KVM: x86: Ensure guest's FPU state is loaded when accessing for emulation
Lock the FPU regs and reload the current thread's FPU state, which holds the guest's FPU state, to the CPU registers if necessary prior to accessing guest FPU state as part of emulation. kernel_fpu_begin() can be called from softirq context, therefore KVM must ensure softirqs are disabled (locking the FPU regs disables softirqs) when touching CPU FPU state. Note, for all intents and purposes this reverts commit6ab0b9feb8("x86,kvm: remove KVM emulator get_fpu / put_fpu"), but at the time it was applied, removing get/put_fpu() was correct. The re-introduction of {get,put}_fpu() is necessitated by the deferring of FPU state load. Fixes:5f409e20b7("x86/fpu: Defer FPU state load until return to userspace") Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
Sean Christopherson
Paolo Bonzini
parent
c9aef3b85f
commit
a7baead7e3
|
|
@ -22,6 +22,7 @@
|
|||
#include "kvm_cache_regs.h"
|
||||
#include <asm/kvm_emulate.h>
|
||||
#include <linux/stringify.h>
|
||||
#include <asm/fpu/api.h>
|
||||
#include <asm/debugreg.h>
|
||||
#include <asm/nospec-branch.h>
|
||||
|
||||
|
|
@ -1075,8 +1076,23 @@ static void fetch_register_operand(struct operand *op)
|
|||
}
|
||||
}
|
||||
|
||||
static void emulator_get_fpu(void)
|
||||
{
|
||||
fpregs_lock();
|
||||
|
||||
fpregs_assert_state_consistent();
|
||||
if (test_thread_flag(TIF_NEED_FPU_LOAD))
|
||||
switch_fpu_return();
|
||||
}
|
||||
|
||||
static void emulator_put_fpu(void)
|
||||
{
|
||||
fpregs_unlock();
|
||||
}
|
||||
|
||||
static void read_sse_reg(struct x86_emulate_ctxt *ctxt, sse128_t *data, int reg)
|
||||
{
|
||||
emulator_get_fpu();
|
||||
switch (reg) {
|
||||
case 0: asm("movdqa %%xmm0, %0" : "=m"(*data)); break;
|
||||
case 1: asm("movdqa %%xmm1, %0" : "=m"(*data)); break;
|
||||
|
|
@ -1098,11 +1114,13 @@ static void read_sse_reg(struct x86_emulate_ctxt *ctxt, sse128_t *data, int reg)
|
|||
#endif
|
||||
default: BUG();
|
||||
}
|
||||
emulator_put_fpu();
|
||||
}
|
||||
|
||||
static void write_sse_reg(struct x86_emulate_ctxt *ctxt, sse128_t *data,
|
||||
int reg)
|
||||
{
|
||||
emulator_get_fpu();
|
||||
switch (reg) {
|
||||
case 0: asm("movdqa %0, %%xmm0" : : "m"(*data)); break;
|
||||
case 1: asm("movdqa %0, %%xmm1" : : "m"(*data)); break;
|
||||
|
|
@ -1124,10 +1142,12 @@ static void write_sse_reg(struct x86_emulate_ctxt *ctxt, sse128_t *data,
|
|||
#endif
|
||||
default: BUG();
|
||||
}
|
||||
emulator_put_fpu();
|
||||
}
|
||||
|
||||
static void read_mmx_reg(struct x86_emulate_ctxt *ctxt, u64 *data, int reg)
|
||||
{
|
||||
emulator_get_fpu();
|
||||
switch (reg) {
|
||||
case 0: asm("movq %%mm0, %0" : "=m"(*data)); break;
|
||||
case 1: asm("movq %%mm1, %0" : "=m"(*data)); break;
|
||||
|
|
@ -1139,10 +1159,12 @@ static void read_mmx_reg(struct x86_emulate_ctxt *ctxt, u64 *data, int reg)
|
|||
