu, svm->msrpm, msr, read, write);
738 }
739}
740
741static void add_msr_offset(u32 offset)
742{
743 int i;
744
745 for (i = 0; i < MSRPM_OFFSETS; ++i) {
746
747
748 if (msrpm_offsets[i] == offset)
749 return;
750
751
752 if (msrpm_offsets[i] != MSR_INVALID)
753 continue;
754
755
756 msrpm_offsets[i] = offset;
757
758 return;
759 }
760
761
762
763
764
765 BUG();
766}
767
768static void init_msrpm_offsets(void)
769{
770 int i;
771
772 memset(msrpm_offsets, 0xff, sizeof(msrpm_offsets));
773
774 for (i = 0; direct_access_msrs[i].index != MSR_INVALID; i++) {
775 u32 offset;
776
777 offset = svm_msrpm_offset(direct_access_msrs[i].index);
778 BUG_ON(offset == MSR_INVALID);
779
780 add_msr_offset(offset);
781 }
782}
783
784static void svm_enable_lbrv(struct kvm_vcpu *vcpu)
785{
786 struct vcpu_svm *svm = to_svm(vcpu);
787
788 svm->vmcb->control.virt_ext |= LBR_CTL_ENABLE_MASK;
789 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHFROMIP, 1, 1);
790 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 1, 1);
791 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTFROMIP, 1, 1);
792 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 1, 1);
793}
794
795static void svm_disable_lbrv(struct kvm_vcpu *vcpu)
796{
797 struct vcpu_svm *svm = to_svm(vcpu);
798
799 svm->vmcb->control.virt_ext &= ~LBR_CTL_ENABLE_MASK;
800 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHFROMIP, 0, 0);
801 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 0, 0);
802 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTFROMIP, 0, 0);
803 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 0, 0);
804}
805
806void disable_nmi_singlestep(struct vcpu_svm *svm)
807{
808 svm->nmi_singlestep = false;
809
810 if (!(svm->vcpu.guest_debug & KVM_GUESTDBG_SINGLESTEP)) {
811
812 if (!(svm->nmi_singlestep_guest_rflags & X86_EFLAGS_TF))
813 svm->vmcb->save.rflags &= ~X86_EFLAGS_TF;
814 if (!(svm->nmi_singlestep_guest_rflags & X86_EFLAGS_RF))
815 svm->vmcb->save.rflags &= ~X86_EFLAGS_RF;
816 }
817}
818
819static void grow_ple_window(struct kvm_vcpu *vcpu)
820{
821 struct vcpu_svm *svm = to_svm(vcpu);
822 struct vmcb_control_area *control = &svm->vmcb->control;
823 int old = control->pause_filter_count;
824
825 control->pause_filter_count = __grow_ple_window(old,
826 pause_filter_count,
827 pause_filter_count_grow,
828 pause_filter_count_max);
829
830 if (control->pause_filter_count != old) {
831 vmcb_mark_dirty(svm->vmcb, VMCB_INTERCEPTS);
832 trace_kvm_ple_window_update(vcpu->vcpu_id,
833 control->pause_filter_count, old);
834 }
835}
836
837static void shrink_ple_window(struct kvm_vcpu *vcpu)
838{
839 struct vcpu_svm *svm = to_svm(vcpu);
840 struct vmcb_control_area *control = &svm->vmcb->control;
841 int old = control->pause_filter_count;
842
843 control->pause_filter_count =
844 __shrink_ple_window(old,
845 pause_filter_count,
846 pause_filter_count_shrink,
847 pause_filter_count);
848 if (control->pause_filter_count != old) {
849 vmcb_mark_dirty(svm->vmcb, VMCB_INTERCEPTS);
850 trace_kvm_ple_window_update(vcpu->vcpu_id,
851 control->pause_filter_count, old);
852 }
853}
854
855
856
857
858
859
860
861static __init void svm_adjust_mmio_mask(void)
862{
863 unsigned int enc_bit, mask_bit;
864 u64 msr, mask;
865
866
867 if (cpuid_eax(0x80000000) < 0x8000001f)
868 return;
869
870
871 rdmsrl(MSR_K8_SYSCFG, msr);
872 if (!(msr & MSR_K8_SYSCFG_MEM_ENCRYPT))
873 return;
874
875 enc_bit = cpuid_ebx(0x8000001f) & 0x3f;
876 mask_bit = boot_cpu_data.x86_phys_bits;
877
878
879 if (enc_bit == mask_bit)
880 mask_bit++;
881
882
883
884
885
886
887
888
889
890
891 mask = (mask_bit < 52) ? rsvd_bits(mask_bit, 51) | PT_PRESENT_MASK : 0;
892
893 kvm_mmu_set_mmio_spte_mask(mask, mask, PT_WRITABLE_MASK | PT_USER_MASK);
894}
895
896static void svm_hardware_teardown(void)
897{
898 int cpu;
899
900 sev_hardware_teardown();
901
902 for_each_possible_cpu(cpu)
903 svm_cpu_uninit(cpu);
904
905 __free_pages(pfn_to_page(iopm_base >> PAGE_SHIFT),
906 get_order(IOPM_SIZE));
907 iopm_base = 0;
908}
909
910static __init void svm_set_cpu_caps(void)
911{
912 kvm_set_cpu_caps();
913
914 supported_xss = 0;
915
916
917 if (nested) {
918 kvm_cpu_cap_set(X86_FEATURE_SVM);
919
920 if (nrips)
921 kvm_cpu_cap_set(X86_FEATURE_NRIPS);
922
923 if (npt_enabled)
924 kvm_cpu_cap_set(X86_FEATURE_NPT);
925
926
927 kvm_cpu_cap_set(X86_FEATURE_SVME_ADDR_CHK);
928 }
929
930
931 if (boot_cpu_has(X86_FEATURE_LS_CFG_SSBD) ||
932 boot_cpu_has(X86_FEATURE_AMD_SSBD))
933 kvm_cpu_cap_set(X86_FEATURE_VIRT_SSBD);
934
935
936 sev_set_cpu_caps();
937}
938
939static __init int svm_hardware_setup(void)
940{
941 int cpu;
942 struct page *iopm_pages;
943 void *iopm_va;
944 int r;
945 unsigned int order = get_order(IOPM_SIZE);
946
947 iopm_pages = alloc_pages(GFP_KERNEL, order);
948
949 if (!iopm_pages)
950 return -ENOMEM;
951
952 iopm_va = page_address(iopm_pages);
953 memset(iopm_va, 0xff, PAGE_SIZE * (1 << order));
954 iopm_base = page_to_pfn(iopm_pages) << PAGE_SHIFT;
955
956 init_msrpm_offsets();
957
958 supported_xcr0 &= ~(XFEATURE_MASK_BNDREGS | XFEATURE_MASK_BNDCSR);
959
960 if (boot_cpu_has(X86_FEATURE_NX))
961 kvm_enable_efer_bits(EFER_NX);
962
963 if (boot_cpu_has(X86_FEATURE_FXSR_OPT))
964 kvm_enable_efer_bits(EFER_FFXSR);
965
966 if (boot_cpu_has(X86_FEATURE_TSCRATEMSR)) {
967 kvm_has_tsc_control = true;
968 kvm_max_tsc_scaling_ratio = TSC_RATIO_MAX;
969 kvm_tsc_scaling_ratio_frac_bits = 32;
970 }
971
972 if (!kvm_probe_user_return_msr(MSR_TSC_AUX)) {
973 tsc_aux_uret_slot = 0;
974 kvm_define_user_return_msr(tsc_aux_uret_slot, MSR_TSC_AUX);
975 }
976
977
978 if (!boot_cpu_has(X86_FEATURE_PAUSEFILTER)) {
979 pause_filter_count = 0;
980 pause_filter_thresh = 0;
981 } else if (!boot_cpu_has(X86_FEATURE_PFTHRESHOLD)) {
982 pause_filter_thresh = 0;
983 }
984
985 if (nested) {
986 printk(KERN_INFO "kvm: Nested Virtualization enabled\n");
987 kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE);
988 }
989
990
991
992
993
994
995 if (!IS_ENABLED(CONFIG_X86_64) && !IS_ENABLED(CONFIG_X86_PAE))
996 npt_enabled = false;
997
998 if (!boot_cpu_has(X86_FEATURE_NPT))
999 npt_enabled = false;
1000
1001 kvm_configure_mmu(npt_enabled, get_max_npt_level(), PG_LEVEL_1G);
1002 pr_info("kvm: Nested Paging %sabled\n", npt_enabled ? "en" : "dis");
1003
1004
1005 sev_hardware_setup();
1006
1007 svm_adjust_mmio_mask();
1008
1009 for_each_possible_cpu(cpu) {
1010 r = svm_cpu_init(cpu);
1011 if (r)
1012 goto err;
1013 }
1014
1015 if (nrips) {
1016 if (!boot_cpu_has(X86_FEATURE_NRIPS))
1017 nrips = false;
1018 }
1019
1020 if (avic) {
1021 if (!npt_enabled || !boot_cpu_has(X86_FEATURE_AVIC)) {
1022 avic = false;
1023 } else {
1024 pr_info("AVIC enabled\n");
1025
1026 amd_iommu_register_ga_log_notifier(&avic_ga_log_notifier);
1027 }
1028 }
1029
1030 if (vls) {
1031 if (!npt_enabled ||
1032 !boot_cpu_has(X86_FEATURE_V_VMSAVE_VMLOAD) ||
1033 !IS_ENABLED(CONFIG_X86_64)) {
1034 vls = false;
1035 } else {
1036 pr_info("Virtual VMLOAD VMSAVE supported\n");
1037 }
1038 }
1039
1040 if (boot_cpu_has(X86_FEATURE_SVME_ADDR_CHK))
1041 svm_gp_erratum_intercept = false;
1042
1043 if (vgif) {
1044 if (!boot_cpu_has(X86_FEATURE_VGIF))
1045 vgif = false;
1046 else
1047 pr_info("Virtual GIF supported\n");
1048 }
1049
1050 svm_set_cpu_caps();
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065 allow_smaller_maxphyaddr = !npt_enabled;
1066
1067 return 0;
1068
1069err:
1070 svm_hardware_teardown();
1071 return r;
1072}
1073
1074static void init_seg(struct vmcb_seg *seg)
1075{
1076 seg->selector = 0;
1077 seg->attrib = SVM_SELECTOR_P_MASK | SVM_SELECTOR_S_MASK |
1078 SVM_SELECTOR_WRITE_MASK;
1079 seg->limit = 0xffff;
1080 seg->base = 0;
1081}
1082
1083static void init_sys_seg(struct vmcb_seg *seg, uint32_t type)
1084{
1085 seg->selector = 0;
1086 seg->attrib = SVM_SELECTOR_P_MASK | type;
1087 seg->limit = 0xffff;
1088 seg->base = 0;
1089}
1090
1091static u64 svm_write_l1_tsc_offset(struct kvm_vcpu *vcpu, u64 offset)
1092{
1093 struct vcpu_svm *svm = to_svm(vcpu);
1094 u64 g_tsc_offset = 0;
1095
1096 if (is_guest_mode(vcpu)) {
1097
1098 g_tsc_offset = svm->vmcb->control.tsc_offset -
1099 svm->vmcb01.ptr->control.tsc_offset;
1100 svm->vmcb01.ptr->control.tsc_offset = offset;
1101 }
1102
1103 trace_kvm_write_tsc_offset(vcpu->vcpu_id,
1104 svm->vmcb->control.tsc_offset - g_tsc_offset,
1105 offset);
1106
1107 svm->vmcb->control.tsc_offset = offset + g_tsc_offset;
1108
1109 vmcb_mark_dirty(svm->vmcb, VMCB_INTERCEPTS);
1110 return svm->vmcb->control.tsc_offset;
1111}
1112
1113
1114static void svm_recalc_instruction_intercepts(struct kvm_vcpu *vcpu,
1115 struct vcpu_svm *svm)
1116{
1117
1118
1119
1120
1121 if (kvm_cpu_cap_has(X86_FEATURE_INVPCID)) {
1122 if (!npt_enabled ||
1123 !guest_cpuid_has(&svm->vcpu, X86_FEATURE_INVPCID))
1124 svm_set_intercept(svm, INTERCEPT_INVPCID);
1125 else
1126 svm_clr_intercept(svm, INTERCEPT_INVPCID);
1127 }
1128
1129 if (kvm_cpu_cap_has(X86_FEATURE_RDTSCP)) {
1130 if (guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP))
1131 svm_clr_intercept(svm, INTERCEPT_RDTSCP);
1132 else
1133 svm_set_intercept(svm, INTERCEPT_RDTSCP);
1134 }
1135}
1136
1137static void init_vmcb(struct kvm_vcpu *vcpu)
1138{
1139 struct vcpu_svm *svm = to_svm(vcpu);
1140 struct vmcb_control_area *control = &svm->vmcb->control;
1141 struct vmcb_save_area *save = &svm->vmcb->save;
1142
1143 vcpu->arch.hflags = 0;
1144
1145 svm_set_intercept(svm, INTERCEPT_CR0_READ);
1146 svm_set_intercept(svm, INTERCEPT_CR3_READ);
1147 svm_set_intercept(svm, INTERCEPT_CR4_READ);
1148 svm_set_intercept(svm, INTERCEPT_CR0_WRITE);
1149 svm_set_intercept(svm, INTERCEPT_CR3_WRITE);
1150 svm_set_intercept(svm, INTERCEPT_CR4_WRITE);
1151 if (!kvm_vcpu_apicv_active(vcpu))
1152 svm_set_intercept(svm, INTERCEPT_CR8_WRITE);
1153
1154 set_dr_intercepts(svm);
1155
1156 set_exception_intercept(svm, PF_VECTOR);
1157 set_exception_intercept(svm, UD_VECTOR);
1158 set_exception_intercept(svm, MC_VECTOR);
1159 set_exception_intercept(svm, AC_VECTOR);
1160 set_exception_intercept(svm, DB_VECTOR);
1161
1162
1163
1164
1165
1166
1167 if (enable_vmware_backdoor)
1168 set_exception_intercept(svm, GP_VECTOR);
1169
1170 svm_set_intercept(svm, INTERCEPT_INTR);
1171 svm_set_intercept(svm, INTERCEPT_NMI);
1172
1173 if (intercept_smi)
1174 svm_set_intercept(svm, INTERCEPT_SMI);
1175
1176 svm_set_intercept(svm, INTERCEPT_SELECTIVE_CR0);
1177 svm_set_intercept(svm, INTERCEPT_RDPMC);
1178 svm_set_intercept(svm, INTERCEPT_CPUID);
1179 svm_set_intercept(svm, INTERCEPT_INVD);
1180 svm_set_intercept(svm, INTERCEPT_INVLPG);
1181 svm_set_intercept(svm, INTERCEPT_INVLPGA);
1182 svm_set_intercept(svm, INTERCEPT_IOIO_PROT);
1183 svm_set_intercept(svm, INTERCEPT_MSR_PROT);
1184 svm_set_intercept(svm, INTERCEPT_TASK_SWITCH);
1185 svm_set_intercept(svm, INTERCEPT_SHUTDOWN);
1186 svm_set_intercept(svm, INTERCEPT_VMRUN);
1187 svm_set_intercept(svm, INTERCEPT_VMMCALL);
1188 svm_set_intercept(svm, INTERCEPT_VMLOAD);
1189 svm_set_intercept(svm, INTERCEPT_VMSAVE);
1190 svm_set_intercept(svm, INTERCEPT_STGI);
1191 svm_set_intercept(svm, INTERCEPT_CLGI);
1192 svm_set_intercept(svm, INTERCEPT_SKINIT);
1193 svm_set_intercept(svm, INTERCEPT_WBINVD);
1194 svm_set_intercept(svm, INTERCEPT_XSETBV);
1195 svm_set_intercept(svm, INTERCEPT_RDPRU);
1196 svm_set_intercept(svm, INTERCEPT_RSM);
1197
1198 if (!kvm_mwait_in_guest(vcpu->kvm)) {
1199 svm_set_intercept(svm, INTERCEPT_MONITOR);
1200 svm_set_intercept(svm, INTERCEPT_MWAIT);
1201 }
1202
1203 if (!kvm_hlt_in_guest(vcpu->kvm))
1204 svm_set_intercept(svm, INTERCEPT_HLT);
1205
1206 control->iopm_base_pa = __sme_set(iopm_base);
1207 control->msrpm_base_pa = __sme_set(__pa(svm->msrpm));
1208 control->int_ctl = V_INTR_MASKING_MASK;
1209
1210 init_seg(&save->es);
1211 init_seg(&save->ss);
1212 init_seg(&save->ds);
1213 init_seg(&save->fs);
1214 init_seg(&save->gs);
1215
1216 save->cs.selector = 0xf000;
1217 save->cs.base = 0xffff0000;
1218
1219 save->cs.attrib = SVM_SELECTOR_READ_MASK | SVM_SELECTOR_P_MASK |
1220 SVM_SELECTOR_S_MASK | SVM_SELECTOR_CODE_MASK;
1221 save->cs.limit = 0xffff;
1222
1223 save->gdtr.limit = 0xffff;
1224 save->idtr.limit = 0xffff;
1225
1226 init_sys_seg(&save->ldtr, SEG_TYPE_LDT);
1227 init_sys_seg(&save->tr, SEG_TYPE_BUSY_TSS16);
1228
1229 svm_set_cr4(vcpu, 0);
1230 svm_set_efer(vcpu, 0);
1231 save->dr6 = 0xffff0ff0;
1232 kvm_set_rflags(vcpu, X86_EFLAGS_FIXED);
1233 save->rip = 0x0000fff0;
1234 vcpu->arch.regs[VCPU_REGS_RIP] = save->rip;
1235
1236
1237
1238
1239
1240 svm_set_cr0(vcpu, X86_CR0_NW | X86_CR0_CD | X86_CR0_ET);
1241 kvm_mmu_reset_context(vcpu);
1242
1243 save->cr4 = X86_CR4_PAE;
1244
1245
1246 if (npt_enabled) {
1247
1248 control->nested_ctl |= SVM_NESTED_CTL_NP_ENABLE;
1249 svm_clr_intercept(svm, INTERCEPT_INVLPG);
1250 clr_exception_intercept(svm, PF_VECTOR);
1251 svm_clr_intercept(svm, INTERCEPT_CR3_READ);
1252 svm_clr_intercept(svm, INTERCEPT_CR3_WRITE);
1253 save->g_pat = vcpu->arch.pat;
1254 save->cr3 = 0;
1255 save->cr4 = 0;
1256 }
1257 svm->current_vmcb->asid_generation = 0;
1258 svm->asid = 0;
1259
1260 svm->nested.vmcb12_gpa = INVALID_GPA;
1261 svm->nested.last_vmcb12_gpa = INVALID_GPA;
1262 vcpu->arch.hflags = 0;
1263
1264 if (!kvm_pause_in_guest(vcpu->kvm)) {
1265 control->pause_filter_count = pause_filter_count;
1266 if (pause_filter_thresh)
1267 control->pause_filter_thresh = pause_filter_thresh;
1268 svm_set_intercept(svm, INTERCEPT_PAUSE);
1269 } else {
1270 svm_clr_intercept(svm, INTERCEPT_PAUSE);
1271 }
1272
1273 svm_recalc_instruction_intercepts(vcpu, svm);
1274
1275
1276
1277
1278
1279 if (boot_cpu_has(X86_FEATURE_V_SPEC_CTRL))
1280 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SPEC_CTRL, 1, 1);
1281
1282 if (kvm_vcpu_apicv_active(vcpu))
1283 avic_init_vmcb(svm);
1284
1285 if (vgif) {
1286 svm_clr_intercept(svm, INTERCEPT_STGI);
1287 svm_clr_intercept(svm, INTERCEPT_CLGI);
1288 svm->vmcb->control.int_ctl |= V_GIF_ENABLE_MASK;
1289 }
1290
1291 if (sev_guest(vcpu->kvm)) {
1292 svm->vmcb->control.nested_ctl |= SVM_NESTED_CTL_SEV_ENABLE;
1293 clr_exception_intercept(svm, UD_VECTOR);
1294
1295 if (sev_es_guest(vcpu->kvm)) {
1296
1297 sev_es_init_vmcb(svm);
1298 }
1299 }
1300
1301 vmcb_mark_all_dirty(svm->vmcb);
1302
1303 enable_gif(svm);
1304
1305}
1306
1307static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event)
1308{
1309 struct vcpu_svm *svm = to_svm(vcpu);
1310 u32 dummy;
1311 u32 eax = 1;
1312
1313 svm->spec_ctrl = 0;
1314 svm->virt_spec_ctrl = 0;
1315
1316 if (!init_event) {
1317 vcpu->arch.apic_base = APIC_DEFAULT_PHYS_BASE |
1318 MSR_IA32_APICBASE_ENABLE;
1319 if (kvm_vcpu_is_reset_bsp(vcpu))
