From: Ravi Bangoria Add Bus Lock Detect support in AMD SVM. Bus Lock Detect is enabled through MSR_IA32_DEBUGCTLMSR and MSR_IA32_DEBUGCTLMSR is virtualized only if LBR Virtualization is enabled. Add this dependency in the SVM. While adding Bus Lock Detect support, also fix DR6 handling in nested virtualization. Using DR6_FIXED_1 to prevent reset of BLD bit (bit 11) between VMRUNs. However, it preserves DR6_RTM, which is a reserved bit on AMD processors. So, DR6_RTM bit must always be set to 1. Signed-off-by: Ravi Bangoria Reviewed-by: Tom Lendacky Co-developed-by: Shivansh Dhiman Signed-off-by: Shivansh Dhiman --- Changelog: v1 --> v2 * Rebased and used guest_cpu_cap_has() instead of guest_cpuid_has(). v1: https://lore.kernel.org/all/20240808062937.1149-5-ravi.bangoria@amd.com --- arch/x86/kvm/svm/nested.c | 3 ++- arch/x86/kvm/svm/svm.c | 17 ++++++++++++++++- arch/x86/kvm/svm/svm.h | 2 +- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index da6e80b3ac35..5af7fbf5c536 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -665,7 +665,8 @@ static void nested_vmcb02_prepare_save(struct vcpu_svm *svm, struct vmcb *vmcb12 /* These bits will be set properly on the first execution when new_vmc12 is true */ if (unlikely(new_vmcb12 || vmcb_is_dirty(vmcb12, VMCB_DR))) { vmcb02->save.dr7 = svm->nested.save.dr7 | DR7_FIXED_1; - svm->vcpu.arch.dr6 = svm->nested.save.dr6 | DR6_ACTIVE_LOW; + /* DR6_RTM is a reserved bit on AMD and as such must be set to 1 */ + svm->vcpu.arch.dr6 = svm->nested.save.dr6 | DR6_FIXED_1 | DR6_RTM; vmcb_mark_dirty(vmcb02, VMCB_DR); } diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 10c21e4c5406..ceef5b697e11 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -831,6 +831,9 @@ void svm_update_lbrv(struct kvm_vcpu *vcpu) (is_guest_mode(vcpu) && guest_cpu_cap_has(vcpu, X86_FEATURE_LBRV) && (svm->nested.ctl.virt_ext & LBR_CTL_ENABLE_MASK)); + /* Bus Lock Detect depends on LBR Virtualization */ + enable_lbrv |= (svm->vmcb->save.dbgctl & DEBUGCTLMSR_BUS_LOCK_DETECT); + if (enable_lbrv && !current_enable_lbrv) __svm_enable_lbrv(vcpu); else if (!enable_lbrv && current_enable_lbrv) @@ -2984,6 +2987,10 @@ static int svm_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) data &= ~DEBUGCTLMSR_BTF; } + if ((data & DEBUGCTLMSR_BUS_LOCK_DETECT) && + !guest_cpu_cap_has(vcpu, X86_FEATURE_BUS_LOCK_DETECT)) + return 1; + if (data & DEBUGCTL_RESERVED_BITS) return 1; @@ -5258,8 +5265,16 @@ static __init void svm_set_cpu_caps(void) * Clear capabilities that are automatically configured by common code, * but that require explicit SVM support (that isn't yet implemented). */ - kvm_cpu_cap_clear(X86_FEATURE_BUS_LOCK_DETECT); kvm_cpu_cap_clear(X86_FEATURE_MSR_IMM); + + /* + * LBR Virtualization must be enabled to support BusLockTrap inside the + * guest, since BusLockTrap is enabled through MSR_IA32_DEBUGCTLMSR and + * MSR_IA32_DEBUGCTLMSR is virtualized only if LBR Virtualization is + * enabled. + */ + if (!lbrv) + kvm_cpu_cap_clear(X86_FEATURE_BUS_LOCK_DETECT); } static __init int svm_hardware_setup(void) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c856d8e0f95e..8e8d31788c9c 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -675,7 +675,7 @@ BUILD_SVM_MSR_BITMAP_HELPERS(bool, test, test) BUILD_SVM_MSR_BITMAP_HELPERS(void, clear, __clear) BUILD_SVM_MSR_BITMAP_HELPERS(void, set, __set) -#define DEBUGCTL_RESERVED_BITS (~DEBUGCTLMSR_LBR) +#define DEBUGCTL_RESERVED_BITS (~(DEBUGCTLMSR_LBR | DEBUGCTLMSR_BUS_LOCK_DETECT)) /* svm.c */ extern bool dump_invalid_vmcb; -- 2.43.0