Re: [Kernel BUG?] SMSW operation get success on UMIP KVM guest

Re: [Kernel BUG?] SMSW operation get success on UMIP KVM guest

[Thomas Gleixner]

On Mon, 1 Jul 2019, Li Wang wrote:

> Hello there,
> 
> LTP/umip_basic_test get failed on KVM UMIP system(kernel-v5.2-rc4.x86_64).
> The test is only trying to do
>      asm volatile("smsw %0\n" : "=m" (val));
> and expect to get SIGSEGV in this SMSW operation, but it exits with 0
> unexpectedly.
> 
> ====================
> # grep CONFIG_X86_INTEL_UMIP /boot/config-5.2.0-0.rc4.x86_64
> CONFIG_X86_INTEL_UMIP=y
> 
> # lscpu |grep umip
> Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
> mca cmov pat pse36 clflush mmx fxsr sse sse2 ss syscall nx pdpe1gb rdtscp
> lm constant_tsc rep_good nopl xtopology cpuid tsc_known_freq pni pclmulqdq
> ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer
> aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch cpuid_fault
> invpcid_single pti ssbd ibrs ibpb stibp fsgsbase tsc_adjust bmi1 hle avx2
> smep bmi2 erms invpcid rtm mpx avx512f avx512dq rdseed adx smap clflushopt
> clwb avx512cd avx512bw avx512vl xsaveopt xsavec xgetbv1 xsaves arat umip
> pku ospke md_clear
> 
> # ./umip_basic_test
> ...
> umip_basic_test.c:68: INFO: TEST smsw, smsw result save at [0x7ffda00dca70]
> umip_basic_test.c:118: FAIL: Didn't receive SIGSEGV, child exited with
> exited with 0

SMSW is emulated and returns a constant value:

#define CR0_STATE       (X86_CR0_PE | X86_CR0_MP | X86_CR0_ET | \
                         X86_CR0_NE | X86_CR0_WP | X86_CR0_AM | \
                         X86_CR0_PG)

IIRC that is done to not break stuff like Wine. Ricardo should know the
details.

Thanks,

	tglx

Re: [Kernel BUG?] SMSW operation get success on UMIP KVM guest

[Paolo Bonzini]

On 01/07/19 09:50, Li Wang wrote:
> Hello there,
> 
> LTP/umip_basic_test get failed on KVM UMIP
> system(kernel-v5.2-rc4.x86_64). The test is only trying to do
>      asm volatile("smsw %0\n" : "=m" (val));
> and expect to get SIGSEGV in this SMSW operation, but it exits with 0
> unexpectedly.

In addition to what Thomas said, perhaps you are using a host that does
*not* have UMIP, and configuring KVM to emulate it(*).  In that case, it
is not possible to intercept SMSW, and therefore it will incorrectly
succeed.

Paolo

(*) before the x86 people jump at me, this won't happen unless you
explicitly pass an option to QEMU, such as "-cpu host,+umip". :)  The
incorrect emulation of SMSW when CR4.UMIP=1 is why.

Re: [Kernel BUG?] SMSW operation get success on UMIP KVM guest

[Ricardo Neri]

On Mon, Jul 01, 2019 at 02:02:35PM +0200, Paolo Bonzini wrote:
> On 01/07/19 09:50, Li Wang wrote:
> > Hello there,
> > 
> > LTP/umip_basic_test get failed on KVM UMIP
> > system(kernel-v5.2-rc4.x86_64). The test is only trying to do
> >      asm volatile("smsw %0\n" : "=m" (val));
> > and expect to get SIGSEGV in this SMSW operation, but it exits with 0
> > unexpectedly.
> 
> In addition to what Thomas said, perhaps you are using a host that does
> *not* have UMIP, and configuring KVM to emulate it(*).  In that case, it
> is not possible to intercept SMSW, and therefore it will incorrectly
> succeed.

Also, emulation for SMSW, SIDT, and SGDT is done only for 32-bit
processes. As Thomas said, the purpose is not on break Wine. In 64-bit
processes, we sould always see a #GP exception.
> 
> Paolo
> 
> (*) before the x86 people jump at me, this won't happen unless you
> explicitly pass an option to QEMU, such as "-cpu host,+umip". :)  The
> incorrect emulation of SMSW when CR4.UMIP=1 is why.

Paolo, what do you mean by the incorrect emulation of SMSW?

