fix bad MSR write and simplify KVM_MEMORY_FAULT impl

Signed-off-by: Jake Correnti <[email protected]>

Author: jakecorrenti

src/cpuid/src/transformer/intel.rs

@@ -16,12 +16,56 @@ pub fn update_feature_info_entry(
     use crate::cpu_leaf::leaf_0x1::*;
 
     common::update_feature_info_entry(entry, vm_spec)?;
+    if entry.index == 0x1 {
+        println!("adjusting 0x1 index feature");
+        entry.ecx &= (1 << 21);
+    }
 
     entry.ecx.write_bit(ecx::TSC_DEADLINE_TIMER_BITINDEX, true);
 
     Ok(())
 }
 
+pub fn update_kvm_features(
+    entry: &mut kvm_cpuid_entry2,
+    vm_spec: &VmSpec,
+) -> Result<(), Error> {
+            // KVM feature bits
+            const NOP_IO_RELAY: u32 = 1;
+            const PV_UNHALT: u32 = 1;
+            const PV_TLB_FLUSH: u32 = 9;
+            const PV_SEND_IPI: u32 = 11;
+            const POLL_CONTROL: u32 = 12;
+            const PV_SCHED_YIELD: u32 = 13;
+            const MSI_EXT_DEST_ID: u32 = 15;
+            
+            // These features are not supported by TDX
+            entry.eax &= (1 << NOP_IO_RELAY) | (1 << PV_UNHALT) | (1 << PV_TLB_FLUSH) | (1 << PV_SEND_IPI) | (1 << POLL_CONTROL) | (1 << PV_SCHED_YIELD) | (1 << MSI_EXT_DEST_ID);
+    Ok(())
+}
+
+pub fn update_0xd_for_tdx(
+    entry: &mut kvm_cpuid_entry2,
+    vm_spec: &VmSpec,
+) -> Result<(), Error> {
+            if entry.function == 0xD && entry.index == 0 {
+                const XFEATURE_MASK_XTILE: u32 = (1 << 17) | (1 << 18);
+                if (entry.eax & XFEATURE_MASK_XTILE) != XFEATURE_MASK_XTILE {
+                    entry.eax &= !XFEATURE_MASK_XTILE;
+                }
+            }
+
+            if entry.function == 0xD && entry.index == 1 {
+                entry.ecx &= !(1 << 15);
+                const XFEATURE_MASK_CET: u32 = (1 << 11) | (1 << 12);
+                if entry.ecx & XFEATURE_MASK_CET > 0 {
+                    entry.ecx |= XFEATURE_MASK_CET;
+                }
+            }
+    
+    Ok(())
+}
+
 fn update_deterministic_cache_entry(
     entry: &mut kvm_cpuid_entry2,
     vm_spec: &VmSpec,
@@ -146,6 +190,11 @@ impl CpuidTransformer for IntelCpuidTransformer {
             leaf_0x6::LEAF_NUM => Some(intel::update_power_management_entry),
             leaf_0xa::LEAF_NUM => Some(intel::update_perf_mon_entry),
             leaf_0xb::LEAF_NUM => Some(intel::update_extended_cache_topology_entry),
+            leaf_0xd::LEAF_NUM => Some(intel::update_0xd_for_tdx),
+            0x4000_0001 => {
+                
+                Some(intel::update_kvm_features)
+            },
             0x8000_0002..=0x8000_0004 => Some(common::update_brand_string_entry),
             _ => None,
         }

src/vmm/src/builder.rs

@@ -1175,55 +1175,49 @@ fn create_vcpus_x86_64(
         .map_err(Error::Vcpu)?;
 
         let mut cpuid = vm.supported_cpuid().clone();
-        for entry in cpuid.as_mut_slice().iter_mut() {
-            if entry.index == 0x1 {
-                entry.ecx &= 1 << 21;
-            }
-
-            if entry.function == 0xD && entry.index == 0 {
-                const XFEATURE_MASK_XTILE: u32 = (1 << 17) | (1 << 18);
-                if (entry.eax & XFEATURE_MASK_XTILE) != XFEATURE_MASK_XTILE {
-                    entry.eax &= !XFEATURE_MASK_XTILE;
-                }
-            }
-
-            if entry.function == 0xD && entry.index == 1 {
-                entry.ecx &= !(1 << 15);
-                const XFEATURE_MASK_CET: u32 = (1 << 11) | (1 << 12);
-                if entry.ecx & XFEATURE_MASK_CET > 0 {
-                    entry.ecx |= XFEATURE_MASK_CET;
-                }
-            }
-
-            if entry.function == 0x4000_0001  {
-                // KVM feature bits
-                const KVM_FEATURE_CLOCKSOURCE_BIT: u8 = 0;
-                const KVM_FEATURE_CLOCKSOURCE2_BIT: u8 = 3;
-                const KVM_FEATURE_CLOCKSOURCE_STABLE_BIT: u8 = 24;
-                const KVM_FEATURE_ASYNC_PF_BIT: u8 = 4;
-                const KVM_FEATURE_ASYNC_PF_VMEXIT_BIT: u8 = 10;
-                const KVM_FEATURE_STEAL_TIME_BIT: u8 = 5;
-                const KVM_FEATURE_PV_EOI: u8 = 6;
+        // for entry in cpuid.as_mut_slice().iter_mut() {
+        //     if entry.index == 0x1 {
+        //         entry.ecx &= 1 << 21;
+        //     }
+
+        //     if entry.function == 0xD && entry.index == 0 {
+        //         const XFEATURE_MASK_XTILE: u32 = (1 << 17) | (1 << 18);
+        //         if (entry.eax & XFEATURE_MASK_XTILE) != XFEATURE_MASK_XTILE {
+        //             entry.eax &= !XFEATURE_MASK_XTILE;
+        //         }
+        //     }
+
+        //     if entry.function == 0xD && entry.index == 1 {
+        //         entry.ecx &= !(1 << 15);
+        //         const XFEATURE_MASK_CET: u32 = (1 << 11) | (1 << 12);
+        //         if entry.ecx & XFEATURE_MASK_CET > 0 {
+        //             entry.ecx |= XFEATURE_MASK_CET;
+        //         }
+        //     }
+
+        //     if entry.function == 0x4000_0001  {
+        //         // KVM feature bits
+        //         const NOP_IO_RELAY: u32 = 1;
+        //         const PV_UNHALT: u32 = 1;
+        //         const PV_TLB_FLUSH: u32 = 9;
+        //         const PV_SEND_IPI: u32 = 11;
+        //         const POLL_CONTROL: u32 = 12;
+        //         const PV_SCHED_YIELD: u32 = 13;
+        //         const MSI_EXT_DEST_ID: u32 = 15;
 
