x86: replace segment selector magic number with macro definition

Add assembly check in desc.h, to replace segment selector
magic number with macro definition.

Signed-off-by: Hang SU <darcy.sh@antgr

x86: replace segment selector magic number with macro definition

Add assembly check in desc.h, to replace segment selector
magic number with macro definition.

Signed-off-by: Hang SU <darcy.sh@antgroup.com>
Link: https://lore.kernel.org/r/20250221225406.2228938-4-seanjc@google.com
[sean: fix KERNEL_CS vs. KERNEL_CS32 goof]
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Commit to using __ASSEMBLER__ instead of __ASSEMBLY__

Convert all two of x86's anti-assembly #ifdefs from __ASSEMBLY__ to
__ASSEMBLER__. Usage of __ASSEMBLY__ was inherited blindly from the Li

x86: Commit to using __ASSEMBLER__ instead of __ASSEMBLY__

Convert all two of x86's anti-assembly #ifdefs from __ASSEMBLY__ to
__ASSEMBLER__. Usage of __ASSEMBLY__ was inherited blindly from the Linux
kernel, and must be manually defined, e.g. through build rules or with
explicit #defines in assembly code. __ASSEMBLER__ on the other hand is
automatically defined by the compiler when preprocessing assembly, i.e.
doesn't require manually #defines for the code to function correctly.

Convert only x86 for the time being, as x86 doesn't actually rely on
__ASSEMBLY__ (a clever observer will note that it's never #defined on x86).
E.g. trying to include x86's page.h doesn't work as is. All other
architectures actually rely on __ASSEMBLY__, and will be dealt with
separately.

Note, while only gcc appears to officially document __ASSEMBLER__, clang
has followed suit since at least clang 6.0, and clang 6.0 doesn't come
remotely close to being able to comple KVM-Unit-Tests.

Link: https://gcc.gnu.org/onlinedocs/cpp/Standard-Predefined-Macros.html#Standard-Predefined-Macros
Link: https://lore.kernel.org/r/20250221225406.2228938-3-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Move descriptor table selector #defines to the top of desc.h

Hoist the selector #defines in desc.h to the very top so that they can be
exposed to assembly code with minimal #ifdefs.

No functio

x86: Move descriptor table selector #defines to the top of desc.h

Hoist the selector #defines in desc.h to the very top so that they can be
exposed to assembly code with minimal #ifdefs.

No functional change intended.

Link: https://lore.kernel.org/r/20250221225406.2228938-2-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Add a few functions for gdt manipulation

Add a few functions that will be used to manipulate various
segment bases that are loaded via GDT.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>

x86: Add a few functions for gdt manipulation

Add a few functions that will be used to manipulate various
segment bases that are loaded via GDT.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Link: https://lore.kernel.org/r/20240907005440.500075-3-mlevitsk@redhat.com
Link: https://lore.kernel.org/r/20250215013018.1210432-3-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Add _safe() and _fep_safe() variants to segment base load instructions

Add _safe() and _fep_safe() helpers for segment/base instructions; the
helpers will be used to validate various ways of se

x86: Add _safe() and _fep_safe() variants to segment base load instructions

Add _safe() and _fep_safe() helpers for segment/base instructions; the
helpers will be used to validate various ways of setting the segment bases
and GDT/LDT bases.

Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com>
Link: https://lore.kernel.org/r/20240907005440.500075-2-mlevitsk@redhat.com
Link: https://lore.kernel.org/r/20250215013018.1210432-2-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Add FEP support on read/write register instructions

Add FEP support on read/write register instructions to enable testing rdmsr
and wrmsr when force emulation is turned on.

Suggested-by: Sean

x86: Add FEP support on read/write register instructions

Add FEP support on read/write register instructions to enable testing rdmsr
and wrmsr when force emulation is turned on.

Suggested-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Mingwei Zhang <mizhang@google.com>
Link: https://lore.kernel.org/r/20240417232906.3057638-2-mizhang@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Add macros to wrap ASM_TRY() for single instructions with output(s)

Add macros for "safe" execution of instructions with outputs. Outputs
require dedicated macros as the variadic arguments she

x86: Add macros to wrap ASM_TRY() for single instructions with output(s)

Add macros for "safe" execution of instructions with outputs. Outputs
require dedicated macros as the variadic arguments shenanigans only work
for one type, i.e. can either be used for inputs or outputs, not both.

Opportunistically provide a common macro for RDMSR and RDPMC, the common
macro can also be used for xgetbv_safe().

Link: https://lore.kernel.org/r/20230406025117.738014-4-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Add macros to wrap ASM_TRY() for single instructions

Add asm_safe(), asm_safe_report(), and asm_safe_report_ex() macros to
reduce the boilerplate needed for using ASM_TRY() with a single
instru

x86: Add macros to wrap ASM_TRY() for single instructions

Add asm_safe(), asm_safe_report(), and asm_safe_report_ex() macros to
reduce the boilerplate needed for using ASM_TRY() with a single
instruction.

Convert the memory test to the report variants to showcase the usage.