Thanks and BR,
Ricardo

Re: [Kernel BUG?] SMSW operation get success on UMIP KVM guest

[Ricardo Neri]

On Mon, Jul 01, 2019 at 08:57:28PM +0800, Li Wang wrote:
> On Mon, Jul 1, 2019 at 8:02 PM Paolo Bonzini <pbonzini@redhat.com> wrote:
> 
> > On 01/07/19 09:50, Li Wang wrote:
> > > Hello there,
> > >
> > > LTP/umip_basic_test get failed on KVM UMIP
> > > system(kernel-v5.2-rc4.x86_64). The test is only trying to do
> > >      asm volatile("smsw %0\n" : "=m" (val));
> > > and expect to get SIGSEGV in this SMSW operation, but it exits with 0
> > > unexpectedly.
> >
> > In addition to what Thomas said, perhaps you are using a host that does
> > *not* have UMIP, and configuring KVM to emulate it(*).  In that case, it
> > is not possible to intercept SMSW, and therefore it will incorrectly
> > succeed.
> >
> 
> Right, I checked the host system, and confirmed that CPU doesn't support
> UMIP.
> 
> >
> > Paolo
> >
> > (*) before the x86 people jump at me, this won't happen unless you
> > explicitly pass an option to QEMU, such as "-cpu host,+umip". :)  The
> > incorrect emulation of SMSW when CR4.UMIP=1 is why.
> >
> Good to know this, is there any document for that declaration? It seems
> neither LTP issue nor kernel bug here. But anyway we'd better do something
> to avoid the error in the test.

The test case already checks for umip in /proc/cpuinfo, right? And in
long mode it always expects a SIGSEGV signal. If you did not add -cpu host,+umip,
how come umip was present in /proc/cpuinfo?

Thanks and BR,
Ricardo

Re: [Kernel BUG?] SMSW operation get success on UMIP KVM guest

[Paolo Bonzini]

On 01/07/19 16:53, Ricardo Neri wrote:
>>
>> (*) before the x86 people jump at me, this won't happen unless you
>> explicitly pass an option to QEMU, such as "-cpu host,+umip". :)  The
>> incorrect emulation of SMSW when CR4.UMIP=1 is why.
> Paolo, what do you mean by the incorrect emulation of SMSW?

When KVM tries to emulate UMIP on a system that doesn't have it, SMSW
won't cause a #GP.  The processor is simply not able to trap to the
hypervisor on SMSW (unlike SGDT/SIDT/SLDT/STR), so it's impossible to do
better.

Paolo

Re: [Kernel BUG?] SMSW operation get success on UMIP KVM guest

[Pengfei Xu]

Seems no issue now.

Thanks all.

On 2019-07-02 at 09:52:39 +0800, Li Wang wrote:
> On Tue, Jul 2, 2019 at 12:04 AM Ricardo Neri <
> ricardo.neri-calderon@linux.intel.com> wrote:
> 
> > On Mon, Jul 01, 2019 at 08:57:28PM +0800, Li Wang wrote:
> > > On Mon, Jul 1, 2019 at 8:02 PM Paolo Bonzini <pbonzini@redhat.com>
> > wrote:
> > >
> > > > On 01/07/19 09:50, Li Wang wrote:
> > > > > Hello there,
> > > > >
> > > > > LTP/umip_basic_test get failed on KVM UMIP
> > > > > system(kernel-v5.2-rc4.x86_64). The test is only trying to do
> > > > >      asm volatile("smsw %0\n" : "=m" (val));
> > > > > and expect to get SIGSEGV in this SMSW operation, but it exits with 0
> > > > > unexpectedly.
> > > >
> > > > In addition to what Thomas said, perhaps you are using a host that does
> > > > *not* have UMIP, and configuring KVM to emulate it(*).  In that case,
> > it
> > > > is not possible to intercept SMSW, and therefore it will incorrectly
> > > > succeed.
> > > >
> > >
> > > Right, I checked the host system, and confirmed that CPU doesn't support
> > > UMIP.
> > >
> > > >
> > > > Paolo
> > > >
> > > > (*) before the x86 people jump at me, this won't happen unless you
> > > > explicitly pass an option to QEMU, such as "-cpu host,+umip". :)  The
> > > > incorrect emulation of SMSW when CR4.UMIP=1 is why.
> > > >
> > > Good to know this, is there any document for that declaration? It seems
> > > neither LTP issue nor kernel bug here. But anyway we'd better do
> > something
> > > to avoid the error in the test.
> >
> > The test case already checks for umip in /proc/cpuinfo, right? And in
> > long mode it always expects a SIGSEGV signal. If you did not add -cpu
> > host,+umip,
> > how come umip was present in /proc/cpuinfo?
> >
> 
> Yes, right.
> 
> But the KVM guest is not customized in manual, I reserved that system for
> automation test and did not aware of the '-cpu host,+umip,' parameter until
> Paolo points it out. In the last email, I was hoping to find a way to
> recognize this situation for the LTP test intelligently.
> 
> Thank you all for a reply to this.
> 
> -- 
> Regards,
> Li Wang