From: Joerg Roedel <jroedel@suse.de>
Date: Mon, 7 Sep 2020 15:16:02 +0200
Subject: x86/sev-es: Handle #DB Events
Git-commit: cb1ad3ecea959593400dfac4f027dbc005e62c39
Patch-mainline: v5.10-rc1
References: jsc#SLE-14337

Handle #VC exceptions caused by #DB exceptions in the guest. Those
must be handled outside of instrumentation_begin()/end() so that the
handler will not be raised recursively.

Handle them by calling the kernel's debug exception handler.

Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200907131613.12703-62-joro@8bytes.org
---
 arch/x86/kernel/sev-es.c |   13 +++++++++++++
 1 file changed, 13 insertions(+)

--- a/arch/x86/kernel/sev-es.c
+++ b/arch/x86/kernel/sev-es.c
@@ -924,6 +924,11 @@ static enum es_result vc_handle_trap_ac(
 	return ES_EXCEPTION;
 }
 
+static __always_inline void vc_handle_trap_db(struct pt_regs *regs)
+{
+	do_debug(regs, 0);
+}
+
 static enum es_result vc_handle_exitcode(struct es_em_ctxt *ctxt,
 					 struct ghcb *ghcb,
 					 unsigned long exit_code)
@@ -1035,6 +1040,14 @@ void safe_stack_vmm_communication(struct
 	struct ghcb *ghcb;
 
 	/*
+	 * Handle #DB before calling into !noinstr code to avoid recursive #DB.
+	 */
+	if (error_code == SVM_EXIT_EXCP_BASE + X86_TRAP_DB) {
+		vc_handle_trap_db(regs);
+		return;
+	}
+
+	/*
 	 * This is invoked through an interrupt gate, so IRQs are disabled. The
 	 * code below might walk page-tables for user or kernel addresses, so
 	 * keep the IRQs disabled to protect us against concurrent TLB flushes.