1320 vcpu->arch.apic_base |= MSR_IA32_APICBASE_BSP;
1321 }
1322 init_vmcb(vcpu);
1323
1324 kvm_cpuid(vcpu, &eax, &dummy, &dummy, &dummy, false);
1325 kvm_rdx_write(vcpu, eax);
1326
1327 if (kvm_vcpu_apicv_active(vcpu) && !init_event)
1328 avic_update_vapic_bar(svm, APIC_DEFAULT_PHYS_BASE);
1329}
1330
1331void svm_switch_vmcb(struct vcpu_svm *svm, struct kvm_vmcb_info *target_vmcb)
1332{
1333 svm->current_vmcb = target_vmcb;
1334 svm->vmcb = target_vmcb->ptr;
1335}
1336
1337static int svm_create_vcpu(struct kvm_vcpu *vcpu)
1338{
1339 struct vcpu_svm *svm;
1340 struct page *vmcb01_page;
1341 struct page *vmsa_page = NULL;
1342 int err;
1343
1344 BUILD_BUG_ON(offsetof(struct vcpu_svm, vcpu) != 0);
1345 svm = to_svm(vcpu);
1346
1347 err = -ENOMEM;
1348 vmcb01_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO);
1349 if (!vmcb01_page)
1350 goto out;
1351
1352 if (sev_es_guest(vcpu->kvm)) {
1353
1354
1355
1356
1357 vmsa_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO);
1358 if (!vmsa_page)
1359 goto error_free_vmcb_page;
1360
1361
1362
1363
1364
1365
1366
1367 kvm_free_guest_fpu(vcpu);
1368 }
1369
1370 err = avic_init_vcpu(svm);
1371 if (err)
1372 goto error_free_vmsa_page;
1373
1374
1375
1376
1377 if (irqchip_in_kernel(vcpu->kvm) && kvm_apicv_activated(vcpu->kvm))
1378 svm->avic_is_running = true;
1379
1380 svm->msrpm = svm_vcpu_alloc_msrpm();
1381 if (!svm->msrpm) {
1382 err = -ENOMEM;
1383 goto error_free_vmsa_page;
1384 }
1385
1386 svm_vcpu_init_msrpm(vcpu, svm->msrpm);
1387
1388 svm->vmcb01.ptr = page_address(vmcb01_page);
1389 svm->vmcb01.pa = __sme_set(page_to_pfn(vmcb01_page) << PAGE_SHIFT);
1390
1391 if (vmsa_page)
1392 svm->vmsa = page_address(vmsa_page);
1393
1394 svm->guest_state_loaded = false;
1395
1396 svm_switch_vmcb(svm, &svm->vmcb01);
1397 init_vmcb(vcpu);
1398
1399 svm_init_osvw(vcpu);
1400 vcpu->arch.microcode_version = 0x01000065;
1401
1402 if (sev_es_guest(vcpu->kvm))
1403
1404 sev_es_create_vcpu(svm);
1405
1406 return 0;
1407
1408error_free_vmsa_page:
1409 if (vmsa_page)
1410 __free_page(vmsa_page);
1411error_free_vmcb_page:
1412 __free_page(vmcb01_page);
1413out:
1414 return err;
1415}
1416
1417static void svm_clear_current_vmcb(struct vmcb *vmcb)
1418{
1419 int i;
1420
1421 for_each_online_cpu(i)
1422 cmpxchg(&per_cpu(svm_data, i)->current_vmcb, vmcb, NULL);
1423}
1424
1425static void svm_free_vcpu(struct kvm_vcpu *vcpu)
1426{
1427 struct vcpu_svm *svm = to_svm(vcpu);
1428
1429
1430
1431
1432
1433
1434 svm_clear_current_vmcb(svm->vmcb);
1435
1436 svm_free_nested(svm);
1437
1438 sev_free_vcpu(vcpu);
1439
1440 __free_page(pfn_to_page(__sme_clr(svm->vmcb01.pa) >> PAGE_SHIFT));
1441 __free_pages(virt_to_page(svm->msrpm), get_order(MSRPM_SIZE));
1442}
1443
1444static void svm_prepare_guest_switch(struct kvm_vcpu *vcpu)
1445{
1446 struct vcpu_svm *svm = to_svm(vcpu);
1447 struct svm_cpu_data *sd = per_cpu(svm_data, vcpu->cpu);
1448
1449 if (sev_es_guest(vcpu->kvm))
1450 sev_es_unmap_ghcb(svm);
1451
1452 if (svm->guest_state_loaded)
1453 return;
1454
1455
1456
1457
1458
1459 if (sev_es_guest(vcpu->kvm)) {
1460 sev_es_prepare_guest_switch(svm, vcpu->cpu);
1461 } else {
1462 vmsave(__sme_page_pa(sd->save_area));
1463 }
1464
1465 if (static_cpu_has(X86_FEATURE_TSCRATEMSR)) {
1466 u64 tsc_ratio = vcpu->arch.tsc_scaling_ratio;
1467 if (tsc_ratio != __this_cpu_read(current_tsc_ratio)) {
1468 __this_cpu_write(current_tsc_ratio, tsc_ratio);
1469 wrmsrl(MSR_AMD64_TSC_RATIO, tsc_ratio);
1470 }
1471 }
1472
1473 if (likely(tsc_aux_uret_slot >= 0))
1474 kvm_set_user_return_msr(tsc_aux_uret_slot, svm->tsc_aux, -1ull);
1475
1476 svm->guest_state_loaded = true;
1477}
1478
1479static void svm_prepare_host_switch(struct kvm_vcpu *vcpu)
1480{
1481 to_svm(vcpu)->guest_state_loaded = false;
1482}
1483
1484static void svm_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
1485{
1486 struct vcpu_svm *svm = to_svm(vcpu);
1487 struct svm_cpu_data *sd = per_cpu(svm_data, cpu);
1488
1489 if (sd->current_vmcb != svm->vmcb) {
1490 sd->current_vmcb = svm->vmcb;
1491 indirect_branch_prediction_barrier();
1492 }
1493 avic_vcpu_load(vcpu, cpu);
1494}
1495
1496static void svm_vcpu_put(struct kvm_vcpu *vcpu)
1497{
1498 avic_vcpu_put(vcpu);
1499 svm_prepare_host_switch(vcpu);
1500
1501 ++vcpu->stat.host_state_reload;
1502}
1503
1504static unsigned long svm_get_rflags(struct kvm_vcpu *vcpu)
1505{
1506 struct vcpu_svm *svm = to_svm(vcpu);
1507 unsigned long rflags = svm->vmcb->save.rflags;
1508
1509 if (svm->nmi_singlestep) {
1510
1511 if (!(svm->nmi_singlestep_guest_rflags & X86_EFLAGS_TF))
1512 rflags &= ~X86_EFLAGS_TF;
1513 if (!(svm->nmi_singlestep_guest_rflags & X86_EFLAGS_RF))
1514 rflags &= ~X86_EFLAGS_RF;
1515 }
1516 return rflags;
1517}
1518
1519static void svm_set_rflags(struct kvm_vcpu *vcpu, unsigned long rflags)
1520{
1521 if (to_svm(vcpu)->nmi_singlestep)
1522 rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF);
1523
1524
1525
1526
1527
1528
1529 to_svm(vcpu)->vmcb->save.rflags = rflags;
1530}
1531
1532static void svm_cache_reg(struct kvm_vcpu *vcpu, enum kvm_reg reg)
1533{
1534 switch (reg) {
1535 case VCPU_EXREG_PDPTR:
1536 BUG_ON(!npt_enabled);
1537 load_pdptrs(vcpu, vcpu->arch.walk_mmu, kvm_read_cr3(vcpu));
1538 break;
1539 default:
1540 WARN_ON_ONCE(1);
1541 }
1542}
1543
1544static void svm_set_vintr(struct vcpu_svm *svm)
1545{
1546 struct vmcb_control_area *control;
1547
1548
1549 WARN_ON(kvm_vcpu_apicv_active(&svm->vcpu));
1550 svm_set_intercept(svm, INTERCEPT_VINTR);
1551
1552
1553
1554
1555
1556 control = &svm->vmcb->control;
1557 control->int_vector = 0x0;
1558 control->int_ctl &= ~V_INTR_PRIO_MASK;
1559 control->int_ctl |= V_IRQ_MASK |
1560 (( 0xf) << V_INTR_PRIO_SHIFT);
1561 vmcb_mark_dirty(svm->vmcb, VMCB_INTR);
1562}
1563
1564static void svm_clear_vintr(struct vcpu_svm *svm)
1565{
1566 svm_clr_intercept(svm, INTERCEPT_VINTR);
1567
1568
1569 svm->vmcb->control.int_ctl &= ~V_IRQ_INJECTION_BITS_MASK;
1570 if (is_guest_mode(&svm->vcpu)) {
1571 svm->vmcb01.ptr->control.int_ctl &= ~V_IRQ_INJECTION_BITS_MASK;
1572
1573 WARN_ON((svm->vmcb->control.int_ctl & V_TPR_MASK) !=
1574 (svm->nested.ctl.int_ctl & V_TPR_MASK));
1575
1576 svm->vmcb->control.int_ctl |= svm->nested.ctl.int_ctl &
1577 V_IRQ_INJECTION_BITS_MASK;
1578 }
1579
1580 vmcb_mark_dirty(svm->vmcb, VMCB_INTR);
1581}
1582
1583static struct vmcb_seg *svm_seg(struct kvm_vcpu *vcpu, int seg)
1584{
1585 struct vmcb_save_area *save = &to_svm(vcpu)->vmcb->save;
1586 struct vmcb_save_area *save01 = &to_svm(vcpu)->vmcb01.ptr->save;
1587
1588 switch (seg) {
1589 case VCPU_SREG_CS: return &save->cs;
1590 case VCPU_SREG_DS: return &save->ds;
1591 case VCPU_SREG_ES: return &save->es;
1592 case VCPU_SREG_FS: return &save01->fs;
1593 case VCPU_SREG_GS: return &save01->gs;
1594 case VCPU_SREG_SS: return &save->ss;
1595 case VCPU_SREG_TR: return &save01->tr;
1596 case VCPU_SREG_LDTR: return &save01->ldtr;
1597 }
1598 BUG();
1599 return NULL;
1600}
1601
1602static u64 svm_get_segment_base(struct kvm_vcpu *vcpu, int seg)
1603{
1604 struct vmcb_seg *s = svm_seg(vcpu, seg);
1605
1606 return s->base;
1607}
1608
1609static void svm_get_segment(struct kvm_vcpu *vcpu,
1610 struct kvm_segment *var, int seg)
1611{
1612 struct vmcb_seg *s = svm_seg(vcpu, seg);
1613
1614 var->base = s->base;
1615 var->limit = s->limit;
1616 var->selector = s->selector;
1617 var->type = s->attrib & SVM_SELECTOR_TYPE_MASK;
1618 var->s = (s->attrib >> SVM_SELECTOR_S_SHIFT) & 1;
1619 var->dpl = (s->attrib >> SVM_SELECTOR_DPL_SHIFT) & 3;
1620 var->present = (s->attrib >> SVM_SELECTOR_P_SHIFT) & 1;
1621 var->avl = (s->attrib >> SVM_SELECTOR_AVL_SHIFT) & 1;
1622 var->l = (s->attrib >> SVM_SELECTOR_L_SHIFT) & 1;
1623 var->db = (s->attrib >> SVM_SELECTOR_DB_SHIFT) & 1;
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633 var->g = s->limit > 0xfffff;
1634
1635
1636
1637
1638
1639 var->unusable = !var->present;
1640
1641 switch (seg) {
1642 case VCPU_SREG_TR:
1643
1644
1645
1646
1647 var->type |= 0x2;
1648 break;
1649 case VCPU_SREG_DS:
1650 case VCPU_SREG_ES:
1651 case VCPU_SREG_FS:
1652 case VCPU_SREG_GS:
1653
1654
1655
1656
1657
1658
1659
1660 if (!var->unusable)
1661 var->type |= 0x1;
1662 break;
1663 case VCPU_SREG_SS:
1664
1665
1666
1667
1668
1669
1670 if (var->unusable)
1671 var->db = 0;
1672
1673 var->dpl = to_svm(vcpu)->vmcb->save.cpl;
1674 break;
1675 }
1676}
1677
1678static int svm_get_cpl(struct kvm_vcpu *vcpu)
1679{
1680 struct vmcb_save_area *save = &to_svm(vcpu)->vmcb->save;
1681
1682 return save->cpl;
1683}
1684
1685static void svm_get_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt)
1686{
1687 struct vcpu_svm *svm = to_svm(vcpu);
1688
1689 dt->size = svm->vmcb->save.idtr.limit;
1690 dt->address = svm->vmcb->save.idtr.base;
1691}
1692
1693static void svm_set_idt(struct kvm_vcpu *vcpu, struct desc_ptr *dt)
1694{
1695 struct vcpu_svm *svm = to_svm(vcpu);
1696
1697 svm->vmcb->save.idtr.limit = dt->size;
1698 svm->vmcb->save.idtr.base = dt->address ;
1699 vmcb_mark_dirty(svm->vmcb, VMCB_DT);
1700}
1701
1702static void svm_get_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt)
1703{
1704 struct vcpu_svm *svm = to_svm(vcpu);
1705
1706 dt->size = svm->vmcb->save.gdtr.limit;
1707 dt->address = svm->vmcb->save.gdtr.base;
1708}
1709
1710static void svm_set_gdt(struct kvm_vcpu *vcpu, struct desc_ptr *dt)
1711{
1712 struct vcpu_svm *svm = to_svm(vcpu);
1713
1714 svm->vmcb->save.gdtr.limit = dt->size;
1715 svm->vmcb->save.gdtr.base = dt->address ;
1716 vmcb_mark_dirty(svm->vmcb, VMCB_DT);
1717}
1718
1719void svm_set_cr0(struct kvm_vcpu *vcpu, unsigned long cr0)
1720{
1721 struct vcpu_svm *svm = to_svm(vcpu);
1722 u64 hcr0 = cr0;
1723
1724#ifdef CONFIG_X86_64
1725 if (vcpu->arch.efer & EFER_LME && !vcpu->arch.guest_state_protected) {
1726 if (!is_paging(vcpu) && (cr0 & X86_CR0_PG)) {
1727 vcpu->arch.efer |= EFER_LMA;
1728 svm->vmcb->save.efer |= EFER_LMA | EFER_LME;
1729 }
1730
1731 if (is_paging(vcpu) && !(cr0 & X86_CR0_PG)) {
1732 vcpu->arch.efer &= ~EFER_LMA;
1733 svm->vmcb->save.efer &= ~(EFER_LMA | EFER_LME);
1734 }
1735 }
1736#endif
1737 vcpu->arch.cr0 = cr0;
1738
1739 if (!npt_enabled)
1740 hcr0 |= X86_CR0_PG | X86_CR0_WP;
1741
1742
1743
1744
1745
1746
1747 if (kvm_check_has_quirk(vcpu->kvm, KVM_X86_QUIRK_CD_NW_CLEARED))
1748 hcr0 &= ~(X86_CR0_CD | X86_CR0_NW);
1749
1750 svm->vmcb->save.cr0 = hcr0;
1751 vmcb_mark_dirty(svm->vmcb, VMCB_CR);
1752
1753
1754
1755
1756
1757 if (sev_es_guest(vcpu->kvm))
1758 return;
1759
1760 if (hcr0 == cr0) {
1761
1762 svm_clr_intercept(svm, INTERCEPT_CR0_READ);
1763 svm_clr_intercept(svm, INTERCEPT_CR0_WRITE);
1764 } else {
1765 svm_set_intercept(svm, INTERCEPT_CR0_READ);
1766 svm_set_intercept(svm, INTERCEPT_CR0_WRITE);
1767 }
1768}
1769
1770static bool svm_is_valid_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
1771{
1772 return true;
1773}
1774
1775void svm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4)
1776{
1777 unsigned long host_cr4_mce = cr4_read_shadow() & X86_CR4_MCE;
1778 unsigned long old_cr4 = vcpu->arch.cr4;
1779
1780 if (npt_enabled && ((old_cr4 ^ cr4) & X86_CR4_PGE))
1781 svm_flush_tlb(vcpu);
1782
1783 vcpu->arch.cr4 = cr4;
1784 if (!npt_enabled)
1785 cr4 |= X86_CR4_PAE;
1786 cr4 |= host_cr4_mce;
1787 to_svm(vcpu)->vmcb->save.cr4 = cr4;
1788 vmcb_mark_dirty(to_svm(vcpu)->vmcb, VMCB_CR);
1789
1790 if ((cr4 ^ old_cr4) & (X86_CR4_OSXSAVE | X86_CR4_PKE))
1791 kvm_update_cpuid_runtime(vcpu);
1792}
1793
1794static void svm_set_segment(struct kvm_vcpu *vcpu,
1795 struct kvm_segment *var, int seg)
1796{
1797 struct vcpu_svm *svm = to_svm(vcpu);
1798 struct vmcb_seg *s = svm_seg(vcpu, seg);
1799
1800 s->base = var->base;
1801 s->limit = var->limit;
1802 s->selector = var->selector;
1803 s->attrib = (var->type & SVM_SELECTOR_TYPE_MASK);
1804 s->attrib |= (var->s & 1) << SVM_SELECTOR_S_SHIFT;
1805 s->attrib |= (var->dpl & 3) << SVM_SELECTOR_DPL_SHIFT;
1806 s->attrib |= ((var->present & 1) && !var->unusable) << SVM_SELECTOR_P_SHIFT;
1807 s->attrib |= (var->avl & 1) << SVM_SELECTOR_AVL_SHIFT;
1808 s->attrib |= (var->l & 1) << SVM_SELECTOR_L_SHIFT;
1809 s->attrib |= (var->db & 1) << SVM_SELECTOR_DB_SHIFT;
1810 s->attrib |= (var->g & 1) << SVM_SELECTOR_G_SHIFT;
1811
1812
1813
1814
1815
1816
1817
1818 if (seg == VCPU_SREG_SS)
1819
1820 svm->vmcb->save.cpl = (var->dpl & 3);
1821
1822 vmcb_mark_dirty(svm->vmcb, VMCB_SEG);
1823}
1824
1825static void svm_update_exception_bitmap(struct kvm_vcpu *vcpu)
1826{
1827 struct vcpu_svm *svm = to_svm(vcpu);
1828
1829 clr_exception_intercept(svm, BP_VECTOR);
1830
1831 if (vcpu->guest_debug & KVM_GUESTDBG_ENABLE) {
1832 if (vcpu->guest_debug & KVM_GUESTDBG_USE_SW_BP)
1833 set_exception_intercept(svm, BP_VECTOR);
1834 }
1835}
1836
1837static void new_asid(struct vcpu_svm *svm, struct svm_cpu_data *sd)
1838{
1839 if (sd->next_asid > sd->max_asid) {
1840 ++sd->asid_generation;
1841 sd->next_asid = sd->min_asid;
1842 svm->vmcb->control.tlb_ctl = TLB_CONTROL_FLUSH_ALL_ASID;
1843 vmcb_mark_dirty(svm->vmcb, VMCB_ASID);
1844 }
1845
1846 svm->current_vmcb->asid_generation = sd->asid_generation;
1847 svm->asid = sd->next_asid++;
1848}
1849
1850static void svm_set_dr6(struct vcpu_svm *svm, unsigned long value)
1851{
1852 struct vmcb *vmcb = svm->vmcb;
1853
1854 if (svm->vcpu.arch.guest_state_protected)
1855 return;
1856
1857 if (unlikely(value != vmcb->save.dr6)) {
1858 vmcb->save.dr6 = value;
1859 vmcb_mark_dirty(vmcb, VMCB_DR);
1860 }
1861}
1862
1863static void svm_sync_dirty_debug_regs(struct kvm_vcpu *vcpu)
1864{
1865 struct vcpu_svm *svm = to_svm(vcpu);
1866
1867 if (vcpu->arch.guest_state_protected)
1868 return;
1869
1870 get_debugreg(vcpu->arch.db[0], 0);
1871 get_debugreg(vcpu->arch.db[1], 1);
1872 get_debugreg(vcpu->arch.db[2], 2);
1873 get_debugreg(vcpu->arch.db[3], 3);
1874
1875
1876
1877
1878 vcpu->arch.dr6 = svm->vmcb->save.dr6;
1879 vcpu->arch.dr7 = svm->vmcb->save.dr7;
1880 vcpu->arch.switch_db_regs &= ~KVM_DEBUGREG_WONT_EXIT;
1881 set_dr_intercepts(svm);
1882}
1883
1884static void svm_set_dr7(struct kvm_vcpu *vcpu, unsigned long value)
1885{
1886 struct vcpu_svm *svm = to_svm(vcpu);
1887
1888 if (vcpu->arch.guest_state_protected)
1889 return;
1890
1891 svm->vmcb->save.dr7 = value;
1892 vmcb_mark_dirty(svm->vmcb, VMCB_DR);
1893}
1894
1895static int pf_interception(struct kvm_vcpu *vcpu)
1896{
1897 struct vcpu_svm *svm = to_svm(vcpu);
1898
1899 u64 fault_address = svm->vmcb->control.exit_info_2;
1900 u64 error_code = svm->vmcb->control.exit_info_1;
1901
1902 return kvm_handle_page_fault(vcpu, error_code, fault_address,
1903 static_cpu_has(X86_FEATURE_DECODEASSISTS) ?
