Re: [PATCHv2 2/3] x86/tdx: Clarify RIP adjustments in #VE handler

From: Dave Hansen
Date: Fri May 20 2022 - 13:52:50 EST


On 5/19/22 20:13, Kirill A. Shutemov wrote:
> + /*
> + * If the #VE happened due to instruction execution, GET_VEINFO
> + * provides info on the instruction in out.r10.
> + *
> + * For #VE due to EPT violation, info in out.r10 is not usable and
> + * kernel has to decode instruction manually to find out its length.
> + */
> + if (ve->exit_reason != EXIT_REASON_EPT_VIOLATION) {
> + ve->instr_len = lower_32_bits(out.r10);
> + ve->instr_info = upper_32_bits(out.r10);
> + } else {
> + ve->instr_len = 0;
> + ve->instr_info = 0;
> + }
> }

This is _better_, but I still don't like it. It still hides the magic
down in here and if someone screws it up, they'll silently get a loop of
#VE's. If we stick the logic a helper like:

int ve_instr_len(struct ve_info *ve)
{
if (WARN_ON_ONCE(ve->exit_reason != EXIT_REASON_EPT_VIOLATION))
return 0;

return ve->instr_len;
}

and then folks consume the instruction length with that, we get a splat
right where and when it goes wrong.

BTW, how do we know that all non-EPT_VIOLATION exits reasons are
instruction execution?