Re: [PATCH v3 10/21] KVM:x86: Add #CP support in guest exception classification

From: Yang, Weijiang
Date: Mon Jun 19 2023 - 05:29:39 EST

Next message: Pavel Begunkov: "Re: [RFC PATCH v2 1/4] net: wire up support for file_operations->uring_cmd()"
Previous message: Jiasheng Jiang: "[PATCH] ipmi:ssif: Add check for kstrdup"
In reply to: Sean Christopherson: "Re: [PATCH v3 10/21] KVM:x86: Add #CP support in guest exception classification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/17/2023 2:57 AM, Sean Christopherson wrote:

On Fri, Jun 16, 2023, Weijiang Yang wrote:

On 6/16/2023 7:58 AM, Sean Christopherson wrote:

On Thu, Jun 08, 2023, Weijiang Yang wrote:

On 6/6/2023 5:08 PM, Chao Gao wrote:

On Thu, May 11, 2023 at 12:08:46AM -0400, Yang Weijiang wrote:

Add handling for Control Protection (#CP) exceptions(vector 21).
The new vector is introduced for Intel's Control-Flow Enforcement
Technology (CET) relevant violation cases.

Although #CP belongs contributory exception class, but the actual
effect is conditional on CET being exposed to guest. If CET is not
available to guest, #CP falls back to non-contributory and doesn't
have an error code.

This sounds weird. is this the hardware behavior? If yes, could you
point us to where this behavior is documented?

It's not SDM documented behavior.

The #CP behavior needs to be documented. Please pester whoever you need to in
order to make that happen.

Do you mean documentation for #CP as an generic exception or the behavior in
KVM as this patch shows?

As I pointed out two *years* ago, this entry in the SDM

— The field's deliver-error-code bit (bit 11) is 1 if each of the following
holds: (1) the interruption type is hardware exception; (2) bit 0
(corresponding to CR0.PE) is set in the CR0 field in the guest-state area;
(3) IA32_VMX_BASIC[56] is read as 0 (see Appendix A.1); and (4) the vector
indicates one of the following exceptions: #DF (vector 8), #TS (10),
#NP (11), #SS (12), #GP (13), #PF (14), or #AC (17).

needs to read something like

— The field's deliver-error-code bit (bit 11) is 1 if each of the following
holds: (1) the interruption type is hardware exception; (2) bit 0
(corresponding to CR0.PE) is set in the CR0 field in the guest-state area;
(3) IA32_VMX_BASIC[56] is read as 0 (see Appendix A.1); and (4) the vector
indicates one of the following exceptions: #DF (vector 8), #TS (10),
#NP (11), #SS (12), #GP (13), #PF (14), #AC (17), or #CP (21)[1]

[1] #CP has an error code if and only if IA32_VMX_CR4_FIXED1 enumerates
support for the 1-setting of CR4.CET.

OK, I'll route the messages to related person, thanks!

Next message: Pavel Begunkov: "Re: [RFC PATCH v2 1/4] net: wire up support for file_operations->uring_cmd()"
Previous message: Jiasheng Jiang: "[PATCH] ipmi:ssif: Add check for kstrdup"
In reply to: Sean Christopherson: "Re: [PATCH v3 10/21] KVM:x86: Add #CP support in guest exception classification"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]