1904 svm->vmcb->control.insn_bytes : NULL,
1905 svm->vmcb->control.insn_len);
1906}
1907
1908static int npf_interception(struct kvm_vcpu *vcpu)
1909{
1910 struct vcpu_svm *svm = to_svm(vcpu);
1911
1912 u64 fault_address = svm->vmcb->control.exit_info_2;
1913 u64 error_code = svm->vmcb->control.exit_info_1;
1914
1915 trace_kvm_page_fault(fault_address, error_code);
1916 return kvm_mmu_page_fault(vcpu, fault_address, error_code,
1917 static_cpu_has(X86_FEATURE_DECODEASSISTS) ?
1918 svm->vmcb->control.insn_bytes : NULL,
1919 svm->vmcb->control.insn_len);
1920}
1921
1922static int db_interception(struct kvm_vcpu *vcpu)
1923{
1924 struct kvm_run *kvm_run = vcpu->run;
1925 struct vcpu_svm *svm = to_svm(vcpu);
1926
1927 if (!(vcpu->guest_debug &
1928 (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP)) &&
1929 !svm->nmi_singlestep) {
1930 u32 payload = svm->vmcb->save.dr6 ^ DR6_ACTIVE_LOW;
1931 kvm_queue_exception_p(vcpu, DB_VECTOR, payload);
1932 return 1;
1933 }
1934
1935 if (svm->nmi_singlestep) {
1936 disable_nmi_singlestep(svm);
1937
1938 kvm_make_request(KVM_REQ_EVENT, vcpu);
1939 }
1940
1941 if (vcpu->guest_debug &
1942 (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP)) {
1943 kvm_run->exit_reason = KVM_EXIT_DEBUG;
1944 kvm_run->debug.arch.dr6 = svm->vmcb->save.dr6;
1945 kvm_run->debug.arch.dr7 = svm->vmcb->save.dr7;
1946 kvm_run->debug.arch.pc =
1947 svm->vmcb->save.cs.base + svm->vmcb->save.rip;
1948 kvm_run->debug.arch.exception = DB_VECTOR;
1949 return 0;
1950 }
1951
1952 return 1;
1953}
1954
1955static int bp_interception(struct kvm_vcpu *vcpu)
1956{
1957 struct vcpu_svm *svm = to_svm(vcpu);
1958 struct kvm_run *kvm_run = vcpu->run;
1959
1960 kvm_run->exit_reason = KVM_EXIT_DEBUG;
1961 kvm_run->debug.arch.pc = svm->vmcb->save.cs.base + svm->vmcb->save.rip;
1962 kvm_run->debug.arch.exception = BP_VECTOR;
1963 return 0;
1964}
1965
1966static int ud_interception(struct kvm_vcpu *vcpu)
1967{
1968 return handle_ud(vcpu);
1969}
1970
1971static int ac_interception(struct kvm_vcpu *vcpu)
1972{
1973 kvm_queue_exception_e(vcpu, AC_VECTOR, 0);
1974 return 1;
1975}
1976
1977static bool is_erratum_383(void)
1978{
1979 int err, i;
1980 u64 value;
1981
1982 if (!erratum_383_found)
1983 return false;
1984
1985 value = native_read_msr_safe(MSR_IA32_MC0_STATUS, &err);
1986 if (err)
1987 return false;
1988
1989
1990 value &= ~(1ULL << 62);
1991
1992 if (value != 0xb600000000010015ULL)
1993 return false;
1994
1995
1996 for (i = 0; i < 6; ++i)
1997 native_write_msr_safe(MSR_IA32_MCx_STATUS(i), 0, 0);
1998
1999 value = native_read_msr_safe(MSR_IA32_MCG_STATUS, &err);
2000 if (!err) {
2001 u32 low, high;
2002
2003 value &= ~(1ULL << 2);
2004 low = lower_32_bits(value);
2005 high = upper_32_bits(value);
2006
2007 native_write_msr_safe(MSR_IA32_MCG_STATUS, low, high);
2008 }
2009
2010
2011 __flush_tlb_all();
2012
2013 return true;
2014}
2015
2016static void svm_handle_mce(struct kvm_vcpu *vcpu)
2017{
2018 if (is_erratum_383()) {
2019
2020
2021
2022
2023 pr_err("KVM: Guest triggered AMD Erratum 383\n");
2024
2025 kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
2026
2027 return;
2028 }
2029
2030
2031
2032
2033
2034 kvm_machine_check();
2035}
2036
2037static int mc_interception(struct kvm_vcpu *vcpu)
2038{
2039 return 1;
2040}
2041
2042static int shutdown_interception(struct kvm_vcpu *vcpu)
2043{
2044 struct kvm_run *kvm_run = vcpu->run;
2045 struct vcpu_svm *svm = to_svm(vcpu);
2046
2047
2048
2049
2050
2051 if (sev_es_guest(vcpu->kvm))
2052 return -EINVAL;
2053
2054
2055
2056
2057
2058 clear_page(svm->vmcb);
2059 init_vmcb(vcpu);
2060
2061 kvm_run->exit_reason = KVM_EXIT_SHUTDOWN;
2062 return 0;
2063}
2064
2065static int io_interception(struct kvm_vcpu *vcpu)
2066{
2067 struct vcpu_svm *svm = to_svm(vcpu);
2068 u32 io_info = svm->vmcb->control.exit_info_1;
2069 int size, in, string;
2070 unsigned port;
2071
2072 ++vcpu->stat.io_exits;
2073 string = (io_info & SVM_IOIO_STR_MASK) != 0;
2074 in = (io_info & SVM_IOIO_TYPE_MASK) != 0;
2075 port = io_info >> 16;
2076 size = (io_info & SVM_IOIO_SIZE_MASK) >> SVM_IOIO_SIZE_SHIFT;
2077
2078 if (string) {
2079 if (sev_es_guest(vcpu->kvm))
2080 return sev_es_string_io(svm, size, port, in);
2081 else
2082 return kvm_emulate_instruction(vcpu, 0);
2083 }
2084
2085 svm->next_rip = svm->vmcb->control.exit_info_2;
2086
2087 return kvm_fast_pio(vcpu, size, port, in);
2088}
2089
2090static int nmi_interception(struct kvm_vcpu *vcpu)
2091{
2092 return 1;
2093}
2094
2095static int smi_interception(struct kvm_vcpu *vcpu)
2096{
2097 return 1;
2098}
2099
2100static int intr_interception(struct kvm_vcpu *vcpu)
2101{
2102 ++vcpu->stat.irq_exits;
2103 return 1;
2104}
2105
2106static int vmload_vmsave_interception(struct kvm_vcpu *vcpu, bool vmload)
2107{
2108 struct vcpu_svm *svm = to_svm(vcpu);
2109 struct vmcb *vmcb12;
2110 struct kvm_host_map map;
2111 int ret;
2112
2113 if (nested_svm_check_permissions(vcpu))
2114 return 1;
2115
2116 ret = kvm_vcpu_map(vcpu, gpa_to_gfn(svm->vmcb->save.rax), &map);
2117 if (ret) {
2118 if (ret == -EINVAL)
2119 kvm_inject_gp(vcpu, 0);
2120 return 1;
2121 }
2122
2123 vmcb12 = map.hva;
2124
2125 ret = kvm_skip_emulated_instruction(vcpu);
2126
2127 if (vmload) {
2128 nested_svm_vmloadsave(vmcb12, svm->vmcb);
2129 svm->sysenter_eip_hi = 0;
2130 svm->sysenter_esp_hi = 0;
2131 } else
2132 nested_svm_vmloadsave(svm->vmcb, vmcb12);
2133
2134 kvm_vcpu_unmap(vcpu, &map, true);
2135
2136 return ret;
2137}
2138
2139static int vmload_interception(struct kvm_vcpu *vcpu)
2140{
2141 return vmload_vmsave_interception(vcpu, true);
2142}
2143
2144static int vmsave_interception(struct kvm_vcpu *vcpu)
2145{
2146 return vmload_vmsave_interception(vcpu, false);
2147}
2148
2149static int vmrun_interception(struct kvm_vcpu *vcpu)
2150{
2151 if (nested_svm_check_permissions(vcpu))
2152 return 1;
2153
2154 return nested_svm_vmrun(vcpu);
2155}
2156
2157enum {
2158 NONE_SVM_INSTR,
2159 SVM_INSTR_VMRUN,
2160 SVM_INSTR_VMLOAD,
2161 SVM_INSTR_VMSAVE,
2162};
2163
2164
2165static int svm_instr_opcode(struct kvm_vcpu *vcpu)
2166{
2167 struct x86_emulate_ctxt *ctxt = vcpu->arch.emulate_ctxt;
2168
2169 if (ctxt->b != 0x1 || ctxt->opcode_len != 2)
2170 return NONE_SVM_INSTR;
2171
2172 switch (ctxt->modrm) {
2173 case 0xd8:
2174 return SVM_INSTR_VMRUN;
2175 case 0xda:
2176 return SVM_INSTR_VMLOAD;
2177 case 0xdb:
2178 return SVM_INSTR_VMSAVE;
2179 default:
2180 break;
2181 }
2182
2183 return NONE_SVM_INSTR;
2184}
2185
2186static int emulate_svm_instr(struct kvm_vcpu *vcpu, int opcode)
2187{
2188 const int guest_mode_exit_codes[] = {
2189 [SVM_INSTR_VMRUN] = SVM_EXIT_VMRUN,
2190 [SVM_INSTR_VMLOAD] = SVM_EXIT_VMLOAD,
2191 [SVM_INSTR_VMSAVE] = SVM_EXIT_VMSAVE,
2192 };
2193 int (*const svm_instr_handlers[])(struct kvm_vcpu *vcpu) = {
2194 [SVM_INSTR_VMRUN] = vmrun_interception,
2195 [SVM_INSTR_VMLOAD] = vmload_interception,
2196 [SVM_INSTR_VMSAVE] = vmsave_interception,
2197 };
2198 struct vcpu_svm *svm = to_svm(vcpu);
2199 int ret;
2200
2201 if (is_guest_mode(vcpu)) {
2202
2203 ret = nested_svm_simple_vmexit(svm, guest_mode_exit_codes[opcode]);
2204 if (ret)
2205 return ret;
2206 return 1;
2207 }
2208 return svm_instr_handlers[opcode](vcpu);
2209}
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219static int gp_interception(struct kvm_vcpu *vcpu)
2220{
2221 struct vcpu_svm *svm = to_svm(vcpu);
2222 u32 error_code = svm->vmcb->control.exit_info_1;
2223 int opcode;
2224
2225
2226 if (error_code)
2227 goto reinject;
2228
2229
2230 if (x86_decode_emulated_instruction(vcpu, 0, NULL, 0) != EMULATION_OK)
2231 goto reinject;
2232
2233 opcode = svm_instr_opcode(vcpu);
2234
2235 if (opcode == NONE_SVM_INSTR) {
2236 if (!enable_vmware_backdoor)
2237 goto reinject;
2238
2239
2240
2241
2242
2243 if (!is_guest_mode(vcpu))
2244 return kvm_emulate_instruction(vcpu,
2245 EMULTYPE_VMWARE_GP | EMULTYPE_NO_DECODE);
2246 } else
2247 return emulate_svm_instr(vcpu, opcode);
2248
2249reinject:
2250 kvm_queue_exception_e(vcpu, GP_VECTOR, error_code);
2251 return 1;
2252}
2253
2254void svm_set_gif(struct vcpu_svm *svm, bool value)
2255{
2256 if (value) {
2257
2258
2259
2260
2261
2262
2263 if (vgif_enabled(svm))
2264 svm_clr_intercept(svm, INTERCEPT_STGI);
2265 if (svm_is_intercept(svm, INTERCEPT_VINTR))
2266 svm_clear_vintr(svm);
2267
2268 enable_gif(svm);
2269 if (svm->vcpu.arch.smi_pending ||
2270 svm->vcpu.arch.nmi_pending ||
2271 kvm_cpu_has_injectable_intr(&svm->vcpu))
2272 kvm_make_request(KVM_REQ_EVENT, &svm->vcpu);
2273 } else {
2274 disable_gif(svm);
2275
2276
2277
2278
2279
2280
2281 if (!vgif_enabled(svm))
2282 svm_clear_vintr(svm);
2283 }
2284}
2285
2286static int stgi_interception(struct kvm_vcpu *vcpu)
2287{
2288 int ret;
2289
2290 if (nested_svm_check_permissions(vcpu))
2291 return 1;
2292
2293 ret = kvm_skip_emulated_instruction(vcpu);
2294 svm_set_gif(to_svm(vcpu), true);
2295 return ret;
2296}
2297
2298static int clgi_interception(struct kvm_vcpu *vcpu)
2299{
2300 int ret;
2301
2302 if (nested_svm_check_permissions(vcpu))
2303 return 1;
2304
2305 ret = kvm_skip_emulated_instruction(vcpu);
2306 svm_set_gif(to_svm(vcpu), false);
2307 return ret;
2308}
2309
2310static int invlpga_interception(struct kvm_vcpu *vcpu)
2311{
2312 gva_t gva = kvm_rax_read(vcpu);
2313 u32 asid = kvm_rcx_read(vcpu);
2314
2315
2316 if (!is_long_mode(vcpu))
2317 gva = (u32)gva;
2318
2319 trace_kvm_invlpga(to_svm(vcpu)->vmcb->save.rip, asid, gva);
2320
2321
2322 kvm_mmu_invlpg(vcpu, gva);
2323
2324 return kvm_skip_emulated_instruction(vcpu);
2325}
2326
2327static int skinit_interception(struct kvm_vcpu *vcpu)
2328{
2329 trace_kvm_skinit(to_svm(vcpu)->vmcb->save.rip, kvm_rax_read(vcpu));
2330
2331 kvm_queue_exception(vcpu, UD_VECTOR);
2332 return 1;
2333}
2334
2335static int task_switch_interception(struct kvm_vcpu *vcpu)
2336{
2337 struct vcpu_svm *svm = to_svm(vcpu);
2338 u16 tss_selector;
2339 int reason;
2340 int int_type = svm->vmcb->control.exit_int_info &
2341 SVM_EXITINTINFO_TYPE_MASK;
2342 int int_vec = svm->vmcb->control.exit_int_info & SVM_EVTINJ_VEC_MASK;
2343 uint32_t type =
2344 svm->vmcb->control.exit_int_info & SVM_EXITINTINFO_TYPE_MASK;
2345 uint32_t idt_v =
2346 svm->vmcb->control.exit_int_info & SVM_EXITINTINFO_VALID;
2347 bool has_error_code = false;
2348 u32 error_code = 0;
2349
2350 tss_selector = (u16)svm->vmcb->control.exit_info_1;
2351
2352 if (svm->vmcb->control.exit_info_2 &
2353 (1ULL << SVM_EXITINFOSHIFT_TS_REASON_IRET))
2354 reason = TASK_SWITCH_IRET;
2355 else if (svm->vmcb->control.exit_info_2 &
2356 (1ULL << SVM_EXITINFOSHIFT_TS_REASON_JMP))
2357 reason = TASK_SWITCH_JMP;
2358 else if (idt_v)
2359 reason = TASK_SWITCH_GATE;
2360 else
2361 reason = TASK_SWITCH_CALL;
2362
2363 if (reason == TASK_SWITCH_GATE) {
2364 switch (type) {
2365 case SVM_EXITINTINFO_TYPE_NMI:
2366 vcpu->arch.nmi_injected = false;
2367 break;
2368 case SVM_EXITINTINFO_TYPE_EXEPT:
2369 if (svm->vmcb->control.exit_info_2 &
2370 (1ULL << SVM_EXITINFOSHIFT_TS_HAS_ERROR_CODE)) {
2371 has_error_code = true;
2372 error_code =
2373 (u32)svm->vmcb->control.exit_info_2;
2374 }
2375 kvm_clear_exception_queue(vcpu);
2376 break;
2377 case SVM_EXITINTINFO_TYPE_INTR:
2378 kvm_clear_interrupt_queue(vcpu);
2379 break;
2380 default:
2381 break;
2382 }
2383 }
2384
2385 if (reason != TASK_SWITCH_GATE ||
2386 int_type == SVM_EXITINTINFO_TYPE_SOFT ||
2387 (int_type == SVM_EXITINTINFO_TYPE_EXEPT &&
2388 (int_vec == OF_VECTOR || int_vec == BP_VECTOR))) {
2389 if (!skip_emulated_instruction(vcpu))
2390 return 0;
2391 }
2392
2393 if (int_type != SVM_EXITINTINFO_TYPE_SOFT)
2394 int_vec = -1;
2395
2396 return kvm_task_switch(vcpu, tss_selector, int_vec, reason,
2397 has_error_code, error_code);
2398}
2399
2400static int iret_interception(struct kvm_vcpu *vcpu)
2401{
2402 struct vcpu_svm *svm = to_svm(vcpu);
2403
2404 ++vcpu->stat.nmi_window_exits;
2405 vcpu->arch.hflags |= HF_IRET_MASK;
2406 if (!sev_es_guest(vcpu->kvm)) {
2407 svm_clr_intercept(svm, INTERCEPT_IRET);
2408 svm->nmi_iret_rip = kvm_rip_read(vcpu);
2409 }
2410 kvm_make_request(KVM_REQ_EVENT, vcpu);
2411 return 1;
2412}
2413
2414static int invlpg_interception(struct kvm_vcpu *vcpu)
2415{
2416 if (!static_cpu_has(X86_FEATURE_DECODEASSISTS))
