KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode

stable inclusion from stable-v5.10.101 commit bd39fe29bbbba8ad84605f6ded5c570b24f6cf8b bugzilla: https://gitee.com/openeuler/kernel/issues/I5669Z Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bd39fe29bbbba8ad84605f6ded5c570b24f6cf8b -------------------------------- [ Upstream commit cdf85e0c ] Inject a #GP instead of synthesizing triple fault to try to avoid killing the guest if emulation of an SEV guest fails due to encountering the SMAP erratum. The injected #GP may still be fatal to the guest, e.g. if the userspace process is providing critical functionality, but KVM should make every attempt to keep the guest alive. Signed-off-by: N Sean Christopherson <seanjc@google.com> Reviewed-by: N Liam Merwick <liam.merwick@oracle.com> Message-Id: <20220120010719.711476-10-seanjc@google.com> Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Yu Liao <liaoyu15@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com>

KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
stable inclusion from stable-v5.10.101 commit bd39fe29bbbba8ad84605f6ded5c570b24f6cf8b bugzilla: https://gitee.com/openeuler/kernel/issues/I5669Z Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bd39fe29bbbba8ad84605f6ded5c570b24f6cf8b -------------------------------- [ Upstream commit cdf85e0c ] Inject a #GP instead of synthesizing triple fault to try to avoid killing the guest if emulation of an SEV guest fails due to encountering the SMAP erratum. The injected #GP may still be fatal to the guest, e.g. if the userspace process is providing critical functionality, but KVM should make every attempt to keep the guest alive. Signed-off-by: N Sean Christopherson <seanjc@google.com> Reviewed-by: N Liam Merwick <liam.merwick@oracle.com> Message-Id: <20220120010719.711476-10-seanjc@google.com> Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Yu Liao <liaoyu15@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com>
73372659 · Sean Christopherson · Zheng Zengkai · 21bf1440 · 73372659
隐藏空白更改
内联并排

Showing with 15 addition and 1 deletion

arch/x86/kvm/svm/svm.c arch/x86/kvm/svm/svm.c +15 -1

未找到文件。
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -4155,7 +4155,21 @@ static bool svm_can_emulate_instruction(struct kvm_vcpu *vcpu, void *insn, int i
 			return true;

 		pr_err_ratelimited("KVM: SEV Guest triggered AMD Erratum 1096\n");
-		kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
+
+		/*
+		 * If the fault occurred in userspace, arbitrarily inject #GP
+		 * to avoid killing the guest and to hopefully avoid confusing
+		 * the guest kernel too much, e.g. injecting #PF would not be
+		 * coherent with respect to the guest's page tables.  Request
+		 * triple fault if the fault occurred in the kernel as there's
+		 * no fault that KVM can inject without confusing the guest.
+		 * In practice, the triple fault is moot as no sane SEV kernel
+		 * will execute from user memory while also running with SMAP=1.
+		 */
+		if (is_user)
+			kvm_inject_gp(vcpu, 0);
+		else
+			kvm_make_request(KVM_REQ_TRIPLE_FAULT, vcpu);
 	}

 	return false;