[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC v1 6/7] x86/svm: Use the emulator path for VMEXIT_HLT

  • To: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Teddy Astie <teddy.astie@xxxxxxxxxx>
  • Date: Tue, 19 May 2026 19:02:10 +0200
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=vates.tech header.i="@vates.tech" header.h="From:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type:In-Reply-To:References:Feedback-ID"
  • Autocrypt: addr=teddy.astie@xxxxxxxxxx; keydata= xsDNBGn5sK8BDACuzSrrTjpVf4ay06OYB6yY0J1PqKffihoNMtrQRZjAHxoAPC7LTBVHV/XO Zw5HJc+9R71z1JV+iYg6z3jPziGKzX8Fj3ZXlzJPmpf1PuETH3KdbvtJT4ny+OGntnJntUoR KRPhTirr6yNeBk/637O3CQXjtqFUPZnko8OI/o1yawIBhJJAWicutjkkUgd28Bh6HV9EIumH tCBgn5/1A/fpm9624MMgYLsA8qjC4XsoovQvFCaO8HEhvfzrrTZHjn/nPeB9SigxIxXW8YaT VqMdqul07o72m3eA2mf+LMu9a04FX/d4wbxBLtELm+1jIrbtyaFZEMOLv/haSiS/Lj3btJH/ EoucejoZ5SH49ksmVAmKOLktOaTQ8b2gEvP7iaKiIiszCCtOSRohr+2GvDsDeLvVZnlR3I+S PhHar7TPKjFz0G3DPNolyjXywNqOAMpomSPi8lSwjAFsxOtQbcck/qRGRSNk4DAmH70pA+89 MXfQXZ3qt1Q01B1+sU0I8xsAEQEAAc0kVGVkZHkgQXN0aWUgPHRlZGR5LmFzdGllQHZhdGVz LnRlY2g+wsENBBMBCAA3FiEEGAIew9LzHY3pdrqtZg+p0QLLz9AFAmn5sK8FCQWjmoACGwME CwkIBwUVCAkKCwUWAgMBAAAKCRBmD6nRAsvP0ID6DACGOktArFbLKHNzuyOVCskwfUZPla6Z pd3GZ8r61SrAKePIr2BnpgPkd0hV3bSRkRLIrgjzR2NRCzfp0x0HfuhcYfAYPR46XHTvjaJE v99sT/vGUG1BZguYDOScSEpgSNaNlYum3RKZbMuROxdK8G+YHccJY8PvWSq2K2yiae2KGiAv 1yjnZxug9/PtDfX8vQFUSg2w1ukRDf50wvDohN1zUQfFtofOP2xCRsDZiHAlQ0pF+aUjXQhP eP3IdpfWc8cyRLXF06Rk46YMYCytweGtGdHcqAfrVthl84129ZPN422k/voW0sm14gjYlGcT UwgnYlFRk2FLq0QeKEDcS0aj3o3EVAQCrayoGzi1pnlIKE3PRGUcUzjGVvzQ/po24gOjwba9 