2417 return kvm_emulate_instruction(vcpu, 0);
2418
2419 kvm_mmu_invlpg(vcpu, to_svm(vcpu)->vmcb->control.exit_info_1);
2420 return kvm_skip_emulated_instruction(vcpu);
2421}
2422
2423static int emulate_on_interception(struct kvm_vcpu *vcpu)
2424{
2425 return kvm_emulate_instruction(vcpu, 0);
2426}
2427
2428static int rsm_interception(struct kvm_vcpu *vcpu)
2429{
2430 return kvm_emulate_instruction_from_buffer(vcpu, rsm_ins_bytes, 2);
2431}
2432
2433static bool check_selective_cr0_intercepted(struct kvm_vcpu *vcpu,
2434 unsigned long val)
2435{
2436 struct vcpu_svm *svm = to_svm(vcpu);
2437 unsigned long cr0 = vcpu->arch.cr0;
2438 bool ret = false;
2439
2440 if (!is_guest_mode(vcpu) ||
2441 (!(vmcb_is_intercept(&svm->nested.ctl, INTERCEPT_SELECTIVE_CR0))))
2442 return false;
2443
2444 cr0 &= ~SVM_CR0_SELECTIVE_MASK;
2445 val &= ~SVM_CR0_SELECTIVE_MASK;
2446
2447 if (cr0 ^ val) {
2448 svm->vmcb->control.exit_code = SVM_EXIT_CR0_SEL_WRITE;
2449 ret = (nested_svm_exit_handled(svm) == NESTED_EXIT_DONE);
2450 }
2451
2452 return ret;
2453}
2454
2455#define CR_VALID (1ULL << 63)
2456
2457static int cr_interception(struct kvm_vcpu *vcpu)
2458{
2459 struct vcpu_svm *svm = to_svm(vcpu);
2460 int reg, cr;
2461 unsigned long val;
2462 int err;
2463
2464 if (!static_cpu_has(X86_FEATURE_DECODEASSISTS))
2465 return emulate_on_interception(vcpu);
2466
2467 if (unlikely((svm->vmcb->control.exit_info_1 & CR_VALID) == 0))
2468 return emulate_on_interception(vcpu);
2469
2470 reg = svm->vmcb->control.exit_info_1 & SVM_EXITINFO_REG_MASK;
2471 if (svm->vmcb->control.exit_code == SVM_EXIT_CR0_SEL_WRITE)
2472 cr = SVM_EXIT_WRITE_CR0 - SVM_EXIT_READ_CR0;
2473 else
2474 cr = svm->vmcb->control.exit_code - SVM_EXIT_READ_CR0;
2475
2476 err = 0;
2477 if (cr >= 16) {
2478 cr -= 16;
2479 val = kvm_register_read(vcpu, reg);
2480 trace_kvm_cr_write(cr, val);
2481 switch (cr) {
2482 case 0:
2483 if (!check_selective_cr0_intercepted(vcpu, val))
2484 err = kvm_set_cr0(vcpu, val);
2485 else
2486 return 1;
2487
2488 break;
2489 case 3:
2490 err = kvm_set_cr3(vcpu, val);
2491 break;
2492 case 4:
2493 err = kvm_set_cr4(vcpu, val);
2494 break;
2495 case 8:
2496 err = kvm_set_cr8(vcpu, val);
2497 break;
2498 default:
2499 WARN(1, "unhandled write to CR%d", cr);
2500 kvm_queue_exception(vcpu, UD_VECTOR);
2501 return 1;
2502 }
2503 } else {
2504 switch (cr) {
2505 case 0:
2506 val = kvm_read_cr0(vcpu);
2507 break;
2508 case 2:
2509 val = vcpu->arch.cr2;
2510 break;
2511 case 3:
2512 val = kvm_read_cr3(vcpu);
2513 break;
2514 case 4:
2515 val = kvm_read_cr4(vcpu);
2516 break;
2517 case 8:
2518 val = kvm_get_cr8(vcpu);
2519 break;
2520 default:
2521 WARN(1, "unhandled read from CR%d", cr);
2522 kvm_queue_exception(vcpu, UD_VECTOR);
2523 return 1;
2524 }
2525 kvm_register_write(vcpu, reg, val);
2526 trace_kvm_cr_read(cr, val);
2527 }
2528 return kvm_complete_insn_gp(vcpu, err);
2529}
2530
2531static int cr_trap(struct kvm_vcpu *vcpu)
2532{
2533 struct vcpu_svm *svm = to_svm(vcpu);
2534 unsigned long old_value, new_value;
2535 unsigned int cr;
2536 int ret = 0;
2537
2538 new_value = (unsigned long)svm->vmcb->control.exit_info_1;
2539
2540 cr = svm->vmcb->control.exit_code - SVM_EXIT_CR0_WRITE_TRAP;
2541 switch (cr) {
2542 case 0:
2543 old_value = kvm_read_cr0(vcpu);
2544 svm_set_cr0(vcpu, new_value);
2545
2546 kvm_post_set_cr0(vcpu, old_value, new_value);
2547 break;
2548 case 4:
2549 old_value = kvm_read_cr4(vcpu);
2550 svm_set_cr4(vcpu, new_value);
2551
2552 kvm_post_set_cr4(vcpu, old_value, new_value);
2553 break;
2554 case 8:
2555 ret = kvm_set_cr8(vcpu, new_value);
2556 break;
2557 default:
2558 WARN(1, "unhandled CR%d write trap", cr);
2559 kvm_queue_exception(vcpu, UD_VECTOR);
2560 return 1;
2561 }
2562
2563 return kvm_complete_insn_gp(vcpu, ret);
2564}
2565
2566static int dr_interception(struct kvm_vcpu *vcpu)
2567{
2568 struct vcpu_svm *svm = to_svm(vcpu);
2569 int reg, dr;
2570 unsigned long val;
2571 int err = 0;
2572
2573 if (vcpu->guest_debug == 0) {
2574
2575
2576
2577
2578
2579 clr_dr_intercepts(svm);
2580 vcpu->arch.switch_db_regs |= KVM_DEBUGREG_WONT_EXIT;
2581 return 1;
2582 }
2583
2584 if (!boot_cpu_has(X86_FEATURE_DECODEASSISTS))
2585 return emulate_on_interception(vcpu);
2586
2587 reg = svm->vmcb->control.exit_info_1 & SVM_EXITINFO_REG_MASK;
2588 dr = svm->vmcb->control.exit_code - SVM_EXIT_READ_DR0;
2589 if (dr >= 16) {
2590 dr -= 16;
2591 val = kvm_register_read(vcpu, reg);
2592 err = kvm_set_dr(vcpu, dr, val);
2593 } else {
2594 kvm_get_dr(vcpu, dr, &val);
2595 kvm_register_write(vcpu, reg, val);
2596 }
2597
2598 return kvm_complete_insn_gp(vcpu, err);
2599}
2600
2601static int cr8_write_interception(struct kvm_vcpu *vcpu)
2602{
2603 int r;
2604
2605 u8 cr8_prev = kvm_get_cr8(vcpu);
2606
2607 r = cr_interception(vcpu);
2608 if (lapic_in_kernel(vcpu))
2609 return r;
2610 if (cr8_prev <= kvm_get_cr8(vcpu))
2611 return r;
2612 vcpu->run->exit_reason = KVM_EXIT_SET_TPR;
2613 return 0;
2614}
2615
2616static int efer_trap(struct kvm_vcpu *vcpu)
2617{
2618 struct msr_data msr_info;
2619 int ret;
2620
2621
2622
2623
2624
2625
2626
2627 msr_info.host_initiated = false;
2628 msr_info.index = MSR_EFER;
2629 msr_info.data = to_svm(vcpu)->vmcb->control.exit_info_1 & ~EFER_SVME;
2630 ret = kvm_set_msr_common(vcpu, &msr_info);
2631
2632 return kvm_complete_insn_gp(vcpu, ret);
2633}
2634
2635static int svm_get_msr_feature(struct kvm_msr_entry *msr)
2636{
2637 msr->data = 0;
2638
2639 switch (msr->index) {
2640 case MSR_F10H_DECFG:
2641 if (boot_cpu_has(X86_FEATURE_LFENCE_RDTSC))
2642 msr->data |= MSR_F10H_DECFG_LFENCE_SERIALIZE;
2643 break;
2644 case MSR_IA32_PERF_CAPABILITIES:
2645 return 0;
2646 default:
2647 return KVM_MSR_RET_INVALID;
2648 }
2649
2650 return 0;
2651}
2652
2653static int svm_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
2654{
2655 struct vcpu_svm *svm = to_svm(vcpu);
2656
2657 switch (msr_info->index) {
2658 case MSR_STAR:
2659 msr_info->data = svm->vmcb01.ptr->save.star;
2660 break;
2661#ifdef CONFIG_X86_64
2662 case MSR_LSTAR:
2663 msr_info->data = svm->vmcb01.ptr->save.lstar;
2664 break;
2665 case MSR_CSTAR:
2666 msr_info->data = svm->vmcb01.ptr->save.cstar;
2667 break;
2668 case MSR_KERNEL_GS_BASE:
2669 msr_info->data = svm->vmcb01.ptr->save.kernel_gs_base;
2670 break;
2671 case MSR_SYSCALL_MASK:
2672 msr_info->data = svm->vmcb01.ptr->save.sfmask;
2673 break;
2674#endif
2675 case MSR_IA32_SYSENTER_CS:
2676 msr_info->data = svm->vmcb01.ptr->save.sysenter_cs;
2677 break;
2678 case MSR_IA32_SYSENTER_EIP:
2679 msr_info->data = (u32)svm->vmcb01.ptr->save.sysenter_eip;
2680 if (guest_cpuid_is_intel(vcpu))
2681 msr_info->data |= (u64)svm->sysenter_eip_hi << 32;
2682 break;
2683 case MSR_IA32_SYSENTER_ESP:
2684 msr_info->data = svm->vmcb01.ptr->save.sysenter_esp;
2685 if (guest_cpuid_is_intel(vcpu))
2686 msr_info->data |= (u64)svm->sysenter_esp_hi << 32;
2687 break;
2688 case MSR_TSC_AUX:
2689 if (tsc_aux_uret_slot < 0)
2690 return 1;
2691 if (!msr_info->host_initiated &&
2692 !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP))
2693 return 1;
2694 msr_info->data = svm->tsc_aux;
2695 break;
2696
2697
2698
2699
2700
2701 case MSR_IA32_DEBUGCTLMSR:
2702 msr_info->data = svm->vmcb->save.dbgctl;
2703 break;
2704 case MSR_IA32_LASTBRANCHFROMIP:
2705 msr_info->data = svm->vmcb->save.br_from;
2706 break;
2707 case MSR_IA32_LASTBRANCHTOIP:
2708 msr_info->data = svm->vmcb->save.br_to;
2709 break;
2710 case MSR_IA32_LASTINTFROMIP:
2711 msr_info->data = svm->vmcb->save.last_excp_from;
2712 break;
2713 case MSR_IA32_LASTINTTOIP:
2714 msr_info->data = svm->vmcb->save.last_excp_to;
2715 break;
2716 case MSR_VM_HSAVE_PA:
2717 msr_info->data = svm->nested.hsave_msr;
2718 break;
2719 case MSR_VM_CR:
2720 msr_info->data = svm->nested.vm_cr_msr;
2721 break;
2722 case MSR_IA32_SPEC_CTRL:
2723 if (!msr_info->host_initiated &&
2724 !guest_has_spec_ctrl_msr(vcpu))
2725 return 1;
2726
2727 if (boot_cpu_has(X86_FEATURE_V_SPEC_CTRL))
2728 msr_info->data = svm->vmcb->save.spec_ctrl;
2729 else
2730 msr_info->data = svm->spec_ctrl;
2731 break;
2732 case MSR_AMD64_VIRT_SPEC_CTRL:
2733 if (!msr_info->host_initiated &&
2734 !guest_cpuid_has(vcpu, X86_FEATURE_VIRT_SSBD))
2735 return 1;
2736
2737 msr_info->data = svm->virt_spec_ctrl;
2738 break;
2739 case MSR_F15H_IC_CFG: {
2740
2741 int family, model;
2742
2743 family = guest_cpuid_family(vcpu);
2744 model = guest_cpuid_model(vcpu);
2745
2746 if (family < 0 || model < 0)
2747 return kvm_get_msr_common(vcpu, msr_info);
2748
2749 msr_info->data = 0;
2750
2751 if (family == 0x15 &&
2752 (model >= 0x2 && model < 0x20))
2753 msr_info->data = 0x1E;
2754 }
2755 break;
2756 case MSR_F10H_DECFG:
2757 msr_info->data = svm->msr_decfg;
2758 break;
2759 default:
2760 return kvm_get_msr_common(vcpu, msr_info);
2761 }
2762 return 0;
2763}
2764
2765static int svm_complete_emulated_msr(struct kvm_vcpu *vcpu, int err)
2766{
2767 struct vcpu_svm *svm = to_svm(vcpu);
2768 if (!err || !sev_es_guest(vcpu->kvm) || WARN_ON_ONCE(!svm->ghcb))
2769 return kvm_complete_insn_gp(vcpu, err);
2770
2771 ghcb_set_sw_exit_info_1(svm->ghcb, 1);
2772 ghcb_set_sw_exit_info_2(svm->ghcb,
2773 X86_TRAP_GP |
2774 SVM_EVTINJ_TYPE_EXEPT |
2775 SVM_EVTINJ_VALID);
2776 return 1;
2777}
2778
2779static int svm_set_vm_cr(struct kvm_vcpu *vcpu, u64 data)
2780{
2781 struct vcpu_svm *svm = to_svm(vcpu);
2782 int svm_dis, chg_mask;
2783
2784 if (data & ~SVM_VM_CR_VALID_MASK)
2785 return 1;
2786
2787 chg_mask = SVM_VM_CR_VALID_MASK;
2788
2789 if (svm->nested.vm_cr_msr & SVM_VM_CR_SVM_DIS_MASK)
2790 chg_mask &= ~(SVM_VM_CR_SVM_LOCK_MASK | SVM_VM_CR_SVM_DIS_MASK);
2791
2792 svm->nested.vm_cr_msr &= ~chg_mask;
2793 svm->nested.vm_cr_msr |= (data & chg_mask);
2794
2795 svm_dis = svm->nested.vm_cr_msr & SVM_VM_CR_SVM_DIS_MASK;
2796
2797
2798 if (svm_dis && (vcpu->arch.efer & EFER_SVME))
2799 return 1;
2800
2801 return 0;
2802}
2803
2804static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr)
2805{
2806 struct vcpu_svm *svm = to_svm(vcpu);
2807 int r;
2808
2809 u32 ecx = msr->index;
2810 u64 data = msr->data;
2811 switch (ecx) {
2812 case MSR_IA32_CR_PAT:
2813 if (!kvm_mtrr_valid(vcpu, MSR_IA32_CR_PAT, data))
2814 return 1;
2815 vcpu->arch.pat = data;
2816 svm->vmcb01.ptr->save.g_pat = data;
2817 if (is_guest_mode(vcpu))
2818 nested_vmcb02_compute_g_pat(svm);
2819 vmcb_mark_dirty(svm->vmcb, VMCB_NPT);
2820 break;
2821 case MSR_IA32_SPEC_CTRL:
2822 if (!msr->host_initiated &&
2823 !guest_has_spec_ctrl_msr(vcpu))
2824 return 1;
2825
2826 if (kvm_spec_ctrl_test_value(data))
2827 return 1;
2828
2829 if (boot_cpu_has(X86_FEATURE_V_SPEC_CTRL))
2830 svm->vmcb->save.spec_ctrl = data;
2831 else
2832 svm->spec_ctrl = data;
2833 if (!data)
2834 break;
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SPEC_CTRL, 1, 1);
2848 break;
2849 case MSR_IA32_PRED_CMD:
2850 if (!msr->host_initiated &&
2851 !guest_has_pred_cmd_msr(vcpu))
2852 return 1;
2853
2854 if (data & ~PRED_CMD_IBPB)
2855 return 1;
2856 if (!boot_cpu_has(X86_FEATURE_IBPB))
2857 return 1;
2858 if (!data)
2859 break;
2860
2861 wrmsrl(MSR_IA32_PRED_CMD, PRED_CMD_IBPB);
2862 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_PRED_CMD, 0, 1);
2863 break;
2864 case MSR_AMD64_VIRT_SPEC_CTRL:
2865 if (!msr->host_initiated &&
2866 !guest_cpuid_has(vcpu, X86_FEATURE_VIRT_SSBD))
2867 return 1;
2868
2869 if (data & ~SPEC_CTRL_SSBD)
2870 return 1;
2871
2872 svm->virt_spec_ctrl = data;
2873 break;
2874 case MSR_STAR:
2875 svm->vmcb01.ptr->save.star = data;
2876 break;
2877#ifdef CONFIG_X86_64
2878 case MSR_LSTAR:
2879 svm->vmcb01.ptr->save.lstar = data;
2880 break;
2881 case MSR_CSTAR:
2882 svm->vmcb01.ptr->save.cstar = data;
2883 break;
2884 case MSR_KERNEL_GS_BASE:
2885 svm->vmcb01.ptr->save.kernel_gs_base = data;
2886 break;
2887 case MSR_SYSCALL_MASK:
2888 svm->vmcb01.ptr->save.sfmask = data;
2889 break;
2890#endif
2891 case MSR_IA32_SYSENTER_CS:
2892 svm->vmcb01.ptr->save.sysenter_cs = data;
2893 break;
2894 case MSR_IA32_SYSENTER_EIP:
2895 svm->vmcb01.ptr->save.sysenter_eip = (u32)data;
2896
2897
2898
2899
2900
2901
2902
2903 svm->sysenter_eip_hi = guest_cpuid_is_intel(vcpu) ? (data >> 32) : 0;
2904 break;
2905 case MSR_IA32_SYSENTER_ESP:
2906 svm->vmcb01.ptr->save.sysenter_esp = (u32)data;
