On 14/10/20 16:33, Vitaly Kuznetsov wrote:
> It was noticed that evmcs_sanitize_exec_ctrls() is not being executed
> nowadays despite the code checking 'enable_evmcs' static key looking
> correct. Turns out, static key magic doesn't work in '__init' section
> (and it is unclear when things changed) but setup_vmcs_config() is called
> only once per CPU so we don't really need it to. Switch to checking
> 'enlightened_vmcs' instead, it is supposed to be in sync with
> 'enable_evmcs'.
>
> Opportunistically make evmcs_sanitize_exec_ctrls '__init' and drop unneeded
> extra newline from it.
>
> Reported-by: Yang Weijiang <weijiang.yang@xxxxxxxxx>
> Signed-off-by: Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>
> ---
> - Changes since v1:
> put '#if IS_ENABLED(CONFIG_HYPERV)' around enlightened_vmcs check
> [ktest robot]
> ---
> arch/x86/kvm/vmx/evmcs.c | 3 +--
> arch/x86/kvm/vmx/evmcs.h | 3 +--
> arch/x86/kvm/vmx/vmx.c | 4 +++-
> 3 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/arch/x86/kvm/vmx/evmcs.c b/arch/x86/kvm/vmx/evmcs.c
> index e5325bd0f304..f3199bb02f22 100644
> --- a/arch/x86/kvm/vmx/evmcs.c
> +++ b/arch/x86/kvm/vmx/evmcs.c
> @@ -297,14 +297,13 @@ const struct evmcs_field vmcs_field_to_evmcs_1[] = {
> };
> const unsigned int nr_evmcs_1_fields = ARRAY_SIZE(vmcs_field_to_evmcs_1);
>
> -void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf)
> +__init void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf)
> {
> vmcs_conf->pin_based_exec_ctrl &= ~EVMCS1_UNSUPPORTED_PINCTRL;
> vmcs_conf->cpu_based_2nd_exec_ctrl &= ~EVMCS1_UNSUPPORTED_2NDEXEC;
>
> vmcs_conf->vmexit_ctrl &= ~EVMCS1_UNSUPPORTED_VMEXIT_CTRL;
> vmcs_conf->vmentry_ctrl &= ~EVMCS1_UNSUPPORTED_VMENTRY_CTRL;
> -
> }
> #endif
>
> diff --git a/arch/x86/kvm/vmx/evmcs.h b/arch/x86/kvm/vmx/evmcs.h
> index e5f7a7ebf27d..bd41d9462355 100644
> --- a/arch/x86/kvm/vmx/evmcs.h
> +++ b/arch/x86/kvm/vmx/evmcs.h
> @@ -185,7 +185,7 @@ static inline void evmcs_load(u64 phys_addr)
> vp_ap->enlighten_vmentry = 1;
> }
>
> -void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf);
> +__init void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf);
> #else /* !IS_ENABLED(CONFIG_HYPERV) */
> static inline void evmcs_write64(unsigned long field, u64 value) {}
> static inline void evmcs_write32(unsigned long field, u32 value) {}
> @@ -194,7 +194,6 @@ static inline u64 evmcs_read64(unsigned long field) { return 0; }
> static inline u32 evmcs_read32(unsigned long field) { return 0; }
> static inline u16 evmcs_read16(unsigned long field) { return 0; }
> static inline void evmcs_load(u64 phys_addr) {}
> -static inline void evmcs_sanitize_exec_ctrls(struct vmcs_config *vmcs_conf) {}
> static inline void evmcs_touch_msr_bitmap(void) {}
> #endif /* IS_ENABLED(CONFIG_HYPERV) */
>
> diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
> index 96979c09ebd1..682f2b2f9a18 100644
> --- a/arch/x86/kvm/vmx/vmx.c
> +++ b/arch/x86/kvm/vmx/vmx.c
> @@ -2607,8 +2607,10 @@ static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf,
> vmcs_conf->vmexit_ctrl = _vmexit_control;
> vmcs_conf->vmentry_ctrl = _vmentry_control;
>
> - if (static_branch_unlikely(&enable_evmcs))
> +#if IS_ENABLED(CONFIG_HYPERV)
> + if (enlightened_vmcs)
> evmcs_sanitize_exec_ctrls(vmcs_conf);
> +#endif
>
> return 0;
> }
>
Queued, thanks.
Paolo