Egr/Wmu3MQlx/7A8zT5QBzF/n+RYdLNQ0Eu6YnUwf0Z1uieqNaon+olyIRFiLb/hCZHO6ekN f5vrm2clHUbQAYaPQebknujoKBo6ZLHg0WM1gZS01Gz+aUpKsUfOwM0EafmwsAEMAKiQiZa3 yQMmc/h3sDbfVHPSiBA4IMI/NAB7IotzPHq1GzCpsoVILAhF/INbWjxJ3DbVf+en3/FvdVZg 2S38xtnth0njNdlVKpyxm054phKjbdoFDwaknWolS4hrddTmetSG5/52AjtmPFtlXAk0NmLv fJnW3seXVQbgM7sW/MNXPP5UKDpkGnLhnvej+GU0s3109sJeXT5ImVdphFs9cvyZyBT9t1Pb Rowv58EgV0zE4hbAeVkULAbxFV5b/ExTjjGVHoX7CVhWxvCiTqCUoXZRkUE9C3FnkzEFRkKb Yu6NCfiHfEyB3Xyg9hfdrRgjMRq907zCof+nDtWxGz1MSEuvTj1g9GZ049Bennqzjc/Q+0ov XoK4jm+Py0FiUGUaA6yhexficjH+kCR/xDbVnWrMhSLB4AuTBT9HjfZI6gk3uYLhoT8Pig4/ eVtR2Q1wZIJsFToR6ofGuyECwFcs+PUXN7fmGRSiPXgjAr/zIUBdW0VWCE3OGPNqtRk2E5s6 IQARAQABwsD8BBgBCAAmFiEEGAIew9LzHY3pdrqtZg+p0QLLz9AFAmn5sLAFCQWjmoACGwwA CgkQZg+p0QLLz9DncQwAg76IehTemLIfrB8T9WIBZrI4kUV7G7a4rjiVoUiHYN5QwhnbZnsa JDlt+Ezoqy/510eo2bCSzvW5xXYPgyjcuOPwgQo1Qp764QxyX6rld2f2RcWkDuBHun55ZWXj by8o21ginPRwruBVYY5rVf3DV1iBu4NurUeHtyFk/dS0XTOQi2wVUb17sW/+ybCEokdVacZG zOqP/OmwHrF8ylXlXnhQq6e3r+J+T8fuoGJelm/CJiMwyP6cEWE8sxVqX/iqwjwUYkuOCpE+ lOWSvdNHgoEkWR0RXBPQjnGmLKbfTl/QDXLk6NP2/r9uxm2HL6Ei3QJKSEdrp+XZaVnk/Off O485NOTKwGOxyWb006cTMh53xPkAJFQu4Tvdj+odsHz88jqw5wfPG0BYWx0I/FspYj7N9kZR 8ULR9nX0LvpzJ/kB4NgHIUt8YtIL6ZSfM2dbF7fKzvx1UqFfvozJZwFzfEieJLXa4nlGgR6D x9fhaZEsniw8/bYgC3igkk5YJiOa
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Jason Andryuk <jason.andryuk@xxxxxxx>
  • Delivery-date: Tue, 19 May 2026 17:02:26 +0000
  • Feedback-id: default:8631fc262581453bbf619ec5b2062170:Sweego
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Hello,
Here is my feedback from a SEV-ES implementation perspective, as it has specific needs related to some VMEXIT handling. 