2907 svm->sysenter_esp_hi = guest_cpuid_is_intel(vcpu) ? (data >> 32) : 0;
2908 break;
2909 case MSR_TSC_AUX:
2910 if (tsc_aux_uret_slot < 0)
2911 return 1;
2912
2913 if (!msr->host_initiated &&
2914 !guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP))
2915 return 1;
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925 data = (u32)data;
2926
2927
2928
2929
2930
2931
2932 preempt_disable();
2933 r = kvm_set_user_return_msr(tsc_aux_uret_slot, data, -1ull);
2934 preempt_enable();
2935 if (r)
2936 return 1;
2937
2938 svm->tsc_aux = data;
2939 break;
2940 case MSR_IA32_DEBUGCTLMSR:
2941 if (!boot_cpu_has(X86_FEATURE_LBRV)) {
2942 vcpu_unimpl(vcpu, "%s: MSR_IA32_DEBUGCTL 0x%llx, nop\n",
2943 __func__, data);
2944 break;
2945 }
2946 if (data & DEBUGCTL_RESERVED_BITS)
2947 return 1;
2948
2949 svm->vmcb->save.dbgctl = data;
2950 vmcb_mark_dirty(svm->vmcb, VMCB_LBR);
2951 if (data & (1ULL<<0))
2952 svm_enable_lbrv(vcpu);
2953 else
2954 svm_disable_lbrv(vcpu);
2955 break;
2956 case MSR_VM_HSAVE_PA:
2957
2958
2959
2960
2961
2962
2963 if (!msr->host_initiated && !page_address_valid(vcpu, data))
2964 return 1;
2965
2966 svm->nested.hsave_msr = data & PAGE_MASK;
2967 break;
2968 case MSR_VM_CR:
2969 return svm_set_vm_cr(vcpu, data);
2970 case MSR_VM_IGNNE:
2971 vcpu_unimpl(vcpu, "unimplemented wrmsr: 0x%x data 0x%llx\n", ecx, data);
2972 break;
2973 case MSR_F10H_DECFG: {
2974 struct kvm_msr_entry msr_entry;
2975
2976 msr_entry.index = msr->index;
2977 if (svm_get_msr_feature(&msr_entry))
2978 return 1;
2979
2980
2981 if (data & ~msr_entry.data)
2982 return 1;
2983
2984
2985 if (!msr->host_initiated && (data ^ msr_entry.data))
2986 return 1;
2987
2988 svm->msr_decfg = data;
2989 break;
2990 }
2991 case MSR_IA32_APICBASE:
2992 if (kvm_vcpu_apicv_active(vcpu))
2993 avic_update_vapic_bar(to_svm(vcpu), data);
2994
2995 default:
2996 return kvm_set_msr_common(vcpu, msr);
2997 }
2998 return 0;
2999}
3000
3001static int msr_interception(struct kvm_vcpu *vcpu)
3002{
3003 if (to_svm(vcpu)->vmcb->control.exit_info_1)
3004 return kvm_emulate_wrmsr(vcpu);
3005 else
3006 return kvm_emulate_rdmsr(vcpu);
3007}
3008
3009static int interrupt_window_interception(struct kvm_vcpu *vcpu)
3010{
3011 kvm_make_request(KVM_REQ_EVENT, vcpu);
3012 svm_clear_vintr(to_svm(vcpu));
3013
3014
3015
3016
3017
3018
3019 svm_toggle_avic_for_irq_window(vcpu, true);
3020
3021 ++vcpu->stat.irq_window_exits;
3022 return 1;
3023}
3024
3025static int pause_interception(struct kvm_vcpu *vcpu)
3026{
3027 bool in_kernel;
3028
3029
3030
3031
3032
3033
3034 in_kernel = !sev_es_guest(vcpu->kvm) && svm_get_cpl(vcpu) == 0;
3035
3036 if (!kvm_pause_in_guest(vcpu->kvm))
3037 grow_ple_window(vcpu);
3038
3039 kvm_vcpu_on_spin(vcpu, in_kernel);
3040 return kvm_skip_emulated_instruction(vcpu);
3041}
3042
3043static int invpcid_interception(struct kvm_vcpu *vcpu)
3044{
3045 struct vcpu_svm *svm = to_svm(vcpu);
3046 unsigned long type;
3047 gva_t gva;
3048
3049 if (!guest_cpuid_has(vcpu, X86_FEATURE_INVPCID)) {
3050 kvm_queue_exception(vcpu, UD_VECTOR);
3051 return 1;
3052 }
3053
3054
3055
3056
3057
3058
3059 type = svm->vmcb->control.exit_info_2;
3060 gva = svm->vmcb->control.exit_info_1;
3061
3062 if (type > 3) {
3063 kvm_inject_gp(vcpu, 0);
3064 return 1;
3065 }
3066
3067 return kvm_handle_invpcid(vcpu, type, gva);
3068}
3069
3070static int (*const svm_exit_handlers[])(struct kvm_vcpu *vcpu) = {
3071 [SVM_EXIT_READ_CR0] = cr_interception,
3072 [SVM_EXIT_READ_CR3] = cr_interception,
3073 [SVM_EXIT_READ_CR4] = cr_interception,
3074 [SVM_EXIT_READ_CR8] = cr_interception,
3075 [SVM_EXIT_CR0_SEL_WRITE] = cr_interception,
3076 [SVM_EXIT_WRITE_CR0] = cr_interception,
3077 [SVM_EXIT_WRITE_CR3] = cr_interception,
3078 [SVM_EXIT_WRITE_CR4] = cr_interception,
3079 [SVM_EXIT_WRITE_CR8] = cr8_write_interception,
3080 [SVM_EXIT_READ_DR0] = dr_interception,
3081 [SVM_EXIT_READ_DR1] = dr_interception,
3082 [SVM_EXIT_READ_DR2] = dr_interception,
3083 [SVM_EXIT_READ_DR3] = dr_interception,
3084 [SVM_EXIT_READ_DR4] = dr_interception,
3085 [SVM_EXIT_READ_DR5] = dr_interception,
3086 [SVM_EXIT_READ_DR6] = dr_interception,
3087 [SVM_EXIT_READ_DR7] = dr_interception,
3088 [SVM_EXIT_WRITE_DR0] = dr_interception,
3089 [SVM_EXIT_WRITE_DR1] = dr_interception,
3090 [SVM_EXIT_WRITE_DR2] = dr_interception,
3091 [SVM_EXIT_WRITE_DR3] = dr_interception,
3092 [SVM_EXIT_WRITE_DR4] = dr_interception,
3093 [SVM_EXIT_WRITE_DR5] = dr_interception,
3094 [SVM_EXIT_WRITE_DR6] = dr_interception,
3095 [SVM_EXIT_WRITE_DR7] = dr_interception,
3096 [SVM_EXIT_EXCP_BASE + DB_VECTOR] = db_interception,
3097 [SVM_EXIT_EXCP_BASE + BP_VECTOR] = bp_interception,
3098 [SVM_EXIT_EXCP_BASE + UD_VECTOR] = ud_interception,
3099 [SVM_EXIT_EXCP_BASE + PF_VECTOR] = pf_interception,
3100 [SVM_EXIT_EXCP_BASE + MC_VECTOR] = mc_interception,
3101 [SVM_EXIT_EXCP_BASE + AC_VECTOR] = ac_interception,
3102 [SVM_EXIT_EXCP_BASE + GP_VECTOR] = gp_interception,
3103 [SVM_EXIT_INTR] = intr_interception,
3104 [SVM_EXIT_NMI] = nmi_interception,
3105 [SVM_EXIT_SMI] = smi_interception,
3106 [SVM_EXIT_VINTR] = interrupt_window_interception,
3107 [SVM_EXIT_RDPMC] = kvm_emulate_rdpmc,
3108 [SVM_EXIT_CPUID] = kvm_emulate_cpuid,
3109 [SVM_EXIT_IRET] = iret_interception,
3110 [SVM_EXIT_INVD] = kvm_emulate_invd,
3111 [SVM_EXIT_PAUSE] = pause_interception,
3112 [SVM_EXIT_HLT] = kvm_emulate_halt,
3113 [SVM_EXIT_INVLPG] = invlpg_interception,
3114 [SVM_EXIT_INVLPGA] = invlpga_interception,
3115 [SVM_EXIT_IOIO] = io_interception,
3116 [SVM_EXIT_MSR] = msr_interception,
3117 [SVM_EXIT_TASK_SWITCH] = task_switch_interception,
3118 [SVM_EXIT_SHUTDOWN] = shutdown_interception,
3119 [SVM_EXIT_VMRUN] = vmrun_interception,
3120 [SVM_EXIT_VMMCALL] = kvm_emulate_hypercall,
3121 [SVM_EXIT_VMLOAD] = vmload_interception,
3122 [SVM_EXIT_VMSAVE] = vmsave_interception,
3123 [SVM_EXIT_STGI] = stgi_interception,
3124 [SVM_EXIT_CLGI] = clgi_interception,
3125 [SVM_EXIT_SKINIT] = skinit_interception,
3126 [SVM_EXIT_RDTSCP] = kvm_handle_invalid_op,
3127 [SVM_EXIT_WBINVD] = kvm_emulate_wbinvd,
3128 [SVM_EXIT_MONITOR] = kvm_emulate_monitor,
3129 [SVM_EXIT_MWAIT] = kvm_emulate_mwait,
3130 [SVM_EXIT_XSETBV] = kvm_emulate_xsetbv,
3131 [SVM_EXIT_RDPRU] = kvm_handle_invalid_op,
3132 [SVM_EXIT_EFER_WRITE_TRAP] = efer_trap,
3133 [SVM_EXIT_CR0_WRITE_TRAP] = cr_trap,
3134 [SVM_EXIT_CR4_WRITE_TRAP] = cr_trap,
3135 [SVM_EXIT_CR8_WRITE_TRAP] = cr_trap,
3136 [SVM_EXIT_INVPCID] = invpcid_interception,
3137 [SVM_EXIT_NPF] = npf_interception,
3138 [SVM_EXIT_RSM] = rsm_interception,
3139 [SVM_EXIT_AVIC_INCOMPLETE_IPI] = avic_incomplete_ipi_interception,
3140 [SVM_EXIT_AVIC_UNACCELERATED_ACCESS] = avic_unaccelerated_access_interception,
3141 [SVM_EXIT_VMGEXIT] = sev_handle_vmgexit,
3142};
3143
3144static void dump_vmcb(struct kvm_vcpu *vcpu)
3145{
3146 struct vcpu_svm *svm = to_svm(vcpu);
3147 struct vmcb_control_area *control = &svm->vmcb->control;
3148 struct vmcb_save_area *save = &svm->vmcb->save;
3149 struct vmcb_save_area *save01 = &svm->vmcb01.ptr->save;
3150
3151 if (!dump_invalid_vmcb) {
3152 pr_warn_ratelimited("set kvm_amd.dump_invalid_vmcb=1 to dump internal KVM state.\n");
3153 return;
3154 }
3155
3156 pr_err("VMCB Control Area:\n");
3157 pr_err("%-20s%04x\n", "cr_read:", control->intercepts[INTERCEPT_CR] & 0xffff);
3158 pr_err("%-20s%04x\n", "cr_write:", control->intercepts[INTERCEPT_CR] >> 16);
3159 pr_err("%-20s%04x\n", "dr_read:", control->intercepts[INTERCEPT_DR] & 0xffff);
3160 pr_err("%-20s%04x\n", "dr_write:", control->intercepts[INTERCEPT_DR] >> 16);
3161 pr_err("%-20s%08x\n", "exceptions:", control->intercepts[INTERCEPT_EXCEPTION]);
3162 pr_err("%-20s%08x %08x\n", "intercepts:",
3163 control->intercepts[INTERCEPT_WORD3],
3164 control->intercepts[INTERCEPT_WORD4]);
3165 pr_err("%-20s%d\n", "pause filter count:", control->pause_filter_count);
3166 pr_err("%-20s%d\n", "pause filter threshold:",
3167 control->pause_filter_thresh);
3168 pr_err("%-20s%016llx\n", "iopm_base_pa:", control->iopm_base_pa);
3169 pr_err("%-20s%016llx\n", "msrpm_base_pa:", control->msrpm_base_pa);
3170 pr_err("%-20s%016llx\n", "tsc_offset:", control->tsc_offset);
3171 pr_err("%-20s%d\n", "asid:", control->asid);
3172 pr_err("%-20s%d\n", "tlb_ctl:", control->tlb_ctl);
3173 pr_err("%-20s%08x\n", "int_ctl:", control->int_ctl);
3174 pr_err("%-20s%08x\n", "int_vector:", control->int_vector);
3175 pr_err("%-20s%08x\n", "int_state:", control->int_state);
3176 pr_err("%-20s%08x\n", "exit_code:", control->exit_code);
3177 pr_err("%-20s%016llx\n", "exit_info1:", control->exit_info_1);
3178 pr_err("%-20s%016llx\n", "exit_info2:", control->exit_info_2);
3179 pr_err("%-20s%08x\n", "exit_int_info:", control->exit_int_info);
3180 pr_err("%-20s%08x\n", "exit_int_info_err:", control->exit_int_info_err);
3181 pr_err("%-20s%lld\n", "nested_ctl:", control->nested_ctl);
3182 pr_err("%-20s%016llx\n", "nested_cr3:", control->nested_cr3);
3183 pr_err("%-20s%016llx\n", "avic_vapic_bar:", control->avic_vapic_bar);
3184 pr_err("%-20s%016llx\n", "ghcb:", control->ghcb_gpa);
3185 pr_err("%-20s%08x\n", "event_inj:", control->event_inj);
3186 pr_err("%-20s%08x\n", "event_inj_err:", control->event_inj_err);
3187 pr_err("%-20s%lld\n", "virt_ext:", control->virt_ext);
3188 pr_err("%-20s%016llx\n", "next_rip:", control->next_rip);
3189 pr_err("%-20s%016llx\n", "avic_backing_page:", control->avic_backing_page);
3190 pr_err("%-20s%016llx\n", "avic_logical_id:", control->avic_logical_id);
3191 pr_err("%-20s%016llx\n", "avic_physical_id:", control->avic_physical_id);
3192 pr_err("%-20s%016llx\n", "vmsa_pa:", control->vmsa_pa);
3193 pr_err("VMCB State Save Area:\n");
3194 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3195 "es:",
3196 save->es.selector, save->es.attrib,
3197 save->es.limit, save->es.base);
3198 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3199 "cs:",
3200 save->cs.selector, save->cs.attrib,
3201 save->cs.limit, save->cs.base);
3202 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3203 "ss:",
3204 save->ss.selector, save->ss.attrib,
3205 save->ss.limit, save->ss.base);
3206 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3207 "ds:",
3208 save->ds.selector, save->ds.attrib,
3209 save->ds.limit, save->ds.base);
3210 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3211 "fs:",
3212 save01->fs.selector, save01->fs.attrib,
3213 save01->fs.limit, save01->fs.base);
3214 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3215 "gs:",
3216 save01->gs.selector, save01->gs.attrib,
3217 save01->gs.limit, save01->gs.base);
3218 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3219 "gdtr:",
3220 save->gdtr.selector, save->gdtr.attrib,
3221 save->gdtr.limit, save->gdtr.base);
3222 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3223 "ldtr:",
3224 save01->ldtr.selector, save01->ldtr.attrib,
3225 save01->ldtr.limit, save01->ldtr.base);
3226 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3227 "idtr:",
3228 save->idtr.selector, save->idtr.attrib,
3229 save->idtr.limit, save->idtr.base);
3230 pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",
3231 "tr:",
3232 save01->tr.selector, save01->tr.attrib,
3233 save01->tr.limit, save01->tr.base);
3234 pr_err("cpl: %d efer: %016llx\n",
3235 save->cpl, save->efer);
3236 pr_err("%-15s %016llx %-13s %016llx\n",
3237 "cr0:", save->cr0, "cr2:", save->cr2);
3238 pr_err("%-15s %016llx %-13s %016llx\n",
3239 "cr3:", save->cr3, "cr4:", save->cr4);
3240 pr_err("%-15s %016llx %-13s %016llx\n",
3241 "dr6:", save->dr6, "dr7:", save->dr7);
3242 pr_err("%-15s %016llx %-13s %016llx\n",
3243 "rip:", save->rip, "rflags:", save->rflags);
3244 pr_err("%-15s %016llx %-13s %016llx\n",
3245 "rsp:", save->rsp, "rax:", save->rax);
3246 pr_err("%-15s %016llx %-13s %016llx\n",
3247 "star:", save01->star, "lstar:", save01->lstar);
3248 pr_err("%-15s %016llx %-13s %016llx\n",
3249 "cstar:", save01->cstar, "sfmask:", save01->sfmask);
3250 pr_err("%-15s %016llx %-13s %016llx\n",
3251 "kernel_gs_base:", save01->kernel_gs_base,
3252 "sysenter_cs:", save01->sysenter_cs);
3253 pr_err("%-15s %016llx %-13s %016llx\n",
3254 "sysenter_esp:", save01->sysenter_esp,
3255 "sysenter_eip:", save01->sysenter_eip);
3256 pr_err("%-15s %016llx %-13s %016llx\n",
3257 "gpat:", save->g_pat, "dbgctl:", save->dbgctl);