-                // These features are not supported by TDX
-                entry.eax &= !(1 << KVM_FEATURE_CLOCKSOURCE_BIT
-                    | 1 << KVM_FEATURE_CLOCKSOURCE2_BIT
-                    | 1 << KVM_FEATURE_CLOCKSOURCE_STABLE_BIT
-                    | 1 << KVM_FEATURE_ASYNC_PF_BIT
-                    | 1 << KVM_FEATURE_ASYNC_PF_VMEXIT_BIT
-                    | 1 << KVM_FEATURE_PV_EOI
-                    | 1 << KVM_FEATURE_STEAL_TIME_BIT);
-            }
-        }
-
-        #[cfg(feature = "intel-tdx")]
-        vcpu.tdx_secure_virt_init(hob_section_addr, &cpuid)
-            .map_err(Error::Vcpu)?;
+        //         // These features are not supported by TDX
+        //         entry.eax &= (1 << NOP_IO_RELAY) | (1 << PV_UNHALT) | (1 << PV_TLB_FLUSH) | (1 << PV_SEND_IPI) | (1 << POLL_CONTROL) | (1 << PV_SCHED_YIELD) | (1 << MSI_EXT_DEST_ID);
+        //     }
+        // }
 
         println!("entry addr: {:#?}", entry_addr);
         vcpu.configure_x86_64(guest_mem, entry_addr, vcpu_config)
             .map_err(Error::Vcpu)?;
 
+        #[cfg(feature = "intel-tdx")]
+        vcpu.tdx_secure_virt_init(0, &cpuid)
+            .map_err(Error::Vcpu)?;
+
         vcpus.push(vcpu);
     }
     Ok(vcpus)

src/vmm/src/linux/vstate.rs

@@ -1500,16 +1500,21 @@ impl Vcpu {
                         error!("KVM_EXIT_MEMORY_FAULT: Unknown flag {}", flags);
                         Err(Error::VcpuUnhandledKvmExit)
                     } else {
-                        // from private to shared
-                        let mut attr = 0;
-                        // from shared to private
-                        if flags & kvm_bindings::KVM_MEMORY_EXIT_FLAG_PRIVATE as u64
-                            == kvm_bindings::KVM_MEMORY_EXIT_FLAG_PRIVATE as u64
-                        {
-                            attr = kvm_bindings::KVM_MEMORY_ATTRIBUTE_PRIVATE;
-                        };
-
-                        let _ = self.vmcall_sender.try_send((gpa, size, attr > 0));
+                        // // from private to shared
+                        // let mut attr = 0;
+                        // // from shared to private
+                        // if flags & kvm_bindings::KVM_MEMORY_EXIT_FLAG_PRIVATE as u64
+                        //     == kvm_bindings::KVM_MEMORY_EXIT_FLAG_PRIVATE as u64
+                        // {
+                        //     attr = kvm_bindings::KVM_MEMORY_ATTRIBUTE_PRIVATE;
+                        // };
+                        let attr = (flags & kvm_bindings::KVM_MEMORY_EXIT_FLAG_PRIVATE as u64);
+
+                        let res = self.vmcall_sender.try_send((gpa, size, attr > 0));
+                        if res.is_err() {
+                            error!("KVM_EXIT_MEMORY_FAULT: unable to convert memory: Exit {:#?}", res);
+                            return Err(Error::VcpuUnhandledKvmExit);
+                        }
                         Ok(VcpuEmulation::Handled)
                     }
                 }
@@ -1784,7 +1789,7 @@ impl Vcpu {
 
     #[cfg(feature = "intel-tdx")]
     pub fn tdx_secure_virt_init(&self, hob_addr: u64, cpuid: &CpuId) -> Result<()> {
-        self.fd.set_cpuid2(cpuid).unwrap();
+        // self.fd.set_cpuid2(cpuid).unwrap();
         tdx::launch::TdxVcpu::init_raw(&self.fd, hob_addr)
             .or_else(|_| return Err(Error::TdxSecVirtInitVcpu))
     }