From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 035FBC43461 for ; Thu, 22 Apr 2021 02:21:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C0193613D1 for ; Thu, 22 Apr 2021 02:21:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234184AbhDVCWJ (ORCPT ); Wed, 21 Apr 2021 22:22:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45236 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234131AbhDVCWH (ORCPT ); Wed, 21 Apr 2021 22:22:07 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AB569C06174A for ; Wed, 21 Apr 2021 19:21:33 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id d89-20020a25a3620000b02904dc8d0450c6so18079100ybi.2 for ; Wed, 21 Apr 2021 19:21:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=mOGXDXzhpmjx3GQXAE3F8jbPyKEywOEsLX4Y9QabnGA=; b=GU+uTAsFDPr0l/vq7k1GGUfFG0HY63xcX5Yc3k+1WVkUkhlV2oO5V1JwVX8bEE0aBS mQndo+u+3ZaNchbjRiiF39LSRsv0my7vXosl7viM9rYXMSXfOZQBFzSd3S1x2aSDNnRK IUv6ZDjZxwHZNRNH0rGz3IxcW/JQrdgrhrZUz0mfN47Jzwfd6t/AiR9LR+X3E+JPRVl9 h2oNFcwWD3p7tlB12ls6LLJ9kL24gUvlbuml5QTtbdoqKnhK0O1mRRWb8RB33UiQaKSu BLV7RQhh19lOJwYLvKPpQv8TtmI4DDzoXyP8uUx7OnBZu/K22M+Dyk6WMgyaFdgYtyZa XGyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=mOGXDXzhpmjx3GQXAE3F8jbPyKEywOEsLX4Y9QabnGA=; b=m23dMdjugDN1gWdYhoJueB83+wEDg/XC/aqm23wvl9FfKqtoSp+EFckNSrB9cm/Bvi 5rRdrdHUBce1UanwB3uH2iwVMjJuIysBOdnp5w/sJvm+JZRAlpueP5qW/x/Lhn+iySkI ucsLqBgIgqfuzj7PKztg8kTUOaUlXsgXjKZrZWlAquG3KVESLVVg+Etgu4Y9kAUkrWcz lExmLhw91eJigR4/2ebpdn+ukycpiW+xxrxlrkFkV8+hnp801ucqzzRf7j+okaQkp0wb OMN9dHUHGPZHCCmecKmfkO7GsMHShTDLxj0iOrO2xOlOapMTui3P7ractdEjudTEt0HH 9pPw== X-Gm-Message-State: AOAM532JSwPAKDF6v62n3RBANFg7FLR+dvWQbA7yz8igGmM/+ixseyHB Yh0PItHzLmDXloOPo4p1zRAEUrd6CWk= X-Google-Smtp-Source: ABdhPJzk1VEX5RsnrgizC3w7WKpIWyjE7FzekhwM/pl5AX/kpTpBb+6bgSoManqeL0KyEcHO4He2vZribeE= X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:e012:374c:592:6194]) (user=seanjc job=sendgmr) by 2002:a25:e04b:: with SMTP id x72mr1418298ybg.337.1619058092969; Wed, 21 Apr 2021 19:21:32 -0700 (PDT) Reply-To: Sean Christopherson Date: Wed, 21 Apr 2021 19:21:20 -0700 In-Reply-To: <20210422022128.3464144-1-seanjc@google.com> Message-Id: <20210422022128.3464144-2-seanjc@google.com> Mime-Version: 1.0 References: <20210422022128.3464144-1-seanjc@google.com> X-Mailer: git-send-email 2.31.1.498.g6c1eba8ee3d-goog Subject: [PATCH v2 1/9] KVM: x86: Remove emulator's broken checks on CR0/CR3/CR4 loads From: Sean Christopherson To: Paolo Bonzini Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Babu Moger , Joao Martins , David Woodhouse Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Remove the emulator's checks for illegal CR0, CR3, and CR4 values, as the checks are redundant, outdated, and in the case of SEV's C-bit, broken. The emulator manually calculates MAXPHYADDR from CPUID and neglects to mask off the C-bit. For all other checks, kvm_set_cr*() are a superset of the emulator checks, e.g. see CR4.LA57. Fixes: a780a3ea6282 ("KVM: X86: Fix reserved bits check for MOV to CR3") Cc: Babu Moger Signed-off-by: Sean Christopherson --- arch/x86/kvm/emulate.c | 68 +----------------------------------------- 1 file changed, 1 insertion(+), 67 deletions(-) diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index f7970ba6219f..f4273b8e31fa 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -4230,75 +4230,9 @@ static int check_cr_read(struct x86_emulate_ctxt *ctxt) static int check_cr_write(struct x86_emulate_ctxt *ctxt) { - u64 new_val = ctxt->src.val64; - int cr = ctxt->modrm_reg; - u64 efer = 0; - - static u64 cr_reserved_bits[] = { - 0xffffffff00000000ULL, - 0, 0, 0, /* CR3 checked later */ - CR4_RESERVED_BITS, - 0, 0, 0, - CR8_RESERVED_BITS, - }; - - if (!valid_cr(cr)) + if (!valid_cr(ctxt->modrm_reg)) return emulate_ud(ctxt); - if (new_val & cr_reserved_bits[cr]) - return emulate_gp(ctxt, 0); - - switch (cr) { - case 0: { - u64 cr4; - if (((new_val & X86_CR0_PG) && !(new_val & X86_CR0_PE)) || - ((new_val & X86_CR0_NW) && !(new_val & X86_CR0_CD))) - return emulate_gp(ctxt, 0); - - cr4 = ctxt->ops->get_cr(ctxt, 4); - ctxt->ops->get_msr(ctxt, MSR_EFER, &efer); - - if ((new_val & X86_CR0_PG) && (efer & EFER_LME) && - !(cr4 & X86_CR4_PAE)) - return emulate_gp(ctxt, 0); - - break; - } - case 3: { - u64 rsvd = 0; - - ctxt->ops->get_msr(ctxt, MSR_EFER, &efer); - if (efer & EFER_LMA) { - u64 maxphyaddr; - u32 eax, ebx, ecx, edx; - - eax = 0x80000008; - ecx = 0; - if (ctxt->ops->get_cpuid(ctxt, &eax, &ebx, &ecx, - &edx, true)) - maxphyaddr = eax & 0xff; - else - maxphyaddr = 36; - rsvd = rsvd_bits(maxphyaddr, 63); - if (ctxt->ops->get_cr(ctxt, 4) & X86_CR4_PCIDE) - rsvd &= ~X86_CR3_PCID_NOFLUSH; - } - - if (new_val & rsvd) - return emulate_gp(ctxt, 0); - - break; - } - case 4: { - ctxt->ops->get_msr(ctxt, MSR_EFER, &efer); - - if ((efer & EFER_LMA) && !(new_val & X86_CR4_PAE)) - return emulate_gp(ctxt, 0); - - break; - } - } - return X86EMUL_CONTINUE; } -- 2.31.1.498.g6c1eba8ee3d-goog