3258 pr_err("%-15s %016llx %-13s %016llx\n",
3259 "br_from:", save->br_from, "br_to:", save->br_to);
3260 pr_err("%-15s %016llx %-13s %016llx\n",
3261 "excp_from:", save->last_excp_from,
3262 "excp_to:", save->last_excp_to);
3263}
3264
3265static int svm_handle_invalid_exit(struct kvm_vcpu *vcpu, u64 exit_code)
3266{
3267 if (exit_code < ARRAY_SIZE(svm_exit_handlers) &&
3268 svm_exit_handlers[exit_code])
3269 return 0;
3270
3271 vcpu_unimpl(vcpu, "svm: unexpected exit reason 0x%llx\n", exit_code);
3272 dump_vmcb(vcpu);
3273 vcpu->run->exit_reason = KVM_EXIT_INTERNAL_ERROR;
3274 vcpu->run->internal.suberror = KVM_INTERNAL_ERROR_UNEXPECTED_EXIT_REASON;
3275 vcpu->run->internal.ndata = 2;
3276 vcpu->run->internal.data[0] = exit_code;
3277 vcpu->run->internal.data[1] = vcpu->arch.last_vmentry_cpu;
3278
3279 return -EINVAL;
3280}
3281
3282int svm_invoke_exit_handler(struct kvm_vcpu *vcpu, u64 exit_code)
3283{
3284 if (svm_handle_invalid_exit(vcpu, exit_code))
3285 return 0;
3286
3287#ifdef CONFIG_RETPOLINE
3288 if (exit_code == SVM_EXIT_MSR)
3289 return msr_interception(vcpu);
3290 else if (exit_code == SVM_EXIT_VINTR)
3291 return interrupt_window_interception(vcpu);
3292 else if (exit_code == SVM_EXIT_INTR)
3293 return intr_interception(vcpu);
3294 else if (exit_code == SVM_EXIT_HLT)
3295 return kvm_emulate_halt(vcpu);
3296 else if (exit_code == SVM_EXIT_NPF)
3297 return npf_interception(vcpu);
3298#endif
3299 return svm_exit_handlers[exit_code](vcpu);
3300}
3301
3302static void svm_get_exit_info(struct kvm_vcpu *vcpu, u64 *info1, u64 *info2,
3303 u32 *intr_info, u32 *error_code)
3304{
3305 struct vmcb_control_area *control = &to_svm(vcpu)->vmcb->control;
3306
3307 *info1 = control->exit_info_1;
3308 *info2 = control->exit_info_2;
3309 *intr_info = control->exit_int_info;
3310 if ((*intr_info & SVM_EXITINTINFO_VALID) &&
3311 (*intr_info & SVM_EXITINTINFO_VALID_ERR))
3312 *error_code = control->exit_int_info_err;
3313 else
3314 *error_code = 0;
3315}
3316
3317static int handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath)
3318{
3319 struct vcpu_svm *svm = to_svm(vcpu);
3320 struct kvm_run *kvm_run = vcpu->run;
3321 u32 exit_code = svm->vmcb->control.exit_code;
3322
3323 trace_kvm_exit(exit_code, vcpu, KVM_ISA_SVM);
3324
3325
3326 if (!sev_es_guest(vcpu->kvm)) {
3327 if (!svm_is_intercept(svm, INTERCEPT_CR0_WRITE))
3328 vcpu->arch.cr0 = svm->vmcb->save.cr0;
3329 if (npt_enabled)
3330 vcpu->arch.cr3 = svm->vmcb->save.cr3;
3331 }
3332
3333 if (is_guest_mode(vcpu)) {
3334 int vmexit;
3335
3336 trace_kvm_nested_vmexit(exit_code, vcpu, KVM_ISA_SVM);
3337
3338 vmexit = nested_svm_exit_special(svm);
3339
3340 if (vmexit == NESTED_EXIT_CONTINUE)
3341 vmexit = nested_svm_exit_handled(svm);
3342
3343 if (vmexit == NESTED_EXIT_DONE)
3344 return 1;
3345 }
3346
3347 if (svm->vmcb->control.exit_code == SVM_EXIT_ERR) {
3348 kvm_run->exit_reason = KVM_EXIT_FAIL_ENTRY;
3349 kvm_run->fail_entry.hardware_entry_failure_reason
3350 = svm->vmcb->control.exit_code;
3351 kvm_run->fail_entry.cpu = vcpu->arch.last_vmentry_cpu;
3352 dump_vmcb(vcpu);
3353 return 0;
3354 }
3355
3356 if (is_external_interrupt(svm->vmcb->control.exit_int_info) &&
3357 exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR &&
3358 exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH &&
3359 exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI)
3360 printk(KERN_ERR "%s: unexpected exit_int_info 0x%x "
3361 "exit_code 0x%x\n",
3362 __func__, svm->vmcb->control.exit_int_info,
3363 exit_code);
3364
3365 if (exit_fastpath != EXIT_FASTPATH_NONE)
3366 return 1;
3367
3368 return svm_invoke_exit_handler(vcpu, exit_code);
3369}
3370
3371static void reload_tss(struct kvm_vcpu *vcpu)
3372{
3373 struct svm_cpu_data *sd = per_cpu(svm_data, vcpu->cpu);
3374
3375 sd->tss_desc->type = 9;
3376 load_TR_desc();
3377}
3378
3379static void pre_svm_run(struct kvm_vcpu *vcpu)
3380{
3381 struct svm_cpu_data *sd = per_cpu(svm_data, vcpu->cpu);
3382 struct vcpu_svm *svm = to_svm(vcpu);
3383
3384
3385
3386
3387
3388
3389 if (unlikely(svm->current_vmcb->cpu != vcpu->cpu)) {
3390 svm->current_vmcb->asid_generation = 0;
3391 vmcb_mark_all_dirty(svm->vmcb);
3392 svm->current_vmcb->cpu = vcpu->cpu;
3393 }
3394
3395 if (sev_guest(vcpu->kvm))
3396 return pre_sev_run(svm, vcpu->cpu);
3397
3398
3399 if (svm->current_vmcb->asid_generation != sd->asid_generation)
3400 new_asid(svm, sd);
3401}
3402
3403static void svm_inject_nmi(struct kvm_vcpu *vcpu)
3404{
3405 struct vcpu_svm *svm = to_svm(vcpu);
3406
3407 svm->vmcb->control.event_inj = SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_NMI;
3408 vcpu->arch.hflags |= HF_NMI_MASK;
3409 if (!sev_es_guest(vcpu->kvm))
3410 svm_set_intercept(svm, INTERCEPT_IRET);
3411 ++vcpu->stat.nmi_injections;
3412}
3413
3414static void svm_set_irq(struct kvm_vcpu *vcpu)
3415{
3416 struct vcpu_svm *svm = to_svm(vcpu);
3417
3418 BUG_ON(!(gif_set(svm)));
3419
3420 trace_kvm_inj_virq(vcpu->arch.interrupt.nr);
3421 ++vcpu->stat.irq_injections;
3422
3423 svm->vmcb->control.event_inj = vcpu->arch.interrupt.nr |
3424 SVM_EVTINJ_VALID | SVM_EVTINJ_TYPE_INTR;
3425}
3426
3427static void svm_update_cr8_intercept(struct kvm_vcpu *vcpu, int tpr, int irr)
3428{
3429 struct vcpu_svm *svm = to_svm(vcpu);
3430
3431
3432
3433
3434
3435 if (sev_es_guest(vcpu->kvm))
3436 return;
3437
3438 if (nested_svm_virtualize_tpr(vcpu))
3439 return;
3440
3441 svm_clr_intercept(svm, INTERCEPT_CR8_WRITE);
3442
3443 if (irr == -1)
3444 return;
3445
3446 if (tpr >= irr)
3447 svm_set_intercept(svm, INTERCEPT_CR8_WRITE);
3448}
3449
3450bool svm_nmi_blocked(struct kvm_vcpu *vcpu)
3451{
3452 struct vcpu_svm *svm = to_svm(vcpu);
3453 struct vmcb *vmcb = svm->vmcb;
3454 bool ret;
3455
3456 if (!gif_set(svm))
3457 return true;
3458
3459 if (is_guest_mode(vcpu) && nested_exit_on_nmi(svm))
3460 return false;
3461
3462 ret = (vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK) ||
3463 (vcpu->arch.hflags & HF_NMI_MASK);
3464
3465 return ret;
3466}
3467
3468static int svm_nmi_allowed(struct kvm_vcpu *vcpu, bool for_injection)
3469{
3470 struct vcpu_svm *svm = to_svm(vcpu);
3471 if (svm->nested.nested_run_pending)
3472 return -EBUSY;
3473
3474
3475 if (for_injection && is_guest_mode(vcpu) && nested_exit_on_nmi(svm))
3476 return -EBUSY;
3477
3478 return !svm_nmi_blocked(vcpu);
3479}
3480
3481static bool svm_get_nmi_mask(struct kvm_vcpu *vcpu)
3482{
3483 return !!(vcpu->arch.hflags & HF_NMI_MASK);
3484}
3485
3486static void svm_set_nmi_mask(struct kvm_vcpu *vcpu, bool masked)
3487{
3488 struct vcpu_svm *svm = to_svm(vcpu);
3489
3490 if (masked) {
3491 vcpu->arch.hflags |= HF_NMI_MASK;
3492 if (!sev_es_guest(vcpu->kvm))
3493 svm_set_intercept(svm, INTERCEPT_IRET);
3494 } else {
3495 vcpu->arch.hflags &= ~HF_NMI_MASK;
3496 if (!sev_es_guest(vcpu->kvm))
3497 svm_clr_intercept(svm, INTERCEPT_IRET);
3498 }
3499}
3500
3501bool svm_interrupt_blocked(struct kvm_vcpu *vcpu)
3502{
3503 struct vcpu_svm *svm = to_svm(vcpu);
3504 struct vmcb *vmcb = svm->vmcb;
3505
3506 if (!gif_set(svm))
3507 return true;
3508
3509 if (sev_es_guest(vcpu->kvm)) {
3510
3511
3512
3513
3514 if (!(vmcb->control.int_state & SVM_GUEST_INTERRUPT_MASK))
3515 return true;
3516 } else if (is_guest_mode(vcpu)) {
3517
3518 if ((svm->nested.ctl.int_ctl & V_INTR_MASKING_MASK)
3519 ? !(svm->vmcb01.ptr->save.rflags & X86_EFLAGS_IF)
3520 : !(kvm_get_rflags(vcpu) & X86_EFLAGS_IF))
3521 return true;
3522
3523
3524 if (nested_exit_on_intr(svm))
3525 return false;
3526 } else {
3527 if (!(kvm_get_rflags(vcpu) & X86_EFLAGS_IF))
3528 return true;
3529 }
3530
3531 return (vmcb->control.int_state & SVM_INTERRUPT_SHADOW_MASK);
3532}
3533
3534static int svm_interrupt_allowed(struct kvm_vcpu *vcpu, bool for_injection)
3535{
3536 struct vcpu_svm *svm = to_svm(vcpu);
3537 if (svm->nested.nested_run_pending)
3538 return -EBUSY;
3539
3540
3541
3542
3543
3544 if (for_injection && is_guest_mode(vcpu) && nested_exit_on_intr(svm))
3545 return -EBUSY;
3546
3547 return !svm_interrupt_blocked(vcpu);
3548}
3549
3550static void svm_enable_irq_window(struct kvm_vcpu *vcpu)
3551{
3552 struct vcpu_svm *svm = to_svm(vcpu);
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562 if (vgif_enabled(svm) || gif_set(svm)) {
3563
3564
3565
3566
3567
3568
3569 svm_toggle_avic_for_irq_window(vcpu, false);
3570 svm_set_vintr(svm);
3571 }
3572}
3573
3574static void svm_enable_nmi_window(struct kvm_vcpu *vcpu)
3575{
3576 struct vcpu_svm *svm = to_svm(vcpu);
3577
3578 if ((vcpu->arch.hflags & (HF_NMI_MASK | HF_IRET_MASK)) == HF_NMI_MASK)
3579 return;
3580
3581 if (!gif_set(svm)) {
3582 if (vgif_enabled(svm))
3583 svm_set_intercept(svm, INTERCEPT_STGI);
3584 return;
3585 }
3586
3587
3588
3589
3590
3591 svm->nmi_singlestep_guest_rflags = svm_get_rflags(vcpu);
3592 svm->nmi_singlestep = true;
3593 svm->vmcb->save.rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF);
3594}
3595
3596static int svm_set_tss_addr(struct kvm *kvm, unsigned int addr)
3597{
3598 return 0;
3599}
3600
3601static int svm_set_identity_map_addr(struct kvm *kvm, u64 ident_addr)
3602{
3603 return 0;
3604}
3605
3606void svm_flush_tlb(struct kvm_vcpu *vcpu)
3607{
3608 struct vcpu_svm *svm = to_svm(vcpu);
3609
3610
3611
3612
3613
3614
3615
3616
3617 if (static_cpu_has(X86_FEATURE_FLUSHBYASID))
3618 svm->vmcb->control.tlb_ctl = TLB_CONTROL_FLUSH_ASID;
3619 else
3620 svm->current_vmcb->asid_generation--;
3621}
3622
3623static void svm_flush_tlb_gva(struct kvm_vcpu *vcpu, gva_t gva)
3624{
3625 struct vcpu_svm *svm = to_svm(vcpu);
3626
3627 invlpga(gva, svm->vmcb->control.asid);
3628}
3629
3630static inline void sync_cr8_to_lapic(struct kvm_vcpu *vcpu)
3631{
3632 struct vcpu_svm *svm = to_svm(vcpu);
3633
3634 if (nested_svm_virtualize_tpr(vcpu))
3635 return;
3636
3637 if (!svm_is_intercept(svm, INTERCEPT_CR8_WRITE)) {
3638 int cr8 = svm->vmcb->control.int_ctl & V_TPR_MASK;
3639 kvm_set_cr8(vcpu, cr8);
3640 }
3641}
3642
3643static inline void sync_lapic_to_cr8(struct kvm_vcpu *vcpu)
3644{
3645 struct vcpu_svm *svm = to_svm(vcpu);
3646 u64 cr8;
3647
3648 if (nested_svm_virtualize_tpr(vcpu) ||
3649 kvm_vcpu_apicv_active(vcpu))
3650 return;
3651
3652 cr8 = kvm_get_cr8(vcpu);
3653 svm->vmcb->control.int_ctl &= ~V_TPR_MASK;
3654 svm->vmcb->control.int_ctl |= cr8 & V_TPR_MASK;
3655}
3656
3657static void svm_complete_interrupts(struct kvm_vcpu *vcpu)
3658{
3659 struct vcpu_svm *svm = to_svm(vcpu);
3660 u8 vector;
3661 int type;
3662 u32 exitintinfo = svm->vmcb->control.exit_int_info;
3663 unsigned int3_injected = svm->int3_injected;
3664
3665 svm->int3_injected = 0;
3666
3667
3668
3669
3670
3671 if ((vcpu->arch.hflags & HF_IRET_MASK) &&
3672 (sev_es_guest(vcpu->kvm) ||
3673 kvm_rip_read(vcpu) != svm->nmi_iret_rip)) {
3674 vcpu->arch.hflags &= ~(HF_NMI_MASK | HF_IRET_MASK);
3675 kvm_make_request(KVM_REQ_EVENT, vcpu);
3676 }
3677
3678 vcpu->arch.nmi_injected = false;
3679 kvm_clear_exception_queue(vcpu);
3680 kvm_clear_interrupt_queue(vcpu);
3681
3682 if (!(exitintinfo & SVM_EXITINTINFO_VALID))
3683 return;
3684
3685 kvm_make_request(KVM_REQ_EVENT, vcpu);
3686
3687 vector = exitintinfo & SVM_EXITINTINFO_VEC_MASK;
3688 type = exitintinfo & SVM_EXITINTINFO_TYPE_MASK;
3689
3690 switch (type) {
3691 case SVM_EXITINTINFO_TYPE_NMI:
3692 vcpu->arch.nmi_injected = true;
3693 break;
3694 case SVM_EXITINTINFO_TYPE_EXEPT:
3695
3696
3697
3698 if (vector == X86_TRAP_VC)
3699 break;
3700
3701
3702
3703
3704
3705
3706 if (kvm_exception_is_soft(vector)) {
3707 if (vector == BP_VECTOR && int3_injected &&
3708 kvm_is_linear_rip(vcpu, svm->int3_rip))
3709 kvm_rip_write(vcpu,
3710 kvm_rip_read(vcpu) - int3_injected);
3711 break;
3712 }
3713 if (exitintinfo & SVM_EXITINTINFO_VALID_ERR) {
3714 u32 err = svm->vmcb->control.exit_int_info_err;
3715 kvm_requeue_exception_e(vcpu, vector, err);
3716
3717 } else
3718 kvm_requeue_exception(vcpu, vector);
3719 break;
3720 case SVM_EXITINTINFO_TYPE_INTR:
3721 kvm_queue_interrupt(vcpu, vector, false);
3722 break;
3723 default:
3724 break;
3725 }
3726}
3727
3728static void svm_cancel_injection(struct kvm_vcpu *vcpu)
3729{
3730 struct vcpu_svm *svm = to_svm(vcpu);
3731 struct vmcb_control_area *control = &svm->vmcb->control;
3732