Link: https://lore.kernel.org/r/20230406025117.738014-2-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

show more ...

x86: Add helper to detect if forced emulation prefix is available

Add a helper to detect whether or not KVM's forced emulation prefix is
available. Use the helper to replace equivalent functionalit

x86: Add helper to detect if forced emulation prefix is available

Add a helper to detect whether or not KVM's forced emulation prefix is
available. Use the helper to replace equivalent functionality in the
emulator test.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-5-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Introduce ASM_TRY_FEP() to handle exceptions on forced emulation

Introduce ASM_TRY_FEP() to allow using the try-catch method to handle
exceptions that occur on forced emulation. ASM_TRY() mish

x86: Introduce ASM_TRY_FEP() to handle exceptions on forced emulation

Introduce ASM_TRY_FEP() to allow using the try-catch method to handle
exceptions that occur on forced emulation. ASM_TRY() mishandles
exceptions thrown by the forced-emulation-triggered emulator. While the
faulting address stored in the exception table points at forced emulation
prefix, when an exceptions comes, RIP is 5 bytes (size of KVM_FEP) ahead
due to KVM advancing RIP to skip the prefix and the exception ends up
unhandled.

Signed-off-by: Michal Luczaj <mhal@rbox.co>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-4-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Dedup 32-bit vs. 64-bit ASM_TRY() by stealing kernel's __ASM_SEL()

Steal the kernel's __ASM_SEL() implementation and use it to consolidate
ASM_TRY(). The only difference between the 32-bit and

x86: Dedup 32-bit vs. 64-bit ASM_TRY() by stealing kernel's __ASM_SEL()

Steal the kernel's __ASM_SEL() implementation and use it to consolidate
ASM_TRY(). The only difference between the 32-bit and 64-bit versions is
the size of the address stored in the table.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220808164707.537067-3-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Use "safe" helpers to implement unsafe CRs accessors

Use the "safe" helpers to read and write CR0, CR3, and CR4, so that an
unexpected fault results in a detailed message instead of an generic

x86: Use "safe" helpers to implement unsafe CRs accessors

Use the "safe" helpers to read and write CR0, CR3, and CR4, so that an
unexpected fault results in a detailed message instead of an generic
"unexpected fault" explosion.

Do not give RDMSR/WRMSR the same treatment. KUT's exception fixup uses
per-CPU data and thus needs a stable GS.base. Various tests modify
MSR_GS_BASE and routing them through the safe variants will cause
fireworks when trying to clear/read the exception vector with a garbage
GS.base.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220608235238.3881916-5-seanjc@google.com

show more ...

x86: Use "safe" terminology instead of "checking"

Rename all helpers that eat (and return) exceptions to use "safe" instead
of "checking". This aligns KUT with the kernel and KVM selftests.

Signed

x86: Use "safe" terminology instead of "checking"

Rename all helpers that eat (and return) exceptions to use "safe" instead
of "checking". This aligns KUT with the kernel and KVM selftests.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220608235238.3881916-4-seanjc@google.com

show more ...

x86: Move load_gdt_tss() to desc.c

Split load_gdt_tss() functionality into:
1. Load gdt/tss
2. Setup segments in 64-bit mode and update %cs via far-return

and move load_gdt_tss() to desc.c to share

x86: Move load_gdt_tss() to desc.c

Split load_gdt_tss() functionality into:
1. Load gdt/tss
2. Setup segments in 64-bit mode and update %cs via far-return

and move load_gdt_tss() to desc.c to share this code between
EFI and non-EFI tests.

Move the segment setup code specific to EFI into
setup.c:setup_segments64().

Signed-off-by: Varad Gautam <varad.gautam@suse.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220615232943.1465490-7-seanjc@google.com

show more ...

x86: desc: Split IDT entry setup into a generic helper

EFI bootstrapping code configures a call gate in a later commit to jump
from 16-bit to 32-bit code.

Introduce a set_desc_entry() routine which

x86: desc: Split IDT entry setup into a generic helper

EFI bootstrapping code configures a call gate in a later commit to jump
from 16-bit to 32-bit code.

Introduce a set_desc_entry() routine which can be used to fill both
an interrupt descriptor and a call gate descriptor on x86.

Signed-off-by: Varad Gautam <varad.gautam@suse.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220615232943.1465490-6-seanjc@google.com

show more ...

x86: Move load_idt() to desc.c

This allows sharing IDT setup code between EFI (-fPIC) and
non-EFI builds.

Signed-off-by: Varad Gautam <varad.gautam@suse.com>
Signed-off-by: Sean Christopherson <sea

x86: Move load_idt() to desc.c

This allows sharing IDT setup code between EFI (-fPIC) and
non-EFI builds.

Signed-off-by: Varad Gautam <varad.gautam@suse.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Link: https://lore.kernel.org/r/20220615232943.1465490-5-seanjc@google.com

show more ...

x86: desc: Replace spaces with tabs

Replace spaces with tabs in smp.c, and opportunistically clean up a
handful of minor coding style violations.

No functional change intended.

