Received: by 10.223.176.46 with SMTP id f43csp2216395wra;
        Thu, 25 Jan 2018 06:41:40 -0800 (PST)
X-Google-Smtp-Source: AH8x2252pYJaZcEmcCW82bSDhi/+HpLBZ/EJV3Dj3dA4ic9ji/G4NhmK+LvU/HV4Us+1phzdi8Nn
X-Received: by 10.99.127.79 with SMTP id p15mr13311762pgn.140.1516891300479;
        Thu, 25 Jan 2018 06:41:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516891300; cv=none;
        d=google.com; s=arc-20160816;
        b=a5f67vU8zu4vO7rU15Ug1jiUrwC9Pe2RiDqpWkB/drMVsdaFZM325Wkkpko42e+LX4
         SVBBO5MP/eDybNn47E0yqpFYHIto+F/1pMhj8AD4xZu4rXnUuhj8oiz91Cpjg75eSynr
         CwWl6QkL747SOUb1a2cpEIYc6n1nIPrbjovACSSUtjlX7uvCo/nNCZ0jDJHYWs5XuZzO
         340qbk81jkGiGyl7XlahwSvne9zK8934Dput4fnbbMTXd8u72JBkWlKhv+ckty7nN2dl
         Nx5Ib4jsYliM3BuX1xoxBDjjl7JHWy/V3+/Uo2vZdLF+QvZN7pNZkMHQdNqpHMFCOV2N
         927A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:thread-index:thread-topic
         :content-transfer-encoding:mime-version:subject:references
         :in-reply-to:message-id:cc:to:from:date:arc-authentication-results;
        bh=2oj3u1iGhkcdkFXL2hk5yw3gIzjRTKBTx+r5sbJMG9c=;
        b=nSJXiDAYdls269Z9enL9i95HYNqZwtq0QmYF4bhtx9Na6MUKqGprFu3EsLsgnqJiQO
         f/8xZAroI0W6Qr01olTbWLb+gdtbKcywL8379+0Fi6pAmlL4p6y6rRWkhuqyeXHlx9+V
         cVo8dexW1voFB7deYrq9SBiKm/mh9moY9w3+rw7RsdCLROU1tsqh1euNR/maPuqWmuZH
         qfsohFOIb0eDKyr77fgKLzEBET6x8ULeRbS9ZqftU8QNHWlm+zbSRpYeCFf9fAdV6vNF
         UdAaX5ZL0P9TW28ZBj0GsBdxfMwZW+NMUO/XvfeKqBEnLrliWe1l9YT2OZDU9rXzezNH
         fz9Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l185si1649652pge.147.2018.01.25.06.41.26;
        Thu, 25 Jan 2018 06:41:40 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751700AbeAYOe6 convert rfc822-to-8bit (ORCPT
        <rfc822;charleyewang@gmail.com> + 99 others);
        Thu, 25 Jan 2018 09:34:58 -0500
Received: from mx1.redhat.com ([209.132.183.28]:36992 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751676AbeAYOez (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Jan 2018 09:34:55 -0500
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id 298B82579C;
        Thu, 25 Jan 2018 14:34:55 +0000 (UTC)
Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
        by smtp.corp.redhat.com (Postfix) with ESMTPS id 1B5DB600CC;
        Thu, 25 Jan 2018 14:34:55 +0000 (UTC)
Received: from zmail18.collab.prod.int.phx2.redhat.com (zmail18.collab.prod.int.phx2.redhat.com [10.5.83.21])
        by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0DF6B3FB17;
        Thu, 25 Jan 2018 14:34:55 +0000 (UTC)
Date:   Thu, 25 Jan 2018 09:34:54 -0500 (EST)
From:   Paolo Bonzini <pbonzini@redhat.com>
To:     Vitaly Kuznetsov <vkuznets@redhat.com>
Cc:     kvm@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>
Message-ID: <2086615908.2524618.1516890894578.JavaMail.zimbra@redhat.com>
In-Reply-To: <20180124151234.32329-1-vkuznets@redhat.com>
References: <20180124151234.32329-1-vkuznets@redhat.com>
Subject: Re: [PATCH] x86/kvm: disable fast MMIO when running nested
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8BIT
X-Originating-IP: [78.12.230.124, 10.4.196.8, 10.4.195.10]
Thread-Topic: x86/kvm: disable fast MMIO when running nested
Thread-Index: naDXCfHmsPK8qq0toS+xvAFQ92POeg==
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Thu, 25 Jan 2018 14:34:55 +0000 (UTC)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