3733 control->exit_int_info = control->event_inj;
3734 control->exit_int_info_err = control->event_inj_err;
3735 control->event_inj = 0;
3736 svm_complete_interrupts(vcpu);
3737}
3738
3739static fastpath_t svm_exit_handlers_fastpath(struct kvm_vcpu *vcpu)
3740{
3741 if (to_svm(vcpu)->vmcb->control.exit_code == SVM_EXIT_MSR &&
3742 to_svm(vcpu)->vmcb->control.exit_info_1)
3743 return handle_fastpath_set_msr_irqoff(vcpu);
3744
3745 return EXIT_FASTPATH_NONE;
3746}
3747
3748static noinstr void svm_vcpu_enter_exit(struct kvm_vcpu *vcpu)
3749{
3750 struct vcpu_svm *svm = to_svm(vcpu);
3751 unsigned long vmcb_pa = svm->current_vmcb->pa;
3752
3753 kvm_guest_enter_irqoff();
3754
3755 if (sev_es_guest(vcpu->kvm)) {
3756 __svm_sev_es_vcpu_run(vmcb_pa);
3757 } else {
3758 struct svm_cpu_data *sd = per_cpu(svm_data, vcpu->cpu);
3759
3760
3761
3762
3763
3764
3765
3766 vmload(svm->vmcb01.pa);
3767 __svm_vcpu_run(vmcb_pa, (unsigned long *)&vcpu->arch.regs);
3768 vmsave(svm->vmcb01.pa);
3769
3770 vmload(__sme_page_pa(sd->save_area));
3771 }
3772
3773 kvm_guest_exit_irqoff();
3774}
3775
3776static fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu)
3777{
3778 struct vcpu_svm *svm = to_svm(vcpu);
3779
3780 trace_kvm_entry(vcpu);
3781
3782 svm->vmcb->save.rax = vcpu->arch.regs[VCPU_REGS_RAX];
3783 svm->vmcb->save.rsp = vcpu->arch.regs[VCPU_REGS_RSP];
3784 svm->vmcb->save.rip = vcpu->arch.regs[VCPU_REGS_RIP];
3785
3786
3787
3788
3789
3790
3791
3792 if (svm->nmi_singlestep && svm->vmcb->control.event_inj) {
3793
3794
3795
3796
3797
3798 disable_nmi_singlestep(svm);
3799 smp_send_reschedule(vcpu->cpu);
3800 }
3801
3802 pre_svm_run(vcpu);
3803
3804 sync_lapic_to_cr8(vcpu);
3805
3806 if (unlikely(svm->asid != svm->vmcb->control.asid)) {
3807 svm->vmcb->control.asid = svm->asid;
3808 vmcb_mark_dirty(svm->vmcb, VMCB_ASID);
3809 }
3810 svm->vmcb->save.cr2 = vcpu->arch.cr2;
3811
3812
3813
3814
3815
3816 if (unlikely(vcpu->arch.switch_db_regs & KVM_DEBUGREG_WONT_EXIT))
3817 svm_set_dr6(svm, vcpu->arch.dr6);
3818 else
3819 svm_set_dr6(svm, DR6_ACTIVE_LOW);
3820
3821 clgi();
3822 kvm_load_guest_xsave_state(vcpu);
3823
3824 kvm_wait_lapic_expire(vcpu);
3825
3826
3827
3828
3829
3830
3831
3832 if (!static_cpu_has(X86_FEATURE_V_SPEC_CTRL))
3833 x86_spec_ctrl_set_guest(svm->spec_ctrl, svm->virt_spec_ctrl);
3834
3835 svm_vcpu_enter_exit(vcpu);
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852 if (!static_cpu_has(X86_FEATURE_V_SPEC_CTRL) &&
3853 unlikely(!msr_write_intercepted(vcpu, MSR_IA32_SPEC_CTRL)))
3854 svm->spec_ctrl = native_read_msr(MSR_IA32_SPEC_CTRL);
3855
3856 if (!sev_es_guest(vcpu->kvm))
3857 reload_tss(vcpu);
3858
3859 if (!static_cpu_has(X86_FEATURE_V_SPEC_CTRL))
3860 x86_spec_ctrl_restore_host(svm->spec_ctrl, svm->virt_spec_ctrl);
3861
3862 if (!sev_es_guest(vcpu->kvm)) {
3863 vcpu->arch.cr2 = svm->vmcb->save.cr2;
3864 vcpu->arch.regs[VCPU_REGS_RAX] = svm->vmcb->save.rax;
3865 vcpu->arch.regs[VCPU_REGS_RSP] = svm->vmcb->save.rsp;
3866 vcpu->arch.regs[VCPU_REGS_RIP] = svm->vmcb->save.rip;
3867 }
3868
3869 if (unlikely(svm->vmcb->control.exit_code == SVM_EXIT_NMI))
3870 kvm_before_interrupt(vcpu);
3871
3872 kvm_load_host_xsave_state(vcpu);
3873 stgi();
3874
3875
3876
3877 if (unlikely(svm->vmcb->control.exit_code == SVM_EXIT_NMI))
3878 kvm_after_interrupt(vcpu);
3879
3880 sync_cr8_to_lapic(vcpu);
3881
3882 svm->next_rip = 0;
3883 if (is_guest_mode(vcpu)) {
3884 nested_sync_control_from_vmcb02(svm);
3885
3886
3887 if (svm->nested.nested_run_pending &&
3888 svm->vmcb->control.exit_code != SVM_EXIT_ERR)
3889 ++vcpu->stat.nested_run;
3890
3891 svm->nested.nested_run_pending = 0;
3892 }
3893
3894 svm->vmcb->control.tlb_ctl = TLB_CONTROL_DO_NOTHING;
3895 vmcb_mark_all_clean(svm->vmcb);
3896
3897
3898 if (svm->vmcb->control.exit_code == SVM_EXIT_EXCP_BASE + PF_VECTOR)
3899 vcpu->arch.apf.host_apf_flags =
3900 kvm_read_and_reset_apf_flags();
3901
3902 if (npt_enabled) {
3903 vcpu->arch.regs_avail &= ~(1 << VCPU_EXREG_PDPTR);
3904 vcpu->arch.regs_dirty &= ~(1 << VCPU_EXREG_PDPTR);
3905 }
3906
3907
3908
3909
3910
3911 if (unlikely(svm->vmcb->control.exit_code ==
3912 SVM_EXIT_EXCP_BASE + MC_VECTOR))
3913 svm_handle_mce(vcpu);
3914
3915 svm_complete_interrupts(vcpu);
3916
3917 if (is_guest_mode(vcpu))
3918 return EXIT_FASTPATH_NONE;
3919
3920 return svm_exit_handlers_fastpath(vcpu);
3921}
3922
3923static void svm_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa,
3924 int root_level)
3925{
3926 struct vcpu_svm *svm = to_svm(vcpu);
3927 unsigned long cr3;
3928
3929 if (npt_enabled) {
3930 svm->vmcb->control.nested_cr3 = __sme_set(root_hpa);
3931 vmcb_mark_dirty(svm->vmcb, VMCB_NPT);
3932
3933
3934 if (!test_bit(VCPU_EXREG_CR3, (ulong *)&vcpu->arch.regs_avail))
3935 return;
3936 cr3 = vcpu->arch.cr3;
3937 } else if (vcpu->arch.mmu->shadow_root_level >= PT64_ROOT_4LEVEL) {
3938 cr3 = __sme_set(root_hpa) | kvm_get_active_pcid(vcpu);
3939 } else {
3940
3941 WARN_ON_ONCE(kvm_get_active_pcid(vcpu));
3942 cr3 = root_hpa;
3943 }
3944
3945 svm->vmcb->save.cr3 = cr3;
3946 vmcb_mark_dirty(svm->vmcb, VMCB_CR);
3947}
3948
3949static int is_disabled(void)
3950{
3951 u64 vm_cr;
3952
3953 rdmsrl(MSR_VM_CR, vm_cr);
3954 if (vm_cr & (1 << SVM_VM_CR_SVM_DISABLE))
3955 return 1;
3956
3957 return 0;
3958}
3959
3960static void
3961svm_patch_hypercall(struct kvm_vcpu *vcpu, unsigned char *hypercall)
3962{
3963
3964
3965
3966 hypercall[0] = 0x0f;
3967 hypercall[1] = 0x01;
3968 hypercall[2] = 0xd9;
3969}
3970
3971static int __init svm_check_processor_compat(void)
3972{
3973 return 0;
3974}
3975
3976static bool svm_cpu_has_accelerated_tpr(void)
3977{
3978 return false;
3979}
3980
3981
3982
3983
3984
3985static bool svm_has_emulated_msr(struct kvm *kvm, u32 index)
3986{
3987 switch (index) {
3988 case MSR_IA32_MCG_EXT_CTL:
3989 case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC:
3990 return false;
3991 case MSR_IA32_SMBASE:
3992
3993 if (kvm && sev_es_guest(kvm))
3994 return false;
3995 break;
3996 default:
3997 break;
3998 }
3999
4000 return true;
4001}
4002
4003static u64 svm_get_mt_mask(struct kvm_vcpu *vcpu, gfn_t gfn, bool is_mmio)
4004{
4005 return 0;
4006}
4007
4008static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu)
4009{
4010 struct vcpu_svm *svm = to_svm(vcpu);
4011 struct kvm_cpuid_entry2 *best;
4012
4013 vcpu->arch.xsaves_enabled = guest_cpuid_has(vcpu, X86_FEATURE_XSAVE) &&
4014 boot_cpu_has(X86_FEATURE_XSAVE) &&
4015 boot_cpu_has(X86_FEATURE_XSAVES);
4016
4017
4018 svm->nrips_enabled = kvm_cpu_cap_has(X86_FEATURE_NRIPS) &&
4019 guest_cpuid_has(vcpu, X86_FEATURE_NRIPS);
4020
4021 svm_recalc_instruction_intercepts(vcpu, svm);
4022
4023
4024 if (sev_guest(vcpu->kvm)) {
4025 best = kvm_find_cpuid_entry(vcpu, 0x8000001F, 0);
4026 if (best)
4027 vcpu->arch.reserved_gpa_bits &= ~(1UL << (best->ebx & 0x3f));
4028 }
4029
4030 if (kvm_vcpu_apicv_active(vcpu)) {
4031
4032
4033
4034
4035 if (guest_cpuid_has(vcpu, X86_FEATURE_X2APIC))
4036 kvm_request_apicv_update(vcpu->kvm, false,
4037 APICV_INHIBIT_REASON_X2APIC);
4038
4039
4040
4041
4042
4043 if (nested && guest_cpuid_has(vcpu, X86_FEATURE_SVM))
4044 kvm_request_apicv_update(vcpu->kvm, false,
4045 APICV_INHIBIT_REASON_NESTED);
4046 }
4047
4048 if (guest_cpuid_is_intel(vcpu)) {
4049
4050
4051
4052
4053
4054 svm_set_intercept(svm, INTERCEPT_VMLOAD);
4055 svm_set_intercept(svm, INTERCEPT_VMSAVE);
4056 svm->vmcb->control.virt_ext &= ~VIRTUAL_VMLOAD_VMSAVE_ENABLE_MASK;
4057
4058 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 0, 0);
4059 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 0, 0);
4060 } else {
4061
4062
4063
4064
4065 if (vls) {
4066 svm_clr_intercept(svm, INTERCEPT_VMLOAD);
4067 svm_clr_intercept(svm, INTERCEPT_VMSAVE);
4068 svm->vmcb->control.virt_ext |= VIRTUAL_VMLOAD_VMSAVE_ENABLE_MASK;
4069 }
4070
4071 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_EIP, 1, 1);
4072 set_msr_interception(vcpu, svm->msrpm, MSR_IA32_SYSENTER_ESP, 1, 1);
4073 }
4074}
4075
4076static bool svm_has_wbinvd_exit(void)
4077{
4078 return true;
4079}
4080
4081#define PRE_EX(exit) { .exit_code = (exit), \
4082 .stage = X86_ICPT_PRE_EXCEPT, }
4083#define POST_EX(exit) { .exit_code = (exit), \
4084 .stage = X86_ICPT_POST_EXCEPT, }
4085#define POST_MEM(exit) { .exit_code = (exit), \
4086 .stage = X86_ICPT_POST_MEMACCESS, }
4087
4088static const struct __x86_intercept {
4089 u32 exit_code;
4090 enum x86_intercept_stage stage;
4091} x86_intercept_map[] = {
4092 [x86_intercept_cr_read] = POST_EX(SVM_EXIT_READ_CR0),
4093 [x86_intercept_cr_write] = POST_EX(SVM_EXIT_WRITE_CR0),
4094 [x86_intercept_clts] = POST_EX(SVM_EXIT_WRITE_CR0),
4095 [x86_intercept_lmsw] = POST_EX(SVM_EXIT_WRITE_CR0),
4096 [x86_intercept_smsw] = POST_EX(SVM_EXIT_READ_CR0),
4097 [x86_intercept_dr_read] = POST_EX(SVM_EXIT_READ_DR0),
4098 [x86_intercept_dr_write] = POST_EX(SVM_EXIT_WRITE_DR0),
4099 [x86_intercept_sldt] = POST_EX(SVM_EXIT_LDTR_READ),
4100 [x86_intercept_str] = POST_EX(SVM_EXIT_TR_READ),
4101 [x86_intercept_lldt] = POST_EX(SVM_EXIT_LDTR_WRITE),
4102 [x86_intercept_ltr] = POST_EX(SVM_EXIT_TR_WRITE),
4103 [x86_intercept_sgdt] = POST_EX(SVM_EXIT_GDTR_READ),
4104 [x86_intercept_sidt] = POST_EX(SVM_EXIT_IDTR_READ),
4105 [x86_intercept_lgdt] = POST_EX(SVM_EXIT_GDTR_WRITE),
4106 [x86_intercept_lidt] = POST_EX(SVM_EXIT_IDTR_WRITE),
4107 [x86_intercept_vmrun] = POST_EX(SVM_EXIT_VMRUN),
4108 [x86_intercept_vmmcall] = POST_EX(SVM_EXIT_VMMCALL),
4109 [x86_intercept_vmload] = POST_EX(SVM_EXIT_VMLOAD),
4110 [x86_intercept_vmsave] = POST_EX(SVM_EXIT_VMSAVE),
4111 [x86_intercept_stgi] = POST_EX(SVM_EXIT_STGI),
4112 [x86_intercept_clgi] = POST_EX(SVM_EXIT_CLGI),
4113 [x86_intercept_skinit] = POST_EX(SVM_EXIT_SKINIT),
4114 [x86_intercept_invlpga] = POST_EX(SVM_EXIT_INVLPGA),
4115 [x86_intercept_rdtscp] = POST_EX(SVM_EXIT_RDTSCP),
4116 [x86_intercept_monitor] = POST_MEM(SVM_EXIT_MONITOR),
4117 [x86_intercept_mwait] = POST_EX(SVM_EXIT_MWAIT),
4118 [x86_intercept_invlpg] = POST_EX(SVM_EXIT_INVLPG),
4119 [x86_intercept_invd] = POST_EX(SVM_EXIT_INVD),
4120 [x86_intercept_wbinvd] = POST_EX(SVM_EXIT_WBINVD),
4121 [x86_intercept_wrmsr] = POST_EX(SVM_EXIT_MSR),
4122 [x86_intercept_rdtsc] = POST_EX(SVM_EXIT_RDTSC),
4123 [x86_intercept_rdmsr] = POST_EX(SVM_EXIT_MSR),
4124 [x86_intercept_rdpmc] = POST_EX(SVM_EXIT_RDPMC),
4125 [x86_intercept_cpuid] = PRE_EX(SVM_EXIT_CPUID),
4126 [x86_intercept_rsm] = PRE_EX(SVM_EXIT_RSM),
4127 [x86_intercept_pause] = PRE_EX(SVM_EXIT_PAUSE),
4128 [x86_intercept_pushf] = PRE_EX(SVM_EXIT_PUSHF),
4129 [x86_intercept_popf] = PRE_EX(SVM_EXIT_POPF),
4130 [x86_intercept_intn] = PRE_EX(SVM_EXIT_SWINT),
4131 [x86_intercept_iret] = PRE_EX(SVM_EXIT_IRET),
4132 [x86_intercept_icebp] = PRE_EX(SVM_EXIT_ICEBP),
4133 [x86_intercept_hlt] = POST_EX(SVM_EXIT_HLT),
4134 [x86_intercept_in] = POST_EX(SVM_EXIT_IOIO),
4135 [x86_intercept_ins] = POST_EX(SVM_EXIT_IOIO),
4136 [x86_intercept_out] = POST_EX(SVM_EXIT_IOIO),
4137 [x86_intercept_outs] = POST_EX(SVM_EXIT_IOIO),
4138 [x86_intercept_xsetbv] = PRE_EX(SVM_EXIT_XSETBV),
4139};
4140
4141#undef PRE_EX
4142#undef POST_EX
4143#undef POST_MEM
4144
4145static int svm_check_intercept(struct kvm_vcpu *vcpu,
4146 struct x86_instruction_info *info,
4147 enum x86_intercept_stage stage,
4148 struct x86_exception *exception)
4149{
4150 struct vcpu_svm *svm = to_svm(vcpu);
4151 int vmexit, ret = X86EMUL_CONTINUE;
4152 struct __x86_intercept icpt_info;
4153 struct vmcb *vmcb = svm->vmcb;
4154
4155 if (info->intercept >= ARRAY_SIZE(x86_intercept_map))
4156 goto out;
4157
4158 icpt_info = x86_intercept_map[info->intercept];
4159
4160 if (stage != icpt_info.stage)
4161 goto out;
4162
4163 switch (icpt_info.exit_code) {
4164 case SVM_EXIT_READ_CR0:
4165 if (info->intercept == x86_intercept_cr_read)
4166 icpt_info.exit_code += info->modrm_reg;
4167 break;
4168 case SVM_EXIT_WRITE_CR0: {
4169 unsigned long cr0, val;
4170
4171 if (info->intercept == x86_intercept_cr_write)
4172 icpt_info.exit_code += info->modrm_reg;
4173
4174 if (icpt_info.exit_code != SVM_EXIT_WRITE_CR0 ||
4175 info->intercept == x86_intercept_clts)
4176 break;
4177
4178 if (!(vmcb_is_intercept(&svm->nested.ctl,
4179 INTERCEPT_SELECTIVE_CR0)))
4180 break;
4181
4182 cr0 = vcpu->arch.cr0 & ~SVM_CR0_SELECTIVE_MASK;