case 7: asm("movq %%mm7, %0" : "=m"(*data)); break;
|
||||
default: BUG();
|
||||
}
|
||||
emulator_put_fpu();
|
||||
}
|
||||
|
||||
static void write_mmx_reg(struct x86_emulate_ctxt *ctxt, u64 *data, int reg)
|
||||
{
|
||||
emulator_get_fpu();
|
||||
switch (reg) {
|
||||
case 0: asm("movq %0, %%mm0" : : "m"(*data)); break;
|
||||
case 1: asm("movq %0, %%mm1" : : "m"(*data)); break;
|
||||
|
|
@ -1154,6 +1176,7 @@ static void write_mmx_reg(struct x86_emulate_ctxt *ctxt, u64 *data, int reg)
|
|||
case 7: asm("movq %0, %%mm7" : : "m"(*data)); break;
|
||||
default: BUG();
|
||||
}
|
||||
emulator_put_fpu();
|
||||
}
|
||||
|
||||
static int em_fninit(struct x86_emulate_ctxt *ctxt)
|
||||
|
|
@ -1161,7 +1184,9 @@ static int em_fninit(struct x86_emulate_ctxt *ctxt)
|
|||
if (ctxt->ops->get_cr(ctxt, 0) & (X86_CR0_TS | X86_CR0_EM))
|
||||
return emulate_nm(ctxt);
|
||||
|
||||
emulator_get_fpu();
|
||||
asm volatile("fninit");
|
||||
emulator_put_fpu();
|
||||
return X86EMUL_CONTINUE;
|
||||
}
|
||||
|
||||
|
|
@ -1172,7 +1197,9 @@ static int em_fnstcw(struct x86_emulate_ctxt *ctxt)
|
|||
if (ctxt->ops->get_cr(ctxt, 0) & (X86_CR0_TS | X86_CR0_EM))
|
||||
return emulate_nm(ctxt);
|
||||
|
||||
emulator_get_fpu();
|
||||
asm volatile("fnstcw %0": "+m"(fcw));
|
||||
emulator_put_fpu();
|
||||
|
||||
ctxt->dst.val = fcw;
|
||||
|
||||
|
|
@ -1186,7 +1213,9 @@ static int em_fnstsw(struct x86_emulate_ctxt *ctxt)
|
|||
if (ctxt->ops->get_cr(ctxt, 0) & (X86_CR0_TS | X86_CR0_EM))
|
||||
return emulate_nm(ctxt);
|
||||
|
||||
emulator_get_fpu();
|
||||
asm volatile("fnstsw %0": "+m"(fsw));
|
||||
emulator_put_fpu();
|
||||
|
||||
ctxt->dst.val = fsw;
|
||||
|
||||
|
|
@ -4077,8 +4106,12 @@ static int em_fxsave(struct x86_emulate_ctxt *ctxt)
|
|||
if (rc != X86EMUL_CONTINUE)
|
||||
return rc;
|
||||
|
||||
emulator_get_fpu();
|
||||
|
||||
rc = asm_safe("fxsave %[fx]", , [fx] "+m"(fx_state));
|
||||
|
||||
emulator_put_fpu();
|
||||
|
||||
if (rc != X86EMUL_CONTINUE)
|
||||
return rc;
|
||||
|
||||
|
|
@ -4121,6 +4154,8 @@ static int em_fxrstor(struct x86_emulate_ctxt *ctxt)
|
|||
if (rc != X86EMUL_CONTINUE)
|
||||
return rc;
|
||||
|
||||
emulator_get_fpu();
|
||||
|
||||
if (size < __fxstate_size(16)) {
|
||||
rc = fxregs_fixup(&fx_state, size);
|
||||
if (rc != X86EMUL_CONTINUE)
|
||||
|
|
@ -4136,6 +4171,8 @@ static int em_fxrstor(struct x86_emulate_ctxt *ctxt)
|
|||
rc = asm_safe("fxrstor %[fx]", : [fx] "m"(fx_state));
|
||||
|
||||
out:
|
||||
emulator_put_fpu();
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
|
@ -5450,7 +5487,9 @@ static int flush_pending_x87_faults(struct x86_emulate_ctxt *ctxt)
|
|||
{
|
||||
int rc;
|
||||
|
||||
emulator_get_fpu();
|
||||
rc = asm_safe("fwait");
|
||||
emulator_put_fpu();
|
||||
|
||||
if (unlikely(rc != X86EMUL_CONTINUE))
|
||||
return emulate_exception(ctxt, MF_VECTOR, 0, false);
|
||||
|
|
|
|||
Loading…
Reference in New Issue