From b37008d74ef3c2d9623027f6bf891b311f38ddf4 Mon Sep 17 00:00:00 2001 From: Minggui Cao Date: Fri, 17 Aug 2018 11:48:13 +0800 Subject: [PATCH] HV: check secure/normal world for EPTP in gpa2hpa for secure and normal world has different EPTP, in secure world, it could trap to hypervisor and call gpa2hpa function. So it need check if it is in normal or secure world for EPTP selection. Detailed explanation from Yadong Qi : Currently, trusty OS does not handle interrupt, so when an interrupt is delivering in trusty, trusty will set it to LAPIC IRR register by inject self_ipi() and then call world_switch to switch to Android, So android will receive/handle the interrupt properly.Since the vLAPIC is enabled in ACRN, so when trusty try to inject self_ipi(), APIC-ACCESS vmexit will happen. Then ACRN will do instruction decode/emulation, so the GPA2HPA will fail since page walk is using nworld_eptp. It is probability an issue. Signed-off-by: Minggui Cao Acked-by: Eddie Dong --- hypervisor/arch/x86/ept.c | 11 +++++++++-- hypervisor/include/arch/x86/guest/vm.h | 2 +- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/hypervisor/arch/x86/ept.c b/hypervisor/arch/x86/ept.c index d2030017f..a8da5e77d 100644 --- a/hypervisor/arch/x86/ept.c +++ b/hypervisor/arch/x86/ept.c @@ -104,9 +104,16 @@ uint64_t local_gpa2hpa(const struct vm *vm, uint64_t gpa, uint32_t *size) { uint64_t hpa = 0UL; uint64_t *pgentry, pg_size = 0UL; + void *eptp; + struct vcpu *vcpu = vcpu_from_pid(vm, get_cpu_id()); - pgentry = lookup_address((uint64_t *)vm->arch_vm.nworld_eptp, - gpa, &pg_size, PTT_EPT); + if (vcpu && (vcpu->arch_vcpu.cur_context == SECURE_WORLD)) { + eptp = vm->arch_vm.sworld_eptp; + } else { + eptp = vm->arch_vm.nworld_eptp; + } + + pgentry = lookup_address((uint64_t *)eptp, gpa, &pg_size, PTT_EPT); if (pgentry != NULL) { hpa = ((*pgentry & (~(pg_size - 1UL))) | (gpa & (pg_size - 1UL))); diff --git a/hypervisor/include/arch/x86/guest/vm.h b/hypervisor/include/arch/x86/guest/vm.h index 6822c1f41..b2355eb86 100644 --- a/hypervisor/include/arch/x86/guest/vm.h +++ b/hypervisor/include/arch/x86/guest/vm.h @@ -216,7 +216,7 @@ static inline struct vcpu *vcpu_from_vid(struct vm *vm, uint16_t vcpu_id) return NULL; } -static inline struct vcpu *vcpu_from_pid(struct vm *vm, uint16_t pcpu_id) +static inline struct vcpu *vcpu_from_pid(const struct vm *vm, uint16_t pcpu_id) { uint16_t i; struct vcpu *vcpu;