diff options
Diffstat (limited to 'common/recipes-kernel/linux/linux-yocto-4.9.21/0010-kvm-x86-fix-icebp-instruction-handling.patch')
-rw-r--r-- | common/recipes-kernel/linux/linux-yocto-4.9.21/0010-kvm-x86-fix-icebp-instruction-handling.patch | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/common/recipes-kernel/linux/linux-yocto-4.9.21/0010-kvm-x86-fix-icebp-instruction-handling.patch b/common/recipes-kernel/linux/linux-yocto-4.9.21/0010-kvm-x86-fix-icebp-instruction-handling.patch new file mode 100644 index 00000000..aef1109b --- /dev/null +++ b/common/recipes-kernel/linux/linux-yocto-4.9.21/0010-kvm-x86-fix-icebp-instruction-handling.patch @@ -0,0 +1,88 @@ +From 694ba89c4cb4e43ae4cb418ea46b1415f6d31ce7 Mon Sep 17 00:00:00 2001 +From: Linus Torvalds <torvalds@linux-foundation.org> +Date: Tue, 20 Mar 2018 12:16:59 -0700 +Subject: [PATCH 10/93] kvm/x86: fix icebp instruction handling + +commit 32d43cd391bacb5f0814c2624399a5dad3501d09 upstream. + +The undocumented 'icebp' instruction (aka 'int1') works pretty much like +'int3' in the absense of in-circuit probing equipment (except, +obviously, that it raises #DB instead of raising #BP), and is used by +some validation test-suites as such. + +But Andy Lutomirski noticed that his test suite acted differently in kvm +than on bare hardware. + +The reason is that kvm used an inexact test for the icebp instruction: +it just assumed that an all-zero VM exit qualification value meant that +the VM exit was due to icebp. + +That is not unlike the guess that do_debug() does for the actual +exception handling case, but it's purely a heuristic, not an absolute +rule. do_debug() does it because it wants to ascribe _some_ reasons to +the #DB that happened, and an empty %dr6 value means that 'icebp' is the +most likely casue and we have no better information. + +But kvm can just do it right, because unlike the do_debug() case, kvm +actually sees the real reason for the #DB in the VM-exit interruption +information field. + +So instead of relying on an inexact heuristic, just use the actual VM +exit information that says "it was 'icebp'". + +Right now the 'icebp' instruction isn't technically documented by Intel, +but that will hopefully change. The special "privileged software +exception" information _is_ actually mentioned in the Intel SDM, even +though the cause of it isn't enumerated. + +Reported-by: Andy Lutomirski <luto@kernel.org> +Tested-by: Paolo Bonzini <pbonzini@redhat.com> +Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + arch/x86/include/asm/vmx.h | 1 + + arch/x86/kvm/vmx.c | 9 ++++++++- + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/include/asm/vmx.h b/arch/x86/include/asm/vmx.h +index 6899cf1..9cbfbef 100644 +--- a/arch/x86/include/asm/vmx.h ++++ b/arch/x86/include/asm/vmx.h +@@ -309,6 +309,7 @@ enum vmcs_field { + #define INTR_TYPE_NMI_INTR (2 << 8) /* NMI */ + #define INTR_TYPE_HARD_EXCEPTION (3 << 8) /* processor exception */ + #define INTR_TYPE_SOFT_INTR (4 << 8) /* software interrupt */ ++#define INTR_TYPE_PRIV_SW_EXCEPTION (5 << 8) /* ICE breakpoint - undocumented */ + #define INTR_TYPE_SOFT_EXCEPTION (6 << 8) /* software exception */ + + /* GUEST_INTERRUPTIBILITY_INFO flags. */ +diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c +index 3c3558b..27f505d 100644 +--- a/arch/x86/kvm/vmx.c ++++ b/arch/x86/kvm/vmx.c +@@ -1053,6 +1053,13 @@ static inline bool is_machine_check(u32 intr_info) + (INTR_TYPE_HARD_EXCEPTION | MC_VECTOR | INTR_INFO_VALID_MASK); + } + ++/* Undocumented: icebp/int1 */ ++static inline bool is_icebp(u32 intr_info) ++{ ++ return (intr_info & (INTR_INFO_INTR_TYPE_MASK | INTR_INFO_VALID_MASK)) ++ == (INTR_TYPE_PRIV_SW_EXCEPTION | INTR_INFO_VALID_MASK); ++} ++ + static inline bool cpu_has_vmx_msr_bitmap(void) + { + return vmcs_config.cpu_based_exec_ctrl & CPU_BASED_USE_MSR_BITMAPS; +@@ -5708,7 +5715,7 @@ static int handle_exception(struct kvm_vcpu *vcpu) + (KVM_GUESTDBG_SINGLESTEP | KVM_GUESTDBG_USE_HW_BP))) { + vcpu->arch.dr6 &= ~15; + vcpu->arch.dr6 |= dr6 | DR6_RTM; +- if (!(dr6 & ~DR6_RESERVED)) /* icebp */ ++ if (is_icebp(intr_info)) + skip_emulated_instruction(vcpu); + + kvm_queue_exception(vcpu, DB_VECTOR); +-- +2.7.4 + |