----- Original Message -----
> From: "Vitaly Kuznetsov" <vkuznets@redhat.com>
> To: kvm@vger.kernel.org
> Cc: x86@kernel.org, linux-kernel@vger.kernel.org, "Paolo Bonzini" <pbonzini@redhat.com>, "Radim Krčmář"
> <rkrcmar@redhat.com>
> Sent: Wednesday, January 24, 2018 4:12:34 PM
> Subject: [PATCH] x86/kvm: disable fast MMIO when running nested
> 
> I was investigating an issue with seabios >= 1.10 which stopped working
> for nested KVM on Hyper-V. The problem appears to be in
> handle_ept_violation() function: when we do fast mmio we need to skip
> the instruction so we do kvm_skip_emulated_instruction(). This, however,
> depends on VM_EXIT_INSTRUCTION_LEN field being set correctly in VMCS.
> However, this is not the case.
> 
> Intel's manual doesn't mandate VM_EXIT_INSTRUCTION_LEN to be set when
> EPT MISCONFIG occurs. While on real hardware it was observed to be set,
> some hypervisors follow the spec and don't set it; we end up advancing
> IP with some random value.
> 
> I checked with Microsoft and they confirmed they don't fill
> VM_EXIT_INSTRUCTION_LEN on EPT MISCONFIG.
> 
> Fix the issue by disabling fast mmio when running nested.
> 
> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
> ---
>  arch/x86/kvm/vmx.c | 9 ++++++++-
>  1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
> index c829d89e2e63..54afb446f38e 100644
> --- a/arch/x86/kvm/vmx.c
> +++ b/arch/x86/kvm/vmx.c
> @@ -6558,9 +6558,16 @@ static int handle_ept_misconfig(struct kvm_vcpu *vcpu)
>  	/*
>  	 * A nested guest cannot optimize MMIO vmexits, because we have an
>  	 * nGPA here instead of the required GPA.
> +	 * Skipping instruction below depends on undefined behavior: Intel's
> +	 * manual doesn't mandate VM_EXIT_INSTRUCTION_LEN to be set in VMCS
> +	 * when EPT MISCONFIG occurs and while on real hardware it was observed
> +	 * to be set, other hypervisors (namely Hyper-V) don't set it, we end
> +	 * up advancing IP with some random value. Disable fast mmio when
> +	 * running nested and keep it for real hardware in hope that
> +	 * VM_EXIT_INSTRUCTION_LEN will always be set correctly.
>  	 */
>  	gpa = vmcs_read64(GUEST_PHYSICAL_ADDRESS);
> -	if (!is_guest_mode(vcpu) &&
> +	if (!static_cpu_has(X86_FEATURE_HYPERVISOR) && !is_guest_mode(vcpu) &&
>  	    !kvm_io_bus_write(vcpu, KVM_FAST_MMIO_BUS, gpa, 0, NULL)) {
>  		trace_kvm_fast_mmio(gpa);
>  		return kvm_skip_emulated_instruction(vcpu);
> --
> 2.14.3

Vitaly,

could you base the X86_FEATURE_HYPERVISOR case on the patch at
https://patchwork.kernel.org/patch/9903811/?

By using EMULTYPE_SKIP, the eventfd is signaled before entering the
emulator and the impact on latency is small.

Thanks,

Paolo