CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src
Committed By: martin
Date: Tue Jul 25 15:35:35 UTC 2023
Modified Files:
src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86_svm.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1666):
sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.85
nvmm: Filter CR4 bits on x86 SVM (AMD).
In particular, prohibit PKE, Protection Key Enable, which requires
some additional management of CPU state by nvmm.
To generate a diff of this commit:
cvs rdiff -u -r1.46.4.13 -r1.46.4.14 src/sys/dev/nvmm/x86/nvmm_x86_svm.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/nvmm/x86/nvmm_x86_svm.c
diff -u src/sys/dev/nvmm/x86/nvmm_x86_svm.c:1.46.4.13 src/sys/dev/nvmm/x86/nvmm_x86_svm.c:1.46.4.14
--- src/sys/dev/nvmm/x86/nvmm_x86_svm.c:1.46.4.13 Sun Sep 13 11:56:44 2020
+++ src/sys/dev/nvmm/x86/nvmm_x86_svm.c Tue Jul 25 15:35:35 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: nvmm_x86_svm.c,v 1.46.4.13 2020/09/13 11:56:44 martin Exp $ */
+/* $NetBSD: nvmm_x86_svm.c,v 1.46.4.14 2023/07/25 15:35:35 martin Exp $ */
/*
* Copyright (c) 2018-2019 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_svm.c,v 1.46.4.13 2020/09/13 11:56:44 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_svm.c,v 1.46.4.14 2023/07/25 15:35:35 martin Exp $");
#include
#include
@@ -511,6 +511,33 @@ static uint64_t svm_xcr0_mask __read_mos
#define CR4_TLB_FLUSH \
(CR4_PSE|CR4_PAE|CR4_PGE|CR4_PCIDE|CR4_SMEP)
+#define CR4_VALID \
+ (CR4_VME | \
+ CR4_PVI | \
+ CR4_TSD | \
+ CR4_DE | \
+ CR4_PSE | \
+ CR4_PAE | \
+ CR4_MCE | \
+ CR4_PGE | \
+ CR4_PCE | \
+ CR4_OSFXSR | \
+ CR4_OSXMMEXCPT | \
+ CR4_UMIP | \
+ /* CR4_LA57 excluded */ \
+ /* bit 13 reserved on AMD */ \
+ /* bit 14 reserved on AMD */ \
+ /* bit 15 reserved on AMD */ \
+ CR4_FSGSBASE | \
+ CR4_PCIDE | \
+ CR4_OSXSAVE | \
+ /* bit 19 reserved on AMD */ \
+ CR4_SMEP | \
+ CR4_SMAP \
+ /* CR4_PKE excluded */ \
+ /* CR4_CET excluded */ \
+ /* bits 24:63 reserved on AMD */)
+
/* -- */
struct svm_machdata {
@@ -1847,6 +1874,7 @@ svm_vcpu_setstate(struct nvmm_cpu *vcpu)
vmcb->state.cr2 = state->crs[NVMM_X64_CR_CR2];
vmcb->state.cr3 = state->crs[NVMM_X64_CR_CR3];
vmcb->state.cr4 = state->crs[NVMM_X64_CR_CR4];
+ vmcb->state.cr4 &= CR4_VALID;
vmcb->ctrl.v &= ~VMCB_CTRL_V_TPR;
vmcb->ctrl.v |= __SHIFTIN(state->crs[NVMM_X64_CR_CR8],
CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src Committed By: martin Date: Tue Jul 25 15:35:35 UTC 2023 Modified Files: src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86_svm.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1666): sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.85 nvmm: Filter CR4 bits on x86 SVM (AMD). In particular, prohibit PKE, Protection Key Enable, which requires some additional management of CPU state by nvmm. To generate a diff of this commit: cvs rdiff -u -r1.46.4.13 -r1.46.4.14 src/sys/dev/nvmm/x86/nvmm_x86_svm.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src Committed By: martin Date: Sat Nov 16 20:08:45 UTC 2019 Modified Files: src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86.c Log Message: Pull up following revision(s) (requested by jmcneill in ticket #434): sys/dev/nvmm/x86/nvmm_x86.c: revision 1.8 Don't report MWAITX by default. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.7.4.1 src/sys/dev/nvmm/x86/nvmm_x86.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/nvmm/x86/nvmm_x86.c diff -u src/sys/dev/nvmm/x86/nvmm_x86.c:1.7 src/sys/dev/nvmm/x86/nvmm_x86.c:1.7.4.1 --- src/sys/dev/nvmm/x86/nvmm_x86.c:1.7 Wed May 15 04:39:52 2019 +++ src/sys/dev/nvmm/x86/nvmm_x86.c Sat Nov 16 20:08:45 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: nvmm_x86.c,v 1.7 2019/05/15 04:39:52 maxv Exp $ */ +/* $NetBSD: nvmm_x86.c,v 1.7.4.1 2019/11/16 20:08:45 martin Exp $ */ /* * Copyright (c) 2018-2019 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: nvmm_x86.c,v 1.7 2019/05/15 04:39:52 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: nvmm_x86.c,v 1.7.4.1 2019/11/16 20:08:45 martin Exp $"); #include #include @@ -292,7 +292,7 @@ const struct nvmm_x86_cpuid_mask nvmm_cp .eax = ~0, .ebx = ~0, .ecx = - /* Excluded: SVM, EAPIC, OSVW. */ + /* Excluded: SVM, EAPIC, OSVW, MWAITX. */ CPUID_LAHF | CPUID_CMPLEGACY | CPUID_ALTMOVCR0 | CPUID_LZCNT | CPUID_SSE4A | CPUID_MISALIGNSSE | @@ -304,7 +304,7 @@ const struct nvmm_x86_cpuid_mask nvmm_cp CPUID_TOPOEXT | CPUID_PCEC | CPUID_PCENB | CPUID_SPM | CPUID_DBE | CPUID_PTSC | - CPUID_L2IPERFC | CPUID_MWAITX, + CPUID_L2IPERFC, .edx = /* Excluded: RDTSCP. */ CPUID_SYSCALL | CPUID_MPC |
CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src Committed By: martin Date: Sat Nov 16 20:08:45 UTC 2019 Modified Files: src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86.c Log Message: Pull up following revision(s) (requested by jmcneill in ticket #434): sys/dev/nvmm/x86/nvmm_x86.c: revision 1.8 Don't report MWAITX by default. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.7.4.1 src/sys/dev/nvmm/x86/nvmm_x86.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src
Committed By: martin
Date: Sun Oct 6 11:04:55 UTC 2019
Modified Files:
src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86_svm.c nvmm_x86_vmx.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #287):
sys/dev/nvmm/x86/nvmm_x86_vmx.c: revision 1.38
sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.47
sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.48
sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.49
Add definitions for RDPRU, MCOMMIT, GMET and VTE.
Fix definition for MWAIT. It should be bit 11, not 12; 12 is the armed
version.
Switch to the new PTE naming.
To generate a diff of this commit:
cvs rdiff -u -r1.46 -r1.46.4.1 src/sys/dev/nvmm/x86/nvmm_x86_svm.c
cvs rdiff -u -r1.36.2.1 -r1.36.2.2 src/sys/dev/nvmm/x86/nvmm_x86_vmx.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/nvmm/x86/nvmm_x86_svm.c
diff -u src/sys/dev/nvmm/x86/nvmm_x86_svm.c:1.46 src/sys/dev/nvmm/x86/nvmm_x86_svm.c:1.46.4.1
--- src/sys/dev/nvmm/x86/nvmm_x86_svm.c:1.46 Sat May 11 07:31:56 2019
+++ src/sys/dev/nvmm/x86/nvmm_x86_svm.c Sun Oct 6 11:04:55 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: nvmm_x86_svm.c,v 1.46 2019/05/11 07:31:56 maxv Exp $ */
+/* $NetBSD: nvmm_x86_svm.c,v 1.46.4.1 2019/10/06 11:04:55 martin Exp $ */
/*
* Copyright (c) 2018 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_svm.c,v 1.46 2019/05/11 07:31:56 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_svm.c,v 1.46.4.1 2019/10/06 11:04:55 martin Exp $");
