KVM: SVM: Fix #GP handling for doubly-nested virtualization

Under the case of nested on nested (L0, L1, L2 are all hypervisors),
we do not support emulation of the vVMLOAD/VMSAVE feature, the
L0 hypervisor can inject the proper #VMEXIT to inform L1 of what is
happening and L1 can avoid invoking the #GP workaround.  For this
reason we turns on guest VM's X86_FEATURE_SVME_ADDR_CHK bit for KVM
running inside VM to receive the notification and change behavior.

Similarly we check if vcpu is under guest mode before emulating the
vmware-backdoor instructions. For the case of nested on nested, we
let the guest handle it.

Co-developed-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Wei Huang <wei.huang2@amd.com>
Tested-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Message-Id: <20210126081831.570253-5-wei.huang2@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c
index 0378d42..8d18f01 100644 (file)
--- a/arch/x86/kvm/svm/svm.c
+++ b/arch/x86/kvm/svm/svm.c
@@ -933,6 +933,9 @@ static __init void svm_set_cpu_caps(void)
 
                if (npt_enabled)
                        kvm_cpu_cap_set(X86_FEATURE_NPT);
+
+               /* Nested VM can receive #VMEXIT instead of triggering #GP */
+               kvm_cpu_cap_set(X86_FEATURE_SVME_ADDR_CHK);
        }
 
        /* CPUID 0x80000008 */
@@ -2202,6 +2205,11 @@ static int svm_instr_opcode(struct kvm_vcpu *vcpu)
 
 static int emulate_svm_instr(struct kvm_vcpu *vcpu, int opcode)
 {
+       const int guest_mode_exit_codes[] = {
+               [SVM_INSTR_VMRUN] = SVM_EXIT_VMRUN,
+               [SVM_INSTR_VMLOAD] = SVM_EXIT_VMLOAD,
+               [SVM_INSTR_VMSAVE] = SVM_EXIT_VMSAVE,
+       };
        int (*const svm_instr_handlers[])(struct vcpu_svm *svm) = {
                [SVM_INSTR_VMRUN] = vmrun_interception,
                [SVM_INSTR_VMLOAD] = vmload_interception,
@@ -2209,7 +2217,14 @@ static int emulate_svm_instr(struct kvm_vcpu *vcpu, int opcode)
        };
        struct vcpu_svm *svm = to_svm(vcpu);
 
-       return svm_instr_handlers[opcode](svm);
+       if (is_guest_mode(vcpu)) {
+               svm->vmcb->control.exit_code = guest_mode_exit_codes[opcode];
+               svm->vmcb->control.exit_info_1 = 0;
+               svm->vmcb->control.exit_info_2 = 0;
+
+               return nested_svm_vmexit(svm);
+       } else
+               return svm_instr_handlers[opcode](svm);
 }
 
 /*
@@ -2244,7 +2259,8 @@ static int gp_interception(struct vcpu_svm *svm)
                 * VMware backdoor emulation on #GP interception only handles
                 * IN{S}, OUT{S}, and RDPMC.
                 */
-               return kvm_emulate_instruction(vcpu,
+               if (!is_guest_mode(vcpu))
+                       return kvm_emulate_instruction(vcpu,
                                EMULTYPE_VMWARE_GP | EMULTYPE_NO_DECODE);
        } else
                return emulate_svm_instr(vcpu, opcode);