4183 val = info->src_val & ~SVM_CR0_SELECTIVE_MASK;
4184
4185 if (info->intercept == x86_intercept_lmsw) {
4186 cr0 &= 0xfUL;
4187 val &= 0xfUL;
4188
4189 if (cr0 & X86_CR0_PE)
4190 val |= X86_CR0_PE;
4191 }
4192
4193 if (cr0 ^ val)
4194 icpt_info.exit_code = SVM_EXIT_CR0_SEL_WRITE;
4195
4196 break;
4197 }
4198 case SVM_EXIT_READ_DR0:
4199 case SVM_EXIT_WRITE_DR0:
4200 icpt_info.exit_code += info->modrm_reg;
4201 break;
4202 case SVM_EXIT_MSR:
4203 if (info->intercept == x86_intercept_wrmsr)
4204 vmcb->control.exit_info_1 = 1;
4205 else
4206 vmcb->control.exit_info_1 = 0;
4207 break;
4208 case SVM_EXIT_PAUSE:
4209
4210
4211
4212
4213 if (info->rep_prefix != REPE_PREFIX)
4214 goto out;
4215 break;
4216 case SVM_EXIT_IOIO: {
4217 u64 exit_info;
4218 u32 bytes;
4219
4220 if (info->intercept == x86_intercept_in ||
4221 info->intercept == x86_intercept_ins) {
4222 exit_info = ((info->src_val & 0xffff) << 16) |
4223 SVM_IOIO_TYPE_MASK;
4224 bytes = info->dst_bytes;
4225 } else {
4226 exit_info = (info->dst_val & 0xffff) << 16;
4227 bytes = info->src_bytes;
4228 }
4229
4230 if (info->intercept == x86_intercept_outs ||
4231 info->intercept == x86_intercept_ins)
4232 exit_info |= SVM_IOIO_STR_MASK;
4233
4234 if (info->rep_prefix)
4235 exit_info |= SVM_IOIO_REP_MASK;
4236
4237 bytes = min(bytes, 4u);
4238
4239 exit_info |= bytes << SVM_IOIO_SIZE_SHIFT;
4240
4241 exit_info |= (u32)info->ad_bytes << (SVM_IOIO_ASIZE_SHIFT - 1);
4242
4243 vmcb->control.exit_info_1 = exit_info;
4244 vmcb->control.exit_info_2 = info->next_rip;
4245
4246 break;
4247 }
4248 default:
4249 break;
4250 }
4251
4252
4253 if (static_cpu_has(X86_FEATURE_NRIPS))
4254 vmcb->control.next_rip = info->next_rip;
4255 vmcb->control.exit_code = icpt_info.exit_code;
4256 vmexit = nested_svm_exit_handled(svm);
4257
4258 ret = (vmexit == NESTED_EXIT_DONE) ? X86EMUL_INTERCEPTED
4259 : X86EMUL_CONTINUE;
4260
4261out:
4262 return ret;
4263}
4264
4265static void svm_handle_exit_irqoff(struct kvm_vcpu *vcpu)
4266{
4267}
4268
4269static void svm_sched_in(struct kvm_vcpu *vcpu, int cpu)
4270{
4271 if (!kvm_pause_in_guest(vcpu->kvm))
4272 shrink_ple_window(vcpu);
4273}
4274
4275static void svm_setup_mce(struct kvm_vcpu *vcpu)
4276{
4277
4278 vcpu->arch.mcg_cap &= 0x1ff;
4279}
4280
4281bool svm_smi_blocked(struct kvm_vcpu *vcpu)
4282{
4283 struct vcpu_svm *svm = to_svm(vcpu);
4284
4285
4286 if (!gif_set(svm))
4287 return true;
4288
4289 return is_smm(vcpu);
4290}
4291
4292static int svm_smi_allowed(struct kvm_vcpu *vcpu, bool for_injection)
4293{
4294 struct vcpu_svm *svm = to_svm(vcpu);
4295 if (svm->nested.nested_run_pending)
4296 return -EBUSY;
4297
4298
4299 if (for_injection && is_guest_mode(vcpu) && nested_exit_on_smi(svm))
4300 return -EBUSY;
4301
4302 return !svm_smi_blocked(vcpu);
4303}
4304
4305static int svm_pre_enter_smm(struct kvm_vcpu *vcpu, char *smstate)
4306{
4307 struct vcpu_svm *svm = to_svm(vcpu);
4308 struct kvm_host_map map_save;
4309 int ret;
4310
4311 if (is_guest_mode(vcpu)) {
4312
4313 put_smstate(u64, smstate, 0x7ed8, 1);
4314
4315 put_smstate(u64, smstate, 0x7ee0, svm->nested.vmcb12_gpa);
4316
4317 svm->vmcb->save.rax = vcpu->arch.regs[VCPU_REGS_RAX];
4318 svm->vmcb->save.rsp = vcpu->arch.regs[VCPU_REGS_RSP];
4319 svm->vmcb->save.rip = vcpu->arch.regs[VCPU_REGS_RIP];
4320
4321 ret = nested_svm_vmexit(svm);
4322 if (ret)
4323 return ret;
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337 if (kvm_vcpu_map(vcpu, gpa_to_gfn(svm->nested.hsave_msr),
4338 &map_save) == -EINVAL)
4339 return 1;
4340
4341 BUILD_BUG_ON(offsetof(struct vmcb, save) != 0x400);
4342
4343 svm_copy_vmrun_state(&svm->vmcb01.ptr->save,
4344 map_save.hva + 0x400);
4345
4346 kvm_vcpu_unmap(vcpu, &map_save, true);
4347 }
4348 return 0;
4349}
4350
4351static int svm_pre_leave_smm(struct kvm_vcpu *vcpu, const char *smstate)
4352{
4353 struct vcpu_svm *svm = to_svm(vcpu);
4354 struct kvm_host_map map, map_save;
4355 int ret = 0;
4356
4357 if (guest_cpuid_has(vcpu, X86_FEATURE_LM)) {
4358 u64 saved_efer = GET_SMSTATE(u64, smstate, 0x7ed0);
4359 u64 guest = GET_SMSTATE(u64, smstate, 0x7ed8);
4360 u64 vmcb12_gpa = GET_SMSTATE(u64, smstate, 0x7ee0);
4361 struct vmcb *vmcb12;
4362
4363 if (guest) {
4364 if (!guest_cpuid_has(vcpu, X86_FEATURE_SVM))
4365 return 1;
4366
4367 if (!(saved_efer & EFER_SVME))
4368 return 1;
4369
4370 if (kvm_vcpu_map(vcpu,
4371 gpa_to_gfn(vmcb12_gpa), &map) == -EINVAL)
4372 return 1;
4373
4374 if (svm_allocate_nested(svm))
4375 return 1;
4376
4377 vmcb12 = map.hva;
4378
4379 nested_load_control_from_vmcb12(svm, &vmcb12->control);
4380
4381 ret = enter_svm_guest_mode(vcpu, vmcb12_gpa, vmcb12);
4382 kvm_vcpu_unmap(vcpu, &map, true);
4383
4384
4385
4386
4387
4388 if (kvm_vcpu_map(vcpu, gpa_to_gfn(svm->nested.hsave_msr),
4389 &map_save) == -EINVAL)
4390 return 1;
4391
4392 svm_copy_vmrun_state(map_save.hva + 0x400,
4393 &svm->vmcb01.ptr->save);
4394
4395 kvm_vcpu_unmap(vcpu, &map_save, true);
4396 }
4397 }
4398
4399 return ret;
4400}
4401
4402static void svm_enable_smi_window(struct kvm_vcpu *vcpu)
4403{
4404 struct vcpu_svm *svm = to_svm(vcpu);
4405
4406 if (!gif_set(svm)) {
4407 if (vgif_enabled(svm))
4408 svm_set_intercept(svm, INTERCEPT_STGI);
4409
4410 } else {
4411
4412 }
4413}
4414
4415static bool svm_can_emulate_instruction(struct kvm_vcpu *vcpu, void *insn, int insn_len)
4416{
4417 bool smep, smap, is_user;
4418 unsigned long cr4;
4419
4420
4421
4422
4423 if (sev_es_guest(vcpu->kvm))
4424 return false;
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466 if (likely(!insn || insn_len))
4467 return true;
4468
4469
4470
4471
4472
4473 if (!kvm_vcpu_gfn_to_memslot(vcpu, kvm_rip_read(vcpu) >> PAGE_SHIFT))
4474 return true;
4475
4476 cr4 = kvm_read_cr4(vcpu);
4477 smep = cr4 & X86_CR4_SMEP;
4478 smap = cr4 & X86_CR4_SMAP;
4479 is_user = svm_get_cpl(vcpu) == 3;
4480 if (smap && (!smep || is_user)) {
4481 if (!sev_guest(vcpu->kvm))
4482 return true;
4483
4484 pr_err_ratelimited("KVM: SEV Guest triggered AMD Erratum 1096\n");
4485 kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
4486 }
4487
4488 return false;
4489}
4490
4491static bool svm_apic_init_signal_blocked(struct kvm_vcpu *vcpu)
4492{
4493 struct vcpu_svm *svm = to_svm(vcpu);
4494
4495
4496
4497
4498
4499
4500
4501
4502 return !gif_set(svm) ||
4503 (vmcb_is_intercept(&svm->vmcb->control, INTERCEPT_INIT));
4504}
4505
4506static void svm_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector)
4507{
4508 if (!sev_es_guest(vcpu->kvm))
4509 return kvm_vcpu_deliver_sipi_vector(vcpu, vector);
4510
4511 sev_vcpu_deliver_sipi_vector(vcpu, vector);
4512}
4513
4514static void svm_vm_destroy(struct kvm *kvm)
4515{
4516 avic_vm_destroy(kvm);
4517 sev_vm_destroy(kvm);
4518}
4519
4520static int svm_vm_init(struct kvm *kvm)
4521{
4522 if (!pause_filter_count || !pause_filter_thresh)
4523 kvm->arch.pause_in_guest = true;
4524
4525 if (avic) {
4526 int ret = avic_vm_init(kvm);
4527 if (ret)
4528 return ret;
4529 }
4530
4531 kvm_apicv_init(kvm, avic);
4532 return 0;
4533}
4534
4535static struct kvm_x86_ops svm_x86_ops __initdata = {
4536 .hardware_unsetup = svm_hardware_teardown,
4537 .hardware_enable = svm_hardware_enable,
4538 .hardware_disable = svm_hardware_disable,
4539 .cpu_has_accelerated_tpr = svm_cpu_has_accelerated_tpr,
4540 .has_emulated_msr = svm_has_emulated_msr,
4541
4542 .vcpu_create = svm_create_vcpu,
4543 .vcpu_free = svm_free_vcpu,
4544 .vcpu_reset = svm_vcpu_reset,
4545
4546 .vm_size = sizeof(struct kvm_svm),
4547 .vm_init = svm_vm_init,
4548 .vm_destroy = svm_vm_destroy,
4549
4550 .prepare_guest_switch = svm_prepare_guest_switch,
4551 .vcpu_load = svm_vcpu_load,
4552 .vcpu_put = svm_vcpu_put,
4553 .vcpu_blocking = svm_vcpu_blocking,
4554 .vcpu_unblocking = svm_vcpu_unblocking,
4555
4556 .update_exception_bitmap = svm_update_exception_bitmap,
4557 .get_msr_feature = svm_get_msr_feature,
4558 .get_msr = svm_get_msr,
4559 .set_msr = svm_set_msr,
4560 .get_segment_base = svm_get_segment_base,
4561 .get_segment = svm_get_segment,
4562 .set_segment = svm_set_segment,
4563 .get_cpl = svm_get_cpl,
4564 .get_cs_db_l_bits = kvm_get_cs_db_l_bits,
4565 .set_cr0 = svm_set_cr0,
4566 .is_valid_cr4 = svm_is_valid_cr4,
4567 .set_cr4 = svm_set_cr4,
4568 .set_efer = svm_set_efer,
4569 .get_idt = svm_get_idt,
4570 .set_idt = svm_set_idt,
4571 .get_gdt = svm_get_gdt,
4572 .set_gdt = svm_set_gdt,
4573 .set_dr7 = svm_set_dr7,
4574 .sync_dirty_debug_regs = svm_sync_dirty_debug_regs,
4575 .cache_reg = svm_cache_reg,
4576 .get_rflags = svm_get_rflags,
4577 .set_rflags = svm_set_rflags,
4578
4579 .tlb_flush_all = svm_flush_tlb,
4580 .tlb_flush_current = svm_flush_tlb,
4581 .tlb_flush_gva = svm_flush_tlb_gva,
4582 .tlb_flush_guest = svm_flush_tlb,
4583
4584 .run = svm_vcpu_run,
4585 .handle_exit = handle_exit,
4586 .skip_emulated_instruction = skip_emulated_instruction,
4587 .update_emulated_instruction = NULL,
4588 .set_interrupt_shadow = svm_set_interrupt_shadow,
4589 .get_interrupt_shadow = svm_get_interrupt_shadow,
4590 .patch_hypercall = svm_patch_hypercall,
4591 .set_irq = svm_set_irq,
4592 .set_nmi = svm_inject_nmi,
4593 .queue_exception = svm_queue_exception,
4594 .cancel_injection = svm_cancel_injection,
4595 .interrupt_allowed = svm_interrupt_allowed,
4596 .nmi_allowed = svm_nmi_allowed,
4597 .get_nmi_mask = svm_get_nmi_mask,
4598 .set_nmi_mask = svm_set_nmi_mask,
4599 .enable_nmi_window = svm_enable_nmi_window,
4600 .enable_irq_window = svm_enable_irq_window,
4601 .update_cr8_intercept = svm_update_cr8_intercept,
4602 .set_virtual_apic_mode = svm_set_virtual_apic_mode,
4603 .refresh_apicv_exec_ctrl = svm_refresh_apicv_exec_ctrl,
4604 .check_apicv_inhibit_reasons = svm_check_apicv_inhibit_reasons,
4605 .pre_update_apicv_exec_ctrl = svm_pre_update_apicv_exec_ctrl,
4606 .load_eoi_exitmap = svm_load_eoi_exitmap,
4607 .hwapic_irr_update = svm_hwapic_irr_update,
4608 .hwapic_isr_update = svm_hwapic_isr_update,
4609 .sync_pir_to_irr = kvm_lapic_find_highest_irr,
4610 .apicv_post_state_restore = avic_post_state_restore,
4611
4612 .set_tss_addr = svm_set_tss_addr,
4613 .set_identity_map_addr = svm_set_identity_map_addr,
4614 .get_mt_mask = svm_get_mt_mask,
4615
4616 .get_exit_info = svm_get_exit_info,
4617
4618 .vcpu_after_set_cpuid = svm_vcpu_after_set_cpuid,
4619
4620 .has_wbinvd_exit = svm_has_wbinvd_exit,
4621
4622 .write_l1_tsc_offset = svm_write_l1_tsc_offset,
4623
4624 .load_mmu_pgd = svm_load_mmu_pgd,
4625
4626 .check_intercept = svm_check_intercept,
4627 .handle_exit_irqoff = svm_handle_exit_irqoff,
4628
4629 .request_immediate_exit = __kvm_request_immediate_exit,
4630
4631 .sched_in = svm_sched_in,
4632
4633 .pmu_ops = &amd_pmu_ops,
4634 .nested_ops = &svm_nested_ops,
4635
4636 .deliver_posted_interrupt = svm_deliver_avic_intr,
4637 .dy_apicv_has_pending_interrupt = svm_dy_apicv_has_pending_interrupt,
4638 .update_pi_irte = svm_update_pi_irte,
4639 .setup_mce = svm_setup_mce,
4640
4641 .smi_allowed = svm_smi_allowed,
4642 .pre_enter_smm = svm_pre_enter_smm,
4643 .pre_leave_smm = svm_pre_leave_smm,
4644 .enable_smi_window = svm_enable_smi_window,
4645
4646 .mem_enc_op = svm_mem_enc_op,
4647 .mem_enc_reg_region = svm_register_enc_region,
4648 .mem_enc_unreg_region = svm_unregister_enc_region,
4649
4650 .vm_copy_enc_context_from = svm_vm_copy_asid_from,
4651
4652 .can_emulate_instruction = svm_can_emulate_instruction,
4653
4654 .apic_init_signal_blocked = svm_apic_init_signal_blocked,
4655
4656 .msr_filter_changed = svm_msr_filter_changed,
4657 .complete_emulated_msr = svm_complete_emulated_msr,
4658
4659 .vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector,
4660};
4661
4662static struct kvm_x86_init_ops svm_init_ops __initdata = {
4663 .cpu_has_kvm_support = has_svm,
4664 .disabled_by_bios = is_disabled,
4665 .hardware_setup = svm_hardware_setup,
4666 .check_processor_compatibility = svm_check_processor_compat,
4667
4668 .runtime_ops = &svm_x86_ops,
4669};
4670
4671static int __init svm_init(void)
4672{
4673 __unused_size_checks();
4674
4675 return kvm_init(&svm_init_ops, sizeof(struct vcpu_svm),
4676 __alignof__(struct vcpu_svm), THIS_MODULE);
4677}
4678
4679static void __exit svm_exit(void)
4680{
4681 kvm_exit();
4682}
4683
4684module_init(svm_init)
4685module_exit(svm_exit)
4686