Signed-off-by: Sean

x86: desc: Replace spaces with tabs

Replace spaces with tabs in smp.c, and opportunistically clean up a
handful of minor coding style violations.

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220121231852.1439917-5-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Make exception_mnemonic() visible to the tests

exception_mnemonic() is a useful function for more than just desc.c.
Make it global, so it can be used in other KUT tests.

Signed-off-by: Aaron L

x86: Make exception_mnemonic() visible to the tests

exception_mnemonic() is a useful function for more than just desc.c.
Make it global, so it can be used in other KUT tests.

Signed-off-by: Aaron Lewis <aaronlewis@google.com>
Reviewed-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20220125203127.1161838-2-aaronlewis@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Fix a #GP from occurring in usermode library's exception handlers

When handling an exception in usermode.c the exception handler #GPs when
executing IRET to return from the exception handler.

x86: Fix a #GP from occurring in usermode library's exception handlers

When handling an exception in usermode.c the exception handler #GPs when
executing IRET to return from the exception handler. This happens
because the stack segment selector does not have the same privilege
level as the return code segment selector. Set the stack segment
selector to match the code segment selector's privilege level to fix the
issue.

This problem has been disguised in kvm-unit-tests because a #GP
exception handler has been registered with run_in_user() for the tests
that are currently using this feature. With a #GP exception handler
registered, the first exception will be processed then #GP on the
IRET. The IRET from the second #GP will then succeed, and the subsequent
lngjmp() will restore RSP to a sane value. But if no #GP handler is
installed, e.g. if a test wants to handle only #ACs, the #GP on the
initial IRET will be fatal.

This is only a problem in 64-bit mode because 64-bit mode
unconditionally pops SS:RSP (SDM vol 3, 6.14.3 "IRET in IA-32e Mode").
In 32-bit mode SS:RSP is not popped because there is no privilege level
change when executing IRET at the end of the #GP handler.

Signed-off-by: Aaron Lewis <aaronlewis@google.com>
Reviewed-by: Sean Christopherson <seanjc@google.com>
Message-Id: <20211214011823.3277011-2-aaronlewis@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Move 32-bit GDT and TSS to desc.c

Move the GDT and TSS data structures from x86/cstart.S to
lib/x86/desc.c, for consistency with the 64-bit version.

Signed-off-by: Paolo Bonzini <pbonzini@redh

x86: Move 32-bit GDT and TSS to desc.c

Move the GDT and TSS data structures from x86/cstart.S to
lib/x86/desc.c, for consistency with the 64-bit version.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: Move 64-bit GDT and TSS to desc.c

Move the GDT and TSS data structures from x86/cstart64.S to
lib/x86/desc.c, so that the follow-up UEFI support commits can reuse
these definitions, without re-

x86: Move 64-bit GDT and TSS to desc.c

Move the GDT and TSS data structures from x86/cstart64.S to
lib/x86/desc.c, so that the follow-up UEFI support commits can reuse
these definitions, without re-defining them in UEFI's boot up assembly
code.

Signed-off-by: Zixuan Wang <zixuanwang@google.com>
Message-Id: <20211004204931.1537823-2-zxwang42@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: unify name of 32-bit and 64-bit GDT

There's no need to distinguish gdt32 and gdt64, since the same C functions
operate on both and selector numbers are mostly unified between 32-
and 64-bit ver

x86: unify name of 32-bit and 64-bit GDT

There's no need to distinguish gdt32 and gdt64, since the same C functions
operate on both and selector numbers are mostly unified between 32-
and 64-bit versions.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

replace tss_descr global with a function

tss_descr is declared as a struct descriptor_table_ptr but it is actualy
pointing to an _entry_ in the GDT. Also it is different per CPU, but
tss_descr does

replace tss_descr global with a function

tss_descr is declared as a struct descriptor_table_ptr but it is actualy
pointing to an _entry_ in the GDT. Also it is different per CPU, but
tss_descr does not recognize that. Fix both by reusing the code
(already present e.g. in the vmware_backdoors test) that extracts
the base from the GDT entry; and also provide a helper to retrieve
the limit, which is needed in vmx.c.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

unify field names and definitions for GDT descriptors

Use the same names and definitions (apart from the high base field)
for GDT descriptors in both 32-bit and 64-bit code. The next patch
will als

unify field names and definitions for GDT descriptors

Use the same names and definitions (apart from the high base field)
for GDT descriptors in both 32-bit and 64-bit code. The next patch
will also reuse gdt_entry_t in the 16-byte struct definition, for now
some duplication remains.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

x86: cleanup handling of 16-byte GDT descriptors

Look them up using a gdt_entry_t pointer, so that the address of
the descriptor is correct even for "odd" selectors (e.g. 0x98).
Rename the struct fr

x86: cleanup handling of 16-byte GDT descriptors

Look them up using a gdt_entry_t pointer, so that the address of
the descriptor is correct even for "odd" selectors (e.g. 0x98).
Rename the struct from segment_desc64 to system_desc64,
highlighting that it is only used in the case of S=0 (system
descriptor). Rename the "limit" bitfield to "limit2", matching
the convention used for the various parts of the base field.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...