#include
#include
@@ -202,6 +202,7 @@ int svm_vmrun(paddr_t, uint64_t *);
#define VMCB_EXITCODE_MWAIT 0x008B
#define VMCB_EXITCODE_MWAIT_CONDITIONAL 0x008C
#define VMCB_EXITCODE_XSETBV 0x008D
+#define VMCB_EXITCODE_RDPRU 0x008E
#define VMCB_EXITCODE_EFER_WRITE_TRAP 0x008F
#define VMCB_EXITCODE_CR0_WRITE_TRAP 0x0090
#define VMCB_EXITCODE_CR1_WRITE_TRAP 0x0091
@@ -219,6 +220,7 @@ int svm_vmrun(paddr_t, uint64_t *);
#define VMCB_EXITCODE_CR13_WRITE_TRAP 0x009D
#define VMCB_EXITCODE_CR14_WRITE_TRAP 0x009E
#define VMCB_EXITCODE_CR15_WRITE_TRAP 0x009F
+#define VMCB_EXITCODE_MCOMMIT 0x00A3
#define VMCB_EXITCODE_NPF 0x0400
#define VMCB_EXITCODE_AVIC_INCOMP_IPI 0x0401
#define VMCB_EXITCODE_AVIC_NOACCEL 0x0402
@@ -285,12 +287,17 @@ struct vmcb_ctrl {
#define VMCB_CTRL_INTERCEPT_ICEBP __BIT(8)
#define VMCB_CTRL_INTERCEPT_WBINVD __BIT(9)
#define VMCB_CTRL_INTERCEPT_MONITOR __BIT(10)
-#define VMCB_CTRL_INTERCEPT_MWAIT __BIT(12)
+#define VMCB_CTRL_INTERCEPT_MWAIT __BIT(11)
+#define VMCB_CTRL_INTERCEPT_MWAIT_ARMED __BIT(12)
#define VMCB_CTRL_INTERCEPT_XSETBV __BIT(13)
+#define VMCB_CTRL_INTERCEPT_RDPRU __BIT(14)
#define VMCB_CTRL_INTERCEPT_EFER_SPEC __BIT(15)
#define VMCB_CTRL_INTERCEPT_WCR_SPEC(x) __BIT(16 + x)
- uint8_t rsvd1[40];
+ uint32_t intercept_misc3;
+#define VMCB_CTRL_INTERCEPT_MCOMMIT __BIT(3)
+
+ uint8_t rsvd1[36];
uint16_t pause_filt_thresh;
uint16_t pause_filt_cnt;
uint64_t iopm_base_pa;
@@ -332,6 +339,8 @@ struct vmcb_ctrl {
#define VMCB_CTRL_ENABLE_NP __BIT(0)
#define VMCB_CTRL_ENABLE_SEV __BIT(1)
#define VMCB_CTRL_ENABLE_ES_SEV __BIT(2)
+#define VMCB_CTRL_ENABLE_GMET __BIT(3)
+#define VMCB_CTRL_ENABLE_VTE __BIT(5)
uint64_t avic;
#define VMCB_CTRL_AVIC_APIC_BAR __BITS(51,0)
@@ -2122,7 +2131,7 @@ svm_tlb_flush(struct pmap *pm)
atomic_inc_64(&machdata->mach_htlb_gen);
/* Generates IPIs, which cause #VMEXITs. */
- pmap_tlb_shootdown(pmap_kernel(), -1, PG_G, TLBSHOOT_UPDATE);
+ pmap_tlb_shootdown(pmap_kernel(), -1, PTE_G, TLBSHOOT_UPDATE);
}
static void
Index: src/sys/dev/nvmm/x86/nvmm_x86_vmx.c
diff -u src/sys/dev/nvmm/x86/nvmm_x86_vmx.c:1.36.2.1 src/sys/dev/nvmm/x86/nvmm_x86_vmx.c:1.36.2.2
--- src/sys/dev/nvmm/x86/nvmm_x86_vmx.c:1.36.2.1 Tue Sep 24 18:14:59 2019
+++ src/sys/dev/nvmm/x86/nvmm_x86_vmx.c Sun Oct 6 11:04:55 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: nvmm_x86_vmx.c,v 1.36.2.1 2019/09/24 18:14:59 martin Exp $ */
+/* $NetBSD: nvmm_x86_vmx.c,v 1.36.2.2 2019/10/06 11:04:55 martin Exp $ */
/*
* Copyright (c) 2018 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_vmx.c,v 1.36.2.1 2019/09/24 18:14:59 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_vmx.c,v 1.36.2.2 2019/10/06 11:04:55 martin Exp $");
#include
#include
@@ -2749,7 +2749,7 @@ vmx_tlb_flush(struct pmap *pm)
atomic_inc_64(&machdata->mach_htlb_gen);
/* Generates IPIs, which cause #VMEXITs. */
- pmap_tlb_shootdown(pmap_kernel(), -1, PG_G, TLBSHOOT_UPDATE);
+ pmap_tlb_shootdown(pmap_kernel(), -1, PTE_G, TLBSHOOT_UPDATE);
}
static void
CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src Committed By: martin Date: Sun Oct 6 11:04:55 UTC 2019 Modified Files: src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86_svm.c nvmm_x86_vmx.c Log Message: Pull up following revision(s) (requested by maxv in ticket #287): sys/dev/nvmm/x86/nvmm_x86_vmx.c: revision 1.38 sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.47 sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.48 sys/dev/nvmm/x86/nvmm_x86_svm.c: revision 1.49 Add definitions for RDPRU, MCOMMIT, GMET and VTE. Fix definition for MWAIT. It should be bit 11, not 12; 12 is the armed version. Switch to the new PTE naming. To generate a diff of this commit: cvs rdiff -u -r1.46 -r1.46.4.1 src/sys/dev/nvmm/x86/nvmm_x86_svm.c cvs rdiff -u -r1.36.2.1 -r1.36.2.2 src/sys/dev/nvmm/x86/nvmm_x86_vmx.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src Committed By: martin Date: Tue Sep 24 18:14:59 UTC 2019 Modified Files: src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86_vmx.c Log Message: Pull up following revision(s) (requested by maxv in ticket #239): sys/dev/nvmm/x86/nvmm_x86_vmx.c: revision 1.37 Always set hwcode on error. Useful for debugging. To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.36.2.1 src/sys/dev/nvmm/x86/nvmm_x86_vmx.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/dev/nvmm/x86
Module Name:src
Committed By: martin
Date: Tue Sep 24 18:14:59 UTC 2019
Modified Files:
src/sys/dev/nvmm/x86 [netbsd-9]: nvmm_x86_vmx.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #239):
sys/dev/nvmm/x86/nvmm_x86_vmx.c: revision 1.37
Always set hwcode on error. Useful for debugging.
To generate a diff of this commit:
cvs rdiff -u -r1.36 -r1.36.2.1 src/sys/dev/nvmm/x86/nvmm_x86_vmx.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/nvmm/x86/nvmm_x86_vmx.c
diff -u src/sys/dev/nvmm/x86/nvmm_x86_vmx.c:1.36 src/sys/dev/nvmm/x86/nvmm_x86_vmx.c:1.36.2.1
--- src/sys/dev/nvmm/x86/nvmm_x86_vmx.c:1.36 Sun Jun 16 18:30:31 2019
+++ src/sys/dev/nvmm/x86/nvmm_x86_vmx.c Tue Sep 24 18:14:59 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: nvmm_x86_vmx.c,v 1.36 2019/06/16 18:30:31 maxv Exp $ */
+/* $NetBSD: nvmm_x86_vmx.c,v 1.36.2.1 2019/09/24 18:14:59 martin Exp $ */
/*
* Copyright (c) 2018 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_vmx.c,v 1.36 2019/06/16 18:30:31 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nvmm_x86_vmx.c,v 1.36.2.1 2019/09/24 18:14:59 martin Exp $");
#include
#include
@@ -1106,6 +1106,13 @@ vmx_inkernel_advance(void)
}
static void
+vmx_exit_invalid(struct nvmm_exit *exit, uint64_t code)
+{
+ exit->u.inv.hwcode = code;
+ exit->reason = NVMM_EXIT_INVALID;
+}
+
+static void
vmx_exit_exc_nmi(struct nvmm_machine *mach, struct nvmm_cpu *vcpu,
struct nvmm_exit *exit)
{
@@ -1124,7 +1131,7 @@ vmx_exit_exc_nmi(struct nvmm_machine *ma
return;
error:
- exit->reason = NVMM_EXIT_INVALID;
+ vmx_exit_invalid(exit, VMCS_EXITCODE_EXC_NMI);
}
static void
@@ -1689,13 +1696,6 @@ vmx_exit_epf(struct nvmm_machine *mach,
NVMM_X64_STATE_CRS | NVMM_X64_STATE_MSRS);
}
-static void
-vmx_exit_invalid(struct nvmm_exit *exit, uint64_t code)
-{
- exit->u.inv.hwcode = code;
- exit->reason = NVMM_EXIT_INVALID;
-}
-
/* -- */
static void
@@ -1940,7 +1940,7 @@ vmx_vcpu_run(struct nvmm_machine *mach,
splx(s);
if (__predict_false(ret != 0)) {
- exit->reason = NVMM_EXIT_INVALID;
+ vmx_exit_invalid(exit, -1);
break;
}
vmx_exit_evt(cpudata);
