> On Jun 17, 2019, at 3:22 PM, Krish Sadhukhan <krish.sadhukhan@xxxxxxxxxx> wrote:
>
>
>
> On 06/17/2019 12:52 PM, Nadav Amit wrote:
>>> On May 3, 2019, at 10:49 AM, nadav.amit@xxxxxxxxx wrote:
>>>
>>> From: Nadav Amit <nadav.amit@xxxxxxxxx>
>>>
>>> On EPT violation, the exit qualifications may have some undefined bits.
>>>
>>> Bit 6 is undefined if "mode-based execute control" is 0.
>>>
>>> Bits 9-11 are undefined unless the processor supports advanced VM-exit
>>> information for EPT violations.
>>>
>>> Right now on KVM these bits are always undefined inside the VM (i.e., in
>>> an emulated VM-exit). Mask these bits to avoid potential false
>>> indication of failures.
>>>
>>> Signed-off-by: Nadav Amit <nadav.amit@xxxxxxxxx>
>>> ---
>>> x86/vmx.h | 20 ++++++++++++--------
>>> x86/vmx_tests.c | 4 ++++
>>> 2 files changed, 16 insertions(+), 8 deletions(-)
>>>
>>> diff --git a/x86/vmx.h b/x86/vmx.h
>>> index cc377ef..5053d6f 100644
>>> --- a/x86/vmx.h
>>> +++ b/x86/vmx.h
>>> @@ -603,16 +603,20 @@ enum vm_instruction_error_number {
>>> #define EPT_ADDR_MASK GENMASK_ULL(51, 12)
>>> #define PAGE_MASK_2M (~(PAGE_SIZE_2M-1))
>>>
>>> -#define EPT_VLT_RD 1
>>> -#define EPT_VLT_WR (1 << 1)
>>> -#define EPT_VLT_FETCH (1 << 2)
>>> -#define EPT_VLT_PERM_RD (1 << 3)
>>> -#define EPT_VLT_PERM_WR (1 << 4)
>>> -#define EPT_VLT_PERM_EX (1 << 5)
>>> +#define EPT_VLT_RD (1ull << 0)
>>> +#define EPT_VLT_WR (1ull << 1)
>>> +#define EPT_VLT_FETCH (1ull << 2)
>>> +#define EPT_VLT_PERM_RD (1ull << 3)
>>> +#define EPT_VLT_PERM_WR (1ull << 4)
>>> +#define EPT_VLT_PERM_EX (1ull << 5)
>>> +#define EPT_VLT_PERM_USER_EX (1ull << 6)
>>> #define EPT_VLT_PERMS (EPT_VLT_PERM_RD | EPT_VLT_PERM_WR | \
>>> EPT_VLT_PERM_EX)
>>> -#define EPT_VLT_LADDR_VLD (1 << 7)
>>> -#define EPT_VLT_PADDR (1 << 8)
>>> +#define EPT_VLT_LADDR_VLD (1ull << 7)
>>> +#define EPT_VLT_PADDR (1ull << 8)
>>> +#define EPT_VLT_GUEST_USER (1ull << 9)
>>> +#define EPT_VLT_GUEST_WR (1ull << 10)
>
> This one should be named EPT_VLT_GUEST_RW, assuming you are naming them
> according to the 1-setting of the bits.
Whatever you wish (unless someone else has different preference).
>>> +#define EPT_VLT_GUEST_EX (1ull << 11)
>>>
>>> #define MAGIC_VAL_1 0x12345678ul
>>> #define MAGIC_VAL_2 0x87654321ul
>>> diff --git a/x86/vmx_tests.c b/x86/vmx_tests.c
>>> index c52ebc6..b4129e1 100644
>>> --- a/x86/vmx_tests.c
>>> +++ b/x86/vmx_tests.c
>>> @@ -2365,6 +2365,10 @@ static void do_ept_violation(bool leaf, enum ept_access_op op,
>>>
>>> qual = vmcs_read(EXI_QUALIFICATION);
>>>
>>> + /* Mask undefined bits (which may later be defined in certain cases). */
>>> + qual &= ~(EPT_VLT_GUEST_USER | EPT_VLT_GUEST_WR | EPT_VLT_GUEST_EX |
>>> + EPT_VLT_PERM_USER_EX);
>>> +
>
> The "DIAGNOSE" macro doesn't check any of these bits, so this masking
> seems redundant.
The DIAGNOSE macro is not the one who causes errors. It’s the:
TEST_EXPECT_EQ(expected_qual, qual);
That comes right after the call to diagnose_ept_violation_qual().
>
> Also, don't we need to check for the relevant conditions before masking
> the bits ? For example, EPT_VLT_PERM_USER_EX is dependent on "mode-based
> execute control" VM-execution control" and the other ones depend on bit 7
> and 8 of the Exit Qualification field.
The tests right now do not “emulate” these bits, so the expected
qualification would never have EPT_VLT_PERM_USER_EX (for instance) set. Once
someone implements tests for these bits, he would need to change the
masking.