Le 18/05/2026 à 15:14, Ross Lagerwall a écrit :

Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
---
  xen/arch/x86/hvm/emulate.c     |  5 +++++
  xen/arch/x86/hvm/svm/emulate.c |  2 +-
  xen/arch/x86/hvm/svm/svm.c     | 24 +++++++++++-------------
  xen/arch/x86/hvm/svm/svm.h     |  1 +
  4 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
index c9553cd28238..471c032c1e9c 100644
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
@@ -2800,6 +2800,11 @@ static int _hvm_emulate_one(struct hvm_emulate_ctxt 
*hvmemul_ctxt,
switch ( hvmemul_ctxt->insn ) 
          {
+        case INSTR_HLT:
+            hvmemul_ctxt->ctxt.retire.hlt = true;
+            rc = X86EMUL_OKAY;
+            break;
+
          default:
              ASSERT_UNREACHABLE();
              rc = X86EMUL_UNHANDLEABLE;
diff --git a/xen/arch/x86/hvm/svm/emulate.c b/xen/arch/x86/hvm/svm/emulate.c
index 1dd830a31bd7..31f3cd88a858 100644
--- a/xen/arch/x86/hvm/svm/emulate.c
+++ b/xen/arch/x86/hvm/svm/emulate.c
@@ -16,7 +16,7 @@
  #include "svm.h"
  #include "vmcb.h"
-static unsigned long svm_nextrip_insn_length(struct vcpu *v) 
+unsigned long svm_nextrip_insn_length(struct vcpu *v)
  {
      struct vmcb_struct *vmcb = v->arch.hvm.svm.vmcb;
diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c 
index f49d2ebbfdd5..2d6022d6238c 100644
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -2051,18 +2051,6 @@ static void svm_do_msr_access(struct cpu_user_regs *regs)
          hvm_inject_hw_exception(X86_EXC_GP, 0);
  }
-static void svm_vmexit_do_hlt(struct vmcb_struct *vmcb, 
-                              struct cpu_user_regs *regs)
-{
-    unsigned int inst_len;
-
-    if ( (inst_len = svm_get_insn_len(current, INSTR_HLT)) == 0 )
-        return;
-    __update_guest_eip(regs, inst_len);
-
-    hvm_hlt(regs->eflags);
-}
-
  static void svm_vmexit_do_rdtsc(struct cpu_user_regs *regs, bool rdtscp)
  {
      struct vcpu *curr = current;
@@ -2363,6 +2351,13 @@ static void cf_check svm_set_reg(struct vcpu *v, 
unsigned int reg, uint64_t val)
      }
  }
+static void svm_emulate_one(struct hvm_emulate_ctxt *ctxt) 
+{
+    ctxt->insn_len = svm_nextrip_insn_length(current);
+    if ( !hvm_emulate_one_ctxt(ctxt) )
+        hvm_inject_hw_exception(X86_EXC_GP, 0);
+}
+
  static struct hvm_function_table __initdata_cf_clobber svm_function_table = {
      .name                 = "SVM",
      .cpu_up_prepare       = svm_cpu_up_prepare,
@@ -2496,6 +2491,7 @@ void asmlinkage svm_vmexit_handler(void)
      vintr_t intr;
      bool vcpu_guestmode = false;
      struct vlapic *vlapic = vcpu_vlapic(v);
+    struct hvm_emulate_ctxt ctxt;
regs->rax = vmcb->rax; 
      regs->rip = vmcb->rip;
@@ -2840,7 +2836,9 @@ void asmlinkage svm_vmexit_handler(void)
      }
case VMEXIT_HLT: 
-        svm_vmexit_do_hlt(vmcb, regs);
+        hvm_emulate_init_once(&ctxt, NULL, NULL, regs);
+        ctxt.insn = INSTR_HLT;
+        svm_emulate_one(&ctxt);
          break;
In this case, most of the logic is hidden behind svm_emulate_one(); however, SEV-ES changes some aspects of the VMEXIT_HLT behavior (this is the same for e.g VMEXIT_PAUSE).
With SEV-ES, we can't access the CPU registers anymore but hlt can still be intercepted (it's a "Automatic Exit (AE)"), in this case, the CPU increases RIP itself (this is documented in SEV-ES section of the APM), and we just have to emulate the HLT behavior. How would that specific behavior fit in this new design ? 

We can skip increasing rip in this specific case, but it's now common code.
case VMEXIT_IOIO: 
diff --git a/xen/arch/x86/hvm/svm/svm.h b/xen/arch/x86/hvm/svm/svm.h
index f75bca7c5f66..9422dbd38a78 100644
--- a/xen/arch/x86/hvm/svm/svm.h
+++ b/xen/arch/x86/hvm/svm/svm.h
@@ -36,6 +36,7 @@ static inline void svm_invlpga(unsigned long linear, uint32_t 
asid)
      asm volatile ( "invlpga" :: "a" (linear), "c" (asid) );
  }
+unsigned long svm_nextrip_insn_length(struct vcpu *v); 
  unsigned int svm_get_insn_len(struct vcpu *v, unsigned int instr_enc);
  unsigned int svm_get_task_switch_insn_len(void);


Teddy

Attachment: OpenPGP_0x660FA9D102CBCFD0.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.