Received: by 10.223.176.46 with SMTP id f43csp2227805wra;
        Thu, 25 Jan 2018 06:51:51 -0800 (PST)
X-Google-Smtp-Source: AH8x2247eyXJmVUIGexO2D/HsFl4J8Be51Yk9KDfR03lr2O/bXY2WHQoDbZy9u8se0DYz6nBbXj1
X-Received: by 2002:a17:902:4e25:: with SMTP id f34-v6mr2436513ple.68.1516891911666;
        Thu, 25 Jan 2018 06:51:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516891911; cv=none;
        d=google.com; s=arc-20160816;
        b=BAVxAdNnELfTinNAC66/90+WOZtY4weuBMfE3EkLxrB1H5xBhk3pBO3xMz/mgkkeQ3
         Tnp0IWZBT/G2bAD1wwAaYx1ZL+vK5ZLpb0Ny28rnCWjm82aNVIC5cpMNOWUzd6if++lB
         9cMdzLwC8nUpCzWV2+yO6czRo3S0FwoDa7GuLRPfFvwzgDiPU/6W3HTDFEAXZsDCUbWK
         thOo5r00F+QaqpEpCgkSUnTlVq/5g99/zs4S3wg4OLqvcA2swl3QUcuaKa5kEKZKkIMA
         OWcLBpfTtklbzFcFnSbKRFB0GL4XvLxz+dr67FSlW13nF/mrg6I+sMCAHYou/n74lGSr
         GdUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:message-id:in-reply-to:date:references:subject:cc:to
         :from:arc-authentication-results;
        bh=NJen53gnk35xE8WxWCmricsoQ8jzmMUXfG6j/SbAHgw=;
        b=WpOVwVFrhI7KWPma9wpLjiv73lEMW7jNZSh3nO3tj43q4Rjodq++/ib8GQJ0sOkiy8
         7MUi1/QADtA3giwxFuyon/qFjywmdTX+pQwN6H3N7QvqHo6VivqMFv1+tFGbsqvbM/HS
         rTV6l6GzYs9qk2c4e2wews+j/eKfBdd+MMQ3641gjnNnpftbywyb16EgrqixH1SW/wHC
         ZaMSsgr/wHqYF/g4bRUAd/dOJQP99AumdVWBbUS1kNdFUC8GO4i1FuHGLcn5JVcsmMu1
         2zRwAnIb+np91HOQ/09EPiHeVgJe86dQJpSoSnOrA+4JF03Vcqdu6+33WsIwAxEOq0hb
         dpSQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 63-v6si2084540pla.526.2018.01.25.06.51.36;
        Thu, 25 Jan 2018 06:51:51 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751598AbeAYOuW (ORCPT <rfc822;c14006078@gmail.com> + 99 others);
        Thu, 25 Jan 2018 09:50:22 -0500
Received: from mx1.redhat.com ([209.132.183.28]:4752 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1750911AbeAYOuU (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Jan 2018 09:50:20 -0500
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id C7DD45C9DD;
        Thu, 25 Jan 2018 14:50:20 +0000 (UTC)
Received: from vitty.brq.redhat.com.redhat.com (unknown [10.43.2.155])
        by smtp.corp.redhat.com (Postfix) with ESMTPS id 97F132C7C4;
        Thu, 25 Jan 2018 14:49:50 +0000 (UTC)
From:   Vitaly Kuznetsov <vkuznets@redhat.com>
To:     Paolo Bonzini <pbonzini@redhat.com>
Cc:     kvm@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org,
        Radim =?utf-8?B?S3LEjW3DocWZ?= <rkrcmar@redhat.com>
Subject: Re: [PATCH] x86/kvm: disable fast MMIO when running nested
References: <20180124151234.32329-1-vkuznets@redhat.com>
        <2086615908.2524618.1516890894578.JavaMail.zimbra@redhat.com>
Date:   Thu, 25 Jan 2018 15:49:39 +0100
In-Reply-To: <2086615908.2524618.1516890894578.JavaMail.zimbra@redhat.com>
        (Paolo Bonzini's message of "Thu, 25 Jan 2018 09:34:54 -0500 (EST)")
Message-ID: <87y3km6lj0.fsf@vitty.brq.redhat.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 25 Jan 2018 14:50:20 +0000 (UTC)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Paolo Bonzini <pbonzini@redhat.com> writes:

> ----- Original Message -----
>> From: "Vitaly Kuznetsov" <vkuznets@redhat.com>
>> To: kvm@vger.kernel.org
>> Cc: x86@kernel.org, linux-kernel@vger.kernel.org, "Paolo Bonzini" <pbonzini@redhat.com>, "Radim Krčmář"
>> <rkrcmar@redhat.com>
>> Sent: Wednesday, January 24, 2018 4:12:34 PM
>> Subject: [PATCH] x86/kvm: disable fast MMIO when running nested
>> 
>> I was investigating an issue with seabios >= 1.10 which stopped working
>> for nested KVM on Hyper-V. The problem appears to be in
>> handle_ept_violation() function: when we do fast mmio we need to skip
>> the instruction so we do kvm_skip_emulated_instruction(). This, however,
>> depends on VM_EXIT_INSTRUCTION_LEN field being set correctly in VMCS.
>> However, this is not the case.
>> 
>> Intel's manual doesn't mandate VM_EXIT_INSTRUCTION_LEN to be set when
>> EPT MISCONFIG occurs. While on real hardware it was observed to be set,
>> some hypervisors follow the spec and don't set it; we end up advancing
>> IP with some random value.
>> 
>> I checked with Microsoft and they confirmed they don't fill
>> VM_EXIT_INSTRUCTION_LEN on EPT MISCONFIG.
>> 
>> Fix the issue by disabling fast mmio when running nested.
>> 
>> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
>> ---
>>  arch/x86/kvm/vmx.c | 9 ++++++++-
>>  1 file changed, 8 insertions(+), 1 deletion(-)
>> 
>> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
>> index c829d89e2e63..54afb446f38e 100644
>> --- a/arch/x86/kvm/vmx.c
>> +++ b/arch/x86/kvm/vmx.c
>> @@ -6558,9 +6558,16 @@ static int handle_ept_misconfig(struct kvm_vcpu *vcpu)
>>  	/*
>>  	 * A nested guest cannot optimize MMIO vmexits, because we have an
>>  	 * nGPA here instead of the required GPA.
>> +	 * Skipping instruction below depends on undefined behavior: Intel's
>> +	 * manual doesn't mandate VM_EXIT_INSTRUCTION_LEN to be set in VMCS
>> +	 * when EPT MISCONFIG occurs and while on real hardware it was observed
>> +	 * to be set, other hypervisors (namely Hyper-V) don't set it, we end
>> +	 * up advancing IP with some random value. Disable fast mmio when
>> +	 * running nested and keep it for real hardware in hope that
>> +	 * VM_EXIT_INSTRUCTION_LEN will always be set correctly.
>>  	 */
>>  	gpa = vmcs_read64(GUEST_PHYSICAL_ADDRESS);
>> -	if (!is_guest_mode(vcpu) &&
>> +	if (!static_cpu_has(X86_FEATURE_HYPERVISOR) && !is_guest_mode(vcpu) &&
>>  	    !kvm_io_bus_write(vcpu, KVM_FAST_MMIO_BUS, gpa, 0, NULL)) {
>>  		trace_kvm_fast_mmio(gpa);
>>  		return kvm_skip_emulated_instruction(vcpu);
>> --
>> 2.14.3
>
> Vitaly,
>
> could you base the X86_FEATURE_HYPERVISOR case on the patch at
> https://patchwork.kernel.org/patch/9903811/?
>
> By using EMULTYPE_SKIP, the eventfd is signaled before entering the
> emulator and the impact on latency is small.
>

Oh, I didn't know there was a story! I'll try EMULTYPE_SKIP, thanks!

-- 
  Vitaly