Re: [RFC 11/33] KVM: x86: hyper-v: Handle GET/SET_VP_REGISTER hcall in user-space

From: Maxim Levitsky
Date: Tue Nov 28 2023 - 02:27:01 EST


On Wed, 2023-11-08 at 13:14 +0100, Alexander Graf wrote:
> On 08.11.23 12:17, Nicolas Saenz Julienne wrote:
> > Let user-space handle HVCALL_GET_VP_REGISTERS and
> > HVCALL_SET_VP_REGISTERS through the KVM_EXIT_HYPERV_HVCALL exit reason.
> > Additionally, expose the cpuid bit.
> >
> > Signed-off-by: Nicolas Saenz Julienne <nsaenz@xxxxxxxxxx>
> > ---
> > arch/x86/kvm/hyperv.c | 9 +++++++++
> > include/asm-generic/hyperv-tlfs.h | 1 +
> > 2 files changed, 10 insertions(+)
> >
> > diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
> > index caaa859932c5..a3970d52eef1 100644
> > --- a/arch/x86/kvm/hyperv.c
> > +++ b/arch/x86/kvm/hyperv.c
> > @@ -2456,6 +2456,9 @@ static void kvm_hv_write_xmm(struct kvm_hyperv_xmm_reg *xmm)
> >
> > static bool kvm_hv_is_xmm_output_hcall(u16 code)
> > {
> > + if (code == HVCALL_GET_VP_REGISTERS)
> > + return true;
> > +
> > return false;
> > }
> >
> > @@ -2520,6 +2523,8 @@ static bool is_xmm_fast_hypercall(struct kvm_hv_hcall *hc)
> > case HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX:
> > case HVCALL_FLUSH_VIRTUAL_ADDRESS_SPACE_EX:
> > case HVCALL_SEND_IPI_EX:
> > + case HVCALL_GET_VP_REGISTERS:
> > + case HVCALL_SET_VP_REGISTERS:
> > return true;
> > }
> >
> > @@ -2738,6 +2743,9 @@ int kvm_hv_hypercall(struct kvm_vcpu *vcpu)
> > break;
> > }
> > goto hypercall_userspace_exit;
> > + case HVCALL_GET_VP_REGISTERS:
> > + case HVCALL_SET_VP_REGISTERS:
> > + goto hypercall_userspace_exit;
> > default:
> > ret = HV_STATUS_INVALID_HYPERCALL_CODE;
> > break;
> > @@ -2903,6 +2911,7 @@ int kvm_get_hv_cpuid(struct kvm_vcpu *vcpu, struct kvm_cpuid2 *cpuid,
> > ent->ebx |= HV_POST_MESSAGES;
> > ent->ebx |= HV_SIGNAL_EVENTS;
> > ent->ebx |= HV_ENABLE_EXTENDED_HYPERCALLS;
> > + ent->ebx |= HV_ACCESS_VP_REGISTERS;
>
> Do we need to guard this?

I think so, check should be added to 'hv_check_hypercall_access'.

I do wonder though why KVM can't just pass all unknown hypercalls to userspace
instead of having a whitelist.


Best regards,
Maxim Levitsky

>
>
> Alex
>
>
>
>
> Amazon Development Center Germany GmbH
> Krausenstr. 38
> 10117 Berlin
> Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
> Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
> Sitz: Berlin
> Ust-ID: DE 289 237 879
>
>